This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft File: XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft (raw, json) Hash identifier: XubfKcfPEYpoOWFkISrPOHzX/czUhidQmf+DRAYiVYE= Subject key identifier: 52:B6:79:0C:5F:B8:FA:4D:50:52:29:11:5F:8D:CE:AC:DB:AF:A0:34 Authority key identifier: 5D:38:EB:29:59:56:07:ED:4D:8F:4D:9B:F0:6C:BA:42:99:26:86:4A Certificate issuer: /CN=5d38eb29595607ed4d8f4d9bf06cba429926864a Certificate serial: 019C420FA0ADC73BBD697DEC0D1E4BC058B8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft Manifest number: 0DE4 Signing time: Mon 09 Feb 2026 11:00:46 +0000 Manifest this update: Mon 09 Feb 2026 11:00:46 +0000 Manifest next update: Tue 10 Feb 2026 11:00:46 +0000 Files and hashes: 1: XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl (hash: m7+ZuXO1go1bQs0FOR5pLMuyA/ic6rr38isQ4nQy2ME=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 11:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:0f:a0:ad:c7:3b:bd:69:7d:ec:0d:1e:4b:c0:58:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5d38eb29595607ed4d8f4d9bf06cba429926864a Validity Not Before: Feb 9 11:00:46 2026 GMT Not After : Feb 10 11:00:46 2026 GMT Subject: CN=52b6790c5fb8fa4d505229115f8dceacdbafa034 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:bc:da:b0:3d:9d:54:1b:91:35:62:c9:d5:45: 3f:50:e2:9e:3f:dc:15:f3:a3:6b:da:aa:7b:81:12: 27:f7:47:eb:a8:55:69:4a:fa:83:0f:1f:25:76:e6: 65:ab:4f:da:d1:3b:f3:c6:f6:55:e8:6a:17:ee:ad: 5b:2a:96:38:23:02:da:02:f0:fc:a0:5d:6f:06:56: 86:3f:cf:13:60:4a:86:01:d6:18:c0:56:40:6c:8a: 9f:2e:bf:45:5d:60:3e:af:90:3e:32:97:6e:b9:e5: 38:cb:91:7e:a9:5c:15:7f:cd:9a:35:6a:e1:33:82: ce:0a:16:1b:14:c5:0f:47:04:ce:fc:dc:ea:e1:7a: 4e:60:55:f2:19:59:c0:0b:1b:74:98:98:15:84:a0: c5:0c:29:78:8f:57:a8:dc:67:ab:06:5d:67:48:d4: bf:ba:80:6f:78:4a:b5:9c:c6:6d:c6:15:b0:da:c5: 77:1a:bc:60:63:67:b1:ef:59:b2:88:f1:be:91:9c: 26:73:f2:02:4e:79:7f:6f:79:16:e4:73:c9:0c:66: 8f:9a:4c:0e:7e:ff:60:aa:6a:59:b6:82:45:95:ee: 49:13:bc:7a:c2:86:2b:8e:ab:92:54:58:b3:f2:32: da:a1:72:1e:04:d5:c3:1d:d3:9d:7a:e4:c8:9d:27: a3:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:B6:79:0C:5F:B8:FA:4D:50:52:29:11:5F:8D:CE:AC:DB:AF:A0:34 X509v3 Authority Key Identifier: keyid:5D:38:EB:29:59:56:07:ED:4D:8F:4D:9B:F0:6C:BA:42:99:26:86:4A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 