This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/113f5f-be58-478c-9030-32d80d8d1615/1/0tzocORzw1QnPonF5OLtPgwGk1Y.mft File: 0tzocORzw1QnPonF5OLtPgwGk1Y.mft (raw, json) Hash identifier: QSBpL9DNy2EcNZLgCOfv337FNbcgjhOn1jm39ER5QSE= Subject key identifier: 3A:33:E2:1A:3F:6E:C7:DF:AB:AC:0B:B4:32:6F:79:31:6D:2F:D5:99 Authority key identifier: D2:DC:E8:70:E4:73:C3:54:27:3E:89:C5:E4:E2:ED:3E:0C:06:93:56 Certificate issuer: /CN=d2dce870e473c354273e89c5e4e2ed3e0c069356 Certificate serial: 019C4322090B3FEE23A09DA3CC0645E0D029 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0tzocORzw1QnPonF5OLtPgwGk1Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/113f5f-be58-478c-9030-32d80d8d1615/1/0tzocORzw1QnPonF5OLtPgwGk1Y.mft Manifest number: 0C68 Signing time: Mon 09 Feb 2026 16:00:29 +0000 Manifest this update: Mon 09 Feb 2026 16:00:29 +0000 Manifest next update: Tue 10 Feb 2026 16:00:29 +0000 Files and hashes: 1: 0tzocORzw1QnPonF5OLtPgwGk1Y.crl (hash: cmbHJ4qZ9m3DlPuyCJquAv90NUtlpFh4xrmL6zh1Poc=) 2: ThzwdKdKn1Xy5a4JKmMojrXgu40.roa (hash: lIi2RxL8LrPV+57y38KO3DW0z4++WwpkT83uTb32e/I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/113f5f-be58-478c-9030-32d80d8d1615/1/0tzocORzw1QnPonF5OLtPgwGk1Y.crl rsync://rpki.ripe.net/repository/DEFAULT/a6/113f5f-be58-478c-9030-32d80d8d1615/1/0tzocORzw1QnPonF5OLtPgwGk1Y.mft rsync://rpki.ripe.net/repository/DEFAULT/0tzocORzw1QnPonF5OLtPgwGk1Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:22:09:0b:3f:ee:23:a0:9d:a3:cc:06:45:e0:d0:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d2dce870e473c354273e89c5e4e2ed3e0c069356 Validity Not Before: Feb 9 16:00:29 2026 GMT Not After : Feb 10 16:00:29 2026 GMT Subject: CN=3a33e21a3f6ec7dfabac0bb4326f79316d2fd599 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:81:25:6f:18:7b:44:ca:84:d7:ac:73:32:c3: 5f:b5:28:e6:4d:86:53:ab:6a:4c:5f:aa:0a:b0:fb: c9:bf:02:ae:63:c0:71:e2:b9:ab:fe:f6:d4:19:6e: 72:24:5d:28:ab:c5:02:99:6d:d2:72:a9:a5:f9:89: d3:81:d7:73:97:41:8f:d3:70:3f:24:c3:ea:24:31: f1:78:64:cb:0c:6a:77:fa:bd:b1:30:5b:9c:76:d0: 1e:e8:e9:0a:95:d7:ce:40:02:30:34:9d:b6:54:30: 93:83:1d:27:66:ec:d1:fe:c1:fe:81:01:27:0f:1b: 63:17:81:9a:5d:e3:cf:22:06:ad:5c:a4:2d:26:89: db:39:3a:50:44:e2:fc:42:eb:39:44:7f:eb:4f:73: ff:f4:d3:00:ac:81:25:d4:04:69:5a:fd:c9:e5:e2: 36:e6:7c:7d:6d:f7:1f:24:c2:76:b8:de:11:28:84: 02:6c:d1:b7:9c:24:dc:a2:b8:9c:c8:82:8c:f8:b0: 8a:65:d8:1d:44:af:ef:5d:ce:5d:1f:18:10:f2:4f: 57:45:ca:b5:ba:bf:8e:62:1a:41:c1:b2:5f:72:cc: ca:4f:b7:90:e1:95:df:09:81:f1:d4:23:b2:d7:53: 1e:af:ea:28:4b:03:4f:96:bd:0d:2d:58:8a:61:3e: ec:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:33:E2:1A:3F:6E:C7:DF:AB:AC:0B:B4:32:6F:79:31:6D:2F:D5:99 X509v3 Authority Key Identifier: keyid:D2:DC:E8:70:E4:73:C3:54:27:3E:89:C5:E4:E2:ED:3E:0C:06:93:56 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0tzocORzw1QnPonF5OLtPgwGk1Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/113f5f-be58-478c-9030-32d80d8d1615/1/0tzocORzw1QnPonF5OLtPgwGk1Y.