This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft File: 3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft (raw, json) Hash identifier: tBcnyodRz9wzlFvHHUO4+/zDPx0jEZ0877GO/qVt3cU= Subject key identifier: F4:2D:58:E3:33:02:89:98:76:16:97:BA:59:C1:85:45:50:DE:9E:9D Authority key identifier: DE:17:FD:66:57:7B:3E:D3:58:B3:86:2A:7D:D9:80:94:4A:85:D5:07 Certificate issuer: /CN=de17fd66577b3ed358b3862a7dd980944a85d507 Certificate serial: 019C4246A470F38335B7C6C2B39975A8F683 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft Manifest number: 03CE Signing time: Mon 09 Feb 2026 12:00:51 +0000 Manifest this update: Mon 09 Feb 2026 12:00:51 +0000 Manifest next update: Tue 10 Feb 2026 12:00:51 +0000 Files and hashes: 1: 3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl (hash: 5GQcmF/SOHCzmlj+XZV1vMXbGfZ5yZrLs5mxvI1pRvM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 12:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:46:a4:70:f3:83:35:b7:c6:c2:b3:99:75:a8:f6:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=de17fd66577b3ed358b3862a7dd980944a85d507 Validity Not Before: Feb 9 12:00:51 2026 GMT Not After : Feb 10 12:00:51 2026 GMT Subject: CN=f42d58e333028998761697ba59c1854550de9e9d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:ec:21:15:1d:82:8a:35:c7:dd:db:75:a8:73: f6:99:67:a2:cb:5c:38:be:76:c0:cc:fa:c3:b1:78: a0:2a:09:c0:c5:e1:41:33:4e:c1:7b:a2:d2:3e:73: f0:f0:17:14:06:bc:1f:52:9b:7b:56:c9:09:ed:eb: 9a:e5:42:f6:ce:56:5b:54:a0:f9:c4:92:c4:a6:61: 8f:14:2d:cb:b5:67:76:2f:94:f1:a0:cf:f8:90:c6: 4b:de:e1:82:af:1f:eb:60:f4:56:d2:6d:3d:74:fb: 07:c2:7b:d7:95:41:fb:8c:cd:aa:16:cd:28:56:17: 1a:ff:c5:c2:d8:56:e3:4e:fa:48:3b:a1:90:f8:9d: 4c:a8:6f:ea:65:85:fa:91:31:5d:63:45:6b:89:0b: 64:b5:ef:26:4d:6d:58:ae:b7:cf:29:1e:f5:ce:a0: 0b:f6:12:f7:90:1d:ba:38:ab:91:2f:7c:5f:e4:ec: c0:b2:d3:2e:36:57:a3:4b:f6:20:fc:62:d3:a8:db: 36:e7:83:f6:b2:c9:87:5c:ab:e7:b5:d0:8b:6a:de: 50:17:fb:ba:3e:5b:9d:d6:2a:79:a4:15:cc:3c:5c: 57:26:bd:56:4d:d3:0b:48:c4:23:96:77:19:24:d2: 81:f7:a8:74:6a:b0:5e:ad:29:46:e1:e6:a6:25:3e: 5d:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:2D:58:E3:33:02:89:98:76:16:97:BA:59:C1:85:45:50:DE:9E:9D X509v3 Authority Key Identifier: keyid:DE:17:FD:66:57:7B:3E:D3:58:B3:86:2A:7D:D9:80:94:4A:85:D5:07 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 