This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft File: xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft (raw, json) Hash identifier: KH0Rr5Iho2WSSdH0TLEjhswR8T7kyWZEHhkQ7UFOycs= Subject key identifier: E3:5E:5A:7F:2C:5F:28:C4:19:95:FA:00:97:41:31:E1:33:7E:04:4D Authority key identifier: C4:13:D7:A3:76:5F:F9:A2:2B:BC:22:99:E0:49:69:1E:29:40:CB:82 Certificate issuer: /CN=c413d7a3765ff9a22bbc2299e049691e2940cb82 Certificate serial: 019C438FCD7D67B6954F4EAB2404C1912623 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft Manifest number: 1581 Signing time: Mon 09 Feb 2026 18:00:23 +0000 Manifest this update: Mon 09 Feb 2026 18:00:23 +0000 Manifest next update: Tue 10 Feb 2026 18:00:23 +0000 Files and hashes: 1: xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl (hash: 5vfW9L914KLSidbnoJXeubYfDeYYFXP7tX9DyJFN3n0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:8f:cd:7d:67:b6:95:4f:4e:ab:24:04:c1:91:26:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c413d7a3765ff9a22bbc2299e049691e2940cb82 Validity Not Before: Feb 9 18:00:23 2026 GMT Not After : Feb 10 18:00:23 2026 GMT Subject: CN=e35e5a7f2c5f28c41995fa00974131e1337e044d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:41:4d:25:7c:d8:d8:9c:9f:bf:d9:64:e0:8c: d3:10:c4:f8:ac:3d:a6:0d:62:6a:e2:fe:b3:9b:63: e0:3b:eb:9d:57:ab:d0:5a:21:a9:3b:30:e4:f1:60: d2:e9:7d:45:55:f6:aa:85:98:fb:1f:88:2f:cf:12: 19:8d:5a:e3:ab:44:47:bb:f0:0a:89:4b:8a:f8:32: 30:8b:59:6e:d9:e9:05:b5:e1:9b:4b:b8:a0:e4:d7: 94:05:4b:6e:e9:13:e8:54:32:ce:c8:93:19:19:e1: 7f:e8:ef:41:78:ca:d6:b1:02:5a:2a:45:97:2d:22: 9a:3c:d1:f6:36:59:60:5c:49:96:97:b8:92:61:55: 85:fd:2c:19:6e:f4:aa:b9:ab:55:41:f3:1a:2a:48: 3c:d6:b4:9c:db:9f:59:a6:27:92:41:5e:e1:bf:06: 7c:38:67:30:63:24:41:ff:43:f0:aa:7a:d0:26:bb: 36:36:51:b8:07:d7:ed:b7:9e:9e:cc:58:72:3a:f0: 56:83:54:b6:4e:e5:d5:c4:de:7a:12:d5:3d:33:14: 9e:f6:13:a1:9f:f8:14:d1:ad:cc:b1:73:cd:56:52: d7:6f:88:dc:46:b3:b1:02:5c:60:e4:c6:48:7d:8e: 73:07:00:c3:d8:f8:21:4d:17:4e:02:67:5d:c0:77: 70:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:5E:5A:7F:2C:5F:28:C4:19:95:FA:00:97:41:31:E1:33:7E:04:4D X509v3 Authority Key Identifier: keyid:C4:13:D7:A3:76:5F:F9:A2:2B:BC:22:99:E0:49:69:1E:29:40:CB:82 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0e:9f:3b:8c:e8:ec:90:66:3f:9b:f1:2c:0e:c9:f6:a2:a8:d8: