This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.mft File: zTf5VqTOlOsexk52R7Q828uPxEk.mft (raw, json) Hash identifier: M4YJjAk0TY8Zy1bqZ5Hf/0feHfwFpo/esU5LGXIQTXA= Subject key identifier: 4C:42:27:FC:99:1F:78:53:36:75:B2:F0:8A:42:2A:7C:E8:80:D5:3E Authority key identifier: CD:37:F9:56:A4:CE:94:EB:1E:C6:4E:76:47:B4:3C:DB:CB:8F:C4:49 Certificate issuer: /CN=cd37f956a4ce94eb1ec64e7647b43cdbcb8fc449 Certificate serial: 019C41A1FBEB858ABBBF53D36AB4FE7BA81B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zTf5VqTOlOsexk52R7Q828uPxEk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.mft Manifest number: 17C8 Signing time: Mon 09 Feb 2026 09:01:00 +0000 Manifest this update: Mon 09 Feb 2026 09:01:00 +0000 Manifest next update: Tue 10 Feb 2026 09:01:00 +0000 Files and hashes: 1: zTf5VqTOlOsexk52R7Q828uPxEk.crl (hash: 5rQouWrrOtgeKFH32kh6l17larhyJjdcuJSENCkyHL0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.crl rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.mft rsync://rpki.ripe.net/repository/DEFAULT/zTf5VqTOlOsexk52R7Q828uPxEk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 09:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:41:a1:fb:eb:85:8a:bb:bf:53:d3:6a:b4:fe:7b:a8:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cd37f956a4ce94eb1ec64e7647b43cdbcb8fc449 Validity Not Before: Feb 9 09:01:00 2026 GMT Not After : Feb 10 09:01:00 2026 GMT Subject: CN=4c4227fc991f78533675b2f08a422a7ce880d53e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:71:1c:7a:f4:8f:44:54:89:0d:56:66:6e:90: a6:27:0c:bb:52:0e:00:6b:57:00:ac:ef:01:e2:16: 0d:5e:ce:af:1d:7d:df:56:1e:d0:a0:3b:3c:a4:a9: e3:be:43:b5:90:60:81:63:39:18:84:70:45:89:7b: 0d:6e:40:fb:0a:46:eb:57:87:f0:11:71:1e:db:53: 67:2e:cd:f4:0a:69:f5:06:91:e5:b0:e6:b5:a0:91: 24:a5:40:93:02:bc:c3:42:12:a4:77:c1:5f:09:cd: 2f:fb:80:4a:e0:38:59:0a:62:4d:7d:5d:bd:6d:07: 9b:92:03:65:78:88:a2:67:12:5b:34:fe:ba:7b:1b: 40:15:cd:65:b7:6f:92:ad:27:8f:f8:70:98:80:0d: 2b:40:30:22:77:fd:7d:1d:1e:70:fc:0c:d5:e1:06: 16:91:5f:c4:3a:89:19:f0:d1:31:58:0c:6a:bf:89: 80:f0:c3:96:10:ef:57:9e:7b:5a:4f:4e:b8:d1:e0: d0:b5:da:ba:e8:55:19:83:95:04:bc:fa:01:30:df: bd:7d:37:64:ee:dd:77:c5:a9:df:83:c0:08:86:0b: 20:79:c4:55:86:5e:d5:63:17:23:18:66:ef:5a:c9: 23:53:2b:8a:9d:e2:27:bd:8f:2f:5e:24:39:01:57: 2e:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:42:27:FC:99:1F:78:53:36:75:B2:F0:8A:42:2A:7C:E8:80:D5:3E X509v3 Authority Key Identifier: keyid:CD:37:F9:56:A4:CE:94:EB:1E:C6:4E:76:47:B4:3C:DB:CB:8F:C4:49 