This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/ae8e47-14b4-4914-826f-413a5958a7f3/1/NQa7fsBmYCLwPAvZ9V94wKfq2p8.mft File: NQa7fsBmYCLwPAvZ9V94wKfq2p8.mft (raw, json) Hash identifier: u9i9XcubcMV+3WCIdHvGSU22fMGoV/0egXTP6ObonCA= Subject key identifier: 86:C0:D8:95:BC:1A:0E:E4:89:E5:F1:32:09:7B:35:36:34:DF:0B:2C Authority key identifier: 35:06:BB:7E:C0:66:60:22:F0:3C:0B:D9:F5:5F:78:C0:A7:EA:DA:9F Certificate issuer: /CN=3506bb7ec0666022f03c0bd9f55f78c0a7eada9f Certificate serial: 019C4321F83EEF6386FCC43EFBFD761A271A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NQa7fsBmYCLwPAvZ9V94wKfq2p8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/ae8e47-14b4-4914-826f-413a5958a7f3/1/NQa7fsBmYCLwPAvZ9V94wKfq2p8.mft Manifest number: 0ABE Signing time: Mon 09 Feb 2026 16:00:25 +0000 Manifest this update: Mon 09 Feb 2026 16:00:25 +0000 Manifest next update: Tue 10 Feb 2026 16:00:25 +0000 Files and hashes: 1: NQa7fsBmYCLwPAvZ9V94wKfq2p8.crl (hash: hXWHpIpN/PumLdBkdFZoF429oIJrY3GpTK29VLfok4k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/ae8e47-14b4-4914-826f-413a5958a7f3/1/NQa7fsBmYCLwPAvZ9V94wKfq2p8.crl rsync://rpki.ripe.net/repository/DEFAULT/6d/ae8e47-14b4-4914-826f-413a5958a7f3/1/NQa7fsBmYCLwPAvZ9V94wKfq2p8.mft rsync://rpki.ripe.net/repository/DEFAULT/NQa7fsBmYCLwPAvZ9V94wKfq2p8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:21:f8:3e:ef:63:86:fc:c4:3e:fb:fd:76:1a:27:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3506bb7ec0666022f03c0bd9f55f78c0a7eada9f Validity Not Before: Feb 9 16:00:25 2026 GMT Not After : Feb 10 16:00:25 2026 GMT Subject: CN=86c0d895bc1a0ee489e5f132097b353634df0b2c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:87:03:72:e9:a9:62:d7:5e:5b:f6:db:80:46: a3:7f:dc:68:a9:32:df:c2:fe:d3:22:7e:8d:29:32: b6:01:d4:15:f0:01:98:74:80:4f:56:d2:e6:45:47: da:2f:3d:da:ad:49:58:09:84:fb:6e:59:5f:01:4d: fa:34:47:dc:80:ef:a8:70:fd:53:ee:c6:68:8b:38: cd:2f:4e:32:ae:a6:12:c6:c1:c5:0c:36:d9:68:a7: 6e:b6:17:26:7e:fc:10:73:ef:1a:34:20:81:4f:be: c0:44:0e:2c:d3:8c:f5:ab:11:a8:92:a8:6d:0a:ee: 8a:bf:af:1e:6d:1b:e7:4a:48:36:67:8e:a3:62:85: af:88:b8:0f:a8:9f:97:16:a2:b9:32:c1:1b:73:0f: f4:53:91:3f:da:4b:1e:96:2f:26:39:b2:6c:c4:e8: 93:d6:fc:bd:99:f9:7d:ef:0e:62:f9:47:b5:9b:28: b9:f3:7f:28:27:2a:45:df:8d:8c:0f:ee:86:87:0c: 39:a9:14:b0:62:7d:bf:0f:1d:e4:13:07:de:79:35: c6:47:fb:45:9f:d5:70:74:fa:aa:40:68:9d:02:a0: be:95:37:bc:ff:b3:ab:b9:c0:f1:a0:54:f2:43:37: 5c:e5:9a:df:d5:5e:4a:a8:9f:1a:e5:42:9a:da:93: 55:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:C0:D8:95:BC:1A:0E:E4:89:E5:F1:32:09:7B:35:36:34:DF:0B:2C X509v3 Authority Key Identifier: