This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft File: TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft (raw, json) Hash identifier: NbXJ2CKIcnb6CsBurMyVGslU3pZi/ohkS/h8xGchH50= Subject key identifier: 38:40:93:9B:41:92:CF:B6:5D:FD:88:88:E2:FE:C5:4F:57:29:22:43 Authority key identifier: 4D:49:27:A1:41:FB:25:B7:58:24:C6:BE:AE:F0:67:9D:34:FC:49:BD Certificate issuer: /CN=4d4927a141fb25b75824c6beaef0679d34fc49bd Certificate serial: 019C420F8BE14260516F09B2A6EB64F6D93F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft Manifest number: 0504 Signing time: Mon 09 Feb 2026 11:00:40 +0000 Manifest this update: Mon 09 Feb 2026 11:00:40 +0000 Manifest next update: Tue 10 Feb 2026 11:00:40 +0000 Files and hashes: 1: TUknoUH7JbdYJMa-rvBnnTT8Sb0.crl (hash: ivQ/gSxL8Y6cybccAhTZD0QoE2UcWGTaRml9aWSu3LA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.crl rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft rsync://rpki.ripe.net/repository/DEFAULT/TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 11:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:0f:8b:e1:42:60:51:6f:09:b2:a6:eb:64:f6:d9:3f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4d4927a141fb25b75824c6beaef0679d34fc49bd Validity Not Before: Feb 9 11:00:40 2026 GMT Not After : Feb 10 11:00:40 2026 GMT Subject: CN=3840939b4192cfb65dfd8888e2fec54f57292243 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:83:9c:8a:1a:93:f3:58:81:48:cf:7c:92:8b: 4e:ec:78:0a:10:84:a9:f3:68:da:9c:67:1a:72:21: 30:2a:18:d2:b6:3c:6c:91:91:b4:ed:af:40:28:7e: fc:10:18:d0:3b:0a:78:43:b6:99:ef:6d:28:b0:57: a5:4a:c9:9e:98:f8:d7:60:f2:fc:4e:e8:a2:f0:55: 1a:f4:e3:b0:41:d2:47:ef:40:85:48:f9:63:67:9c: 79:f0:75:ae:d1:1c:22:87:6f:d5:e1:ba:a9:e6:b2: 15:81:57:5d:08:9e:6d:04:4c:00:a0:75:b7:67:b1: 6c:52:99:ee:e8:01:e9:08:9e:18:54:e3:d9:e4:3b: d7:03:a8:6a:73:7c:20:42:5f:b5:2d:88:d7:a8:89: 6f:d2:ef:4c:55:eb:86:01:6d:13:c7:78:ac:23:b4: 1a:1b:22:72:d9:0b:15:f5:23:e7:6b:cd:67:f6:35: 23:e8:95:f1:99:33:1c:c6:38:b0:cf:62:95:48:1b: 72:9c:ef:43:82:9d:05:6c:a4:bf:bd:70:1d:c2:43: 57:c7:0b:45:31:fa:08:7f:5e:cf:8b:c8:2f:37:c2: 1d:cb:88:2d:33:b8:04:c8:9d:be:30:0d:52:28:80: a2:e9:e8:58:94:9e:c5:ce:7f:41:3c:85:c9:07:32: b3:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:40:93:9B:41:92:CF:B6:5D:FD:88:88:E2:FE:C5:4F:57:29:22:43 X509v3 Authority Key Identifier: keyid:4D:49:27:A1:41:FB:25:B7:58:24:C6:BE:AE:F0:67:9D:34:FC:49:BD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2e:b8:8e:94:e3:45:06:85:e8:08:0f:f6:34:69:ce:58:c4:ab: 