This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.mft File: PFlVXsIygmx91tmpJrU2AoN5SfY.mft (raw, json) Hash identifier: WP7FPNDbWf+yevqcEufY+VU/3lWIW6aTIZXB133QUVE= Subject key identifier: FA:A4:B1:EB:01:1C:74:38:05:D6:EB:2A:53:6E:92:E0:5E:48:34:E0 Authority key identifier: 3C:59:55:5E:C2:32:82:6C:7D:D6:D9:A9:26:B5:36:02:83:79:49:F6 Certificate issuer: /CN=3c59555ec232826c7dd6d9a926b53602837949f6 Certificate serial: 019C42B4992700A162638F5D1333AE9FBBFA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PFlVXsIygmx91tmpJrU2AoN5SfY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.mft Manifest number: 03C4 Signing time: Mon 09 Feb 2026 14:00:57 +0000 Manifest this update: Mon 09 Feb 2026 14:00:57 +0000 Manifest next update: Tue 10 Feb 2026 14:00:57 +0000 Files and hashes: 1: PFlVXsIygmx91tmpJrU2AoN5SfY.crl (hash: 3mAmDFSoZg1t3NlHkWUvcdmwnnqrCYcUNmr4m3Qcs5U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.crl rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.mft rsync://rpki.ripe.net/repository/DEFAULT/PFlVXsIygmx91tmpJrU2AoN5SfY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:b4:99:27:00:a1:62:63:8f:5d:13:33:ae:9f:bb:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3c59555ec232826c7dd6d9a926b53602837949f6 Validity Not Before: Feb 9 14:00:57 2026 GMT Not After : Feb 10 14:00:57 2026 GMT Subject: CN=faa4b1eb011c743805d6eb2a536e92e05e4834e0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:1a:f8:eb:29:c6:38:95:4f:b2:31:43:99:ac: 12:da:99:62:c9:18:b9:a5:00:23:78:63:19:6f:aa: 3c:58:e0:c0:ec:76:42:32:39:2c:10:22:84:09:66: 1c:73:e2:ef:df:33:e2:c3:0f:fb:23:7b:0b:48:6a: de:f4:6f:30:8a:89:ac:98:b7:a7:2b:99:38:81:2e: de:b5:57:e4:5d:ed:b8:de:89:0d:45:40:21:b0:0a: c3:15:e3:1c:f5:24:9c:f5:1c:5e:c2:41:cb:8e:9b: 5a:fe:2b:c7:f9:97:26:40:66:2a:df:27:01:65:16: ed:58:97:51:f4:b0:a3:fa:cb:c2:f2:5f:55:fd:ae: 04:15:ec:3f:df:e1:33:41:47:b5:fd:7d:fd:f7:37: ac:83:02:61:be:04:c5:df:8a:9d:a7:3c:12:16:48: 23:9c:b4:19:e1:e1:47:f1:c4:a6:af:74:d3:98:5d: 02:10:b5:0e:fd:4d:79:b7:08:46:5c:83:41:c9:17: 11:49:17:8a:95:79:fa:bd:7f:31:01:70:af:0e:a4: 1f:8c:dc:e7:f5:c4:3b:89:6d:b8:52:a8:0d:c9:5c: 0b:b4:5b:a3:f6:6a:5e:ea:bc:56:d3:78:f9:63:31: 72:8a:11:40:66:25:a6:b9:e2:91:4a:2b:1c:1d:44: 38:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:A4:B1:EB:01:1C:74:38:05:D6:EB:2A:53:6E:92:E0:5E:48:34:E0 X509v3 Authority Key Identifier: keyid:3C:59:55:5E:C2:32:82:6C:7D:D6:D9:A9:26:B5:36:02:83:79:49:F6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PFlVXsIygmx91tmpJrU2AoN5SfY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption cc:9b:b0:b2:56:e4:f6:b5:7e:ed:fa:bb:81:1a:72:d1:d2:d6: 54:96:a8:a8:e7:84:aa:03:67:a2:fd:ee:7a:5e:5c:93:dc:01: 49:e1:74:91:d5:ea:23:d6:1f:6a:e0:81:a9:10:30:81:33:7f: 53:1e:21:5c:4d:a4:8a:34:68:16:76:36:5a:d5:10:81:c8:d7: 76:99:d3:f8:d4:9c:cb:b3:2d:7c:e8:30:97:a9:82:6a:da:e8: 73:26:62:74:1d:e7:a8:f1:56:16:2c:f7:3a:a1:19:1d:03:fb: 25:2b:31:39:ae:5c:42:8b:5e:98:9b:b3:fb:80:aa:ee:9d:18: e7:01:c1:97:d7:31:88:f3:cb:55:cc:c6:ae:25:fe:dd:23:a5: 2f:88:e0:36:4c:35:75:b4:53:63:f2:36:46:1a:0a:22:79:dc: 2e:d0:a8:72:87:78:70:df:7b:8f:5a:b3:2c:a0:6f:99:e9:62: d6:22:6f:85:78:dd:d8:d4:7d:d4:8c:8e:3b:b1:5f:33:54:86: 84:7a:72:26:47:b8:04:61:68:5e:f4:3d:80:ac:ea:ab:66:a5: 9f:de:91:7c:b2:f2:70:16:4a:5c:03:28:05:09:5a:72:8d:03: ae:9a:30:67:72:9a:d5:21:5f:3f:a0:f5:c8:81:4e:cb:ad:78: 5f:be:70:0e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCtJknAKFiY49dEzOun7v6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNjNTk1NTVlYzIzMjgyNmM3ZGQ2ZDlhOTI2YjUzNjAyODM3 OTQ5ZjYwHhcNMjYwMjA5MTQwMDU3WhcNMjYwMjEwMTQwMDU3WjAzMTEwLwYDVQQD EyhmYWE0YjFlYjAxMWM3NDM4MDVkNmViMmE1MzZlOTJlMDVlNDgzNGUwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRr46ynGOJVPsjFDmawS2pliyRi5 pQAjeGMZb6o8WODA7HZCMjksECKECWYcc+Lv3zPiww/7I3sLSGre9G8wiomsmLen K5k4gS7etVfkXe243okNRUAhsArDFeMc9SSc9RxewkHLjpta/ivH+ZcmQGYq3ycB ZRbtWJdR9LCj+svC8l9V/a4EFew/3+EzQUe1/X399zesgwJhvgTF34qdpzwSFkgj nLQZ4eFH8cSmr3TTmF0CELUO/U15twhGXINByRcRSReKlXn6vX8xAXCvDqQfjNzn 9cQ7iW24UqgNyVwLtFuj9mpe6rxW03j5YzFyihFAZiWmueKRSiscHUQ4vQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPqksesBHHQ4BdbrKlNukuBeSDTgMB8GA1UdIwQY MBaAFDxZVV7CMoJsfdbZqSa1NgKDeUn2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUEZsVlhzSXlnbXg5MXRtcEpyVTJBb041U2ZZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iYTk0MDQtNzhmMy00OTM1LTllMmUt OTViMTM3M2M1Mzk5LzEvUEZsVlhzSXlnbXg5MXRtcEpyVTJBb041U2ZZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OS9iYTk0MDQtNzhmMy00OTM1LTllMmUtOTViMTM3M2M1Mzk5 LzEvUEZsVlhzSXlnbXg5MXRtcEpyVTJBb041U2ZZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzJuwslbk 9rV+7fq7gRpy0dLWVJaoqOeEqgNnov3uel5ck9wBSeF0kdXqI9YfauCBqRAwgTN/ Ux4hXE2kijRoFnY2WtUQgcjXdpnT+NScy7MtfOgwl6mCatrocyZidB3nqPFWFiz3 OqEZHQP7JSsxOa5cQotemJuz+4Cq7p0Y5wHBl9cxiPPLVczGriX+3SOlL4jgNkw1 dbRTY/I2RhoKInncLtCocod4cN97j1qzLKBvmeli1iJvhXjd2NR91IyOO7FfM1SG hHpyJke4BGFoXvQ9gKzqq2aln96RfLLycBZKXAMoBQlaco0DrpowZ3Ka1SFfP6D1 yIFOy614X75wDg== -----END CERTIFICATE-----Generated at Mon Feb 9 18:29:37 2026 by rpki-client