This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.mft File: n0XrWiiMaO1g29m4fk6CBsqckz8.mft (raw, json) Hash identifier: BofSI+QJmelDcOoRlgffmgMVbVqLdbl2AwsDCAIMiVI= Subject key identifier: F8:51:47:DA:F3:42:8B:3B:9B:6F:C0:34:D9:C8:5A:9D:96:D3:29:5F Authority key identifier: 9F:45:EB:5A:28:8C:68:ED:60:DB:D9:B8:7E:4E:82:06:CA:9C:93:3F Certificate issuer: /CN=9f45eb5a288c68ed60dbd9b87e4e8206ca9c933f Certificate serial: 019C4322120060D13708C40E54FBAEDA0565 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n0XrWiiMaO1g29m4fk6CBsqckz8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.mft Manifest number: 11EA Signing time: Mon 09 Feb 2026 16:00:32 +0000 Manifest this update: Mon 09 Feb 2026 16:00:32 +0000 Manifest next update: Tue 10 Feb 2026 16:00:32 +0000 Files and hashes: 1: n0XrWiiMaO1g29m4fk6CBsqckz8.crl (hash: h8trohQsR1mKhRWtBW5UzouBw2iTX+ghosKVJqkWKa0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.mft rsync://rpki.ripe.net/repository/DEFAULT/n0XrWiiMaO1g29m4fk6CBsqckz8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:22:12:00:60:d1:37:08:c4:0e:54:fb:ae:da:05:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9f45eb5a288c68ed60dbd9b87e4e8206ca9c933f Validity Not Before: Feb 9 16:00:32 2026 GMT Not After : Feb 10 16:00:32 2026 GMT Subject: CN=f85147daf3428b3b9b6fc034d9c85a9d96d3295f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:08:45:e2:c3:72:c5:94:ad:d3:f9:b2:36:d3: 2f:68:c5:c1:f9:2f:6a:18:9e:17:2b:43:c7:ee:bb: cd:f5:23:97:d1:48:cd:f9:e8:72:bf:54:5c:84:bd: 6e:e7:16:6c:69:90:66:09:72:47:d1:9a:18:83:4d: eb:45:20:ea:48:67:ab:48:ab:ee:3c:fc:1c:22:07: 14:76:bd:64:ab:f1:e9:33:df:12:72:8e:e0:44:e9: 20:12:7d:39:59:c3:0a:21:85:0c:05:ea:85:3e:98: 3a:0d:a9:9a:ec:a7:f7:f4:83:7e:e0:07:53:76:63: ab:0f:9a:6d:63:14:a2:9e:55:c1:30:02:d8:e2:42: b7:3c:06:b0:83:ff:d2:f1:c0:ce:d3:11:8b:d4:d2: 91:e1:ef:1a:65:02:fc:03:a0:47:47:eb:63:a0:bd: d1:01:53:4a:67:f0:ca:c6:8c:f5:cc:80:95:8b:9d: 81:91:64:8b:a3:27:1f:39:9d:0d:89:34:ef:41:84: 04:ac:a1:2d:53:6b:4e:68:27:79:ea:eb:aa:88:a2: 50:12:41:34:5f:bf:04:ee:93:6d:1a:25:16:ff:b5: 3e:2b:cf:0d:63:c5:4c:c9:53:d9:8d:93:dd:1e:88: da:ee:f0:1c:e0:ed:81:57:7a:3b:b0:59:00:b1:8f: fa:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:51:47:DA:F3:42:8B:3B:9B:6F:C0:34:D9:C8:5A:9D:96:D3:29:5F X509v3 Authority Key Identifier: keyid:9F:45:EB:5A:28:8C:68:ED:60:DB:D9:B8:7E:4E:82:06:CA:9C:93:3F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n0XrWiiMaO1g29m4fk6CBsqckz8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 