This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/5e28da-32e1-40b9-bb30-d3db277ecdfa/1/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.mft File: 3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.mft (raw, json) Hash identifier: kLW8CX4BYadpGmBwxWpWVFxibiUpsuX2IPGVFXcVlc8= Subject key identifier: 82:17:7C:00:E3:1E:B7:DD:B9:54:8F:76:73:D8:E9:FA:3D:C0:8F:91 Authority key identifier: DD:38:73:30:3D:2D:6E:23:8A:5B:D8:5E:D5:86:7B:64:31:58:FC:14 Certificate issuer: /CN=dd3873303d2d6e238a5bd85ed5867b643158fc14 Certificate serial: 019C4435143DCE942513913CACC3A4A6CBA2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/5e28da-32e1-40b9-bb30-d3db277ecdfa/1/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.mft Manifest number: 01CC Signing time: Mon 09 Feb 2026 21:00:55 +0000 Manifest this update: Mon 09 Feb 2026 21:00:55 +0000 Manifest next update: Tue 10 Feb 2026 21:00:55 +0000 Files and hashes: 1: 3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.crl (hash: m3T4GabvdgdiPs3dZ4+OzGMdKA+d4zaL4Ua7pf16PoM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/5e28da-32e1-40b9-bb30-d3db277ecdfa/1/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.crl rsync://rpki.ripe.net/repository/DEFAULT/78/5e28da-32e1-40b9-bb30-d3db277ecdfa/1/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.mft rsync://rpki.ripe.net/repository/DEFAULT/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:44:35:14:3d:ce:94:25:13:91:3c:ac:c3:a4:a6:cb:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dd3873303d2d6e238a5bd85ed5867b643158fc14 Validity Not Before: Feb 9 21:00:55 2026 GMT Not After : Feb 10 21:00:55 2026 GMT Subject: CN=82177c00e31eb7ddb9548f7673d8e9fa3dc08f91 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:59:9d:44:53:ea:ec:9e:ce:17:48:ac:0f:1c: 69:46:da:c3:7f:ee:10:2a:b8:3d:1e:b3:8c:41:4a: 56:f4:3c:ec:fc:ad:7b:d7:65:ca:8d:fa:67:66:c1: 8a:e3:51:73:b3:64:d1:2d:84:a3:c3:12:63:66:90: 5c:ed:f0:bc:a7:be:55:0e:39:3b:1a:1b:71:37:e2: 12:55:87:69:ae:5b:34:12:aa:fe:63:a3:17:a0:c5: aa:37:7f:17:61:63:25:cd:dc:51:53:85:c2:52:f7: fe:5c:7f:44:a1:cb:06:0d:11:24:07:26:63:f0:77: d7:5b:ff:2e:d4:3e:32:8c:b3:a5:4a:e3:06:d6:d3: 1d:bc:2e:ec:f1:5b:c8:b9:b8:3c:cb:2f:a8:02:7c: 01:1a:d3:66:61:30:2f:94:ac:de:78:39:73:a2:aa: f4:ba:93:20:9c:77:14:7b:04:93:41:a5:bd:56:ca: 28:b1:46:0c:f8:ef:c6:c4:a9:19:34:62:0f:95:96: 0a:b9:0e:ed:0c:1a:6f:ea:de:99:48:a1:68:3d:7e: 48:82:2f:e4:b3:79:10:29:d5:06:fe:69:ad:c7:a9: 30:9f:a1:a2:5b:e9:28:5f:ed:23:a1:b5:de:7e:30: 1b:07:dc:03:7c:b4:63:5a:64:a1:ca:4d:40:2e:6a: 06:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:17:7C:00:E3:1E:B7:DD:B9:54:8F:76:73:D8:E9:FA:3D:C0:8F:91 X509v3 Authority Key Identifier: keyid:DD:38:73:30:3D:2D:6E:23:8A:5B:D8:5E:D5:86:7B:64:31:58:FC:14 