This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft File: 7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft (raw, json) Hash identifier: aeiSifQq9fl4Zm6ogPoY5mViA6v55DOQz/gsP3pCkvI= Subject key identifier: 23:ED:A5:FE:D1:00:D0:71:53:26:D1:B4:93:E6:4A:6E:BC:99:04:F2 Authority key identifier: EC:F5:D5:12:F9:10:44:B7:86:A1:55:89:A6:24:A8:D8:CB:92:9E:48 Certificate issuer: /CN=ecf5d512f91044b786a15589a624a8d8cb929e48 Certificate serial: 019C4322398ECAFEE71A07B22FB85D9E6BC5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7PXVEvkQRLeGoVWJpiSo2MuSnkg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft Manifest number: 14C2 Signing time: Mon 09 Feb 2026 16:00:42 +0000 Manifest this update: Mon 09 Feb 2026 16:00:42 +0000 Manifest next update: Tue 10 Feb 2026 16:00:42 +0000 Files and hashes: 1: 7PXVEvkQRLeGoVWJpiSo2MuSnkg.crl (hash: X2+e5I1fbiEvGnV6E+GfGxIb26jcJ+lbVn0UhV4+CZ0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft rsync://rpki.ripe.net/repository/DEFAULT/7PXVEvkQRLeGoVWJpiSo2MuSnkg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:22:39:8e:ca:fe:e7:1a:07:b2:2f:b8:5d:9e:6b:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ecf5d512f91044b786a15589a624a8d8cb929e48 Validity Not Before: Feb 9 16:00:42 2026 GMT Not After : Feb 10 16:00:42 2026 GMT Subject: CN=23eda5fed100d0715326d1b493e64a6ebc9904f2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:f2:11:97:f5:59:f2:32:c9:c5:43:74:7a:ab: b1:58:fb:8b:8a:5c:a6:49:f1:d9:b2:be:bf:0e:01: 32:94:93:b7:ac:76:2b:e6:54:60:ad:c7:b3:0b:a4: 4b:0e:8a:87:10:21:53:07:91:ee:48:57:9f:ad:f1: 22:12:11:e8:89:ef:d3:49:28:43:0a:93:07:d2:a0: 52:0f:3d:a4:8d:b4:61:80:af:10:2e:a7:3d:80:42: d1:04:ff:17:3f:9e:44:d8:77:ba:fb:54:71:b7:3b: 0b:2c:42:16:51:45:73:42:bc:a9:7c:62:29:51:2a: 83:e2:ba:b1:c0:c4:25:ca:dd:b9:82:5d:85:13:ff: a8:49:6c:c0:d2:b2:41:98:91:4f:3e:60:a8:11:aa: 35:84:3d:4b:7c:7b:fe:21:32:d6:f5:1e:7c:35:72: 99:c5:56:e0:98:ba:c7:40:6f:b7:af:65:bf:b0:e1: be:8e:97:77:f7:13:6f:69:66:9f:e7:b0:d9:c2:3a: 5b:e6:a4:ce:1a:dd:32:15:93:61:a7:3a:54:06:36: 96:ec:55:c8:74:4e:91:d3:d4:be:90:59:37:5a:42: 88:f7:b4:55:7b:14:e1:62:cb:36:d9:95:32:44:73: 21:7c:95:a2:fb:d4:f4:ea:a6:d8:df:54:66:04:48: 1f:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:ED:A5:FE:D1:00:D0:71:53:26:D1:B4:93:E6:4A:6E:BC:99:04:F2 X509v3 Authority Key Identifier: keyid:EC:F5:D5:12:F9:10:44:B7:86:A1:55:89:A6:24:A8:D8:CB:92:9E:48 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7PXVEvkQRLeGoVWJpiSo2MuSnkg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 