03:29:b8:f6:6f:4c:92:8e:4a:b9:e0:de:81:bd:16:37:da:a4: a2:e5:d3:26:80:41:39:38:db:57:be:2c:6a:e1:fa:b4:8e:49: 95:ed:2a:2a:5a:a1:26:f0:e8:bf:97:ff:c3:b7:58:d1:45:2e: ea:5f:12:a7:67:e5:2a:80:3c:74:fc:a2:8d:c8:91:35:bf:f8: 69:fe:75:09:b9:a3:38:9d:d5:85:4a:e2:e0:79:00:ee:fb:c6: 9e:9f:f3:fb:04:9c:30:55:89:18:bb:a2:98:d0:57:dc:85:5f: e3:ce:2c:0c:ea:3c:12:a3:54:ad:c9:aa:f5:35:b7:3b:fc:e1: 0c:54:3d:04:6c:b8:3f:3c:aa:f5:b0:09:eb:f9:2e:f4:a5:3f: 00:a5:3d:40:e0:79:79:a9:0e:7a:84:d1:58:41:20:3a:0b:b2: dc:da:20:8d:ae:66:0c:03:53:89:30:41:01:18:e7:3b:de:b0: f7:20:3c:76:19:52:19:b7:45:23:f2:33:8e:a3:e8:2d:a5:16: 0f:01:80:5e:70:00:ad:07:9a:aa:e4:2b:71:fe:f8:8d:bc:85: fd:64:21:c5:05:b5:66:28:fd:a7:e4:43:ab:25:f7:a2:56:de: e4:f0:84:5c:aa:34:ff:2d:bd:c3:1d:80:e5:0e:9e:8e:3b:31: 45:bd:ed:45 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDIhIAYNE3CMQOVPuu2gVlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlmNDVlYjVhMjg4YzY4ZWQ2MGRiZDliODdlNGU4MjA2Y2E5 YzkzM2YwHhcNMjYwMjA5MTYwMDMyWhcNMjYwMjEwMTYwMDMyWjAzMTEwLwYDVQQD EyhmODUxNDdkYWYzNDI4YjNiOWI2ZmMwMzRkOWM4NWE5ZDk2ZDMyOTVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ghF4sNyxZSt0/myNtMvaMXB+S9q GJ4XK0PH7rvN9SOX0UjN+ehyv1RchL1u5xZsaZBmCXJH0ZoYg03rRSDqSGerSKvu PPwcIgcUdr1kq/HpM98Sco7gROkgEn05WcMKIYUMBeqFPpg6Dama7Kf39IN+4AdT dmOrD5ptYxSinlXBMALY4kK3PAawg//S8cDO0xGL1NKR4e8aZQL8A6BHR+tjoL3R AVNKZ/DKxoz1zICVi52BkWSLoycfOZ0NiTTvQYQErKEtU2tOaCd56uuqiKJQEkE0 X78E7pNtGiUW/7U+K88NY8VMyVPZjZPdHoja7vAc4O2BV3o7sFkAsY/6BwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPhRR9rzQos7m2/ANNnIWp2W0ylfMB8GA1UdIwQY MBaAFJ9F61oojGjtYNvZuH5OggbKnJM/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbjBYcldpaU1hTzFnMjltNGZrNkNCc3Fja3o4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9lNDIzMzYtZWI3Ny00NTQwLWJlNDEt NTVmZDZkYzFhMWQ4LzEvbjBYcldpaU1hTzFnMjltNGZrNkNCc3Fja3o4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi9lNDIzMzYtZWI3Ny00NTQwLWJlNDEtNTVmZDZkYzFhMWQ4 LzEvbjBYcldpaU1hTzFnMjltNGZrNkNCc3Fja3o4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAym49m9M ko5KueDegb0WN9qkouXTJoBBOTjbV74sauH6tI5Jle0qKlqhJvDov5f/w7dY0UUu 6l8Sp2flKoA8dPyijciRNb/4af51CbmjOJ3VhUri4HkA7vvGnp/z+wScMFWJGLui mNBX3IVf484sDOo8EqNUrcmq9TW3O/zhDFQ9BGy4Pzyq9bAJ6/ku9KU/AKU9QOB5 eakOeoTRWEEgOguy3Nogja5mDANTiTBBARjnO96w9yA8dhlSGbdFI/IzjqPoLaUW DwGAXnAArQeaquQrcf74jbyF/WQhxQW1Zij9p+RDqyX3olbe5PCEXKo0/y29wx2A 5Q6ejjsxRb3tRQ== -----END CERTIFICATE-----Generated at Mon Feb 9 20:06:38 2026 by rpki-client