This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft File: HRAqymzxNRE4UpTnfb4nN2jAoEs.mft (raw, json) Hash identifier: qEqanPNIYm/9YZIAfhCo+vjTnWe2ad3GG7D/YB0jQYk= Subject key identifier: EF:F5:3E:40:B4:AB:45:3D:2A:16:BA:82:41:A3:40:EE:5B:67:04:69 Authority key identifier: 1D:10:2A:CA:6C:F1:35:11:38:52:94:E7:7D:BE:27:37:68:C0:A0:4B Certificate issuer: /CN=1d102aca6cf13511385294e77dbe273768c0a04b Certificate serial: 019C432201052C2D651822D430FB6B28711E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft Manifest number: 0CED Signing time: Mon 09 Feb 2026 16:00:27 +0000 Manifest this update: Mon 09 Feb 2026 16:00:27 +0000 Manifest next update: Tue 10 Feb 2026 16:00:27 +0000 Files and hashes: 1: HRAqymzxNRE4UpTnfb4nN2jAoEs.crl (hash: QEMbm5ilSkSliZBlztG8us41pS+d3dcdjrat3dYJy38=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.crl rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 16:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:22:01:05:2c:2d:65:18:22:d4:30:fb:6b:28:71:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1d102aca6cf13511385294e77dbe273768c0a04b Validity Not Before: Feb 9 16:00:27 2026 GMT Not After : Feb 10 16:00:27 2026 GMT Subject: CN=eff53e40b4ab453d2a16ba8241a340ee5b670469 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:20:5d:65:e7:3e:85:86:bf:ed:64:34:10:ed: 87:03:0a:86:dc:98:6c:6f:e4:02:bc:1b:9b:70:61: 4d:78:25:9a:93:05:40:60:64:a9:0d:6c:ce:95:b5: 9c:a3:4c:f3:5b:6f:96:f8:9f:1b:8e:3b:2d:ff:9f: f3:d4:91:6d:65:73:a4:6f:22:a9:9c:8e:f9:b4:1a: 92:f0:ee:8e:38:5f:f4:83:7b:e9:c9:c0:7f:92:fc: 3e:f2:6a:40:c4:5b:25:c5:18:4c:0a:45:74:bf:09: 02:28:a0:74:ee:e3:99:4f:ad:75:ff:8c:c6:6c:16: 18:c4:9c:03:96:c9:a9:25:90:4d:20:48:98:c6:29: 31:d2:55:6d:b4:f6:76:08:e0:f9:83:87:97:92:a2: be:bd:41:13:e1:a4:33:84:4a:37:d1:d6:56:fe:19: 87:96:66:6d:0a:68:a5:25:72:c7:55:29:fc:38:c9: 15:43:cc:7f:aa:e1:7d:06:68:60:20:59:6b:b1:f8: 39:ba:ba:6d:f8:4b:4f:b7:5b:7e:f8:e7:72:9e:0e: 36:7c:b6:81:f4:18:a7:71:97:83:94:e5:99:a1:9f: a1:fa:83:47:32:3b:01:cc:12:7b:00:b9:79:99:2e: 4b:b2:13:69:a1:5b:93:9b:3b:e9:88:b5:cc:0b:95: ae:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:F5:3E:40:B4:AB:45:3D:2A:16:BA:82:41:A3:40:EE:5B:67:04:69 X509v3 Authority Key Identifier: keyid:1D:10:2A:CA:6C:F1:35:11:38:52:94:E7:7D:BE:27:37:68:C0:A0:4B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 