This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.mft File: HY-s3UFcS7p4J3uj57D-I9Klobg.mft (raw, json) Hash identifier: AXQ5y+ORKOPIMYuWxtMYe1XwMYKUK5EO2MI52CUsgWY= Subject key identifier: BD:E6:56:36:C6:4B:C7:2C:65:52:C7:77:EC:D8:AA:2B:E8:67:5F:13 Authority key identifier: 1D:8F:AC:DD:41:5C:4B:BA:78:27:7B:A3:E7:B0:FE:23:D2:A5:A1:B8 Certificate issuer: /CN=1d8facdd415c4bba78277ba3e7b0fe23d2a5a1b8 Certificate serial: 019C420FD169B6ADB36F7DB0EA71D672B2DB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HY-s3UFcS7p4J3uj57D-I9Klobg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.mft Manifest number: 03AE Signing time: Mon 09 Feb 2026 11:00:58 +0000 Manifest this update: Mon 09 Feb 2026 11:00:58 +0000 Manifest next update: Tue 10 Feb 2026 11:00:58 +0000 Files and hashes: 1: HY-s3UFcS7p4J3uj57D-I9Klobg.crl (hash: 7ZeyxSH4hYu6L0+fvwG1vjTGq+KYTFprc9yqB8RArGE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.crl rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.mft rsync://rpki.ripe.net/repository/DEFAULT/HY-s3UFcS7p4J3uj57D-I9Klobg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 11:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:0f:d1:69:b6:ad:b3:6f:7d:b0:ea:71:d6:72:b2:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1d8facdd415c4bba78277ba3e7b0fe23d2a5a1b8 Validity Not Before: Feb 9 11:00:58 2026 GMT Not After : Feb 10 11:00:58 2026 GMT Subject: CN=bde65636c64bc72c6552c777ecd8aa2be8675f13 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:64:de:2f:53:28:c2:30:00:ed:57:e3:13:39: 6f:dd:d5:7f:94:0d:e5:a0:e9:11:b4:a6:90:a4:c0: 4b:09:5e:4c:47:77:0e:e4:1f:90:9d:59:bc:43:0e: c9:eb:0b:de:05:ae:3d:7c:c4:54:39:fb:97:fa:55: 04:ed:eb:e0:ad:4c:57:51:98:59:4b:23:db:bd:48: 46:0d:03:c9:1f:40:a4:03:a3:ff:93:bf:1c:6a:ff: 33:09:41:7e:7b:fc:0a:ac:8e:2c:06:c2:0b:48:87: dc:43:65:66:d6:73:b9:29:84:6c:55:75:08:2a:7c: ed:08:59:d3:ac:5f:71:f0:dd:bc:00:20:6b:31:7e: cf:19:f3:79:0e:ce:37:30:32:d5:aa:6b:5d:85:49: d0:d6:87:10:de:d9:b1:ba:42:2f:bd:be:14:36:95: e9:fc:b0:0b:bf:5e:b0:31:a8:8f:a5:dc:63:b3:11: 8b:32:f8:0c:05:a4:95:df:f7:10:e3:ff:c1:dc:78: 31:0e:3c:fc:4b:85:6c:aa:92:17:a3:32:2f:00:fd: 3a:15:c5:10:30:c4:f7:ed:2c:2b:e3:51:82:52:b8: f7:bc:dc:df:53:50:5b:89:82:6f:d5:82:e9:31:b5: 6c:47:d0:06:20:15:aa:51:f1:e9:8c:24:3b:de:51: 39:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:E6:56:36:C6:4B:C7:2C:65:52:C7:77:EC:D8:AA:2B:E8:67:5F:13 X509v3 Authority Key Identifier: keyid:1D:8F:AC:DD:41:5C:4B:BA:78:27:7B:A3:E7:B0:FE:23:D2:A5:A1:B8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HY-s3UFcS7p4J3uj57D-I9Klobg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4b:4a:90:40:c0:7d:52:8b:c1:92:d9:82:c1:64:a0:24:5a:72: 5b:1a:4c:67:b8:4b:66:58:04:74:ea:a4:df:e3:f9:28:2e:3f: ba:38:29:b7:c5:df:05:20:ec:13:77:20:f2:a1:ce:8a:4f:d4: 96:65:3f:b2:55:0b:84:8f:67:fb:45:cb:e6:c5:0e:7f:f0:89: 49:89:35:e1:28:74:be:bd:f7:f7:f2:e0:bc:b7:da:05:8d:37: 79:c9:8a:4f:0a:59:5c:bd:96:de:19:b7:2f:64:38:4f:2a:3f: 82:99:97:da:9d:86:4a:d4:f7:a0:20:9d:0e:c3:73:a8:de:a0: a8:31:e2:79:39:cc:5e:e3:7c:f1:c7:1e:25:27:bf:16:a0:60: 61:9c:07:f6:6a:90:d2:44:4c:84:6a:38:af:e3:99:82:6a:f5: e9:0f:f8:e4:99:f1:3b:19:63:d9:f4:68:fd:6b:da:64:1e:6d: 9c:90:5f:2e:dc:9d:4b:aa:2b:a4:cf:2b:33:34:ae:ad:0a:56: 4a:d4:e0:67:43:55:09:d0:d8:79:31:12:c0:82:86:4a:dc:4a: ba:ed:e5:fb:cd:3e:e9:ab:ac:68:a5:85:b1:8d:06:bc:81:c5: 17:9c:ec:75:43:10:f7:22:eb:5e:07:2f:c1:9b:bd:56:20:54: d8:57:5f:08 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCD9Fptq2zb32w6nHWcrLbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkOGZhY2RkNDE1YzRiYmE3ODI3N2JhM2U3YjBmZTIzZDJh NWExYjgwHhcNMjYwMjA5MTEwMDU4WhcNMjYwMjEwMTEwMDU4WjAzMTEwLwYDVQQD EyhiZGU2NTYzNmM2NGJjNzJjNjU1MmM3NzdlY2Q4YWEyYmU4Njc1ZjEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2TeL1MowjAA7VfjEzlv3dV/lA3l oOkRtKaQpMBLCV5MR3cO5B+QnVm8Qw7J6wveBa49fMRUOfuX+lUE7evgrUxXUZhZ SyPbvUhGDQPJH0CkA6P/k78cav8zCUF+e/wKrI4sBsILSIfcQ2Vm1nO5KYRsVXUI KnztCFnTrF9x8N28ACBrMX7PGfN5Ds43MDLVqmtdhUnQ1ocQ3tmxukIvvb4UNpXp /LALv16wMaiPpdxjsxGLMvgMBaSV3/cQ4//B3HgxDjz8S4VsqpIXozIvAP06FcUQ MMT37Swr41GCUrj3vNzfU1BbiYJv1YLpMbVsR9AGIBWqUfHpjCQ73lE5kwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL3mVjbGS8csZVLHd+zYqivoZ18TMB8GA1UdIwQY MBaAFB2PrN1BXEu6eCd7o+ew/iPSpaG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSFktczNVRmNTN3A0SjN1ajU3RC1JOUtsb2JnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS85ZGE3YzQtZDk2ZC00MDFmLWE3ZmUt MjFjZmM4M2FlZWM2LzEvSFktczNVRmNTN3A0SjN1ajU3RC1JOUtsb2JnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMS85ZGE3YzQtZDk2ZC00MDFmLWE3ZmUtMjFjZmM4M2FlZWM2 LzEvSFktczNVRmNTN3A0SjN1ajU3RC1JOUtsb2JnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS0qQQMB9 UovBktmCwWSgJFpyWxpMZ7hLZlgEdOqk3+P5KC4/ujgpt8XfBSDsE3cg8qHOik/U lmU/slULhI9n+0XL5sUOf/CJSYk14Sh0vr339/LgvLfaBY03ecmKTwpZXL2W3hm3 L2Q4Tyo/gpmX2p2GStT3oCCdDsNzqN6gqDHieTnMXuN88cceJSe/FqBgYZwH9mqQ 0kRMhGo4r+OZgmr16Q/45JnxOxlj2fRo/WvaZB5tnJBfLtydS6orpM8rMzSurQpW StTgZ0NVCdDYeTESwIKGStxKuu3l+80+6ausaKWFsY0GvIHFF5zsdUMQ9yLrXgcv wZu9ViBU2FdfCA== -----END CERTIFICATE-----Generated at Mon Feb 9 18:41:28 2026 by rpki-client