This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.mft File: kdTzrA50tq60hL0U9ocdmjBCK30.mft (raw, json) Hash identifier: di73l1wpqg82pWOqd5TI89GwOxz+73pwx0rY9HLlwL4= Subject key identifier: 2B:0F:0C:CB:D7:E5:6B:F2:57:02:5E:49:A9:DE:72:F6:0F:B8:8A:57 Authority key identifier: 91:D4:F3:AC:0E:74:B6:AE:B4:84:BD:14:F6:87:1D:9A:30:42:2B:7D Certificate issuer: /CN=91d4f3ac0e74b6aeb484bd14f6871d9a30422b7d Certificate serial: 019C43227E25E11273D9AE7EE82ACDEAC569 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdTzrA50tq60hL0U9ocdmjBCK30.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.mft Manifest number: 0287 Signing time: Mon 09 Feb 2026 16:00:59 +0000 Manifest this update: Mon 09 Feb 2026 16:00:59 +0000 Manifest next update: Tue 10 Feb 2026 16:00:59 +0000 Files and hashes: 1: kdTzrA50tq60hL0U9ocdmjBCK30.crl (hash: SdaxdO6BRBZXW9PBcMqoxsbfGrfb8rEOj4pgE5tv/0Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.crl rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.mft rsync://rpki.ripe.net/repository/DEFAULT/kdTzrA50tq60hL0U9ocdmjBCK30.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:22:7e:25:e1:12:73:d9:ae:7e:e8:2a:cd:ea:c5:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91d4f3ac0e74b6aeb484bd14f6871d9a30422b7d Validity Not Before: Feb 9 16:00:59 2026 GMT Not After : Feb 10 16:00:59 2026 GMT Subject: CN=2b0f0ccbd7e56bf257025e49a9de72f60fb88a57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:f3:d3:ca:67:de:a6:bb:32:47:08:01:43:eb: 2e:4d:7a:c4:1e:1b:0d:ff:b5:b7:d6:77:a7:ff:1e: 46:1b:c6:56:e7:87:59:67:cb:e7:c3:a0:a8:5a:3a: dd:94:0b:99:90:d8:90:c1:4b:04:1e:37:0b:96:1b: 53:5e:92:33:c4:cb:b5:0c:a6:32:15:27:75:77:0f: 3f:5a:28:83:9e:ad:6c:c2:e9:64:a2:f4:ed:34:da: f9:94:ba:ce:af:06:0d:c6:0a:4a:bb:e4:a0:f4:fe: 0c:24:f1:ab:61:12:98:68:08:90:46:00:cb:3e:24: 1e:a0:cf:26:6b:0a:5b:a1:9b:b5:1d:93:f8:ee:9e: ec:e5:b4:49:14:eb:c6:3b:80:cf:fb:27:a8:93:7a: 4a:a3:0a:09:7f:6f:44:64:89:79:20:0a:68:21:7c: 69:09:fe:81:50:4b:ed:e4:b3:61:f4:c8:67:e7:bd: b2:0c:25:7c:4e:b1:26:c7:68:e4:05:31:1a:06:7e: d8:e7:6f:f1:38:5f:6e:4d:02:fd:4c:76:c3:c0:a9: 60:ef:60:5b:fc:07:37:67:0d:fe:b3:f2:8f:17:e7: c0:0c:bb:8b:de:e7:7e:49:78:31:91:1e:e9:44:a4: 09:7e:72:d8:d9:88:65:13:8a:7b:66:7d:af:00:00: db:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:0F:0C:CB:D7:E5:6B:F2:57:02:5E:49:A9:DE:72:F6:0F:B8:8A:57 X509v3 Authority Key Identifier: keyid:91:D4:F3:AC:0E:74:B6:AE:B4:84:BD:14:F6:87:1D:9A:30:42:2B:7D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdTzrA50tq60hL0U9ocdmjBCK30.