This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft File: 20IFnOKR1Jpmkgcxx2faVj7yESQ.mft (raw, json) Hash identifier: lLblJHG6/NQ3eAVC2R5BH727BLelKohUiJ3z58CWtBA= Subject key identifier: 50:91:38:D4:8F:44:29:23:0A:24:2E:79:CF:3C:82:B9:E4:4E:21:A9 Authority key identifier: DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24 Certificate issuer: /CN=db42059ce291d49a66920731c767da563ef21124 Certificate serial: 019C41A254BA70904D4649818CC5234E54AC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft Manifest number: 0B0C Signing time: Mon 09 Feb 2026 09:01:23 +0000 Manifest this update: Mon 09 Feb 2026 09:01:23 +0000 Manifest next update: Tue 10 Feb 2026 09:01:23 +0000 Files and hashes: 1: 20IFnOKR1Jpmkgcxx2faVj7yESQ.crl (hash: 7e/2z8sseYO91gqDVEla7sLj+bnorHYpXkvjQBW8zuk=) 2: K_G3q1oHoFkLaOnMyEVLIcn7Qmw.roa (hash: /NaxyStNTlcpIpTarZjjR+9kQ6m4FlTTRFr5N6+rcrM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.crl rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 09:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:41:a2:54:ba:70:90:4d:46:49:81:8c:c5:23:4e:54:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=db42059ce291d49a66920731c767da563ef21124 Validity Not Before: Feb 9 09:01:23 2026 GMT Not After : Feb 10 09:01:23 2026 GMT Subject: CN=509138d48f4429230a242e79cf3c82b9e44e21a9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:d5:0a:bf:91:6a:91:28:f2:f4:2a:fd:69:b0: e4:7b:b3:16:1c:a6:ae:4d:a9:5b:1e:08:3e:b1:d2: ea:eb:61:58:50:a8:e3:40:99:36:1c:d1:8d:7a:dd: 69:06:82:3d:97:45:9c:b5:92:a3:59:4f:e0:97:70: ba:c4:8a:ad:83:76:9c:26:24:27:fb:f5:58:db:f3: a8:ba:8e:4a:ea:0d:4e:98:df:21:66:eb:d7:e4:64: ef:70:ad:cc:b9:05:92:f9:65:a3:7f:bc:ea:24:d9: 9d:b0:01:bc:f1:10:9c:67:c7:db:35:ca:fd:01:2d: a7:31:c8:94:23:54:b2:1b:bf:3b:7b:e6:5a:35:b9: e6:ec:d3:c5:47:ae:45:cd:b8:fb:23:0b:bc:6e:4a: bb:86:8c:11:ea:84:f1:c1:5e:42:34:1e:c8:34:57: 96:74:f5:a1:3f:97:1a:f1:e9:88:2d:b2:9e:bc:72: 46:79:5c:14:d8:3f:d8:41:52:63:da:b2:00:b2:dd: 75:a2:2c:13:8c:ac:dc:ba:67:95:27:d8:ca:87:0e: e1:ca:e3:15:5d:2e:04:81:67:85:28:1f:a2:e3:f3: 49:9f:77:47:52:a0:ee:e7:6e:60:bc:fd:fb:a2:e8: 0c:88:51:3e:73:a4:b9:63:ab:b6:03:e5:80:a6:17: f5:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:91:38:D4:8F:44:29:23:0A:24:2E:79:CF:3C:82:B9:E4:4E:21:A9 X509v3 Authority Key Identifier: keyid:DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4b:e7:a8:83:58:a9:87:05:39:ec:97:f9:d3:5d:d5:4b:32:8b: cb:1a:3e:f7:e3:0e:b7:75:dd:b9:8c:fe:18:49:30:c2:bf:81: 9a:2e:d0:8b:82:3f:17:0a:3a:a1:d7:1a:e9:a2:aa:db:72:c6: 9c:ac:fc:c8:e5:94:11:f9:c1:eb:bf:b7:42:ab:05:37:fb:1a: 7e:c8:b2:7e:90:1f:b2:03:a8:cf:8a:a2:38:eb:c8:7a:11:47: 7c:47:fb:7f:fd:af:ad:0a:e8:aa:f6:4a:51:a8:05:15:3d:ae: 30:f2:9d:6a:a1:8b:18:0d:86:99:eb:15:61:d8:d5:04:76:3e: 8d:03:5d:aa:2d:d8:9c:b2:ac:d1:f8:89:d9:56:27:07:72:92: a7:28:01:8a:e7:d0:fa:21:a5:54:41:bd:eb:0e:22:36:36:a7: ba:57:ad:9a:e7:25:e5:29:99:6c:54:ba:56:bb:19:18:c6:e7: 32:fb:a6:dc:3a:a4:c8:24:9f:0b:b3:6d:30:77:57:a1:c6:b9: 7e:a2:13:1a:70:49:e9:33:79:c4:34:df:74:14:e9:9b:7f:43: 57:b2:6c:d8:7d:24:e2:a0:1c:90:f2:b5:f0:8e:d0:66:ff:ab: 6e:7d:9a:9b:0d:4a:a7:c4:94:d6:03:e4:3f:eb:b9:30:1a:1d: 38:ba:dc:8e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxBolS6cJBNRkmBjMUjTlSsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiNDIwNTljZTI5MWQ0OWE2NjkyMDczMWM3NjdkYTU2M2Vm MjExMjQwHhcNMjYwMjA5MDkwMTIzWhcNMjYwMjEwMDkwMTIzWjAzMTEwLwYDVQQD Eyg1MDkxMzhkNDhmNDQyOTIzMGEyNDJlNzljZjNjODJiOWU0NGUyMWE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntUKv5FqkSjy9Cr9abDke7MWHKau TalbHgg+sdLq62FYUKjjQJk2HNGNet1pBoI9l0WctZKjWU/gl3C6xIqtg3acJiQn +/VY2/Oouo5K6g1OmN8hZuvX5GTvcK3MuQWS+WWjf7zqJNmdsAG88RCcZ8fbNcr9 AS2nMciUI1SyG787e+ZaNbnm7NPFR65Fzbj7Iwu8bkq7howR6oTxwV5CNB7INFeW dPWhP5ca8emILbKevHJGeVwU2D/YQVJj2rIAst11oiwTjKzcumeVJ9jKhw7hyuMV XS4EgWeFKB+i4/NJn3dHUqDu525gvP37ougMiFE+c6S5Y6u2A+WAphf1xwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFCRONSPRCkjCiQuec88grnkTiGpMB8GA1UdIwQY MBaAFNtCBZzikdSaZpIHMcdn2lY+8hEkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzIt OTMxMmQwODdkZmNhLzEvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzItOTMxMmQwODdkZmNh LzEvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS+eog1ip hwU57Jf5013VSzKLyxo+9+MOt3XduYz+GEkwwr+Bmi7Qi4I/Fwo6odca6aKq23LG nKz8yOWUEfnB67+3QqsFN/safsiyfpAfsgOoz4qiOOvIehFHfEf7f/2vrQroqvZK UagFFT2uMPKdaqGLGA2GmesVYdjVBHY+jQNdqi3YnLKs0fiJ2VYnB3KSpygBiufQ +iGlVEG96w4iNjanuletmucl5SmZbFS6VrsZGMbnMvum3DqkyCSfC7NtMHdXoca5 fqITGnBJ6TN5xDTfdBTpm39DV7Js2H0k4qAckPK18I7QZv+rbn2amw1Kp8SU1gPk P+u5MBodOLrcjg== -----END CERTIFICATE-----Generated at Mon Feb 9 16:55:48 2026 by rpki-client