This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.mft File: 09XiCPMtcw1DHUpNTtgJWx59lDE.mft (raw, json) Hash identifier: 3xWmqc6BKCHMP8L/49Wc7cnv0Uxg1rEoALuhcNXUOi4= Subject key identifier: DC:31:C7:89:F8:D4:F0:20:4B:67:C6:58:A2:21:B5:08:82:86:BD:4D Authority key identifier: D3:D5:E2:08:F3:2D:73:0D:43:1D:4A:4D:4E:D8:09:5B:1E:7D:94:31 Certificate issuer: /CN=d3d5e208f32d730d431d4a4d4ed8095b1e7d9431 Certificate serial: 019C43221BD19A191AFDB5ED4EB4C750D7B6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/09XiCPMtcw1DHUpNTtgJWx59lDE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.mft Manifest number: 033D Signing time: Mon 09 Feb 2026 16:00:34 +0000 Manifest this update: Mon 09 Feb 2026 16:00:34 +0000 Manifest next update: Tue 10 Feb 2026 16:00:34 +0000 Files and hashes: 1: 09XiCPMtcw1DHUpNTtgJWx59lDE.crl (hash: RnWLbGwpcBXDxYOT068RN1OU8NvR1E1utrbxGENbtmw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.crl rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.mft rsync://rpki.ripe.net/repository/DEFAULT/09XiCPMtcw1DHUpNTtgJWx59lDE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:22:1b:d1:9a:19:1a:fd:b5:ed:4e:b4:c7:50:d7:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d3d5e208f32d730d431d4a4d4ed8095b1e7d9431 Validity Not Before: Feb 9 16:00:34 2026 GMT Not After : Feb 10 16:00:34 2026 GMT Subject: CN=dc31c789f8d4f0204b67c658a221b5088286bd4d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:5a:11:24:38:e5:47:be:2e:02:f6:a5:f6:be: 69:4b:a2:50:a5:70:12:34:84:81:25:3e:84:02:16: a6:2d:01:32:d2:75:d5:5c:24:ad:53:a4:da:96:32: 6e:da:1b:c2:a8:e1:ae:93:db:d2:d6:91:fd:c0:0d: 9e:61:ef:ee:7a:9f:a9:ed:67:38:91:7d:aa:56:57: 9b:04:4c:1d:c1:63:d0:79:54:2f:db:3d:37:7c:dc: 90:32:e2:46:10:96:ed:97:61:42:85:9a:24:74:e6: 28:05:e1:e8:21:5c:0d:43:b7:18:d1:35:56:6a:7a: 2f:c3:2c:6a:eb:f1:87:60:6a:00:35:de:5d:0f:f9: c1:2f:5a:93:b2:55:77:ee:51:0d:a2:62:22:70:5a: c3:11:af:d7:84:4b:03:59:e0:f7:ef:1b:d2:65:1f: d3:b8:9f:50:5c:fb:f8:fa:31:63:13:06:ff:cf:1e: 88:e1:91:55:69:5d:02:a6:0d:74:c7:5a:50:69:7f: 4e:73:46:68:8b:64:84:58:03:01:a3:44:6c:84:6a: cd:c5:1f:41:e4:b6:47:80:c6:7d:71:d2:71:8a:d1: f5:92:2f:fc:0b:d9:86:46:8d:59:40:20:be:fe:f3: ac:85:11:54:57:2e:46:d1:97:73:f2:62:68:60:ad: 02:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:31:C7:89:F8:D4:F0:20:4B:67:C6:58:A2:21:B5:08:82:86:BD:4D X509v3 Authority Key Identifier: keyid:D3:D5:E2:08:F3:2D:73:0D:43:1D:4A:4D:4E:D8:09:5B:1E:7D:94:31 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/09XiCPMtcw1DHUpNTtgJWx59lDE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 