This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft File: 2Gcf4VfnflYoTFTVLi3w1_4609k.mft (raw, json) Hash identifier: 3OC1EJAOV31iUuA9FiXvGz2Ra9AmXSOTyc94zjHkt9w= Subject key identifier: E0:C7:A7:C7:53:DD:3D:1A:A0:D9:54:67:B3:A3:01:3E:16:1C:ED:0B Authority key identifier: D8:67:1F:E1:57:E7:7E:56:28:4C:54:D5:2E:2D:F0:D7:FE:3A:D3:D9 Certificate issuer: /CN=d8671fe157e77e56284c54d52e2df0d7fe3ad3d9 Certificate serial: 019C427D4EBE449482239234FA68D95BD219 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft Manifest number: 14A1 Signing time: Mon 09 Feb 2026 13:00:34 +0000 Manifest this update: Mon 09 Feb 2026 13:00:34 +0000 Manifest next update: Tue 10 Feb 2026 13:00:34 +0000 Files and hashes: 1: 2Gcf4VfnflYoTFTVLi3w1_4609k.crl (hash: BF30f37VO1V317xf+eO5Vb/VdD4TPffXp0FOEc4BysQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:7d:4e:be:44:94:82:23:92:34:fa:68:d9:5b:d2:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d8671fe157e77e56284c54d52e2df0d7fe3ad3d9 Validity Not Before: Feb 9 13:00:34 2026 GMT Not After : Feb 10 13:00:34 2026 GMT Subject: CN=e0c7a7c753dd3d1aa0d95467b3a3013e161ced0b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:3b:ab:d7:71:9f:ae:09:db:73:8c:8d:68:9f: 45:14:0e:bc:80:07:73:94:61:20:65:f7:28:3d:f0: 4b:47:55:39:3c:f3:d9:32:20:4d:98:af:ea:99:c2: 17:13:e6:8d:ea:de:b9:c5:36:f5:f3:28:4e:dd:28: 98:ee:87:36:c7:e1:43:cc:a9:29:39:6f:ae:50:2b: 56:61:55:60:ed:a6:e9:1e:4f:ed:37:26:cc:d3:9b: 14:37:ae:35:20:18:57:d5:2d:b9:fb:ee:05:c0:a9: 5e:02:02:d6:d1:c8:da:d8:17:e0:09:87:17:cf:48: 11:10:9d:ae:82:99:06:a2:50:63:a8:35:1a:0f:ae: c4:37:0e:da:c8:27:2c:fe:1b:6c:df:5f:8b:7c:42: b4:a2:76:07:8c:1a:ea:02:d8:c7:5f:4a:93:f4:fc: 84:24:22:8e:3c:4d:df:ab:25:af:f7:46:60:28:8f: 47:21:6e:1b:f0:47:5c:a5:22:a5:83:ed:34:8b:b8: e1:ac:62:42:0b:69:5c:5b:00:ff:cd:76:44:5a:15: e9:46:e9:9f:66:63:99:e4:63:72:dc:b4:97:92:35: a0:b6:4f:67:6e:11:4b:b2:68:55:ec:77:6f:3f:6d: 04:1e:b9:09:52:8b:23:4c:d9:7d:56:7f:9f:b0:2b: fc:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:C7:A7:C7:53:DD:3D:1A:A0:D9:54:67:B3:A3:01:3E:16:1C:ED:0B X509v3 Authority Key Identifier: keyid:D8:67:1F:E1:57:E7:7E:56:28:4C:54:D5:2E:2D:F0:D7:FE:3A:D3:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 11:c2:85:0c:a3:c3:ad:34:11:93:dd:56:c6:d7:fc:4d:f1:78: 