This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft File: HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft (raw, json) Hash identifier: XIc/IvwRUiqXpO97XfHcMklnCxzVa5ioqeQsyN4zN44= Subject key identifier: 80:BE:8B:52:E8:C2:5D:C9:30:FF:16:01:CC:F0:C5:E7:35:B9:28:56 Authority key identifier: 1C:0A:99:50:1E:76:81:FA:3C:67:E1:FD:3D:73:51:28:A2:2C:63:17 Certificate issuer: /CN=1c0a99501e7681fa3c67e1fd3d735128a22c6317 Certificate serial: 019C43FD9A91CEC1BD64A49F475B1A154C81 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft Manifest number: 0850 Signing time: Mon 09 Feb 2026 20:00:19 +0000 Manifest this update: Mon 09 Feb 2026 20:00:19 +0000 Manifest next update: Tue 10 Feb 2026 20:00:19 +0000 Files and hashes: 1: HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl (hash: 1lUo4RJueTJzePRXssupoBwDko48O+G77b+Ylf8rtOY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 20:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:fd:9a:91:ce:c1:bd:64:a4:9f:47:5b:1a:15:4c:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1c0a99501e7681fa3c67e1fd3d735128a22c6317 Validity Not Before: Feb 9 20:00:19 2026 GMT Not After : Feb 10 20:00:19 2026 GMT Subject: CN=80be8b52e8c25dc930ff1601ccf0c5e735b92856 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:bc:03:f4:17:4b:8b:c3:cd:43:ce:4a:e6:1b: f8:d5:26:82:d5:92:82:3c:24:ed:ed:65:df:33:14: 04:ad:94:25:24:26:22:d5:f2:07:7f:60:5a:b2:28: 9e:c7:44:3a:54:5b:87:23:7e:c9:93:7d:97:54:7b: 53:65:d1:33:5b:ac:2a:1a:0a:9b:7c:61:69:6b:2f: 23:e0:55:fe:a5:46:e5:21:d2:a8:90:98:6c:55:c8: 7c:e9:e7:e5:e8:d4:4e:14:11:99:fa:32:8a:b3:c9: 5f:04:56:46:b9:e0:5f:d3:33:ba:c0:e6:36:a0:8c: 95:10:35:1f:c4:52:4d:99:c2:8c:24:61:d4:48:f1: 54:e7:22:a6:1a:24:a2:a9:62:f6:94:2e:da:80:ae: 33:22:18:8b:d3:6a:bd:ab:4a:c4:28:be:60:fd:9f: f4:fb:0b:67:c4:ad:9c:c6:d7:d3:e1:61:1c:15:a7: 40:3b:45:e5:68:d4:ba:1e:54:c2:08:b8:5c:c3:19: 87:fb:fb:da:8f:de:8e:24:a2:33:ec:6e:54:ff:d4: a0:db:5a:1a:46:43:41:2e:bb:63:17:df:53:16:3b: 52:2d:69:61:b2:37:15:58:be:38:c6:f6:39:98:d6: 57:a3:f4:2b:45:94:1a:b8:1f:07:e4:b1:e0:ab:60: 9e:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:BE:8B:52:E8:C2:5D:C9:30:FF:16:01:CC:F0:C5:E7:35:B9:28:56 X509v3 Authority Key Identifier: keyid:1C:0A:99:50:1E:76:81:FA:3C:67:E1:FD:3D:73:51:28:A2:2C:63:17 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 