This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft File: 3XF0IQf16FBis-CuZa-kuuZw4Es.mft (raw, json) Hash identifier: sWReUKYkYNhalbBPOjuUb3cCCupnLcVV4joIoh11O8Q= Subject key identifier: 3C:E8:0B:94:0B:0F:1C:CF:66:9F:85:F2:CA:2A:D4:67:8B:2D:E7:2A Authority key identifier: DD:71:74:21:07:F5:E8:50:62:B3:E0:AE:65:AF:A4:BA:E6:70:E0:4B Certificate issuer: /CN=dd71742107f5e85062b3e0ae65afa4bae670e04b Certificate serial: 019C427D9ADD439B2BF22CFB285E29EBFA14 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3XF0IQf16FBis-CuZa-kuuZw4Es.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft Manifest number: 0690 Signing time: Mon 09 Feb 2026 13:00:53 +0000 Manifest this update: Mon 09 Feb 2026 13:00:53 +0000 Manifest next update: Tue 10 Feb 2026 13:00:53 +0000 Files and hashes: 1: 3XF0IQf16FBis-CuZa-kuuZw4Es.crl (hash: 15ZDWVYfpSP1nSIyVNlsgZyoyproOCELgbog1ReXIVA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.crl rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft rsync://rpki.ripe.net/repository/DEFAULT/3XF0IQf16FBis-CuZa-kuuZw4Es.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:7d:9a:dd:43:9b:2b:f2:2c:fb:28:5e:29:eb:fa:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dd71742107f5e85062b3e0ae65afa4bae670e04b Validity Not Before: Feb 9 13:00:53 2026 GMT Not After : Feb 10 13:00:53 2026 GMT Subject: CN=3ce80b940b0f1ccf669f85f2ca2ad4678b2de72a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:b6:2c:94:c4:80:b8:eb:b0:b5:f0:bc:f9:41: eb:b0:96:89:c4:bf:52:5e:05:31:1c:ae:e9:1c:f3: 4b:4b:d9:c0:3c:53:fe:02:7c:de:b7:6a:21:eb:8e: 77:63:b6:7c:fa:3d:af:0c:58:4f:86:60:67:2f:8c: 65:c7:1e:8c:8a:38:7d:7c:2c:93:c2:bb:0f:f1:5c: de:56:c1:07:1c:e6:47:1e:aa:63:16:dd:5d:dc:23: 5f:37:11:c8:ea:29:ad:46:5e:ac:35:e2:b2:ca:de: 76:e9:24:c5:1c:a7:75:31:43:29:56:a2:c1:b6:b5: 47:d4:3a:b9:3c:55:be:4b:bf:4f:f9:34:2d:bb:d5: 1e:b7:6a:c4:b3:fc:ab:94:85:23:43:3f:a9:d1:78: 09:1a:68:ac:2d:50:79:ba:22:ed:61:04:63:b2:56: 5f:26:f5:ac:30:49:cb:ea:4d:71:db:85:b5:e2:89: f5:a1:6b:fb:54:26:5b:e5:71:97:4e:28:b1:23:ea: d9:bc:82:f4:b7:91:fc:cd:5e:4d:37:47:ae:20:c8: 40:02:cf:8e:e9:40:7e:0d:6a:8a:d1:f6:dd:c9:1b: d9:84:d4:55:f1:2c:c7:08:0d:f7:80:92:b6:5f:98: 11:54:65:bd:8b:48:ae:09:5a:52:c3:d1:70:ad:fe: 20:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:E8:0B:94:0B:0F:1C:CF:66:9F:85:F2:CA:2A:D4:67:8B:2D:E7:2A X509v3 Authority Key Identifier: keyid:DD:71:74:21:07:F5:E8:50:62:B3:E0:AE:65:AF:A4:BA:E6:70:E0:4B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XF0IQf16FBis-CuZa-kuuZw4Es.