This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/eaa246-3304-49eb-aada-a069af854b05/1/b2SOPKtgm9FIPKPlGRHOqlPwxqE.mft File: b2SOPKtgm9FIPKPlGRHOqlPwxqE.mft (raw, json) Hash identifier: QkVDB1SSktTrKTlbrmyH2DKkpEbJPsLGkO4q4BhmMlw= Subject key identifier: BE:C1:95:39:DB:93:6F:F6:8D:A6:6C:8A:2B:82:53:50:CD:44:2C:9A Authority key identifier: 6F:64:8E:3C:AB:60:9B:D1:48:3C:A3:E5:19:11:CE:AA:53:F0:C6:A1 Certificate issuer: /CN=6f648e3cab609bd1483ca3e51911ceaa53f0c6a1 Certificate serial: 019C420F89DB57DD0932EBCFBFC67994F7CD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b2SOPKtgm9FIPKPlGRHOqlPwxqE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/eaa246-3304-49eb-aada-a069af854b05/1/b2SOPKtgm9FIPKPlGRHOqlPwxqE.mft Manifest number: 1207 Signing time: Mon 09 Feb 2026 11:00:40 +0000 Manifest this update: Mon 09 Feb 2026 11:00:40 +0000 Manifest next update: Tue 10 Feb 2026 11:00:40 +0000 Files and hashes: 1: b2SOPKtgm9FIPKPlGRHOqlPwxqE.crl (hash: dV0heKYHS12SnotxbAm60AwGty1vthg71Flzxe/7d28=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/eaa246-3304-49eb-aada-a069af854b05/1/b2SOPKtgm9FIPKPlGRHOqlPwxqE.crl rsync://rpki.ripe.net/repository/DEFAULT/bd/eaa246-3304-49eb-aada-a069af854b05/1/b2SOPKtgm9FIPKPlGRHOqlPwxqE.mft rsync://rpki.ripe.net/repository/DEFAULT/b2SOPKtgm9FIPKPlGRHOqlPwxqE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 11:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:0f:89:db:57:dd:09:32:eb:cf:bf:c6:79:94:f7:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6f648e3cab609bd1483ca3e51911ceaa53f0c6a1 Validity Not Before: Feb 9 11:00:40 2026 GMT Not After : Feb 10 11:00:40 2026 GMT Subject: CN=bec19539db936ff68da66c8a2b825350cd442c9a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:87:ab:9d:24:70:93:48:c9:6c:93:5b:cf:a1: 3c:fd:3e:78:e9:5e:62:fb:03:c3:f8:0d:53:7c:42: 11:de:c4:97:8f:70:50:58:8d:2a:72:0e:9a:55:2f: e5:de:e8:af:58:35:19:67:78:72:37:ae:02:35:49: 89:7e:c5:bd:73:2d:41:8b:e8:93:87:ff:35:73:d2: 02:d6:bd:8b:93:14:29:d2:1b:61:5f:53:e9:23:cc: 66:92:f3:41:88:df:80:a6:2e:86:4e:38:14:a3:d6: f7:27:28:b4:c1:69:6e:ca:a0:3c:8e:42:a8:c2:ca: 33:e3:cf:6d:53:d5:c9:2b:b8:75:fa:b7:e7:a7:48: 64:ed:11:c4:76:3a:1a:5f:a9:a4:b1:3c:da:19:dd: 3f:bf:7e:90:b1:86:4f:fd:e8:63:20:b2:33:50:70: 70:18:d4:34:7d:42:e0:1b:45:d0:9b:67:97:cd:fc: 7e:c5:75:12:89:a1:8e:a5:4a:24:96:c5:a2:70:f1: 00:7e:40:66:4f:7d:31:0e:ac:f4:04:22:96:be:96: e3:fb:d8:fb:c0:fa:93:28:11:52:2c:76:12:80:1d: 57:ab:e4:06:98:9d:51:68:1c:3a:0b:62:4d:9f:05: c4:e9:bd:28:f6:d1:fc:a5:01:41:01:3b:ff:de:6b: 02:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:C1:95:39:DB:93:6F:F6:8D:A6:6C:8A:2B:82:53:50:CD:44:2C:9A X509v3 Authority Key Identifier: keyid:6F:64:8E:3C:AB:60:9B:D1:48:3C:A3:E5:19:11:CE:AA:53:F0:C6:A1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2SOPKtgm9FIPKPlGRHOqlPwxqE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/eaa246-3304-49eb-aada-a069af854b05/1/b2SOPKtgm9FIPKPlGRHOqlPwxqE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/eaa246-3304-49eb-aada-a069af854b05/1/b2SOPKtgm9FIPKPlGRHOqlPwxqE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 24:03:42:ef:be:0e:2c:25:c9:43:a7:5c:1f:92:cc:1f:5a:58: 47:d3:18:8b:5e:9c:92:52:42:de:f4:f3:4c:85:b4:1c:bb:b6: 51:18:d7:7e:31:2f:70:98:d0:fa:68:ea:5b:6e:95:f2:17:4d: 1f:15:b2:11:c4:cd:e7:79:34:2e:aa:d3:be:c0:9c:e6:e0:5d: 3d:6b:4c:2e:ca:f9:5f:e4:95:1b:aa:a2:af:f7:9c:bd:36:4a: 25:21:87:e6:71:da:5a:07:f0:0f:00:96:5c:bb:87:61:16:c2: 59:d7:1b:ca:bc:c2:56:de:04:4e:82:09:b1:b2:95:7c:93:9b: 53:40:d0:c1:4e:e4:eb:4e:6b:02:8c:83:e5:b7:6d:ee:18:89: 49:ee:ab:81:e1:b8:cd:15:16:4f:f5:77:79:c6:f3:09:0f:dc: 46:fc:4d:d2:ef:e1:d2:e3:6b:b4:27:5b:52:ab:25:b9:04:de: 08:9c:0e:4e:3e:2d:c8:ab:22:68:07:b3:be:d6:04:7c:86:05: c0:68:de:41:93:d4:11:ca:7b:bc:0b:66:2c:54:fe:cb:67:03: fa:8a:5b:75:87:e6:ca:4f:5c:98:ee:ca:5f:51:56:6b:e5:d7: 4b:d5:c5:b9:d3:85:15:da:ad:30:14:9b:4c:68:4b:8c:f7:92: ba:d0:48:97 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCD4nbV90JMuvPv8Z5lPfNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZmNjQ4ZTNjYWI2MDliZDE0ODNjYTNlNTE5MTFjZWFhNTNm MGM2YTEwHhcNMjYwMjA5MTEwMDQwWhcNMjYwMjEwMTEwMDQwWjAzMTEwLwYDVQQD EyhiZWMxOTUzOWRiOTM2ZmY2OGRhNjZjOGEyYjgyNTM1MGNkNDQyYzlhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYernSRwk0jJbJNbz6E8/T546V5i +wPD+A1TfEIR3sSXj3BQWI0qcg6aVS/l3uivWDUZZ3hyN64CNUmJfsW9cy1Bi+iT h/81c9IC1r2LkxQp0hthX1PpI8xmkvNBiN+Api6GTjgUo9b3Jyi0wWluyqA8jkKo wsoz489tU9XJK7h1+rfnp0hk7RHEdjoaX6mksTzaGd0/v36QsYZP/ehjILIzUHBw GNQ0fULgG0XQm2eXzfx+xXUSiaGOpUoklsWicPEAfkBmT30xDqz0BCKWvpbj+9j7 wPqTKBFSLHYSgB1Xq+QGmJ1RaBw6C2JNnwXE6b0o9tH8pQFBATv/3msCxQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL7BlTnbk2/2jaZsiiuCU1DNRCyaMB8GA1UdIwQY MBaAFG9kjjyrYJvRSDyj5RkRzqpT8MahMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYjJTT1BLdGdtOUZJUEtQbEdSSE9xbFB3eHFFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9lYWEyNDYtMzMwNC00OWViLWFhZGEt YTA2OWFmODU0YjA1LzEvYjJTT1BLdGdtOUZJUEtQbEdSSE9xbFB3eHFFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZC9lYWEyNDYtMzMwNC00OWViLWFhZGEtYTA2OWFmODU0YjA1 LzEvYjJTT1BLdGdtOUZJUEtQbEdSSE9xbFB3eHFFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJANC774O LCXJQ6dcH5LMH1pYR9MYi16cklJC3vTzTIW0HLu2URjXfjEvcJjQ+mjqW26V8hdN HxWyEcTN53k0LqrTvsCc5uBdPWtMLsr5X+SVG6qir/ecvTZKJSGH5nHaWgfwDwCW XLuHYRbCWdcbyrzCVt4EToIJsbKVfJObU0DQwU7k605rAoyD5bdt7hiJSe6rgeG4 zRUWT/V3ecbzCQ/cRvxN0u/h0uNrtCdbUqsluQTeCJwOTj4tyKsiaAezvtYEfIYF wGjeQZPUEcp7vAtmLFT+y2cD+opbdYfmyk9cmO7KX1FWa+XXS9XFudOFFdqtMBSb TGhLjPeSutBIlw== -----END CERTIFICATE-----Generated at Mon Feb 9 20:54:15 2026 by rpki-client