This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1d2f2d-a425-44ab-9b5d-8c3b40285566/1/SFF8v1-HKM7CSvPC6G7PuANT5g0.mft File: SFF8v1-HKM7CSvPC6G7PuANT5g0.mft (raw, json) Hash identifier: 7aDZ3SYAeCRQR80AAe4u21PQ3dDgyCNICVp+w/Laqe0= Subject key identifier: 75:D0:85:D2:E0:C7:AF:EF:83:13:2C:2F:E1:ED:8A:06:55:BA:E1:6D Authority key identifier: 48:51:7C:BF:5F:87:28:CE:C2:4A:F3:C2:E8:6E:CF:B8:03:53:E6:0D Certificate issuer: /CN=48517cbf5f8728cec24af3c2e86ecfb80353e60d Certificate serial: 019C41A274E2F220A65C6BAC3F152E2AFB7B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SFF8v1-HKM7CSvPC6G7PuANT5g0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1d2f2d-a425-44ab-9b5d-8c3b40285566/1/SFF8v1-HKM7CSvPC6G7PuANT5g0.mft Manifest number: 0EEF Signing time: Mon 09 Feb 2026 09:01:31 +0000 Manifest this update: Mon 09 Feb 2026 09:01:31 +0000 Manifest next update: Tue 10 Feb 2026 09:01:31 +0000 Files and hashes: 1: SFF8v1-HKM7CSvPC6G7PuANT5g0.crl (hash: 4OqbxJ1RF1aJ1ZTAcKUNDWAOuldJOK9wpqOWDuwWGxU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/1d2f2d-a425-44ab-9b5d-8c3b40285566/1/SFF8v1-HKM7CSvPC6G7PuANT5g0.crl rsync://rpki.ripe.net/repository/DEFAULT/9b/1d2f2d-a425-44ab-9b5d-8c3b40285566/1/SFF8v1-HKM7CSvPC6G7PuANT5g0.mft rsync://rpki.ripe.net/repository/DEFAULT/SFF8v1-HKM7CSvPC6G7PuANT5g0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 09:01:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:41:a2:74:e2:f2:20:a6:5c:6b:ac:3f:15:2e:2a:fb:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=48517cbf5f8728cec24af3c2e86ecfb80353e60d Validity Not Before: Feb 9 09:01:31 2026 GMT Not After : Feb 10 09:01:31 2026 GMT Subject: CN=75d085d2e0c7afef83132c2fe1ed8a0655bae16d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:a3:e1:09:5b:1d:b6:0a:ef:89:bc:fc:a9:34: e5:78:ad:a8:0f:22:fa:3a:5a:14:86:81:38:b7:81: 8c:01:59:1a:9c:34:b2:b8:ce:a3:f7:65:cc:cb:3e: d7:71:d7:4f:a0:22:22:72:9c:ad:90:20:60:55:37: a9:73:80:a5:90:13:25:c5:d5:00:0e:16:0d:80:53: b1:0b:e7:c4:af:9f:ee:16:6f:bb:b2:83:fd:b7:39: 0a:f5:5b:49:32:bd:b0:89:54:06:74:03:b4:1c:1d: 25:43:eb:07:8b:60:7b:ef:37:d2:c7:9a:9b:9d:ca: 94:78:57:2f:b0:fb:d1:02:16:13:02:52:a7:f5:ec: d3:64:c4:6c:4d:17:b3:24:4d:0c:86:3f:84:e9:56: e6:7a:b5:1b:5d:04:34:9a:56:e5:13:08:b3:a4:d7: 7e:c5:06:42:a9:66:f8:f1:f0:6f:8a:b2:fe:be:2d: 84:81:f8:64:a0:58:a3:7d:5d:21:52:0f:b7:94:7f: 03:e3:05:fe:c2:ff:04:59:61:95:bb:fc:6b:84:ac: 23:49:b4:2b:6b:9c:1c:60:5c:9c:46:72:45:9f:4c: a7:73:b3:0c:d5:8e:fa:25:ca:ec:45:0f:77:3b:b3: 7b:16:97:fa:21:9a:13:b5:e3:5f:2a:eb:7d:32:77: 2b:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:D0:85:D2:E0:C7:AF:EF:83:13:2C:2F:E1:ED:8A:06:55:BA:E1:6D X509v3 Authority Key Identifier: keyid:48:51:7C:BF:5F:87:28:CE:C2:4A:F3:C2:E8:6E:CF:B8:03:53:E6:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SFF8v1-HKM7CSvPC6G7PuANT5g0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1d2f2d-a425-44ab-9b5d-8c3b40285566/1/SFF8v1-HKM7CSvPC6G7PuANT5g0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1d2f2d-a425-44ab-9b5d-8c3b40285566/1/SFF8v1-HKM7CSvPC6G7PuANT5g0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 13:76:01:f8:d2:31:42:5b:5e:fd:37:21:ee:cb:65:54:c5:9c: af:96:d2:c9:82:3a:07:3f:3a:a3:d7:03:42:3c:7c:66:71:5f: 3c:ff:e8:4a:92:22:91:3e:3b:ac:ce:5e:a2:ca:44:82:13:f4: 2f:08:62:fe:28:93:51:40:01:1b:57:74:1b:40:ba:04:5c:65: a3:de:04:99:15:8e:bb:50:f3:0f:9c:17:39:c4:ef:2f:18:bb: c6:3f:3b:40:6b:e0:21:f9:09:43:ce:c2:0a:6b:6d:92:08:3a: 59:7d:92:32:1d:99:a9:0b:c5:ba:47:43:9a:a7:77:13:65:bc: a3:98:c2:f9:61:97:d0:34:92:32:6b:aa:72:42:d3:97:b7:e4: 17:2f:0c:cf:83:3a:f0:61:f0:79:f2:a9:7d:92:34:ad:b6:aa: c1:23:e6:cd:10:b5:b6:0a:77:9f:9a:a2:9f:e7:10:76:65:c5: b0:75:6b:2e:2b:ff:29:b9:57:e2:9b:b0:88:e3:16:ff:5f:08: 0f:d5:0a:26:8d:1d:79:ee:a4:30:06:97:5d:1f:25:19:0e:7f: d9:5b:18:bf:ca:1b:74:a9:e7:5a:b7:78:ad:84:bb:c0:3e:d2: 7a:ee:b2:38:48:e4:16:ba:88:17:f4:f5:aa:48:14:36:71:99: 49:28:7e:d7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxBonTi8iCmXGusPxUuKvt7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ4NTE3Y2JmNWY4NzI4Y2VjMjRhZjNjMmU4NmVjZmI4MDM1 M2U2MGQwHhcNMjYwMjA5MDkwMTMxWhcNMjYwMjEwMDkwMTMxWjAzMTEwLwYDVQQD Eyg3NWQwODVkMmUwYzdhZmVmODMxMzJjMmZlMWVkOGEwNjU1YmFlMTZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6PhCVsdtgrvibz8qTTleK2oDyL6 OloUhoE4t4GMAVkanDSyuM6j92XMyz7XcddPoCIicpytkCBgVTepc4ClkBMlxdUA DhYNgFOxC+fEr5/uFm+7soP9tzkK9VtJMr2wiVQGdAO0HB0lQ+sHi2B77zfSx5qb ncqUeFcvsPvRAhYTAlKn9ezTZMRsTRezJE0Mhj+E6VbmerUbXQQ0mlblEwizpNd+ xQZCqWb48fBvirL+vi2EgfhkoFijfV0hUg+3lH8D4wX+wv8EWWGVu/xrhKwjSbQr a5wcYFycRnJFn0ync7MM1Y76JcrsRQ93O7N7Fpf6IZoTteNfKut9MncrLQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHXQhdLgx6/vgxMsL+HtigZVuuFtMB8GA1UdIwQY MBaAFEhRfL9fhyjOwkrzwuhuz7gDU+YNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU0ZGOHYxLUhLTTdDU3ZQQzZHN1B1QU5UNWcwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZDJmMmQtYTQyNS00NGFiLTliNWQt OGMzYjQwMjg1NTY2LzEvU0ZGOHYxLUhLTTdDU3ZQQzZHN1B1QU5UNWcwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Yi8xZDJmMmQtYTQyNS00NGFiLTliNWQtOGMzYjQwMjg1NTY2 LzEvU0ZGOHYxLUhLTTdDU3ZQQzZHN1B1QU5UNWcwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE3YB+NIx Qlte/Tch7stlVMWcr5bSyYI6Bz86o9cDQjx8ZnFfPP/oSpIikT47rM5eospEghP0 Lwhi/iiTUUABG1d0G0C6BFxlo94EmRWOu1DzD5wXOcTvLxi7xj87QGvgIfkJQ87C Cmttkgg6WX2SMh2ZqQvFukdDmqd3E2W8o5jC+WGX0DSSMmuqckLTl7fkFy8Mz4M6 8GHwefKpfZI0rbaqwSPmzRC1tgp3n5qin+cQdmXFsHVrLiv/KblX4puwiOMW/18I D9UKJo0dee6kMAaXXR8lGQ5/2VsYv8obdKnnWrd4rYS7wD7Seu6yOEjkFrqIF/T1 qkgUNnGZSSh+1w== -----END CERTIFICATE-----Generated at Mon Feb 9 16:53:42 2026 by rpki-client