This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft File: zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft (raw, json) Hash identifier: 8LvbZiYbBPV5OIepdIHTUpQ6CdlBrUNbM7bbKjiGNZk= Subject key identifier: 5F:C9:FF:DB:CE:24:FA:40:E2:28:C8:2C:38:39:80:9C:4A:F6:9A:DD Authority key identifier: CD:BC:43:1B:1C:98:86:DC:2B:21:00:8D:CC:FD:E1:8D:B7:35:37:1C Certificate issuer: /CN=cdbc431b1c9886dc2b21008dccfde18db735371c Certificate serial: 019C40FD2798C3B15C44E91A49DFD2F27314 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft Manifest number: 0589 Signing time: Mon 09 Feb 2026 06:00:58 +0000 Manifest this update: Mon 09 Feb 2026 06:00:58 +0000 Manifest next update: Tue 10 Feb 2026 06:00:58 +0000 Files and hashes: 1: zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl (hash: otbtkuPpWExnXEBE0cwZbB9AgAAAJgZjKnm4Eh4VpMs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:40:fd:27:98:c3:b1:5c:44:e9:1a:49:df:d2:f2:73:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cdbc431b1c9886dc2b21008dccfde18db735371c Validity Not Before: Feb 9 06:00:58 2026 GMT Not After : Feb 10 06:00:58 2026 GMT Subject: CN=5fc9ffdbce24fa40e228c82c3839809c4af69add Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:28:98:ba:2b:c4:99:3e:15:d7:58:de:05:93: 01:a1:c9:7e:39:1c:b2:47:47:88:59:2d:cc:dd:22: 8f:ff:62:7f:55:15:8c:50:48:49:ed:27:b7:58:af: 1c:f8:cc:97:52:37:c6:af:41:2e:58:a9:d8:0b:49: b7:75:8c:75:98:f3:8a:15:9a:18:d9:76:96:4d:29: d4:01:52:e1:3e:7f:f6:39:92:2a:44:06:df:e2:bb: f6:f1:8a:3d:26:29:3f:56:d6:a5:43:f3:d7:e0:d6: 22:29:d8:a0:60:73:12:91:56:d2:33:ab:f9:9b:3e: 27:0d:62:1b:8e:8b:fd:ea:88:8d:be:25:99:d3:cf: ca:0e:32:96:16:ac:6e:03:69:0d:81:8a:9a:ac:72: af:b5:a7:1e:33:bd:20:d3:c7:60:4b:9e:ba:b8:7a: 50:20:a3:4b:2c:e1:a3:f4:a1:ff:de:f8:46:aa:c7: 1a:fc:28:95:53:c1:a6:c7:09:b1:a7:f0:c3:d7:29: 28:f7:21:70:b5:5b:d5:b2:6c:d4:f7:e0:a1:bb:d4: de:55:ce:35:9c:46:78:cb:3b:36:d0:c3:d9:70:cc: bf:6b:bb:82:92:e6:1e:8e:0f:9a:7f:29:3d:2f:7d: 54:fb:f8:e5:ce:53:9e:cc:23:d7:c9:a6:86:25:51: 67:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:C9:FF:DB:CE:24:FA:40:E2:28:C8:2C:38:39:80:9C:4A:F6:9A:DD X509v3 Authority Key Identifier: keyid:CD:BC:43:1B:1C:98:86:DC:2B:21:00:8D:CC:FD:E1:8D:B7:35:37:1C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b7:5e:31:3c:7a:83:19:15:b0:34:5b:18:de:b0:ec:63:96:ab: 