This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft File: 582m42RtyToNLUKV0esJR2xmvKY.mft (raw, json) Hash identifier: hi0v+BW+mZ2KBdi4tRtMeGRUmlaIRTYSyUTmkx6Eoos= Subject key identifier: BC:2C:38:00:0E:D1:19:95:5D:35:4F:55:64:DA:2C:85:31:2B:3A:41 Authority key identifier: E7:CD:A6:E3:64:6D:C9:3A:0D:2D:42:95:D1:EB:09:47:6C:66:BC:A6 Certificate issuer: /CN=e7cda6e3646dc93a0d2d4295d1eb09476c66bca6 Certificate serial: 019C420F8FB5E6C81C3D0B526217CD0DDA94 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft Manifest number: 0536 Signing time: Mon 09 Feb 2026 11:00:41 +0000 Manifest this update: Mon 09 Feb 2026 11:00:41 +0000 Manifest next update: Tue 10 Feb 2026 11:00:41 +0000 Files and hashes: 1: 582m42RtyToNLUKV0esJR2xmvKY.crl (hash: 2+UvrXxMQxJewqVnNpIBBjHGZKxmAstxtov948QD1h0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 11:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:0f:8f:b5:e6:c8:1c:3d:0b:52:62:17:cd:0d:da:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e7cda6e3646dc93a0d2d4295d1eb09476c66bca6 Validity Not Before: Feb 9 11:00:41 2026 GMT Not After : Feb 10 11:00:41 2026 GMT Subject: CN=bc2c38000ed119955d354f5564da2c85312b3a41 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:78:07:1e:6a:10:82:68:40:08:70:1d:60:7b: e0:4b:cb:24:fc:c7:84:4d:d8:40:eb:cc:e8:08:92: c0:4c:0d:f1:27:ec:98:02:88:85:fe:ee:0e:a6:a0: 69:3b:c3:cf:47:28:30:6e:11:e2:6e:c4:a2:4e:db: a3:37:16:42:5a:be:bf:d6:25:ac:a4:3f:76:f4:2c: 77:3a:38:66:38:79:13:9e:34:ba:0a:8c:81:f0:ea: 53:06:41:b7:37:d6:e0:2a:dc:5f:df:c1:87:af:32: ad:cb:35:a1:d7:2b:c1:d9:b3:c3:ff:82:f4:78:02: bd:c2:d5:36:b6:5c:71:ee:4c:89:3a:a9:a3:fc:e5: 64:b2:39:f5:6f:00:05:12:47:73:af:ae:e6:ec:63: 35:b6:34:77:4b:0a:8e:dc:b9:1d:57:d8:1a:e0:7b: 1e:72:6c:e8:0d:49:80:59:1e:44:e1:27:97:57:ee: a4:23:8e:11:6e:77:e7:d5:43:28:ec:94:c6:b6:53: 33:46:21:1c:9d:26:5d:3a:f2:8a:b3:cd:ae:7a:f9: 96:e2:b4:22:f2:09:4b:c0:88:00:f6:50:74:37:8a: 8c:84:78:d6:0c:13:c6:bd:87:7a:02:cc:d1:ea:a2: 70:a8:c9:f1:a1:bf:8e:51:20:99:7c:92:ef:ef:b8: a9:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:2C:38:00:0E:D1:19:95:5D:35:4F:55:64:DA:2C:85:31:2B:3A:41 X509v3 Authority Key Identifier: keyid:E7:CD:A6:E3:64:6D:C9:3A:0D:2D:42:95:D1:EB:09:47:6C:66:BC:A6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption e5:a2:15:8a:af:f5:c7:ff:ab:27:17:0a:1e:b7:49:d9:12:ed: 11:83:ff:32:7a:e6:91:f0:da:62:5c:66:9c:f0:3a:50:be:2b: 50:7c:fa:53:e4:a1:27:04:4d:53:cc:2e:08:8e:6b:b1:82:ec: 6e:75:c6:7c:6f:63:c1:d8:d2:f9:78:c6:30:ea:09:7e:6f:d3: 23:83:49:75:ad:c2:4c:dc:6a:30:0f:3e:f8:9d:ff:5f:93:8a: ae:8d:e0:2b:ad:fe:b7:94:a4:a4:30:2e:e9:5e:0b:2e:f2:42: 71:f4:b5:61:56:1b:e6:0a:98:7a:26:55:58:00:03:0b:4d:7d: ca:73:69:80:2c:ad:9b:71:03:ee:53:d2:3d:62:28:ec:fc:12: 84:78:ac:f1:5b:b4:30:09:7e:c7:2d:5a:9e:3d:27:23:96:3c: 68:de:b7:f4:dd:27:1a:7f:a3:0a:5c:e3:fd:e9:04:a4:99:a5: e9:13:84:ba:38:ba:f3:5b:f0:9c:8b:f5:63:2e:a9:dc:41:70: b2:ce:e3:c9:7b:78:51:6d:0e:61:fb:0f:1e:39:fb:89:bf:67: 5e:44:5b:cb:6e:35:20:63:47:5e:90:75:0c:a7:d1:aa:9a:a0: 28:78:35:01:fc:90:e1:f0:06:0d:f5:02:92:c8:f2:83:19:75: 4a:f9:7c:fb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCD4+15sgcPQtSYhfNDdqUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU3Y2RhNmUzNjQ2ZGM5M2EwZDJkNDI5NWQxZWIwOTQ3NmM2 NmJjYTYwHhcNMjYwMjA5MTEwMDQxWhcNMjYwMjEwMTEwMDQxWjAzMTEwLwYDVQQD EyhiYzJjMzgwMDBlZDExOTk1NWQzNTRmNTU2NGRhMmM4NTMxMmIzYTQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3HgHHmoQgmhACHAdYHvgS8sk/MeE TdhA68zoCJLATA3xJ+yYAoiF/u4OpqBpO8PPRygwbhHibsSiTtujNxZCWr6/1iWs pD929Cx3OjhmOHkTnjS6CoyB8OpTBkG3N9bgKtxf38GHrzKtyzWh1yvB2bPD/4L0 eAK9wtU2tlxx7kyJOqmj/OVksjn1bwAFEkdzr67m7GM1tjR3SwqO3LkdV9ga4Hse cmzoDUmAWR5E4SeXV+6kI44Rbnfn1UMo7JTGtlMzRiEcnSZdOvKKs82uevmW4rQi 8glLwIgA9lB0N4qMhHjWDBPGvYd6AszR6qJwqMnxob+OUSCZfJLv77ipOQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLwsOAAO0RmVXTVPVWTaLIUxKzpBMB8GA1UdIwQY MBaAFOfNpuNkbck6DS1CldHrCUdsZrymMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zYTZkMjgtMWM0My00YjhiLWI3MTMt NTY4YzQwN2IzMGY3LzEvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS8zYTZkMjgtMWM0My00YjhiLWI3MTMtNTY4YzQwN2IzMGY3 LzEvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA5aIViq/1 x/+rJxcKHrdJ2RLtEYP/MnrmkfDaYlxmnPA6UL4rUHz6U+ShJwRNU8wuCI5rsYLs bnXGfG9jwdjS+XjGMOoJfm/TI4NJda3CTNxqMA8++J3/X5OKro3gK63+t5SkpDAu 6V4LLvJCcfS1YVYb5gqYeiZVWAADC019ynNpgCytm3ED7lPSPWIo7PwShHis8Vu0 MAl+xy1anj0nI5Y8aN639N0nGn+jClzj/ekEpJml6ROEuji681vwnIv1Yy6p3EFw ss7jyXt4UW0OYfsPHjn7ib9nXkRby241IGNHXpB1DKfRqpqgKHg1AfyQ4fAGDfUC ksjygxl1Svl8+w== -----END CERTIFICATE-----Generated at Mon Feb 9 20:59:03 2026 by rpki-client