25:36:34:28:f8:2a:8d:9a:e0:f9:c2:bf:22:cd:9c:70:72:cd: 63:1f:b5:f6:3c:92:f2:cc:aa:4d:97:ff:6a:7f:27:64:22:59: db:51:5e:b7:58:96:be:75:da:57:19:bc:b4:fd:a3:00:91:1f: c5:c0:42:dc:f4:7e:86:74:3d:58:90:b8:c2:0e:b0:45:97:fd: 26:53:cf:c0:24:64:8e:2b:9f:55:5c:1e:80:4b:9b:86:e9:9f: 28:04:58:ba:18:91:bc:aa:cf:86:83:34:a6:ef:a4:7a:d0:29: f2:45:12:04:25:47:98:3c:8b:05:74:05:12:13:10:97:de:e0: f7:a4:ac:a1:38:86:8a:6e:c8:44:49:3c:cc:23:21:62:89:46: e7:8e:80:f5:8a:70:75:08:c9:45:c0:a0:ef:bc:f9:06:e0:9f: 32:92:1d:01:54:d9:07:90:1b:de:44:95:5b:5c:10:75:f2:09: 37:25:8c:07:1e:be:92:39:7f:55:80:f8:85:c3:b8:93:c3:61: 88:8a:25:37:a8:e5:16:e2:7a:65:4b:dd:15:1e:9e:cb:00:51: 4e:c3:f5:22:b1:95:3f:eb:21:8a:c1:a4:b3:04:3c:99:f1:91: e7:00:e0:a9:b2:e6:a0:e4:5a:8b:74:f2:fa:32:db:fb:02:1b: 77:e2:7f:3f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCRqRw84M1t8bCs5l1qPaDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlMTdmZDY2NTc3YjNlZDM1OGIzODYyYTdkZDk4MDk0NGE4 NWQ1MDcwHhcNMjYwMjA5MTIwMDUxWhcNMjYwMjEwMTIwMDUxWjAzMTEwLwYDVQQD EyhmNDJkNThlMzMzMDI4OTk4NzYxNjk3YmE1OWMxODU0NTUwZGU5ZTlkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkewhFR2CijXH3dt1qHP2mWeiy1w4 vnbAzPrDsXigKgnAxeFBM07Be6LSPnPw8BcUBrwfUpt7VskJ7eua5UL2zlZbVKD5 xJLEpmGPFC3LtWd2L5TxoM/4kMZL3uGCrx/rYPRW0m09dPsHwnvXlUH7jM2qFs0o Vhca/8XC2FbjTvpIO6GQ+J1MqG/qZYX6kTFdY0VriQtkte8mTW1YrrfPKR71zqAL 9hL3kB26OKuRL3xf5OzAstMuNlejS/Yg/GLTqNs254P2ssmHXKvntdCLat5QF/u6 Plud1ip5pBXMPFxXJr1WTdMLSMQjlncZJNKB96h0arBerSlG4eamJT5dEwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPQtWOMzAomYdhaXulnBhUVQ3p6dMB8GA1UdIwQY MBaAFN4X/WZXez7TWLOGKn3ZgJRKhdUHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80ZTQ0YzQtMWExMS00Yjg5LWFkYTAt MjQyYzI1YzcyMDEyLzEvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOS80ZTQ0YzQtMWExMS00Yjg5LWFkYTAtMjQyYzI1YzcyMDEy LzEvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJTY0KPgq jZrg+cK/Is2ccHLNYx+19jyS8syqTZf/an8nZCJZ21Fet1iWvnXaVxm8tP2jAJEf xcBC3PR+hnQ9WJC4wg6wRZf9JlPPwCRkjiufVVwegEubhumfKARYuhiRvKrPhoM0 pu+ketAp8kUSBCVHmDyLBXQFEhMQl97g96SsoTiGim7IREk8zCMhYolG546A9Ypw dQjJRcCg77z5BuCfMpIdAVTZB5Ab3kSVW1wQdfIJNyWMBx6+kjl/VYD4hcO4k8Nh iIolN6jlFuJ6ZUvdFR6eywBRTsP1IrGVP+shisGkswQ8mfGR5wDgqbLmoORai3Ty +jLb+wIbd+J/Pw== -----END CERTIFICATE-----Generated at Mon Feb 9 22:43:37 2026 by rpki-client