This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft File: HEIt1-1z0cAEhQAzv5V5tP716dE.mft (raw, json) Hash identifier: KjwE2Y9krRUNhIHLlAlzpa+IyScfl6VSiZHVipYird0= Subject key identifier: 8A:2F:61:23:F6:29:DF:7F:28:39:F5:60:6E:17:1F:29:D5:7F:DB:A3 Authority key identifier: 1C:42:2D:D7:ED:73:D1:C0:04:85:00:33:BF:95:79:B4:FE:F5:E9:D1 Certificate issuer: /CN=1c422dd7ed73d1c004850033bf9579b4fef5e9d1 Certificate serial: 019C42B3EEC85A8CA846A3A0A5C3357CC5CA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HEIt1-1z0cAEhQAzv5V5tP716dE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft Manifest number: 02D4 Signing time: Mon 09 Feb 2026 14:00:14 +0000 Manifest this update: Mon 09 Feb 2026 14:00:14 +0000 Manifest next update: Tue 10 Feb 2026 14:00:14 +0000 Files and hashes: 1: HEIt1-1z0cAEhQAzv5V5tP716dE.crl (hash: jCPP41DYUJdiAXr8+VrOsx/IbWji82qVJKUn4TAXOmE=) 2: rMe1K3Pnk5DXwFmZ5iqZqI-4AuI.roa (hash: YS2JSus6g27DEMsfgkNECiXWqWyQcBqe1+Gnt78gLl0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft rsync://rpki.ripe.net/repository/DEFAULT/HEIt1-1z0cAEhQAzv5V5tP716dE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:00:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:b3:ee:c8:5a:8c:a8:46:a3:a0:a5:c3:35:7c:c5:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1c422dd7ed73d1c004850033bf9579b4fef5e9d1 Validity Not Before: Feb 9 14:00:14 2026 GMT Not After : Feb 10 14:00:14 2026 GMT Subject: CN=8a2f6123f629df7f2839f5606e171f29d57fdba3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:e6:0e:d5:63:02:4d:90:98:65:b2:e0:0a:78: 6f:e7:e0:f1:05:1c:86:56:9b:88:d9:00:51:f9:92: f8:2b:b8:c6:90:51:98:c3:cb:e8:31:59:89:e5:55: 9d:b1:ed:d9:ff:87:90:74:05:65:15:ed:f1:99:2b: 45:9e:06:14:c7:df:a9:f1:e6:73:c7:dc:11:98:ca: 60:40:6a:f4:38:9a:3f:d1:8b:04:b9:e5:04:dd:50: 91:8d:2e:e2:be:e7:e4:02:39:1e:21:42:39:70:71: 6d:5c:43:e8:88:ee:37:bc:2a:72:73:f7:f8:ca:6b: ff:f1:47:9b:aa:ec:56:ab:25:58:11:43:42:ab:6d: 6e:77:ec:e5:5b:de:3f:56:ed:03:44:4b:f7:01:80: b9:27:01:ed:43:24:70:68:2d:24:d1:9b:d2:01:50: bd:15:c3:6d:1e:b7:c7:9c:79:60:78:ce:73:0a:74: 03:82:1f:ef:2d:60:ca:53:c0:76:1e:60:4d:d7:e4: 2f:4c:da:18:bc:e4:a6:27:02:e9:3b:c2:85:74:c1: 27:55:5e:79:b2:dc:d3:22:cd:4c:b9:3b:d7:4a:ff: 07:24:35:c4:1b:1e:a3:c3:6a:d7:c9:96:53:42:b5: 28:3c:6d:9b:9a:78:0c:07:39:81:6a:16:c5:5f:67: fd:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:2F:61:23:F6:29:DF:7F:28:39:F5:60:6E:17:1F:29:D5:7F:DB:A3 X509v3 Authority Key Identifier: keyid:1C:42:2D:D7:ED:73:D1:C0:04:85:00:33:BF:95:79:B4:FE:F5:E9:D1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HEIt1-1z0cAEhQAzv5V5tP716dE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2f:3f:78:6f:91:30:f7:b0:5c:3a:5b:1d:56:a5:1e:f5:a4:e7: b1:28:9b:d9:44:a8:4e:3e:b2:de:91:c2:ad:26:46:4c:54:98: 85:c5:dc:00:1d:fd:d1:8d:d7:f9:dc:86:f4:7f:fe:a1:d9:c7: af:1b:ad:9f:cd:2e:9f:ab:6a:7b:73:bc:be:43:f2:3a:b0:f1: 4a:66:f2:3d:f1:ea:d1:55:3a:12:f3:7a:b6:4e:65:1c:49:ee: 77:63:ef:94:87:5b:f4:ba:b7:65:14:7a:68:87:7d:ea:62:ee: 5f:a1:26:32:2a:4d:ed:db:37:55:1e:35:da:cb:9a:bd:93:e5: 65:96:37:20:30:7c:b2:84:58:f5:89:81:9c:85:69:69:d1:af: ea:32:2d:4a:ff:5a:35:12:32:f7:98:3f:cd:90:0c:3e:a2:04: 40:27:b9:d6:65:1f:f1:94:32:65:5c:f2:2c:a2:42:be:2c:3d: 9c:5d:84:0c:fb:40:57:48:47:94:b4:04:ba:08:92:91:75:0e: a7:1b:61:06:33:5d:be:c7:88:bf:52:05:85:09:cf:e7:a3:5d: 70:95:7d:72:e7:ad:07:c2:49:f6:ac:fe:db:2e:fc:47:d0:94: 54:86:48:9a:c4:69:57:bf:43:f9:0b:67:c0:56:ac:12:1a:3e: 87:6e:6f:52 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCs+7IWoyoRqOgpcM1fMXKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjNDIyZGQ3ZWQ3M2QxYzAwNDg1MDAzM2JmOTU3OWI0ZmVm NWU5ZDEwHhcNMjYwMjA5MTQwMDE0WhcNMjYwMjEwMTQwMDE0WjAzMTEwLwYDVQQD Eyg4YTJmNjEyM2Y2MjlkZjdmMjgzOWY1NjA2ZTE3MWYyOWQ1N2ZkYmEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4+YO1WMCTZCYZbLgCnhv5+DxBRyG VpuI2QBR+ZL4K7jGkFGYw8voMVmJ5VWdse3Z/4eQdAVlFe3xmStFngYUx9+p8eZz x9wRmMpgQGr0OJo/0YsEueUE3VCRjS7ivufkAjkeIUI5cHFtXEPoiO43vCpyc/f4 ymv/8UebquxWqyVYEUNCq21ud+zlW94/Vu0DREv3AYC5JwHtQyRwaC0k0ZvSAVC9 FcNtHrfHnHlgeM5zCnQDgh/vLWDKU8B2HmBN1+QvTNoYvOSmJwLpO8KFdMEnVV55 stzTIs1MuTvXSv8HJDXEGx6jw2rXyZZTQrUoPG2bmngMBzmBahbFX2f9DQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIovYSP2Kd9/KDn1YG4XHynVf9ujMB8GA1UdIwQY MBaAFBxCLdftc9HABIUAM7+VebT+9enRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSEVJdDEtMXowY0FFaFFBenY1VjV0UDcxNmRFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8zOTEzNTAtYTk3MC00YmExLThhOTQt Mzk3OWI4MDBjZGE4LzEvSEVJdDEtMXowY0FFaFFBenY1VjV0UDcxNmRFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC8zOTEzNTAtYTk3MC00YmExLThhOTQtMzk3OWI4MDBjZGE4 LzEvSEVJdDEtMXowY0FFaFFBenY1VjV0UDcxNmRFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALz94b5Ew 97BcOlsdVqUe9aTnsSib2USoTj6y3pHCrSZGTFSYhcXcAB390Y3X+dyG9H/+odnH rxutn80un6tqe3O8vkPyOrDxSmbyPfHq0VU6EvN6tk5lHEnud2PvlIdb9Lq3ZRR6 aId96mLuX6EmMipN7ds3VR412suavZPlZZY3IDB8soRY9YmBnIVpadGv6jItSv9a NRIy95g/zZAMPqIEQCe51mUf8ZQyZVzyLKJCviw9nF2EDPtAV0hHlLQEugiSkXUO pxthBjNdvseIv1IFhQnP56NdcJV9cuetB8JJ9qz+2y78R9CUVIZImsRpV79D+Qtn wFasEho+h25vUg== -----END CERTIFICATE-----Generated at Mon Feb 9 20:54:26 2026 by rpki-client