keyid:35:06:BB:7E:C0:66:60:22:F0:3C:0B:D9:F5:5F:78:C0:A7:EA:DA:9F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NQa7fsBmYCLwPAvZ9V94wKfq2p8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/ae8e47-14b4-4914-826f-413a5958a7f3/1/NQa7fsBmYCLwPAvZ9V94wKfq2p8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/ae8e47-14b4-4914-826f-413a5958a7f3/1/NQa7fsBmYCLwPAvZ9V94wKfq2p8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 38:2d:43:4f:49:4d:3a:2e:f8:c0:71:ce:ae:4e:ac:da:f4:3d: b3:da:78:cd:36:f4:71:55:a4:5d:03:23:40:a9:ad:55:09:c5: 46:2d:eb:c8:54:80:3e:cb:cd:30:b6:03:8b:aa:e8:ee:81:6f: 55:c3:71:88:15:1c:ff:94:d7:17:43:d0:a1:9a:a7:de:b5:7d: 89:22:4e:43:69:99:f3:ad:5b:ef:97:bc:3a:a9:63:99:04:0f: 0d:09:b1:b0:81:ba:82:51:cd:b1:4f:65:fb:4a:df:5c:77:71: 43:5e:e7:bf:ee:ca:19:ab:5e:af:05:df:51:5b:ef:31:d1:53: e0:87:28:d5:f5:0c:c4:92:b6:5c:a3:81:05:5b:00:a6:43:a6: f4:89:f0:89:5f:a9:de:b2:06:e7:10:b8:19:91:2b:9c:50:96: a8:49:c5:8d:a9:18:2f:96:ac:ed:8a:be:40:e9:29:60:76:0f: 85:fa:88:87:75:28:46:62:ed:71:1e:5f:ff:69:7b:b0:18:98: 61:88:1b:c4:2e:8e:7f:2a:4a:cf:10:9b:af:a1:a8:d1:c3:62: cb:7b:60:ed:9e:2a:3f:62:23:1f:0f:81:39:05:ea:45:37:ba: 14:da:71:f0:ea:35:e8:83:d5:b7:97:bb:63:03:f2:b3:4d:cb: b0:4a:6d:98 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDIfg+72OG/MQ++/12GicaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1MDZiYjdlYzA2NjYwMjJmMDNjMGJkOWY1NWY3OGMwYTdl YWRhOWYwHhcNMjYwMjA5MTYwMDI1WhcNMjYwMjEwMTYwMDI1WjAzMTEwLwYDVQQD Eyg4NmMwZDg5NWJjMWEwZWU0ODllNWYxMzIwOTdiMzUzNjM0ZGYwYjJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwocDcumpYtdeW/bbgEajf9xoqTLf wv7TIn6NKTK2AdQV8AGYdIBPVtLmRUfaLz3arUlYCYT7bllfAU36NEfcgO+ocP1T 7sZoizjNL04yrqYSxsHFDDbZaKduthcmfvwQc+8aNCCBT77ARA4s04z1qxGokqht Cu6Kv68ebRvnSkg2Z46jYoWviLgPqJ+XFqK5MsEbcw/0U5E/2kseli8mObJsxOiT 1vy9mfl97w5i+Ue1myi5838oJypF342MD+6Ghww5qRSwYn2/Dx3kEwfeeTXGR/tF n9VwdPqqQGidAqC+lTe8/7OrucDxoFTyQzdc5Zrf1V5KqJ8a5UKa2pNVBwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIbA2JW8Gg7kieXxMgl7NTY03wssMB8GA1UdIwQY MBaAFDUGu37AZmAi8DwL2fVfeMCn6tqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTlFhN2ZzQm1ZQ0x3UEF2WjlWOTR3S2ZxMnA4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9hZThlNDctMTRiNC00OTE0LTgyNmYt NDEzYTU5NThhN2YzLzEvTlFhN2ZzQm1ZQ0x3UEF2WjlWOTR3S2ZxMnA4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82ZC9hZThlNDctMTRiNC00OTE0LTgyNmYtNDEzYTU5NThhN2Yz LzEvTlFhN2ZzQm1ZQ0x3UEF2WjlWOTR3S2ZxMnA4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOC1DT0lN Oi74wHHOrk6s2vQ9s9p4zTb0cVWkXQMjQKmtVQnFRi3ryFSAPsvNMLYDi6ro7oFv VcNxiBUc/5TXF0PQoZqn3rV9iSJOQ2mZ861b75e8OqljmQQPDQmxsIG6glHNsU9l +0rfXHdxQ17nv+7KGaterwXfUVvvMdFT4Ico1fUMxJK2XKOBBVsApkOm9InwiV+p 3rIG5xC4GZErnFCWqEnFjakYL5as7Yq+QOkpYHYPhfqIh3UoRmLtcR5f/2l7sBiY YYgbxC6OfypKzxCbr6Go0cNiy3tg7Z4qP2IjHw+BOQXqRTe6FNpx8Oo16IPVt5e7 YwPys03LsEptmA== -----END CERTIFICATE-----Generated at Mon Feb 9 19:57:53 2026 by rpki-client