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/113f5f-be58-478c-9030-32d80d8d1615/1/0tzocORzw1QnPonF5OLtPgwGk1Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 47:7d:08:ea:66:cb:51:94:b1:e2:37:63:ed:13:d7:ee:b9:02: c9:e5:2f:2c:be:91:06:85:20:89:69:ad:e8:7f:bf:a1:1c:e0: 2c:f8:ff:86:3e:7b:98:f3:db:95:b7:73:c1:1f:00:68:16:17: 51:9a:f4:e4:21:2a:dd:b9:9f:57:01:a1:17:d5:63:43:53:08: 6b:7a:0f:61:4f:c2:61:70:60:03:b0:d8:08:a5:f0:90:c8:66: e8:c3:b1:2a:4e:b6:c5:88:37:51:72:3f:c3:83:07:9f:fb:4b: 84:39:7c:67:33:2a:70:f4:10:d0:e8:66:db:d9:c1:2f:8b:56: d5:d6:89:33:b1:07:69:7f:51:21:ab:f1:47:99:ff:1d:34:08: ec:a2:1d:d3:a1:c1:9f:5d:96:6b:05:16:b2:26:75:9a:5d:af: 80:e7:e3:de:80:d0:16:e9:5d:8c:b9:3b:c1:d1:94:61:dc:79: 42:f9:8b:87:99:e2:73:9a:53:c2:8d:48:8b:d0:6e:a2:57:fe: fb:79:bf:b0:85:42:97:bb:b7:96:25:40:04:45:eb:ee:44:18: 95:9f:fb:3a:4a:41:19:33:f6:d0:3b:e2:c0:07:54:31:4c:4c: 80:1c:ab:fd:e7:59:e1:2f:19:b8:ba:11:87:f4:87:3e:f1:98: 50:35:d5:05 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDIgkLP+4joJ2jzAZF4NApMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyZGNlODcwZTQ3M2MzNTQyNzNlODljNWU0ZTJlZDNlMGMw NjkzNTYwHhcNMjYwMjA5MTYwMDI5WhcNMjYwMjEwMTYwMDI5WjAzMTEwLwYDVQQD EygzYTMzZTIxYTNmNmVjN2RmYWJhYzBiYjQzMjZmNzkzMTZkMmZkNTk5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3YElbxh7RMqE16xzMsNftSjmTYZT q2pMX6oKsPvJvwKuY8Bx4rmr/vbUGW5yJF0oq8UCmW3Scqml+YnTgddzl0GP03A/ JMPqJDHxeGTLDGp3+r2xMFucdtAe6OkKldfOQAIwNJ22VDCTgx0nZuzR/sH+gQEn DxtjF4GaXePPIgatXKQtJonbOTpQROL8Qus5RH/rT3P/9NMArIEl1ARpWv3J5eI2 5nx9bfcfJMJ2uN4RKIQCbNG3nCTcoricyIKM+LCKZdgdRK/vXc5dHxgQ8k9XRcq1 ur+OYhpBwbJfcszKT7eQ4ZXfCYHx1COy11Mer+ooSwNPlr0NLViKYT7sawIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDoz4ho/bsffq6wLtDJveTFtL9WZMB8GA1UdIwQY MBaAFNLc6HDkc8NUJz6JxeTi7T4MBpNWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMHR6b2NPUnp3MVFuUG9uRjVPTHRQZ3dHazFZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8xMTNmNWYtYmU1OC00NzhjLTkwMzAt MzJkODBkOGQxNjE1LzEvMHR6b2NPUnp3MVFuUG9uRjVPTHRQZ3dHazFZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNi8xMTNmNWYtYmU1OC00NzhjLTkwMzAtMzJkODBkOGQxNjE1 LzEvMHR6b2NPUnp3MVFuUG9uRjVPTHRQZ3dHazFZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR30I6mbL UZSx4jdj7RPX7rkCyeUvLL6RBoUgiWmt6H+/oRzgLPj/hj57mPPblbdzwR8AaBYX UZr05CEq3bmfVwGhF9VjQ1MIa3oPYU/CYXBgA7DYCKXwkMhm6MOxKk62xYg3UXI/ w4MHn/tLhDl8ZzMqcPQQ0Ohm29nBL4tW1daJM7EHaX9RIavxR5n/HTQI7KId06HB n12WawUWsiZ1ml2vgOfj3oDQFuldjLk7wdGUYdx5QvmLh5nic5pTwo1Ii9Buolf+ +3m/sIVCl7u3liVABEXr7kQYlZ/7OkpBGTP20DviwAdUMUxMgByr/edZ4S8ZuLoR h/SHPvGYUDXVBQ== -----END CERTIFICATE-----Generated at Mon Feb 9 19:58:52 2026 by rpki-client