98:bc:17:88:e4:1d:cc:fa:49:d0:e1:82:e0:d0:b1:2a:aa:b6: 56:65:bd:7f:33:bb:1c:11:f2:0b:fa:b4:80:9b:c2:c7:3e:ce: a7:75:12:56:58:08:b7:4d:35:7b:63:39:ab:50:71:fc:49:f7: b1:9f:e9:26:f4:0a:f5:80:89:68:4d:63:c0:a1:0a:ea:9f:f2: 24:bf:85:16:02:8b:93:24:d4:70:72:84:9b:de:41:d0:28:ae: 94:a4:32:d9:67:fe:fa:1d:9c:9b:5f:b7:4b:03:e6:f2:e5:cb: 2b:db:85:8c:3d:c4:a0:e6:22:84:fb:f8:04:83:7c:8c:5f:a6: 39:b8:dc:de:a7:5d:54:79:be:2a:db:b0:1f:c5:78:d5:3d:38: 08:7b:81:3d:03:2f:ed:d7:d6:28:8b:6a:a3:9b:d6:e0:0a:9b: 6a:9e:42:fb:60:19:7c:de:5f:cf:fe:29:df:a9:50:51:17:5a: 92:aa:37:8e:b0:e6:f1:3a:06:42:fb:fc:53:cc:17:c5:89:89: 74:fb:8d:8f:60:31:1a:85:18:99:2a:c7:f0:bf:44:36:c2:c7: 8e:ec:36:ee:e5:cb:63:ee:ff:49:66:0b:d4:1f:26:22:e0:4c: b7:58:28:c3:b0:4a:f9:cf:18:59:2a:d8:e7:04:f9:7a:7d:a0: 66:91:f8:90 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDIgEFLC1lGCLUMPtrKHEeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkMTAyYWNhNmNmMTM1MTEzODUyOTRlNzdkYmUyNzM3Njhj MGEwNGIwHhcNMjYwMjA5MTYwMDI3WhcNMjYwMjEwMTYwMDI3WjAzMTEwLwYDVQQD EyhlZmY1M2U0MGI0YWI0NTNkMmExNmJhODI0MWEzNDBlZTViNjcwNDY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCBdZec+hYa/7WQ0EO2HAwqG3Jhs b+QCvBubcGFNeCWakwVAYGSpDWzOlbWco0zzW2+W+J8bjjst/5/z1JFtZXOkbyKp nI75tBqS8O6OOF/0g3vpycB/kvw+8mpAxFslxRhMCkV0vwkCKKB07uOZT611/4zG bBYYxJwDlsmpJZBNIEiYxikx0lVttPZ2COD5g4eXkqK+vUET4aQzhEo30dZW/hmH lmZtCmilJXLHVSn8OMkVQ8x/quF9BmhgIFlrsfg5urpt+EtPt1t++Odyng42fLaB 9BincZeDlOWZoZ+h+oNHMjsBzBJ7ALl5mS5LshNpoVuTmzvpiLXMC5WuVwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFO/1PkC0q0U9Kha6gkGjQO5bZwRpMB8GA1UdIwQY MBaAFB0QKsps8TUROFKU532+JzdowKBLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS82MWIyMzYtNmY4MC00NDIyLTg0ZTUt ZTg2NjYyMThhNWM4LzEvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MS82MWIyMzYtNmY4MC00NDIyLTg0ZTUtZTg2NjYyMThhNWM4 LzEvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmLwXiOQd zPpJ0OGC4NCxKqq2VmW9fzO7HBHyC/q0gJvCxz7Op3USVlgIt001e2M5q1Bx/En3 sZ/pJvQK9YCJaE1jwKEK6p/yJL+FFgKLkyTUcHKEm95B0CiulKQy2Wf++h2cm1+3 SwPm8uXLK9uFjD3EoOYihPv4BIN8jF+mObjc3qddVHm+KtuwH8V41T04CHuBPQMv 7dfWKItqo5vW4Aqbap5C+2AZfN5fz/4p36lQURdakqo3jrDm8ToGQvv8U8wXxYmJ dPuNj2AxGoUYmSrH8L9ENsLHjuw27uXLY+7/SWYL1B8mIuBMt1gow7BK+c8YWSrY 5wT5en2gZpH4kA== -----END CERTIFICATE-----Generated at Tue Feb 10 01:31:40 2026 by rpki-client