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 92:99:be:5c:14:46:ee:2a:1b:77:d6:6d:ec:c4:74:ff:1c:30: 79:4d:98:4a:bf:66:b0:1e:b5:b3:f6:30:e5:eb:13:a6:5a:41: 27:a0:7c:ad:bd:48:00:e5:bd:7d:4f:2a:81:2a:2e:92:31:56: e9:d1:52:93:cb:81:aa:b2:40:7e:3d:81:b8:e0:1f:17:f0:58: 2f:29:70:ad:2e:eb:53:da:94:36:41:8b:36:c3:1c:a0:27:f5: 98:8d:16:06:e1:4c:54:24:52:63:8d:e9:91:40:1b:d3:71:df: aa:a7:84:6e:58:85:2a:91:00:8d:57:e6:a8:e5:ba:2e:8e:16: 25:59:d2:b7:73:06:15:0d:1f:fe:c5:37:a9:5e:d1:f3:24:d4: 2f:06:ac:b2:08:44:87:59:af:73:ed:78:2c:b1:6b:c8:4d:de: db:63:90:0d:e7:dd:bc:a9:76:08:7e:a7:13:3d:dc:ee:49:a0: 9c:d6:16:9d:93:a6:4b:f5:d3:e4:0e:5a:b6:32:43:89:98:0a: 4a:33:00:83:ac:bc:b0:27:e5:c9:3b:e1:73:8e:b8:cb:3c:80: 07:dc:da:5d:0d:02:a0:1c:4c:79:1a:d0:5a:71:ae:1e:b0:91: f9:26:89:39:94:c9:8a:8a:01:e9:87:3f:f5:68:41:c3:c9:e6: 0a:5e:86:bd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDIn4l4RJz2a5+6CrN6sVpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxZDRmM2FjMGU3NGI2YWViNDg0YmQxNGY2ODcxZDlhMzA0 MjJiN2QwHhcNMjYwMjA5MTYwMDU5WhcNMjYwMjEwMTYwMDU5WjAzMTEwLwYDVQQD EygyYjBmMGNjYmQ3ZTU2YmYyNTcwMjVlNDlhOWRlNzJmNjBmYjg4YTU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/PTymfeprsyRwgBQ+suTXrEHhsN /7W31nen/x5GG8ZW54dZZ8vnw6CoWjrdlAuZkNiQwUsEHjcLlhtTXpIzxMu1DKYy FSd1dw8/WiiDnq1swulkovTtNNr5lLrOrwYNxgpKu+Sg9P4MJPGrYRKYaAiQRgDL PiQeoM8mawpboZu1HZP47p7s5bRJFOvGO4DP+yeok3pKowoJf29EZIl5IApoIXxp Cf6BUEvt5LNh9Mhn572yDCV8TrEmx2jkBTEaBn7Y52/xOF9uTQL9THbDwKlg72Bb /Ac3Zw3+s/KPF+fADLuL3ud+SXgxkR7pRKQJfnLY2YhlE4p7Zn2vAADbzwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCsPDMvX5WvyVwJeSanecvYPuIpXMB8GA1UdIwQY MBaAFJHU86wOdLautIS9FPaHHZowQit9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2RUenJBNTB0cTYwaEwwVTlvY2RtakJDSzMwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84ZDBjNjgtNjFhNS00YWUxLWE4MzEt YWExMDQ3MzJmNTczLzEva2RUenJBNTB0cTYwaEwwVTlvY2RtakJDSzMwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYi84ZDBjNjgtNjFhNS00YWUxLWE4MzEtYWExMDQ3MzJmNTcz LzEva2RUenJBNTB0cTYwaEwwVTlvY2RtakJDSzMwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkpm+XBRG 7iobd9Zt7MR0/xwweU2YSr9msB61s/Yw5esTplpBJ6B8rb1IAOW9fU8qgSoukjFW 6dFSk8uBqrJAfj2BuOAfF/BYLylwrS7rU9qUNkGLNsMcoCf1mI0WBuFMVCRSY43p kUAb03HfqqeEbliFKpEAjVfmqOW6Lo4WJVnSt3MGFQ0f/sU3qV7R8yTULwassghE h1mvc+14LLFryE3e22OQDefdvKl2CH6nEz3c7kmgnNYWnZOmS/XT5A5atjJDiZgK SjMAg6y8sCflyTvhc464yzyAB9zaXQ0CoBxMeRrQWnGuHrCR+SaJOZTJiooB6Yc/ 9WhBw8nmCl6GvQ== -----END CERTIFICATE-----Generated at Mon Feb 9 19:59:00 2026 by rpki-client