19:1f:a2:a0:a6:57:09:de:06:bf:a0:79:62:2a:8c:42:45:1d: f4:09:f2:05:71:6f:2a:53:87:4a:0f:b8:fb:00:3f:62:11:b8: 7d:c2:3b:05:a4:9e:5d:a6:18:a6:77:bb:7d:37:dd:70:a5:7c: d2:2d:a0:dc:8a:9e:38:31:9e:5e:36:f3:1c:0c:6e:30:f7:29: 23:ec:f6:ad:f7:35:35:6f:13:49:56:cf:3e:32:52:19:79:36: b5:6a:40:db:d7:09:09:06:c7:81:f7:4d:6c:85:96:d7:6a:75: a3:56:73:61:36:fa:3b:a2:51:f4:fe:cb:d5:e2:fd:09:df:ae: 29:37:ad:cb:99:7d:de:42:f3:66:af:86:2d:67:48:6f:a0:89: 1e:55:51:86:21:00:3a:bf:96:0f:30:fa:27:98:f2:8b:8d:e3: 61:97:ec:ce:d3:65:53:38:8c:b0:a8:7b:b1:fd:76:24:5f:42: 6d:3e:a0:db:65:4f:05:fa:2c:92:fb:7c:4e:94:4e:72:41:97: be:62:11:5d:86:c2:1b:06:21:3c:c4:66:d3:7a:c0:94:1b:ee: 20:5b:cb:c8:d1:fd:14:80:9c:5c:2c:06:33:e7:da:71:45:d9: e5:66:fd:bf:4a:a8:39:9e:ea:9b:47:36:1d:b2:5d:cf:a5:1e: cc:d6:80:f5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxD/ZqRzsG9ZKSfR1saFUyBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjMGE5OTUwMWU3NjgxZmEzYzY3ZTFmZDNkNzM1MTI4YTIy YzYzMTcwHhcNMjYwMjA5MjAwMDE5WhcNMjYwMjEwMjAwMDE5WjAzMTEwLwYDVQQD Eyg4MGJlOGI1MmU4YzI1ZGM5MzBmZjE2MDFjY2YwYzVlNzM1YjkyODU2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7wD9BdLi8PNQ85K5hv41SaC1ZKC PCTt7WXfMxQErZQlJCYi1fIHf2Basiiex0Q6VFuHI37Jk32XVHtTZdEzW6wqGgqb fGFpay8j4FX+pUblIdKokJhsVch86efl6NROFBGZ+jKKs8lfBFZGueBf0zO6wOY2 oIyVEDUfxFJNmcKMJGHUSPFU5yKmGiSiqWL2lC7agK4zIhiL02q9q0rEKL5g/Z/0 +wtnxK2cxtfT4WEcFadAO0XlaNS6HlTCCLhcwxmH+/vaj96OJKIz7G5U/9Sg21oa RkNBLrtjF99TFjtSLWlhsjcVWL44xvY5mNZXo/QrRZQauB8H5LHgq2CeKQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIC+i1Lowl3JMP8WAczwxec1uShWMB8GA1UdIwQY MBaAFBwKmVAedoH6PGfh/T1zUSiiLGMXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9lOWMwYjEtMTY2YS00YmVhLWJiNTMt MTNjZjkxOGY2Y2JjLzEvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Zi9lOWMwYjEtMTY2YS00YmVhLWJiNTMtMTNjZjkxOGY2Y2Jj LzEvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGR+ioKZX Cd4Gv6B5YiqMQkUd9AnyBXFvKlOHSg+4+wA/YhG4fcI7BaSeXaYYpne7fTfdcKV8 0i2g3IqeODGeXjbzHAxuMPcpI+z2rfc1NW8TSVbPPjJSGXk2tWpA29cJCQbHgfdN bIWW12p1o1ZzYTb6O6JR9P7L1eL9Cd+uKTety5l93kLzZq+GLWdIb6CJHlVRhiEA Or+WDzD6J5jyi43jYZfsztNlUziMsKh7sf12JF9CbT6g22VPBfoskvt8TpROckGX vmIRXYbCGwYhPMRm03rAlBvuIFvLyNH9FICcXCwGM+facUXZ5Wb9v0qoOZ7qm0c2 HbJdz6UezNaA9Q== -----END CERTIFICATE-----Generated at Tue Feb 10 02:59:26 2026 by rpki-client