This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.mft File: 3jCrARAqrvMOvUyJHAOAm6rQOeA.mft (raw, json) Hash identifier: cCTbQ98ivfEQ6MYA1h5FT44yleGQZpwSw/EzmOc5fhs= Subject key identifier: 9B:D4:92:94:D3:6D:BB:FB:7C:36:BF:E7:44:AF:EB:EC:3F:1C:E2:2C Authority key identifier: DE:30:AB:01:10:2A:AE:F3:0E:BD:4C:89:1C:03:80:9B:AA:D0:39:E0 Certificate issuer: /CN=de30ab01102aaef30ebd4c891c03809baad039e0 Certificate serial: 019C427DE8E24B257F454631B31F7AD8DFB9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3jCrARAqrvMOvUyJHAOAm6rQOeA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.mft Manifest number: 01D4 Signing time: Mon 09 Feb 2026 13:01:13 +0000 Manifest this update: Mon 09 Feb 2026 13:01:13 +0000 Manifest next update: Tue 10 Feb 2026 13:01:13 +0000 Files and hashes: 1: 3jCrARAqrvMOvUyJHAOAm6rQOeA.crl (hash: mLPzPgH0KkT9nXf9M1Vgeb4xAlqua6+ppUJEgMjDWLM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.crl rsync://rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.mft rsync://rpki.ripe.net/repository/DEFAULT/3jCrARAqrvMOvUyJHAOAm6rQOeA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:7d:e8:e2:4b:25:7f:45:46:31:b3:1f:7a:d8:df:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=de30ab01102aaef30ebd4c891c03809baad039e0 Validity Not Before: Feb 9 13:01:13 2026 GMT Not After : Feb 10 13:01:13 2026 GMT Subject: CN=9bd49294d36dbbfb7c36bfe744afebec3f1ce22c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:53:11:50:3b:08:ac:6d:d7:37:74:f5:73:99: a2:53:e0:9d:62:12:cd:e5:f5:4b:b6:ce:b8:c9:c2: 59:22:db:2f:20:a8:a9:60:da:92:de:69:9b:35:48: 65:f7:1b:b9:68:2c:71:32:74:a0:9b:1d:b2:69:77: 3a:f2:79:57:32:43:9b:db:b4:0d:3e:7c:cb:2c:00: 4b:0d:21:96:dd:d8:74:ad:38:c1:a7:8f:96:93:3d: ae:9a:48:10:30:c3:e9:e8:7d:88:e0:91:1c:11:2f: 3e:6a:f8:64:08:1e:94:82:73:17:1b:86:fe:b0:66: 5d:00:74:bf:3f:0f:49:14:62:29:9d:e9:25:9b:8d: 66:e0:ce:29:9b:59:2d:ea:0e:58:5a:f1:19:75:fd: 11:2a:9c:ef:1f:15:06:99:89:ac:b7:17:c4:50:d4: 0e:84:e0:b3:66:c9:2e:b6:01:64:5f:06:cb:6c:2e: 7f:9d:ae:8d:d3:80:00:9b:d1:af:ad:71:94:03:a0: cb:20:42:74:66:98:e2:c9:16:e6:60:16:8c:00:c7: ff:53:42:8e:69:cd:32:e4:3d:f7:8f:67:d1:35:e1: 03:73:e7:b4:3e:3b:b1:9e:41:b8:49:b8:8e:19:0b: 8d:57:f4:cc:d8:5a:db:c6:7c:81:b5:5d:b0:98:1f: 8a:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:D4:92:94:D3:6D:BB:FB:7C:36:BF:E7:44:AF:EB:EC:3F:1C:E2:2C X509v3 Authority Key Identifier: keyid:DE:30:AB:01:10:2A:AE:F3:0E:BD:4C:89:1C:03:80:9B:AA:D0:39:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3jCrARAqrvMOvUyJHAOAm6rQOeA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3b:d1:bd:57:8e:3e:81:18:45:84:ea:3f:12:a8:15:c4:e8:23: 