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9e:99:9d:f2:32:51:d0:31:22:0f:ff:02:d8:f1:77:02:22:41: 78:58:46:f7:4f:f8:0e:e5:76:c5:7b:28:26:30:de:bb:3f:6b: 45:bf:19:01:22:00:07:1b:20:3f:e6:2d:43:13:b5:03:91:b8: 78:c3:5a:de:95:98:71:1e:da:21:2e:e0:32:17:f3:7c:a5:44: 8f:99:c2:01:78:9d:5c:64:21:78:93:8f:07:a5:23:9e:b7:f5: 5c:20:ef:b6:85:52:3f:ab:b8:09:6e:6e:e5:0e:28:b8:2e:fc: ce:3b:26:7e:25:53:4d:0e:f7:d0:f4:94:ca:1b:75:84:09:6e: 24:a0:86:6a:30:6e:e3:de:f1:04:1c:47:b2:9c:b4:34:39:2f: 75:8b:a9:9b:b7:25:e1:c7:b8:af:42:7a:04:5a:1a:f3:f0:fb: c0:86:c1:f6:64:7a:c0:f3:bf:36:49:12:cb:b3:e4:fb:b7:87: da:97:70:84:f3:67:db:6c:44:7a:f8:7a:39:55:6a:08:9e:29: a6:b5:4d:33:b9:72:96:f9:f4:f0:4a:1d:40:24:e1:a8:93:56: b6:0e:a7:30:f2:f9:0c:a1:97:44:f7:40:18:db:ea:2a:96:09: 2c:11:cc:d1:75:0d:8d:cc:e7:6a:ea:e7:a5:a3:15:d4:80:0f: 88:ea:a2:ab -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCfZrdQ5sr8iz7KF4p6/oUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkNzE3NDIxMDdmNWU4NTA2MmIzZTBhZTY1YWZhNGJhZTY3 MGUwNGIwHhcNMjYwMjA5MTMwMDUzWhcNMjYwMjEwMTMwMDUzWjAzMTEwLwYDVQQD EygzY2U4MGI5NDBiMGYxY2NmNjY5Zjg1ZjJjYTJhZDQ2NzhiMmRlNzJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbYslMSAuOuwtfC8+UHrsJaJxL9S XgUxHK7pHPNLS9nAPFP+Anzet2oh6453Y7Z8+j2vDFhPhmBnL4xlxx6Mijh9fCyT wrsP8VzeVsEHHOZHHqpjFt1d3CNfNxHI6imtRl6sNeKyyt526STFHKd1MUMpVqLB trVH1Dq5PFW+S79P+TQtu9Uet2rEs/yrlIUjQz+p0XgJGmisLVB5uiLtYQRjslZf JvWsMEnL6k1x24W14on1oWv7VCZb5XGXTiixI+rZvIL0t5H8zV5NN0euIMhAAs+O 6UB+DWqK0fbdyRvZhNRV8SzHCA33gJK2X5gRVGW9i0iuCVpSw9Fwrf4gDQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDzoC5QLDxzPZp+F8soq1GeLLecqMB8GA1UdIwQY MBaAFN1xdCEH9ehQYrPgrmWvpLrmcOBLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1hGMElRZjE2RkJpcy1DdVphLWt1dVp3NEVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8yZGU0YTktNjU4Yy00MDZiLThlZTct YTc3MDZiYTMwODg5LzEvM1hGMElRZjE2RkJpcy1DdVphLWt1dVp3NEVzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Yy8yZGU0YTktNjU4Yy00MDZiLThlZTctYTc3MDZiYTMwODg5 LzEvM1hGMElRZjE2RkJpcy1DdVphLWt1dVp3NEVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnpmd8jJR 0DEiD/8C2PF3AiJBeFhG90/4DuV2xXsoJjDeuz9rRb8ZASIABxsgP+YtQxO1A5G4 eMNa3pWYcR7aIS7gMhfzfKVEj5nCAXidXGQheJOPB6Ujnrf1XCDvtoVSP6u4CW5u 5Q4ouC78zjsmfiVTTQ730PSUyht1hAluJKCGajBu497xBBxHspy0NDkvdYupm7cl 4ce4r0J6BFoa8/D7wIbB9mR6wPO/NkkSy7Pk+7eH2pdwhPNn22xEevh6OVVqCJ4p prVNM7lylvn08EodQCThqJNWtg6nMPL5DKGXRPdAGNvqKpYJLBHM0XUNjcznaurn paMV1IAPiOqiqw== -----END CERTIFICATE-----Generated at Mon Feb 9 18:33:06 2026 by rpki-client