81:19:b2:e9:f9:03:c5:f0:aa:da:d3:e1:2d:3f:ea:d8:72:c2: 4b:6d:86:b8:32:82:a2:26:fe:21:28:39:bb:01:73:7b:24:15: 51:04:75:aa:f4:80:d4:07:5f:82:1b:4d:16:62:19:e7:9e:4b: 64:22:6e:0d:ce:df:e5:12:ac:94:7f:d0:95:3f:42:95:8a:f5: 06:61:cd:77:2e:4e:37:62:d3:a0:ec:40:98:3d:5f:a0:87:1d: 9f:c5:03:04:82:1c:ea:76:5d:e8:40:ab:e9:ab:2c:8d:b3:41: 61:cb:7f:7f:79:1b:53:9f:54:87:1e:84:0e:6b:d8:a5:98:17: 8e:10:eb:15:31:fc:b0:03:d2:db:9f:5b:3e:67:67:dd:7a:9c: 00:c0:27:12:f9:ff:8f:7b:b8:8e:5b:5e:fe:46:c7:f4:cd:2c: 5a:c2:7d:72:40:9c:64:4b:ba:df:d7:a5:d6:3b:04:7e:f7:bc: 16:9a:83:bc:84:c7:f1:5b:5c:96:f4:f9:0f:17:7d:a1:87:e4: 7b:eb:e7:18:0c:e6:4c:bf:08:ec:8e:2a:c0:54:7d:c8:b7:a5: 01:bb:4b:1a:4c:93:05:29:0a:20:d5:66:e0:b3:b2:b1:91:fd: db:dc:64:95:db:02:36:c0:7a:3c:d5:54:a7:5c:5b:e1:ea:30: 45:17:ae:39 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDIjmOyv7nGgeyL7hdnmvFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGVjZjVkNTEyZjkxMDQ0Yjc4NmExNTU4OWE2MjRhOGQ4Y2I5 MjllNDgwHhcNMjYwMjA5MTYwMDQyWhcNMjYwMjEwMTYwMDQyWjAzMTEwLwYDVQQD EygyM2VkYTVmZWQxMDBkMDcxNTMyNmQxYjQ5M2U2NGE2ZWJjOTkwNGYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfIRl/VZ8jLJxUN0equxWPuLilym SfHZsr6/DgEylJO3rHYr5lRgrcezC6RLDoqHECFTB5HuSFefrfEiEhHoie/TSShD CpMH0qBSDz2kjbRhgK8QLqc9gELRBP8XP55E2He6+1RxtzsLLEIWUUVzQrypfGIp USqD4rqxwMQlyt25gl2FE/+oSWzA0rJBmJFPPmCoEao1hD1LfHv+ITLW9R58NXKZ xVbgmLrHQG+3r2W/sOG+jpd39xNvaWaf57DZwjpb5qTOGt0yFZNhpzpUBjaW7FXI dE6R09S+kFk3WkKI97RVexThYss22ZUyRHMhfJWi+9T06qbY31RmBEgf0QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCPtpf7RANBxUybRtJPmSm68mQTyMB8GA1UdIwQY MBaAFOz11RL5EES3hqFViaYkqNjLkp5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvN1BYVkV2a1FSTGVHb1ZXSnBpU28yTXVTbmtnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zZDRkZmEtZmU0YS00NTYzLThjYmUt YzE0ODFkZjdkYTQxLzEvN1BYVkV2a1FSTGVHb1ZXSnBpU28yTXVTbmtnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS8zZDRkZmEtZmU0YS00NTYzLThjYmUtYzE0ODFkZjdkYTQx LzEvN1BYVkV2a1FSTGVHb1ZXSnBpU28yTXVTbmtnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgRmy6fkD xfCq2tPhLT/q2HLCS22GuDKCoib+ISg5uwFzeyQVUQR1qvSA1AdfghtNFmIZ555L ZCJuDc7f5RKslH/QlT9ClYr1BmHNdy5ON2LToOxAmD1foIcdn8UDBIIc6nZd6ECr 6assjbNBYct/f3kbU59Uhx6EDmvYpZgXjhDrFTH8sAPS259bPmdn3XqcAMAnEvn/ j3u4jlte/kbH9M0sWsJ9ckCcZEu639el1jsEfve8FpqDvITH8VtclvT5Dxd9oYfk e+vnGAzmTL8I7I4qwFR9yLelAbtLGkyTBSkKINVm4LOysZH929xkldsCNsB6PNVU p1xb4eowRReuOQ== -----END CERTIFICATE-----Generated at Mon Feb 9 20:53:37 2026 by rpki-client