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/5e28da-32e1-40b9-bb30-d3db277ecdfa/1/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/78/5e28da-32e1-40b9-bb30-d3db277ecdfa/1/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 46:a7:c7:f8:ff:54:32:05:9e:56:78:c8:bc:2c:b4:49:2c:20: d7:06:5a:97:6a:02:fb:33:74:84:bf:c9:90:15:97:0f:82:b6: 35:5a:b3:97:95:fc:73:42:19:2e:23:7c:c9:15:aa:ff:29:98: d1:8a:1f:22:c1:68:3a:b2:b0:8d:d7:10:63:8d:d8:d4:1a:00: 7b:8a:0b:0d:89:2b:df:4b:ef:c9:0b:fd:97:d6:4d:5c:c7:82: 99:7a:b2:29:4a:6b:a5:b0:33:eb:7d:9c:b9:dd:91:ce:dd:c3: 9b:b3:b4:45:38:c5:68:f9:73:dc:87:73:70:2e:8e:0e:ee:5c: 07:40:d1:54:8a:19:45:c0:9e:9e:0b:c8:2c:ac:5c:0f:47:ad: d2:73:69:ad:ff:98:69:80:76:41:7f:7d:03:1b:67:94:92:3c: 16:33:33:b1:f7:20:b2:05:47:7f:61:6a:ad:20:c2:de:eb:21: 86:b2:b1:73:df:2e:d4:a5:b4:66:a7:2e:bc:d4:d0:c1:d6:bd: e4:72:b6:79:09:38:cb:fb:8c:3b:10:e6:f9:f4:b0:d8:89:fb: 45:2d:3d:c8:b9:5d:01:0b:cb:89:b5:cd:75:df:f0:11:64:3c: 0a:ac:7f:86:b9:0d:3c:28:69:00:6f:ff:5c:a9:06:ad:36:94: 7c:42:b2:c7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxENRQ9zpQlE5E8rMOkpsuiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkMzg3MzMwM2QyZDZlMjM4YTViZDg1ZWQ1ODY3YjY0MzE1 OGZjMTQwHhcNMjYwMjA5MjEwMDU1WhcNMjYwMjEwMjEwMDU1WjAzMTEwLwYDVQQD Eyg4MjE3N2MwMGUzMWViN2RkYjk1NDhmNzY3M2Q4ZTlmYTNkYzA4ZjkxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1lmdRFPq7J7OF0isDxxpRtrDf+4Q Krg9HrOMQUpW9Dzs/K1712XKjfpnZsGK41Fzs2TRLYSjwxJjZpBc7fC8p75VDjk7 GhtxN+ISVYdprls0Eqr+Y6MXoMWqN38XYWMlzdxRU4XCUvf+XH9EocsGDREkByZj 8HfXW/8u1D4yjLOlSuMG1tMdvC7s8VvIubg8yy+oAnwBGtNmYTAvlKzeeDlzoqr0 upMgnHcUewSTQaW9VsoosUYM+O/GxKkZNGIPlZYKuQ7tDBpv6t6ZSKFoPX5Igi/k s3kQKdUG/mmtx6kwn6GiW+koX+0jobXefjAbB9wDfLRjWmShyk1ALmoG4QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIIXfADjHrfduVSPdnPY6fo9wI+RMB8GA1UdIwQY MBaAFN04czA9LW4jilvYXtWGe2QxWPwUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1Roek1EMHRiaU9LVzloZTFZWjdaREZZX0JRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC81ZTI4ZGEtMzJlMS00MGI5LWJiMzAt ZDNkYjI3N2VjZGZhLzEvM1Roek1EMHRiaU9LVzloZTFZWjdaREZZX0JRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83OC81ZTI4ZGEtMzJlMS00MGI5LWJiMzAtZDNkYjI3N2VjZGZh LzEvM1Roek1EMHRiaU9LVzloZTFZWjdaREZZX0JRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARqfH+P9U MgWeVnjIvCy0SSwg1wZal2oC+zN0hL/JkBWXD4K2NVqzl5X8c0IZLiN8yRWq/ymY 0YofIsFoOrKwjdcQY43Y1BoAe4oLDYkr30vvyQv9l9ZNXMeCmXqyKUprpbAz632c ud2Rzt3Dm7O0RTjFaPlz3IdzcC6ODu5cB0DRVIoZRcCengvILKxcD0et0nNprf+Y aYB2QX99AxtnlJI8FjMzsfcgsgVHf2FqrSDC3ushhrKxc98u1KW0ZqcuvNTQwda9 5HK2eQk4y/uMOxDm+fSw2In7RS09yLldAQvLibXNdd/wEWQ8Cqx/hrkNPChpAG// XKkGrTaUfEKyxw== -----END CERTIFICATE-----Generated at Tue Feb 10 02:55:29 2026 by rpki-client