05:68:09:c8:eb:ac:27:0a:30:ef:c0:16:03:90:67:9b:be:38: 69:43:ab:c0:b3:e6:9b:60:a9:48:b1:60:c6:ea:ab:5f:d0:83: 9f:d0:b5:39:36:ab:a3:ec:cf:01:cb:95:82:af:da:4c:3a:f6: de:da:c4:b0:17:56:7a:28:a5:93:ff:9d:5b:d0:15:0f:20:22: c9:2e:fe:60:08:7a:23:74:a2:13:78:1d:ce:e8:45:d2:d4:f3: 22:10:8f:fe:53:ff:ef:cd:53:d1:e7:f1:0a:5f:9e:57:b0:b2: 70:3d:6f:45:81:50:09:dd:4f:d4:1b:ff:97:5b:a2:ba:13:d9: fb:4a:9e:eb:c6:e4:00:58:79:24:9f:8c:e9:2b:60:a9:e4:ee: 66:f4:b3:b5:1f:37:e4:3c:36:29:8b:5b:a1:97:0a:16:d7:0a: a6:b0:8b:a0:08:35:7c:36:e9:95:82:6b:09:ee:7a:d6:71:d3: 5c:5e:64:b3:a2:94:a9:7e:37:70:8e:d2:ee:14:b3:55:42:19: 36:0e:25:b0:44:03:bc:c6:4d:e2:89:4e:44:43:5f:b4:e9:93: 53:ee:eb:e3:a4:82:87:d6:bf:0e:65:9e:0e:f3:6c:87:86:13: cf:f1:7a:7e:c7:27:08:e2:ca:68:51:be:07:70:28:b6:aa:69: b4:8e:ab:e3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCD6Ctxzu9aX3sDR5LwFi4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkMzhlYjI5NTk1NjA3ZWQ0ZDhmNGQ5YmYwNmNiYTQyOTky Njg2NGEwHhcNMjYwMjA5MTEwMDQ2WhcNMjYwMjEwMTEwMDQ2WjAzMTEwLwYDVQQD Eyg1MmI2NzkwYzVmYjhmYTRkNTA1MjI5MTE1ZjhkY2VhY2RiYWZhMDM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7zasD2dVBuRNWLJ1UU/UOKeP9wV 86Nr2qp7gRIn90frqFVpSvqDDx8lduZlq0/a0TvzxvZV6GoX7q1bKpY4IwLaAvD8 oF1vBlaGP88TYEqGAdYYwFZAbIqfLr9FXWA+r5A+MpduueU4y5F+qVwVf82aNWrh M4LOChYbFMUPRwTO/Nzq4XpOYFXyGVnACxt0mJgVhKDFDCl4j1eo3GerBl1nSNS/ uoBveEq1nMZtxhWw2sV3GrxgY2ex71myiPG+kZwmc/ICTnl/b3kW5HPJDGaPmkwO fv9gqmpZtoJFle5JE7x6woYrjquSVFiz8jLaoXIeBNXDHdOdeuTInSejoQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFK2eQxfuPpNUFIpEV+Nzqzbr6A0MB8GA1UdIwQY MBaAFF046ylZVgftTY9Nm/BsukKZJoZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jN2JhOTUtOTE1My00NDE0LWFiMGMt ZDI0YjRhNWIxY2RjLzEvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85ZS9jN2JhOTUtOTE1My00NDE0LWFiMGMtZDI0YjRhNWIxY2Rj LzEvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABWgJyOus Jwow78AWA5Bnm744aUOrwLPmm2CpSLFgxuqrX9CDn9C1OTaro+zPAcuVgq/aTDr2 3trEsBdWeiilk/+dW9AVDyAiyS7+YAh6I3SiE3gdzuhF0tTzIhCP/lP/781T0efx Cl+eV7CycD1vRYFQCd1P1Bv/l1uiuhPZ+0qe68bkAFh5JJ+M6StgqeTuZvSztR83 5Dw2KYtboZcKFtcKprCLoAg1fDbplYJrCe561nHTXF5ks6KUqX43cI7S7hSzVUIZ Ng4lsEQDvMZN4olORENftOmTU+7r46SCh9a/DmWeDvNsh4YTz/F6fscnCOLKaFG+ B3AotqpptI6r4w== -----END CERTIFICATE-----Generated at Mon Feb 9 19:59:19 2026 by rpki-client