b8:7d:90:9e:f0:ed:65:25:a7:f9:ce:52:49:6f:a7:04:05:ab: b0:52:fd:61:5f:05:a2:2d:f8:9f:d3:db:78:36:fb:df:9b:0d: 0c:ab:ec:0d:79:84:ae:fe:78:c2:f6:47:bf:a2:ff:65:c8:b0: 3f:4f:81:f0:9a:87:46:85:56:50:31:55:e8:2c:63:46:c7:6c: 32:1f:50:23:a0:e2:b1:a9:e1:9d:98:f5:59:ab:05:01:1c:28: 6d:a4:c0:eb:df:57:15:57:de:44:0d:5e:56:96:d2:55:37:b6: 48:c7:22:01:f0:ae:86:08:49:8e:90:f9:82:29:89:39:af:0e: a4:89:e5:7d:c5:24:20:db:a9:ee:6f:96:ef:2f:8b:0e:86:74: 4e:ba:6e:d6:fe:22:cb:2c:6e:94:b2:10:80:39:87:52:6d:19: 7e:85:35:fb:de:f5:44:a2:fd:10:86:4d:2c:24:68:5c:3a:ed: 36:57:3a:40:d4:33:97:03:28:68:02:b6:a1:98:5d:07:f2:fd: 11:f7:08:ab:75:a3:db:8a:29:b6:ae:6c:8f:dd:28:9d:ee:45: 59:8d:2f:ff:89:b1:2a:67:ab:cd:1d:4c:02:fe:ab:f8:86:11: 46:98:c6:81 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDj819Z7aVT06rJATBkSYjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0MTNkN2EzNzY1ZmY5YTIyYmJjMjI5OWUwNDk2OTFlMjk0 MGNiODIwHhcNMjYwMjA5MTgwMDIzWhcNMjYwMjEwMTgwMDIzWjAzMTEwLwYDVQQD EyhlMzVlNWE3ZjJjNWYyOGM0MTk5NWZhMDA5NzQxMzFlMTMzN2UwNDRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEFNJXzY2Jyfv9lk4IzTEMT4rD2m DWJq4v6zm2PgO+udV6vQWiGpOzDk8WDS6X1FVfaqhZj7H4gvzxIZjVrjq0RHu/AK iUuK+DIwi1lu2ekFteGbS7ig5NeUBUtu6RPoVDLOyJMZGeF/6O9BeMrWsQJaKkWX LSKaPNH2NllgXEmWl7iSYVWF/SwZbvSquatVQfMaKkg81rSc259ZpieSQV7hvwZ8 OGcwYyRB/0PwqnrQJrs2NlG4B9ftt56ezFhyOvBWg1S2TuXVxN56EtU9MxSe9hOh n/gU0a3MsXPNVlLXb4jcRrOxAlxg5MZIfY5zBwDD2PghTRdOAmddwHdwYwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFONeWn8sXyjEGZX6AJdBMeEzfgRNMB8GA1UdIwQY MBaAFMQT16N2X/miK7wimeBJaR4pQMuCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hN2JjODYtMDk1NS00NjhiLTllYjUt ZTg2MGJlN2U3YzU0LzEveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZi9hN2JjODYtMDk1NS00NjhiLTllYjUtZTg2MGJlN2U3YzU0 LzEveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADp87jOjs kGY/m/EsDsn2oqjYuH2QnvDtZSWn+c5SSW+nBAWrsFL9YV8Foi34n9PbeDb735sN DKvsDXmErv54wvZHv6L/ZciwP0+B8JqHRoVWUDFV6CxjRsdsMh9QI6DisanhnZj1 WasFARwobaTA699XFVfeRA1eVpbSVTe2SMciAfCuhghJjpD5gimJOa8OpInlfcUk INup7m+W7y+LDoZ0Trpu1v4iyyxulLIQgDmHUm0ZfoU1+971RKL9EIZNLCRoXDrt Nlc6QNQzlwMoaAK2oZhdB/L9EfcIq3Wj24optq5sj90one5FWY0v/4mxKmerzR1M Av6r+IYRRpjGgQ== -----END CERTIFICATE-----Generated at Mon Feb 9 21:07:44 2026 by rpki-client