This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft File: 0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft (raw, json) Hash identifier: eFMxj7fQ2rlfcviN0A4RrulouilttguYffomyzpbYZ0= Subject key identifier: F1:AF:83:86:44:49:C4:1B:91:CA:21:13:35:9D:A7:A2:66:F6:49:50 Authority key identifier: D1:DB:4A:7D:1E:6A:BF:FB:CD:A7:8B:FC:33:12:50:DD:16:BE:3D:E0 Certificate issuer: /CN=d1db4a7d1e6abffbcda78bfc331250dd16be3de0 Certificate serial: 019C41A23098CA62CF4150E446E0495283B4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft Manifest number: 0EB9 Signing time: Mon 09 Feb 2026 09:01:14 +0000 Manifest this update: Mon 09 Feb 2026 09:01:14 +0000 Manifest next update: Tue 10 Feb 2026 09:01:14 +0000 Files and hashes: 1: 0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl (hash: Q10350vDL9x6BMJfd6/vQ4H22/MG8LdEsLkzOYO7n7A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 09:01:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:41:a2:30:98:ca:62:cf:41:50:e4:46:e0:49:52:83:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d1db4a7d1e6abffbcda78bfc331250dd16be3de0 Validity Not Before: Feb 9 09:01:14 2026 GMT Not After : Feb 10 09:01:14 2026 GMT Subject: CN=f1af83864449c41b91ca2113359da7a266f64950 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:c2:29:93:0d:47:d7:47:14:92:23:2e:3f:60: 17:c0:81:e4:ab:25:34:c3:08:41:c3:29:a2:d5:1d: 44:79:7a:a6:7c:9c:c4:42:23:2f:c7:a1:57:8b:79: d8:b8:f6:6b:aa:c6:a0:d4:2d:8e:c2:66:7e:8c:50: 4c:c7:16:83:0a:b8:17:56:c5:ab:00:de:6e:fd:4e: 70:51:cc:2a:f7:6c:b4:ba:e9:71:10:ce:bf:89:f8: ab:36:12:89:8d:4e:37:60:9c:86:ea:93:f0:f0:77: 74:41:3b:6a:01:79:65:57:9c:40:2b:09:4f:a7:f5: 8d:5b:e8:11:06:72:49:fa:17:3d:33:77:bb:f2:f3: e0:95:51:cc:4c:7e:54:07:c8:3c:25:a8:15:6e:74: 95:9a:8f:44:f9:56:31:44:b3:3f:8c:9c:49:25:22: b6:07:36:13:15:6f:72:7b:05:d9:b9:5e:27:aa:7b: 8d:12:ea:25:34:f9:6f:e0:8e:bf:cc:70:32:94:35: ef:d7:64:c6:12:43:cd:99:0d:e2:1b:75:c7:97:e4: a7:0c:8f:3b:5b:21:f6:c6:11:3c:52:0b:90:41:95: 8e:e0:74:73:04:4a:38:7b:05:10:e4:57:be:9d:0f: 41:50:f1:27:46:af:7b:a9:15:de:dc:d3:5d:17:47: f2:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:AF:83:86:44:49:C4:1B:91:CA:21:13:35:9D:A7:A2:66:F6:49:50 X509v3 Authority Key Identifier: keyid:D1:DB:4A:7D:1E:6A:BF:FB:CD:A7:8B:FC:33:12:50:DD:16:BE:3D:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4a:ab:5a:55:8b:62:2b:bd:aa:d4:a5:b9:86:17:a0:33:96:48: 