1f:33:d7:e5:9f:f6:f9:be:2e:31:5a:5a:13:27:65:f4:e4:25: 7f:db:80:37:b1:bf:8c:0c:b8:43:86:5c:4d:98:73:11:91:a5: 10:35:33:bc:58:bb:9e:26:45:03:4c:17:27:5a:0f:0f:b2:5c: cc:3a:fc:fb:ff:a8:83:91:d7:30:06:8a:f0:f4:9c:bf:d0:6e: ce:35:1b:26:53:93:f1:2e:15:cb:08:ec:9f:04:44:c2:5e:39: 6b:c4:a7:7d:32:9b:1a:4d:13:3e:6a:f9:5f:da:61:44:be:0d: 3a:9c:c4:b8:17:77:d7:c2:0b:c3:0d:99:29:7a:30:79:a7:57: 35:e2:f4:32:6b:ef:7e:76:e0:70:40:c9:20:2a:36:6f:9c:3a: 2e:71:45:8e:bd:c2:af:b6:34:0d:7d:07:8d:e1:75:86:f7:8e: 29:da:b1:d1:94:3a:d9:a1:37:b6:46:93:96:ea:31:13:d5:43: 1b:6a:3b:de:f3:09:8b:2b:af:33:a1:3a:8a:e3:73:86:56:7a: 7c:8e:45:9f:ec:01:7d:9b:b5:69:d3:82:bf:79:a8:5c:e0:d9: 9c:98:77:37:c3:bd:95:f5:2b:62:46:53:3b:71:5d:80:fe:70: 60:c4:7b:89 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCfejiSyV/RUYxsx962N+5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlMzBhYjAxMTAyYWFlZjMwZWJkNGM4OTFjMDM4MDliYWFk MDM5ZTAwHhcNMjYwMjA5MTMwMTEzWhcNMjYwMjEwMTMwMTEzWjAzMTEwLwYDVQQD Eyg5YmQ0OTI5NGQzNmRiYmZiN2MzNmJmZTc0NGFmZWJlYzNmMWNlMjJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1MRUDsIrG3XN3T1c5miU+CdYhLN 5fVLts64ycJZItsvIKipYNqS3mmbNUhl9xu5aCxxMnSgmx2yaXc68nlXMkOb27QN PnzLLABLDSGW3dh0rTjBp4+Wkz2umkgQMMPp6H2I4JEcES8+avhkCB6UgnMXG4b+ sGZdAHS/Pw9JFGIpneklm41m4M4pm1kt6g5YWvEZdf0RKpzvHxUGmYmstxfEUNQO hOCzZskutgFkXwbLbC5/na6N04AAm9GvrXGUA6DLIEJ0ZpjiyRbmYBaMAMf/U0KO ac0y5D33j2fRNeEDc+e0PjuxnkG4SbiOGQuNV/TM2FrbxnyBtV2wmB+KFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJvUkpTTbbv7fDa/50Sv6+w/HOIsMB8GA1UdIwQY MBaAFN4wqwEQKq7zDr1MiRwDgJuq0DngMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM2pDckFSQXFydk1PdlV5SkhBT0FtNnJRT2VBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS81NTNkZTEtMGVlNS00YjI1LWE1MjAt ZDQyNzY4Yzg0ZGY3LzEvM2pDckFSQXFydk1PdlV5SkhBT0FtNnJRT2VBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZS81NTNkZTEtMGVlNS00YjI1LWE1MjAtZDQyNzY4Yzg0ZGY3 LzEvM2pDckFSQXFydk1PdlV5SkhBT0FtNnJRT2VBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO9G9V44+ gRhFhOo/EqgVxOgjHzPX5Z/2+b4uMVpaEydl9OQlf9uAN7G/jAy4Q4ZcTZhzEZGl EDUzvFi7niZFA0wXJ1oPD7JczDr8+/+og5HXMAaK8PScv9BuzjUbJlOT8S4Vywjs nwREwl45a8SnfTKbGk0TPmr5X9phRL4NOpzEuBd318ILww2ZKXoweadXNeL0Mmvv fnbgcEDJICo2b5w6LnFFjr3Cr7Y0DX0HjeF1hveOKdqx0ZQ62aE3tkaTluoxE9VD G2o73vMJiyuvM6E6iuNzhlZ6fI5Fn+wBfZu1adOCv3moXODZnJh3N8O9lfUrYkZT O3FdgP5wYMR7iQ== -----END CERTIFICATE-----Generated at Mon Feb 9 17:02:26 2026 by rpki-client