19:dd:92:29:75:da:55:49:f6:32:cc:99:d1:37:4c:b6:b1:24: 87:b1:b8:5f:d0:83:d0:ec:0f:42:48:27:17:94:f9:2d:aa:86: e1:af:a9:68:76:9a:64:7a:20:99:ee:8c:3d:4f:e8:2d:ec:eb: 3a:92:bc:6b:cd:04:c0:8a:bc:ef:0f:2a:c2:84:87:57:bc:13: fe:9a:a9:34:4e:c1:f9:02:3d:c8:ec:70:df:7c:98:98:c1:d2: e0:45:1f:74:6b:01:4b:0e:ec:eb:12:de:bf:2a:5f:b1:40:94: 50:ac:f1:81:98:e2:c0:8c:7b:02:90:8d:7c:29:ea:ef:7e:8e: 02:59:0b:e3:e3:0c:07:43:64:df:cc:7a:0e:30:5f:16:74:1d: 1d:d4:a6:0a:ca:f5:19:4f:d8:e9:6c:ef:0d:7c:52:c3:f9:2f: aa:31:27:d8:9e:e6:55:ba:84:3b:cc:50:2e:d0:7c:d8:e4:60: 87:39:ce:2d:a0:a2:f3:33:39:89:e2:f6:d2:8d:fb:7c:f9:05: ae:5f:fa:0b:7a:68:1a:ce:83:ff:fd:ac:f8:81:79:a1:cc:b9: 5a:2d:b5:a1:05:c6:3e:f0:99:ae:27:b9:e8:e3:7a:ba:ff:5a: 0f:34:50:b7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCD4vhQmBRbwmyputk9tk/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRkNDkyN2ExNDFmYjI1Yjc1ODI0YzZiZWFlZjA2NzlkMzRm YzQ5YmQwHhcNMjYwMjA5MTEwMDQwWhcNMjYwMjEwMTEwMDQwWjAzMTEwLwYDVQQD EygzODQwOTM5YjQxOTJjZmI2NWRmZDg4ODhlMmZlYzU0ZjU3MjkyMjQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIOcihqT81iBSM98kotO7HgKEISp 82janGcaciEwKhjStjxskZG07a9AKH78EBjQOwp4Q7aZ720osFelSsmemPjXYPL8 Tuii8FUa9OOwQdJH70CFSPljZ5x58HWu0Rwih2/V4bqp5rIVgVddCJ5tBEwAoHW3 Z7FsUpnu6AHpCJ4YVOPZ5DvXA6hqc3wgQl+1LYjXqIlv0u9MVeuGAW0Tx3isI7Qa GyJy2QsV9SPna81n9jUj6JXxmTMcxjiwz2KVSBtynO9Dgp0FbKS/vXAdwkNXxwtF MfoIf17Pi8gvN8Idy4gtM7gEyJ2+MA1SKICi6ehYlJ7Fzn9BPIXJBzKzawIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDhAk5tBks+2Xf2IiOL+xU9XKSJDMB8GA1UdIwQY MBaAFE1JJ6FB+yW3WCTGvq7wZ500/Em9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVFVrbm9VSDdKYmRZSk1hLXJ2Qm5uVFQ4U2IwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy82YTRiODYtMzJiNC00MDVmLWJkNjUt NjgwODM3MDlhNGI1LzEvVFVrbm9VSDdKYmRZSk1hLXJ2Qm5uVFQ4U2IwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Yy82YTRiODYtMzJiNC00MDVmLWJkNjUtNjgwODM3MDlhNGI1 LzEvVFVrbm9VSDdKYmRZSk1hLXJ2Qm5uVFQ4U2IwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALriOlONF BoXoCA/2NGnOWMSrGd2SKXXaVUn2MsyZ0TdMtrEkh7G4X9CD0OwPQkgnF5T5LaqG 4a+paHaaZHogme6MPU/oLezrOpK8a80EwIq87w8qwoSHV7wT/pqpNE7B+QI9yOxw 33yYmMHS4EUfdGsBSw7s6xLevypfsUCUUKzxgZjiwIx7ApCNfCnq736OAlkL4+MM B0Nk38x6DjBfFnQdHdSmCsr1GU/Y6WzvDXxSw/kvqjEn2J7mVbqEO8xQLtB82ORg hznOLaCi8zM5ieL20o37fPkFrl/6C3poGs6D//2s+IF5ocy5Wi21oQXGPvCZrie5 6ON6uv9aDzRQtw== -----END CERTIFICATE-----Generated at Mon Feb 9 21:09:16 2026 by rpki-client