This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft File: Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft (raw, json) Hash identifier: 3NE0HxHwYypavt3y76T4So/wnl6xMpYiSQVB/mMrAMk= Subject key identifier: AC:E0:7C:92:F4:7C:9E:B3:5F:AC:7C:BD:29:B0:BC:8D:A2:97:A2:44 Authority key identifier: 3A:EF:31:B3:68:26:87:9C:7E:BC:11:2C:62:94:1A:1C:D3:A2:BB:33 Certificate issuer: /CN=3aef31b36826879c7ebc112c62941a1cd3a2bb33 Certificate serial: 019C43229C15DB41F0EE44B524FC912A7782 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft Manifest number: 0C1C Signing time: Mon 09 Feb 2026 16:01:07 +0000 Manifest this update: Mon 09 Feb 2026 16:01:07 +0000 Manifest next update: Tue 10 Feb 2026 16:01:07 +0000 Files and hashes: 1: Ou8xs2gmh5x-vBEsYpQaHNOiuzM.crl (hash: EuX0kPxtxAUEJoEzVkrzClfu8RuFBJkssN087Zm5KxI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.crl rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft rsync://rpki.ripe.net/repository/DEFAULT/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:22:9c:15:db:41:f0:ee:44:b5:24:fc:91:2a:77:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3aef31b36826879c7ebc112c62941a1cd3a2bb33 Validity Not Before: Feb 9 16:01:07 2026 GMT Not After : Feb 10 16:01:07 2026 GMT Subject: CN=ace07c92f47c9eb35fac7cbd29b0bc8da297a244 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:17:78:5c:da:32:27:f2:89:be:45:63:9e:b1: b8:d5:f0:11:27:ad:46:11:40:90:f9:1f:eb:0d:83: da:08:ed:34:7c:a9:64:b3:94:14:39:9e:4c:8c:42: a2:5d:02:d1:8f:d5:cf:e2:8c:53:e4:63:c8:38:c6: 97:66:7f:40:f1:6d:ee:aa:41:9f:5a:94:5a:6a:e7: d3:f0:07:cc:d0:eb:ac:9f:84:f0:3d:d3:76:ae:d6: 81:24:cd:d9:53:8b:5c:6e:9a:79:8f:31:9b:54:77: fc:78:45:25:92:1c:76:d1:62:e1:95:3d:ff:9e:eb: 0b:67:b5:ed:7f:4d:b7:c9:ea:f5:47:11:e8:b7:f0: 9d:ed:3a:d5:8c:4d:0b:3f:78:20:74:c8:63:a3:af: 52:9c:0c:6e:b5:55:64:52:9d:21:da:1f:e3:20:ae: 98:93:20:85:68:dc:a5:30:a6:11:b7:0d:a2:52:82: 1e:20:16:94:80:c7:7f:30:f4:bc:58:b6:eb:d7:ef: f7:d3:ad:ca:dd:cb:fc:c6:d5:d7:30:0e:84:fd:4e: ba:bb:fb:ab:22:dc:35:06:eb:9d:b8:39:0b:a9:bb: 7e:c3:55:2b:85:04:ce:75:2f:3d:04:e1:49:65:39: aa:2b:ad:f1:9d:a1:a3:53:b9:a0:a0:9d:59:5c:27: a5:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:E0:7C:92:F4:7C:9E:B3:5F:AC:7C:BD:29:B0:BC:8D:A2:97:A2:44 X509v3 Authority Key Identifier: keyid:3A:EF:31:B3:68:26:87:9C:7E:BC:11:2C:62:94:1A:1C:D3:A2:BB:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7a:3a:65:1b:11:8b:f9:b0:19:25:77:c1:61:87:aa:97:d2:dd: 