34:18:2e:43:94:cc:7f:68:89:46:31:e0:e6:34:ed:7d:18:d2: 29:2a:e0:23:7a:d3:a7:05:51:95:84:a4:bf:0a:41:bb:6f:80: 4b:27:c3:3a:4d:19:4b:a2:84:cc:e5:c1:11:2d:12:74:31:b5: 70:95:89:3b:9d:20:98:4a:f9:83:8d:07:b1:7d:3d:f3:f1:a9: e0:34:6a:2e:82:67:21:17:ad:6d:21:b3:42:73:59:ca:08:13: 91:5f:df:75:10:a0:e9:c9:d9:a0:9e:83:ad:77:4d:bf:0d:97: 52:49:13:9a:9e:dd:ea:36:4f:d7:56:f8:50:a7:34:5f:ec:c9: 73:43:d4:19:80:6d:25:99:29:34:60:50:81:74:c4:db:0a:99: 5a:e3:8b:e3:ff:62:ad:e8:76:09:ae:df:b1:83:b6:40:b9:ef: a0:b3:fe:c3:97:43:96:fd:d9:b5:89:f6:1d:a9:5e:99:b5:88: 3d:6f:d6:dd:dc:f0:53:06:00:86:b1:59:23:2f:18:d4:77:64: 82:c2:1a:66:2c:34:58:10:b7:eb:19:c2:1e:9f:25:d6:9d:1c: e1:42:f8:24:d4:32:52:85:80:02:1e:4e:24:f7:9e:0b:b4:24: cb:78:82:76 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxBojCYymLPQVDkRuBJUoO0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQxZGI0YTdkMWU2YWJmZmJjZGE3OGJmYzMzMTI1MGRkMTZi ZTNkZTAwHhcNMjYwMjA5MDkwMTE0WhcNMjYwMjEwMDkwMTE0WjAzMTEwLwYDVQQD EyhmMWFmODM4NjQ0NDljNDFiOTFjYTIxMTMzNTlkYTdhMjY2ZjY0OTUwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8Ipkw1H10cUkiMuP2AXwIHkqyU0 wwhBwymi1R1EeXqmfJzEQiMvx6FXi3nYuPZrqsag1C2OwmZ+jFBMxxaDCrgXVsWr AN5u/U5wUcwq92y0uulxEM6/ifirNhKJjU43YJyG6pPw8Hd0QTtqAXllV5xAKwlP p/WNW+gRBnJJ+hc9M3e78vPglVHMTH5UB8g8JagVbnSVmo9E+VYxRLM/jJxJJSK2 BzYTFW9yewXZuV4nqnuNEuolNPlv4I6/zHAylDXv12TGEkPNmQ3iG3XHl+SnDI87 WyH2xhE8UguQQZWO4HRzBEo4ewUQ5Fe+nQ9BUPEnRq97qRXe3NNdF0fyxQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPGvg4ZEScQbkcohEzWdp6Jm9klQMB8GA1UdIwQY MBaAFNHbSn0ear/7zaeL/DMSUN0Wvj3gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8xNWFkMDgtMGZkMC00MDAwLTk2NjIt Y2M3OGFmNGU4MDE2LzEvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNi8xNWFkMDgtMGZkMC00MDAwLTk2NjItY2M3OGFmNGU4MDE2 LzEvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASqtaVYti K72q1KW5hhegM5ZINBguQ5TMf2iJRjHg5jTtfRjSKSrgI3rTpwVRlYSkvwpBu2+A SyfDOk0ZS6KEzOXBES0SdDG1cJWJO50gmEr5g40HsX098/Gp4DRqLoJnIRetbSGz QnNZyggTkV/fdRCg6cnZoJ6DrXdNvw2XUkkTmp7d6jZP11b4UKc0X+zJc0PUGYBt JZkpNGBQgXTE2wqZWuOL4/9ireh2Ca7fsYO2QLnvoLP+w5dDlv3ZtYn2HalembWI PW/W3dzwUwYAhrFZIy8Y1HdkgsIaZiw0WBC36xnCHp8l1p0c4UL4JNQyUoWAAh5O JPeeC7Qky3iCdg== -----END CERTIFICATE-----Generated at Mon Feb 9 17:02:00 2026 by rpki-client