This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/37cd50-5769-4cdd-95ea-cf89be5a5fea/1/D1pCPdyX3TDeyLhnPCSWjic3JnY.mft File: D1pCPdyX3TDeyLhnPCSWjic3JnY.mft (raw, json) Hash identifier: Lmr1VVPNLg1QE3lWtNnBezB06mydb5pGBeYmppHfzFg= Subject key identifier: 75:07:A8:7C:71:91:B7:82:26:4B:37:11:71:8E:85:FB:AE:5B:C4:14 Authority key identifier: 0F:5A:42:3D:DC:97:DD:30:DE:C8:B8:67:3C:24:96:8E:27:37:26:76 Certificate issuer: /CN=0f5a423ddc97dd30dec8b8673c24968e27372676 Certificate serial: 019C420F602F5C44547FA156A1AF776D9DE7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D1pCPdyX3TDeyLhnPCSWjic3JnY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/37cd50-5769-4cdd-95ea-cf89be5a5fea/1/D1pCPdyX3TDeyLhnPCSWjic3JnY.mft Manifest number: 02D3 Signing time: Mon 09 Feb 2026 11:00:29 +0000 Manifest this update: Mon 09 Feb 2026 11:00:29 +0000 Manifest next update: Tue 10 Feb 2026 11:00:29 +0000 Files and hashes: 1: D1pCPdyX3TDeyLhnPCSWjic3JnY.crl (hash: +jdv/j1OklQmgAcwf2HlVn6PCDgKYq5co2avc/+I0p0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/37cd50-5769-4cdd-95ea-cf89be5a5fea/1/D1pCPdyX3TDeyLhnPCSWjic3JnY.crl rsync://rpki.ripe.net/repository/DEFAULT/b0/37cd50-5769-4cdd-95ea-cf89be5a5fea/1/D1pCPdyX3TDeyLhnPCSWjic3JnY.mft rsync://rpki.ripe.net/repository/DEFAULT/D1pCPdyX3TDeyLhnPCSWjic3JnY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 11:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:0f:60:2f:5c:44:54:7f:a1:56:a1:af:77:6d:9d:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0f5a423ddc97dd30dec8b8673c24968e27372676 Validity Not Before: Feb 9 11:00:29 2026 GMT Not After : Feb 10 11:00:29 2026 GMT Subject: CN=7507a87c7191b782264b3711718e85fbae5bc414 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:a7:23:e0:0f:ec:b4:a5:8d:63:f4:22:b1:cf: 7c:19:94:25:c5:dc:83:60:d8:e8:c8:24:47:af:dc: 37:7b:a7:35:6c:63:28:1d:47:cd:ba:b1:b0:81:26: 00:92:f8:e6:04:e7:ce:9c:9f:16:e6:5c:da:f7:ec: c6:72:69:2e:5f:50:ae:37:2e:90:ff:1f:d6:09:a9: 6e:30:56:76:9d:1b:6c:c5:0e:36:e8:ad:b6:7b:09: ac:cc:33:7d:c8:3e:05:b5:3c:11:59:58:fb:c0:1b: 2b:fe:c2:50:2a:54:d3:df:dc:84:d3:6b:4f:60:ee: 85:53:bf:eb:a4:80:8d:63:7e:be:a3:df:e6:8e:6f: c5:07:8c:be:70:94:b6:6e:dd:a1:db:6c:a0:83:60: 61:6a:7b:9f:6e:e1:fa:cb:94:05:aa:4d:b4:56:d2: ba:fa:ea:4c:42:09:ab:3c:4c:f9:5b:a8:73:f2:ab: a7:f1:a8:8b:ab:4c:77:bf:08:60:eb:4d:87:5c:59: 6c:4c:b1:1a:1d:97:20:d1:cb:24:e8:03:dc:5a:fe: 04:1d:9c:cb:6a:0e:30:9f:3d:b1:aa:af:c2:34:f3: 99:e2:0e:0d:16:2e:bb:9c:c1:d9:ef:7b:ff:0a:8a: 7a:57:56:f1:5a:40:f9:9b:d2:98:4b:d6:17:61:48: a1:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:07:A8:7C:71:91:B7:82:26:4B:37:11:71:8E:85:FB:AE:5B:C4:14 X509v3 Authority Key Identifier: keyid:0F:5A:42:3D:DC:97:DD:30:DE:C8:B8:67:3C:24:96:8E:27:37:26:76 