This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/aaaf99-b1c5-4bb5-8928-b5bc74caa402/1/jcKX7xhZyjN1lwa9xu55Jc-lFB0.mft File: jcKX7xhZyjN1lwa9xu55Jc-lFB0.mft (raw, json) Hash identifier: LkoOWJzhlmWJG68j6utL2fZ8PMtrgJGZGtPZAww26R0= Subject key identifier: 54:AF:9A:A7:EB:52:84:DE:F5:C5:C1:7A:9B:41:8C:56:EA:6F:F2:F8 Authority key identifier: 8D:C2:97:EF:18:59:CA:33:75:97:06:BD:C6:EE:79:25:CF:A5:14:1D Certificate issuer: /CN=8dc297ef1859ca33759706bdc6ee7925cfa5141d Certificate serial: 019C41344EC6E3A43F2418B91540D6F8D121 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jcKX7xhZyjN1lwa9xu55Jc-lFB0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/aaaf99-b1c5-4bb5-8928-b5bc74caa402/1/jcKX7xhZyjN1lwa9xu55Jc-lFB0.mft Manifest number: 0FEC Signing time: Mon 09 Feb 2026 07:01:12 +0000 Manifest this update: Mon 09 Feb 2026 07:01:12 +0000 Manifest next update: Tue 10 Feb 2026 07:01:12 +0000 Files and hashes: 1: jcKX7xhZyjN1lwa9xu55Jc-lFB0.crl (hash: qTmpD3ts3ctYg51AObWIu4Q6ciTJYFQGZMipV+yi/2Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/aaaf99-b1c5-4bb5-8928-b5bc74caa402/1/jcKX7xhZyjN1lwa9xu55Jc-lFB0.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/aaaf99-b1c5-4bb5-8928-b5bc74caa402/1/jcKX7xhZyjN1lwa9xu55Jc-lFB0.mft rsync://rpki.ripe.net/repository/DEFAULT/jcKX7xhZyjN1lwa9xu55Jc-lFB0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 07:01:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:41:34:4e:c6:e3:a4:3f:24:18:b9:15:40:d6:f8:d1:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8dc297ef1859ca33759706bdc6ee7925cfa5141d Validity Not Before: Feb 9 07:01:12 2026 GMT Not After : Feb 10 07:01:12 2026 GMT Subject: CN=54af9aa7eb5284def5c5c17a9b418c56ea6ff2f8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:0b:ab:db:0a:7f:96:16:74:15:e4:39:38:08: 34:70:ef:04:0c:95:03:ce:58:8f:79:c6:1f:a3:b4: 2e:66:81:35:c0:40:1d:d6:ae:bc:5c:d1:84:cd:1e: f2:d8:27:32:a5:11:28:84:a8:61:db:08:13:24:00: e9:0d:33:f8:14:29:e6:b5:ef:8e:d7:f4:00:20:70: 3d:53:08:09:a2:52:18:e1:7c:fd:71:b9:18:20:58: 20:01:f4:ad:ee:c4:ae:89:c1:10:f1:d3:b1:22:4d: c4:79:22:ba:27:f4:c6:e4:d9:65:30:41:5a:dd:ec: 6f:e0:c1:64:0c:76:69:7a:03:ab:80:04:b6:08:64: 36:39:6e:f1:53:bf:63:8c:de:9b:dc:91:6e:20:bc: d9:b2:a7:e2:d2:b7:57:5f:aa:0e:16:52:23:56:3b: 25:8f:91:c2:fa:6a:02:11:39:8a:c6:f8:8d:1a:c7: 4f:8f:0f:74:be:ef:6d:e6:31:b9:4d:9b:26:0b:1e: 31:1e:b9:37:22:f8:b7:42:84:e8:49:9e:d0:08:d1: d3:67:e9:3d:90:7d:d3:bd:23:1c:dd:79:1f:6c:9f: ec:2b:32:28:59:5f:06:19:ff:31:02:9f:00:4c:13: 8e:8f:ab:53:b5:fd:8d:e5:6f:23:5c:b5:bb:b5:fd: 09:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:AF:9A:A7:EB:52:84:DE:F5:C5:C1:7A:9B:41:8C:56:EA:6F:F2:F8 X509v3 Authority Key Identifier: keyid:8D:C2:97:EF:18:59:CA:33:75:97:06:BD:C6:EE:79:25:CF:A5:14:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jcKX7xhZyjN1lwa9xu55Jc-lFB0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/aaaf99-b1c5-4bb5-8928-b5bc74caa402/1/jcKX7xhZyjN1lwa9xu55Jc-lFB0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/aaaf99-b1c5-4bb5-8928-b5bc74caa402/1/jcKX7xhZyjN1lwa9xu55Jc-lFB0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a1:64:c5:60:c5:4d:18:d8:1f:4d:c8:dd:16:d7:81:3a:68:c8: 74:66:6c:f3:cf:36:68:3e:e9:d4:28:15:38:c4:7d:a4:e0:c8: bf:9c:f4:ab:7e:89:3e:3d:c9:6d:3d:c7:6b:34:a8:62:57:dd: 59:79:24:ff:b5:c4:8d:a0:01:98:86:03:80:02:2b:32:2e:54: f4:6f:93:45:52:60:a8:e2:23:b3:d9:ab:08:1e:87:2c:b0:fe: 29:8e:bb:3d:de:8f:1a:7a:77:df:32:ed:e2:d0:b2:b0:2c:a8: 3b:38:ce:e0:18:55:0e:b8:34:a4:96:96:c6:32:c3:11:69:48: 8a:d6:c0:ec:04:e0:cd:94:5d:0c:b4:e0:1e:2c:5d:98:03:68: 9c:6e:71:c6:24:54:4b:57:1e:ec:83:cd:9f:a0:ae:c2:4e:15: 87:fd:d0:56:79:16:eb:6a:33:9f:94:da:39:75:3b:ae:9e:8a: 52:62:23:95:9b:f5:74:b3:37:80:42:b4:d7:d7:17:34:f0:32: 80:04:50:12:41:3a:e7:da:2d:d4:f6:ae:4c:89:81:98:ac:fe: 15:1d:1e:9b:eb:1b:7c:56:7d:1f:de:da:a4:9f:16:9e:93:83: 7b:69:bb:3d:ed:13:aa:e5:a2:3e:89:bc:3e:86:7d:01:bd:f5: a1:3d:ce:54 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxBNE7G46Q/JBi5FUDW+NEhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhkYzI5N2VmMTg1OWNhMzM3NTk3MDZiZGM2ZWU3OTI1Y2Zh NTE0MWQwHhcNMjYwMjA5MDcwMTEyWhcNMjYwMjEwMDcwMTEyWjAzMTEwLwYDVQQD Eyg1NGFmOWFhN2ViNTI4NGRlZjVjNWMxN2E5YjQxOGM1NmVhNmZmMmY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwur2wp/lhZ0FeQ5OAg0cO8EDJUD zliPecYfo7QuZoE1wEAd1q68XNGEzR7y2CcypREohKhh2wgTJADpDTP4FCnmte+O 1/QAIHA9UwgJolIY4Xz9cbkYIFggAfSt7sSuicEQ8dOxIk3EeSK6J/TG5NllMEFa 3exv4MFkDHZpegOrgAS2CGQ2OW7xU79jjN6b3JFuILzZsqfi0rdXX6oOFlIjVjsl j5HC+moCETmKxviNGsdPjw90vu9t5jG5TZsmCx4xHrk3Ivi3QoToSZ7QCNHTZ+k9 kH3TvSMc3XkfbJ/sKzIoWV8GGf8xAp8ATBOOj6tTtf2N5W8jXLW7tf0JLQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFSvmqfrUoTe9cXBeptBjFbqb/L4MB8GA1UdIwQY MBaAFI3Cl+8YWcozdZcGvcbueSXPpRQdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvamNLWDd4aFp5ak4xbHdhOXh1NTVKYy1sRkIwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9hYWFmOTktYjFjNS00YmI1LTg5Mjgt YjViYzc0Y2FhNDAyLzEvamNLWDd4aFp5ak4xbHdhOXh1NTVKYy1sRkIwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi9hYWFmOTktYjFjNS00YmI1LTg5MjgtYjViYzc0Y2FhNDAy LzEvamNLWDd4aFp5ak4xbHdhOXh1NTVKYy1sRkIwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoWTFYMVN GNgfTcjdFteBOmjIdGZs8882aD7p1CgVOMR9pODIv5z0q36JPj3JbT3HazSoYlfd WXkk/7XEjaABmIYDgAIrMi5U9G+TRVJgqOIjs9mrCB6HLLD+KY67Pd6PGnp33zLt 4tCysCyoOzjO4BhVDrg0pJaWxjLDEWlIitbA7ATgzZRdDLTgHixdmANonG5xxiRU S1ce7IPNn6Cuwk4Vh/3QVnkW62ozn5TaOXU7rp6KUmIjlZv1dLM3gEK019cXNPAy gARQEkE659ot1PauTImBmKz+FR0em+sbfFZ9H97apJ8WnpODe2m7Pe0TquWiPom8 PoZ9Ab31oT3OVA== -----END CERTIFICATE-----Generated at Mon Feb 9 17:00:55 2026 by rpki-client