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zTf5VqTOlOsexk52R7Q828uPxEk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 71:5c:79:6a:a2:86:37:fb:4b:70:03:93:f7:a4:67:ae:76:74: c1:56:52:4d:d7:76:94:3c:15:97:3b:cd:5b:b4:eb:ca:a4:b1: 5c:a8:8b:ef:4f:5c:23:01:99:7c:b0:27:8f:a1:9b:75:5d:6f: 49:e5:a8:63:c0:b2:61:5a:29:37:9e:a0:ea:d3:71:70:b5:8d: 08:a1:0d:79:8e:78:77:92:6a:1e:be:29:de:d4:3a:28:03:29: 1e:ef:61:62:8b:d3:0b:78:41:22:0b:a9:e3:6a:c0:36:25:58: b9:62:48:9c:86:f7:63:de:45:cf:92:f9:8a:08:06:7f:d5:d2: 0f:9d:51:47:a7:2e:99:b5:ff:19:67:66:79:fc:15:ef:6e:a3: eb:51:ee:c5:a2:30:d5:6d:97:72:96:7e:f0:aa:8b:7c:c1:0c: 92:60:12:b2:21:0b:38:c2:a5:81:dc:9a:8b:47:f4:b9:57:28: 52:3b:57:40:03:8b:bc:1f:7b:7a:27:02:64:36:e3:9a:f7:4c: f5:a5:13:3b:75:56:f9:f9:a0:9b:ac:66:3d:8c:40:9f:9f:b0: 3d:d8:c4:20:5e:55:2e:37:9e:7c:dd:8d:25:96:9d:6a:83:00: f0:81:7b:e5:ae:da:ea:8f:c8:47:c0:1f:9a:0a:68:d0:d0:0f: 61:2c:3d:1b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxBofvrhYq7v1PTarT+e6gbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkMzdmOTU2YTRjZTk0ZWIxZWM2NGU3NjQ3YjQzY2RiY2I4 ZmM0NDkwHhcNMjYwMjA5MDkwMTAwWhcNMjYwMjEwMDkwMTAwWjAzMTEwLwYDVQQD Eyg0YzQyMjdmYzk5MWY3ODUzMzY3NWIyZjA4YTQyMmE3Y2U4ODBkNTNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3EcevSPRFSJDVZmbpCmJwy7Ug4A a1cArO8B4hYNXs6vHX3fVh7QoDs8pKnjvkO1kGCBYzkYhHBFiXsNbkD7CkbrV4fw EXEe21NnLs30Cmn1BpHlsOa1oJEkpUCTArzDQhKkd8FfCc0v+4BK4DhZCmJNfV29 bQebkgNleIiiZxJbNP66extAFc1lt2+SrSeP+HCYgA0rQDAid/19HR5w/AzV4QYW kV/EOokZ8NExWAxqv4mA8MOWEO9XnntaT0640eDQtdq66FUZg5UEvPoBMN+9fTdk 7t13xanfg8AIhgsgecRVhl7VYxcjGGbvWskjUyuKneInvY8vXiQ5AVcupQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFExCJ/yZH3hTNnWy8IpCKnzogNU+MB8GA1UdIwQY MBaAFM03+VakzpTrHsZOdke0PNvLj8RJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvelRmNVZxVE9sT3NleGs1MlI3UTgyOHVQeEVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8yOTQzYzEtMzZiNi00MzAzLWJjMjct YmJlMTJiZDM4ZTA0LzEvelRmNVZxVE9sT3NleGs1MlI3UTgyOHVQeEVrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jOC8yOTQzYzEtMzZiNi00MzAzLWJjMjctYmJlMTJiZDM4ZTA0 LzEvelRmNVZxVE9sT3NleGs1MlI3UTgyOHVQeEVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcVx5aqKG N/tLcAOT96RnrnZ0wVZSTdd2lDwVlzvNW7TryqSxXKiL709cIwGZfLAnj6GbdV1v SeWoY8CyYVopN56g6tNxcLWNCKENeY54d5JqHr4p3tQ6KAMpHu9hYovTC3hBIgup 42rANiVYuWJInIb3Y95Fz5L5iggGf9XSD51RR6cumbX/GWdmefwV726j61HuxaIw 1W2XcpZ+8KqLfMEMkmASsiELOMKlgdyai0f0uVcoUjtXQAOLvB97eicCZDbjmvdM 9aUTO3VW+fmgm6xmPYxAn5+wPdjEIF5VLjeefN2NJZadaoMA8IF75a7a6o/IR8Af mgpo0NAPYSw9Gw== -----END CERTIFICATE-----Generated at Mon Feb 9 17:02:41 2026 by rpki-client