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D1pCPdyX3TDeyLhnPCSWjic3JnY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/37cd50-5769-4cdd-95ea-cf89be5a5fea/1/D1pCPdyX3TDeyLhnPCSWjic3JnY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/37cd50-5769-4cdd-95ea-cf89be5a5fea/1/D1pCPdyX3TDeyLhnPCSWjic3JnY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8a:d8:5b:ff:20:f3:ad:27:1d:c4:da:fa:bd:45:cb:c5:69:9d: d3:87:fb:0a:e4:c5:96:36:8b:3a:90:e4:cb:af:93:91:2b:9a: 6d:03:79:ff:d2:49:b9:e2:1a:8c:66:a0:10:5a:84:72:a9:39: b8:3a:8b:57:dd:01:d6:12:fe:f2:75:c8:38:a6:ef:56:51:b8: 40:41:05:31:73:44:3c:3d:aa:e7:7c:db:89:7a:f5:f2:74:e2: 6e:2a:2b:81:f0:12:d0:ec:4c:dc:7b:da:ef:d6:d6:b0:f8:6d: 4e:ff:b1:23:c2:72:df:2e:e0:88:f2:93:76:b6:d2:a9:8a:d5: ef:a3:ac:77:25:3e:ca:2c:8c:0f:de:42:27:75:1e:79:8b:29: f3:39:b1:be:5e:eb:6d:07:96:55:d6:5b:f4:14:d7:06:e7:2a: 93:86:f6:04:a3:2e:4a:86:0c:f0:1a:7b:8b:04:ba:64:0c:90: e8:4e:7a:a9:f4:46:e2:a0:f2:1a:a8:75:dd:b4:f5:ca:11:7e: 69:14:b0:f8:03:67:93:7b:e4:3f:1f:b3:83:87:16:9f:26:15: 12:9c:d7:c4:60:85:85:5b:36:9d:92:19:dd:fb:88:78:67:01: 07:dc:ca:35:6d:85:01:25:46:32:46:19:a4:57:74:d2:64:67: 92:bf:df:d5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCD2AvXERUf6FWoa93bZ3nMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBmNWE0MjNkZGM5N2RkMzBkZWM4Yjg2NzNjMjQ5NjhlMjcz NzI2NzYwHhcNMjYwMjA5MTEwMDI5WhcNMjYwMjEwMTEwMDI5WjAzMTEwLwYDVQQD Eyg3NTA3YTg3YzcxOTFiNzgyMjY0YjM3MTE3MThlODVmYmFlNWJjNDE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6cj4A/stKWNY/Qisc98GZQlxdyD YNjoyCRHr9w3e6c1bGMoHUfNurGwgSYAkvjmBOfOnJ8W5lza9+zGcmkuX1CuNy6Q /x/WCaluMFZ2nRtsxQ426K22ewmszDN9yD4FtTwRWVj7wBsr/sJQKlTT39yE02tP YO6FU7/rpICNY36+o9/mjm/FB4y+cJS2bt2h22ygg2BhanufbuH6y5QFqk20VtK6 +upMQgmrPEz5W6hz8qun8aiLq0x3vwhg602HXFlsTLEaHZcg0csk6APcWv4EHZzL ag4wnz2xqq/CNPOZ4g4NFi67nMHZ73v/Cop6V1bxWkD5m9KYS9YXYUihpQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHUHqHxxkbeCJks3EXGOhfuuW8QUMB8GA1UdIwQY MBaAFA9aQj3cl90w3si4Zzwklo4nNyZ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRDFwQ1BkeVgzVERleUxoblBDU1dqaWMzSm5ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zN2NkNTAtNTc2OS00Y2RkLTk1ZWEt Y2Y4OWJlNWE1ZmVhLzEvRDFwQ1BkeVgzVERleUxoblBDU1dqaWMzSm5ZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMC8zN2NkNTAtNTc2OS00Y2RkLTk1ZWEtY2Y4OWJlNWE1ZmVh LzEvRDFwQ1BkeVgzVERleUxoblBDU1dqaWMzSm5ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAithb/yDz rScdxNr6vUXLxWmd04f7CuTFljaLOpDky6+TkSuabQN5/9JJueIajGagEFqEcqk5 uDqLV90B1hL+8nXIOKbvVlG4QEEFMXNEPD2q53zbiXr18nTibiorgfAS0OxM3Hva 79bWsPhtTv+xI8Jy3y7giPKTdrbSqYrV76OsdyU+yiyMD95CJ3UeeYsp8zmxvl7r bQeWVdZb9BTXBucqk4b2BKMuSoYM8Bp7iwS6ZAyQ6E56qfRG4qDyGqh13bT1yhF+ aRSw+ANnk3vkPx+zg4cWnyYVEpzXxGCFhVs2nZIZ3fuIeGcBB9zKNW2FASVGMkYZ pFd00mRnkr/f1Q== -----END CERTIFICATE-----Generated at Mon Feb 9 18:29:35 2026 by rpki-client