47:7e:5c:e5:80:f9:a9:fc:92:8b:3a:f7:79:f8:83:29:93:8f: b9:e8:d9:4c:b7:7a:bf:4a:a6:92:8e:1c:fb:da:b1:92:de:8e: 9c:b4:e0:91:80:4b:67:b2:1d:44:eb:c2:d4:1e:0d:79:1f:05: 44:21:6a:43:8d:1a:ab:a0:24:47:f7:dd:9b:43:d9:dd:82:70: c0:d6:66:12:85:8b:96:af:d3:27:ce:4e:24:70:4b:df:2c:3c: e6:5d:cf:c8:b4:48:8e:1c:3d:8e:bf:13:ca:c6:02:8a:d6:7d: 7d:71:8f:d3:6f:f2:02:e0:bf:48:24:66:67:46:fa:fd:a3:a2: 1f:26:06:bc:30:53:eb:2b:29:a3:0f:c3:71:52:97:61:a9:a2: 7a:9a:1e:b0:3a:e1:98:3a:6c:3c:bf:59:57:f8:5c:35:0f:55: f4:1d:69:17:e1:b6:e6:c0:f5:cc:fb:f3:69:d1:06:e1:ea:a4: a9:0e:0d:ec:80:9c:b4:cb:a0:f5:cb:10:75:13:79:c8:e0:b5: ba:c4:cd:7c:6b:f1:7f:3a:8e:36:14:fd:17:64:27:e8:81:57: 7e:70:c6:bd:c5:59:f7:5a:e2:e8:7d:40:a3:9a:3c:6c:8f:a3: dd:b3:4e:02 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxA/SeYw7FcROkaSd/S8nMUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkYmM0MzFiMWM5ODg2ZGMyYjIxMDA4ZGNjZmRlMThkYjcz NTM3MWMwHhcNMjYwMjA5MDYwMDU4WhcNMjYwMjEwMDYwMDU4WjAzMTEwLwYDVQQD Eyg1ZmM5ZmZkYmNlMjRmYTQwZTIyOGM4MmMzODM5ODA5YzRhZjY5YWRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSiYuivEmT4V11jeBZMBocl+ORyy R0eIWS3M3SKP/2J/VRWMUEhJ7Se3WK8c+MyXUjfGr0EuWKnYC0m3dYx1mPOKFZoY 2XaWTSnUAVLhPn/2OZIqRAbf4rv28Yo9Jik/VtalQ/PX4NYiKdigYHMSkVbSM6v5 mz4nDWIbjov96oiNviWZ08/KDjKWFqxuA2kNgYqarHKvtaceM70g08dgS566uHpQ IKNLLOGj9KH/3vhGqsca/CiVU8Gmxwmxp/DD1yko9yFwtVvVsmzU9+Chu9TeVc41 nEZ4yzs20MPZcMy/a7uCkuYejg+afyk9L31U+/jlzlOezCPXyaaGJVFnTQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF/J/9vOJPpA4ijILDg5gJxK9prdMB8GA1UdIwQY MBaAFM28QxscmIbcKyEAjcz94Y23NTccMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zNjg5YmUtODE1Mi00YmFkLWI5OTYt M2NkYTcxMzczZGM5LzEvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMy8zNjg5YmUtODE1Mi00YmFkLWI5OTYtM2NkYTcxMzczZGM5 LzEvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAt14xPHqD GRWwNFsY3rDsY5arR35c5YD5qfySizr3efiDKZOPuejZTLd6v0qmko4c+9qxkt6O nLTgkYBLZ7IdROvC1B4NeR8FRCFqQ40aq6AkR/fdm0PZ3YJwwNZmEoWLlq/TJ85O JHBL3yw85l3PyLRIjhw9jr8TysYCitZ9fXGP02/yAuC/SCRmZ0b6/aOiHyYGvDBT 6yspow/DcVKXYamiepoesDrhmDpsPL9ZV/hcNQ9V9B1pF+G25sD1zPvzadEG4eqk qQ4N7ICctMug9csQdRN5yOC1usTNfGvxfzqONhT9F2Qn6IFXfnDGvcVZ91ri6H1A o5o8bI+j3bNOAg== -----END CERTIFICATE-----Generated at Mon Feb 9 17:02:26 2026 by rpki-client