63:ae:62:45:c9:2c:87:78:53:35:e6:fa:52:50:49:9f:d8:6b: 9c:5e:fa:84:17:57:51:8c:d5:c5:26:6f:d5:a2:c1:0f:24:cd: 17:94:64:20:8f:e0:0f:e8:9c:3f:34:92:9b:e3:25:a1:b8:ec: 6c:d0:05:cd:40:34:25:fa:0d:12:8b:68:4f:42:18:f8:51:ff: de:21:f0:e0:6d:e0:e0:8d:a8:ae:34:7d:b4:af:53:93:a2:fd: e9:47:bc:41:82:42:7c:d2:38:0c:e3:26:eb:ac:b0:fb:d5:cc: c7:ea:13:d0:5a:fc:0c:ac:88:63:18:04:bd:73:91:cd:bc:c7: 53:a0:79:a3:91:dc:a9:cf:92:16:ed:f4:f4:0a:46:dd:6c:44: dd:33:ff:81:e4:9b:71:0d:10:c7:36:5b:fd:40:4f:71:0f:9a: 0f:02:2a:7e:16:5d:dc:50:b9:5b:2f:e1:eb:d5:26:99:0a:8f: 19:ff:7a:0d:29:f5:0b:83:c4:83:d4:6b:46:29:fd:fc:d6:0a: 4d:be:30:53:f9:58:dc:f2:49:e5:8f:9d:f7:6a:2a:71:21:a9: f1:29:d0:81:14:74:7b:99:fc:5e:6c:40:b9:0e:64:8a:ab:6f: 96:3f:c4:4d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCfU6+RJSCI5I0+mjZW9IZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4NjcxZmUxNTdlNzdlNTYyODRjNTRkNTJlMmRmMGQ3ZmUz YWQzZDkwHhcNMjYwMjA5MTMwMDM0WhcNMjYwMjEwMTMwMDM0WjAzMTEwLwYDVQQD EyhlMGM3YTdjNzUzZGQzZDFhYTBkOTU0NjdiM2EzMDEzZTE2MWNlZDBiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1jur13Gfrgnbc4yNaJ9FFA68gAdz lGEgZfcoPfBLR1U5PPPZMiBNmK/qmcIXE+aN6t65xTb18yhO3SiY7oc2x+FDzKkp OW+uUCtWYVVg7abpHk/tNybM05sUN641IBhX1S25++4FwKleAgLW0cja2BfgCYcX z0gREJ2ugpkGolBjqDUaD67ENw7ayCcs/hts31+LfEK0onYHjBrqAtjHX0qT9PyE JCKOPE3fqyWv90ZgKI9HIW4b8EdcpSKlg+00i7jhrGJCC2lcWwD/zXZEWhXpRumf ZmOZ5GNy3LSXkjWgtk9nbhFLsmhV7HdvP20EHrkJUosjTNl9Vn+fsCv85wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFODHp8dT3T0aoNlUZ7OjAT4WHO0LMB8GA1UdIwQY MBaAFNhnH+FX535WKExU1S4t8Nf+OtPZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy83NjhiNzItMmE3Ny00MmI5LThiMGMt MWVhYmZmYWFmZjE5LzEvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy83NjhiNzItMmE3Ny00MmI5LThiMGMtMWVhYmZmYWFmZjE5 LzEvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEcKFDKPD rTQRk91Wxtf8TfF4Y65iRcksh3hTNeb6UlBJn9hrnF76hBdXUYzVxSZv1aLBDyTN F5RkII/gD+icPzSSm+MlobjsbNAFzUA0JfoNEotoT0IY+FH/3iHw4G3g4I2orjR9 tK9Tk6L96Ue8QYJCfNI4DOMm66yw+9XMx+oT0Fr8DKyIYxgEvXORzbzHU6B5o5Hc qc+SFu309ApG3WxE3TP/geSbcQ0QxzZb/UBPcQ+aDwIqfhZd3FC5Wy/h69UmmQqP Gf96DSn1C4PEg9RrRin9/NYKTb4wU/lY3PJJ5Y+d92oqcSGp8SnQgRR0e5n8XmxA uQ5kiqtvlj/ETQ== -----END CERTIFICATE-----Generated at Mon Feb 9 22:41:33 2026 by rpki-client