31:75:d3:0d:4b:08:a9:2b:a7:70:1d:b5:5e:99:bc:3a:70:3a: b6:ee:57:98:c9:57:ef:04:e0:92:56:2d:95:2b:cd:a7:26:59: f5:f9:eb:25:b5:76:b9:5d:ac:21:1d:38:c3:be:66:9a:3e:00: c3:9e:74:7c:c1:8a:db:54:99:99:7f:9d:49:f5:3d:e5:28:87: f1:6f:e3:dc:c3:bf:bc:6e:11:cf:1e:16:9c:86:22:ef:95:03: da:59:e0:fd:b3:84:bb:ac:ed:52:bb:d9:cb:1e:4c:5f:b6:72: f8:b6:a1:02:98:23:29:ee:e1:d7:0b:cd:77:7a:68:ad:0c:2c: 40:be:f0:f6:72:5c:0e:d6:07:58:8a:d3:f4:a6:3c:9c:0e:8d: a5:cc:08:94:9d:d3:31:a0:d4:05:70:3f:8d:55:db:08:8e:de: 00:35:9d:65:2d:4a:d7:28:0b:59:8a:16:3d:13:2e:4e:f5:65: bb:a8:b1:56:48:d5:3d:07:b8:3e:2a:17:79:93:4f:58:38:51: 6c:e8:68:c3:5d:8b:73:34:a5:f4:9e:14:b7:05:9b:13:50:1a: 4d:3b:29:86:f3:81:97:14:b5:a9:7b:e0:c2:bf:bf:85:67:d1: aa:87:aa:b6:a0:4f:01:08:c1:5c:f9:42:0c:6c:04:69:90:0b: 25:cf:63:25 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDIhvRmhka/bXtTrTHUNe2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzZDVlMjA4ZjMyZDczMGQ0MzFkNGE0ZDRlZDgwOTViMWU3 ZDk0MzEwHhcNMjYwMjA5MTYwMDM0WhcNMjYwMjEwMTYwMDM0WjAzMTEwLwYDVQQD EyhkYzMxYzc4OWY4ZDRmMDIwNGI2N2M2NThhMjIxYjUwODgyODZiZDRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzloRJDjlR74uAval9r5pS6JQpXAS NISBJT6EAhamLQEy0nXVXCStU6TaljJu2hvCqOGuk9vS1pH9wA2eYe/uep+p7Wc4 kX2qVlebBEwdwWPQeVQv2z03fNyQMuJGEJbtl2FChZokdOYoBeHoIVwNQ7cY0TVW anovwyxq6/GHYGoANd5dD/nBL1qTslV37lENomIicFrDEa/XhEsDWeD37xvSZR/T uJ9QXPv4+jFjEwb/zx6I4ZFVaV0Cpg10x1pQaX9Oc0Zoi2SEWAMBo0RshGrNxR9B 5LZHgMZ9cdJxitH1ki/8C9mGRo1ZQCC+/vOshRFUVy5G0Zdz8mJoYK0CsQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNwxx4n41PAgS2fGWKIhtQiChr1NMB8GA1UdIwQY MBaAFNPV4gjzLXMNQx1KTU7YCVsefZQxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDlYaUNQTXRjdzFESFVwTlR0Z0pXeDU5bERFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mYTM5NmUtMGRkNC00MjI2LWFlNjEt NmU4OWE4OGRhZTkzLzEvMDlYaUNQTXRjdzFESFVwTlR0Z0pXeDU5bERFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni9mYTM5NmUtMGRkNC00MjI2LWFlNjEtNmU4OWE4OGRhZTkz LzEvMDlYaUNQTXRjdzFESFVwTlR0Z0pXeDU5bERFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMXXTDUsI qSuncB21Xpm8OnA6tu5XmMlX7wTgklYtlSvNpyZZ9fnrJbV2uV2sIR04w75mmj4A w550fMGK21SZmX+dSfU95SiH8W/j3MO/vG4Rzx4WnIYi75UD2lng/bOEu6ztUrvZ yx5MX7Zy+LahApgjKe7h1wvNd3porQwsQL7w9nJcDtYHWIrT9KY8nA6NpcwIlJ3T MaDUBXA/jVXbCI7eADWdZS1K1ygLWYoWPRMuTvVlu6ixVkjVPQe4PioXeZNPWDhR bOhow12LczSl9J4UtwWbE1AaTTsphvOBlxS1qXvgwr+/hWfRqoeqtqBPAQjBXPlC DGwEaZALJc9jJQ== -----END CERTIFICATE-----Generated at Tue Feb 10 00:16:39 2026 by rpki-client