92:a5:dd:2f:45:09:f9:a6:93:c7:c1:85:d6:b5:e1:f0:e1:d1: a9:56:cd:74:b4:e4:4a:4c:b0:77:da:4b:52:35:30:34:0d:1e: 27:c3:8f:63:77:51:06:1e:65:7b:09:b9:81:33:20:6a:84:91: 77:85:17:ba:ae:10:1c:e0:3c:e2:98:73:2c:a9:9e:0e:1c:44: ab:bb:34:18:3f:0a:9b:bc:72:3c:fd:04:45:41:e7:3f:bc:35: 9d:a8:e9:ff:79:72:c8:e8:58:b3:01:92:71:f5:63:95:b2:e9: 48:eb:fe:d7:c0:2c:29:f9:be:52:fe:cc:bd:0c:df:fb:19:5a: 62:75:fe:11:7a:1a:bf:a7:4e:c3:c5:62:0d:4b:be:29:9d:00: e1:8e:cf:74:81:b8:49:7f:13:e0:6f:31:a2:13:5b:d7:f9:c3: 14:8f:3f:f6:03:a6:98:5a:26:76:d4:7d:49:96:a1:12:f1:ef: 98:bd:d2:ac:e9:a8:91:d9:9b:c3:34:1a:3c:71:83:68:13:24: c3:5c:3a:d9:e5:0a:f2:25:0f:f8:1e:76:7e:50:8a:a0:c6:41: b2:cd:3d:83:c0:b9:f7:48:25:c8:d3:47:58:b2:d5:3b:f8:33: dd:d5:49:d8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDIpwV20Hw7kS1JPyRKneCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhZWYzMWIzNjgyNjg3OWM3ZWJjMTEyYzYyOTQxYTFjZDNh MmJiMzMwHhcNMjYwMjA5MTYwMTA3WhcNMjYwMjEwMTYwMTA3WjAzMTEwLwYDVQQD EyhhY2UwN2M5MmY0N2M5ZWIzNWZhYzdjYmQyOWIwYmM4ZGEyOTdhMjQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Rd4XNoyJ/KJvkVjnrG41fARJ61G EUCQ+R/rDYPaCO00fKlks5QUOZ5MjEKiXQLRj9XP4oxT5GPIOMaXZn9A8W3uqkGf WpRaaufT8AfM0Ousn4TwPdN2rtaBJM3ZU4tcbpp5jzGbVHf8eEUlkhx20WLhlT3/ nusLZ7Xtf023yer1RxHot/Cd7TrVjE0LP3ggdMhjo69SnAxutVVkUp0h2h/jIK6Y kyCFaNylMKYRtw2iUoIeIBaUgMd/MPS8WLbr1+/3063K3cv8xtXXMA6E/U66u/ur Itw1BuuduDkLqbt+w1UrhQTOdS89BOFJZTmqK63xnaGjU7mgoJ1ZXCelFwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKzgfJL0fJ6zX6x8vSmwvI2il6JEMB8GA1UdIwQY MBaAFDrvMbNoJoecfrwRLGKUGhzTorszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT3U4eHMyZ21oNXgtdkJFc1lwUWFITk9pdXpNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8yZmIzNTItZWY5NC00MmRlLTg5YWMt ZDlhZjcxMGJhMWRlLzEvT3U4eHMyZ21oNXgtdkJFc1lwUWFITk9pdXpNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Yi8yZmIzNTItZWY5NC00MmRlLTg5YWMtZDlhZjcxMGJhMWRl LzEvT3U4eHMyZ21oNXgtdkJFc1lwUWFITk9pdXpNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAejplGxGL +bAZJXfBYYeql9LdkqXdL0UJ+aaTx8GF1rXh8OHRqVbNdLTkSkywd9pLUjUwNA0e J8OPY3dRBh5lewm5gTMgaoSRd4UXuq4QHOA84phzLKmeDhxEq7s0GD8Km7xyPP0E RUHnP7w1najp/3lyyOhYswGScfVjlbLpSOv+18AsKfm+Uv7MvQzf+xlaYnX+EXoa v6dOw8ViDUu+KZ0A4Y7PdIG4SX8T4G8xohNb1/nDFI8/9gOmmFomdtR9SZahEvHv mL3SrOmokdmbwzQaPHGDaBMkw1w62eUK8iUP+B52flCKoMZBss09g8C590glyNNH WLLVO/gz3dVJ2A== -----END CERTIFICATE-----Generated at Mon Feb 9 18:37:08 2026 by rpki-client