This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft File: HzJorQbzq480bQ3jm9SuqztlhNk.mft (raw, json) Hash identifier: BWcE1ZT0gvdY9kesT1r6Av+WtcCEXD2nD5mRq2jMQ6U= Subject key identifier: FE:C7:25:22:D0:E1:38:4B:32:A4:F3:D3:23:A2:D1:73:6A:63:E3:D6 Authority key identifier: 1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9 Certificate issuer: /CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9 Certificate serial: 019C4322D57C9650E7DF323CFE10F9D35F4B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft Manifest number: 0A0A Signing time: Mon 09 Feb 2026 16:01:22 +0000 Manifest this update: Mon 09 Feb 2026 16:01:22 +0000 Manifest next update: Tue 10 Feb 2026 16:01:22 +0000 Files and hashes: 1: HzJorQbzq480bQ3jm9SuqztlhNk.crl (hash: 2A/KHmfxOZ69zWxq/gi8vNH4RM8WIqSbljzMe94GxPw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:22:d5:7c:96:50:e7:df:32:3c:fe:10:f9:d3:5f:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9 Validity Not Before: Feb 9 16:01:22 2026 GMT Not After : Feb 10 16:01:22 2026 GMT Subject: CN=fec72522d0e1384b32a4f3d323a2d1736a63e3d6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:8a:94:98:58:3b:23:1c:5b:c2:00:1a:2b:b9: 62:11:93:9f:5b:36:f5:83:13:05:cc:ed:ae:d2:24: 24:71:57:c6:5c:e1:ea:cc:da:59:ad:4e:b7:a1:b0: 5b:0e:02:b6:38:40:9f:dd:c9:2c:32:6a:50:b1:7c: 16:02:ae:9d:a3:c7:e5:f9:d5:f3:56:a9:c1:da:7e: 1c:6f:d2:6b:53:78:b0:2d:2a:30:be:48:b4:72:f6: b8:a6:07:c3:3c:83:3a:cf:db:86:6e:30:5e:80:5c: 37:a8:6c:db:11:3f:27:5d:6d:65:e8:95:57:ec:58: 30:37:72:2f:b3:91:e7:b9:fb:34:cb:7f:7d:2a:a1: 12:11:48:d9:95:1d:11:10:e6:1d:93:bc:2d:1d:bc: d6:76:ab:f8:35:94:70:ab:87:76:62:ac:2a:f8:12: 31:ee:5c:b1:cc:46:19:44:f0:70:5c:13:1c:44:3f: 5f:7a:a3:51:11:6f:1f:0e:59:49:43:fa:fa:51:87: ac:85:a3:47:9d:f4:e4:84:48:c0:7d:eb:99:a0:2c: 9f:0d:43:d5:05:3f:ef:b4:7d:44:25:a9:43:50:d5: 37:5a:68:51:d2:10:14:85:97:b8:af:a7:0a:19:2b: 98:b5:c6:e4:39:0b:20:44:17:36:57:ca:95:6b:74: 29:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:C7:25:22:D0:E1:38:4B:32:A4:F3:D3:23:A2:D1:73:6A:63:E3:D6 X509v3 Authority Key Identifier: keyid:1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 91:2c:81:fc:3e:a7:e0:4f:3a:a3:ec:7b:1c:60:76:83:5b:7a: e9:b9:75:11:94:12:2a:d4:e9:0e:43:3e:c8:28:95:20:1f:2e: 5d:36:08:84:3a:52:87:f1:b0:68:83:f2:fe:4d:96:58:82:ed: ff:68:5f:57:3a:1c:fd:46:47:74:e3:db:42:06:ce:70:ea:f8: 3e:01:f5:7a:49:25:83:28:4f:80:28:b9:30:59:39:7f:e6:4f: b7:d0:ad:ba:be:4f:b4:e7:47:c5:e3:31:92:d3:ad:5e:96:49: 78:80:0e:f3:55:5c:e8:dc:bb:c8:e2:7c:58:83:ca:7a:5f:bd: 6f:32:9c:16:16:92:74:31:0f:4b:86:13:d9:3d:14:cc:e8:65: 94:7a:a7:24:03:74:8b:8a:a6:6d:28:6e:1a:75:4d:53:10:b4: 34:f0:89:12:14:5d:06:69:7d:3d:97:58:00:b8:b1:b7:55:fb: 95:f8:07:79:64:fa:50:f7:b0:33:9f:b5:8f:af:17:f8:32:fc: a8:59:0b:d0:1c:1b:80:8d:7e:be:f3:d0:33:1b:d7:24:9f:95: 5b:22:46:f2:2f:4c:79:19:40:b9:19:6b:49:4d:3f:2c:d7:a4: 07:c0:de:71:60:be:86:10:fe:3f:57:b1:4a:28:71:a1:9b:20: a3:7f:74:09 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDItV8llDn3zI8/hD5019LMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFmMzI2OGFkMDZmM2FiOGYzNDZkMGRlMzliZDRhZWFiM2I2 NTg0ZDkwHhcNMjYwMjA5MTYwMTIyWhcNMjYwMjEwMTYwMTIyWjAzMTEwLwYDVQQD EyhmZWM3MjUyMmQwZTEzODRiMzJhNGYzZDMyM2EyZDE3MzZhNjNlM2Q2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIqUmFg7IxxbwgAaK7liEZOfWzb1 gxMFzO2u0iQkcVfGXOHqzNpZrU63obBbDgK2OECf3cksMmpQsXwWAq6do8fl+dXz VqnB2n4cb9JrU3iwLSowvki0cva4pgfDPIM6z9uGbjBegFw3qGzbET8nXW1l6JVX 7FgwN3Ivs5Hnufs0y399KqESEUjZlR0REOYdk7wtHbzWdqv4NZRwq4d2Yqwq+BIx 7lyxzEYZRPBwXBMcRD9feqNREW8fDllJQ/r6UYeshaNHnfTkhEjAfeuZoCyfDUPV BT/vtH1EJalDUNU3WmhR0hAUhZe4r6cKGSuYtcbkOQsgRBc2V8qVa3QpBQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFP7HJSLQ4ThLMqTz0yOi0XNqY+PWMB8GA1UdIwQY MBaAFB8yaK0G86uPNG0N45vUrqs7ZYTZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQt OGEwYzcyOTg5M2JhLzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQtOGEwYzcyOTg5M2Jh LzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkSyB/D6n 4E86o+x7HGB2g1t66bl1EZQSKtTpDkM+yCiVIB8uXTYIhDpSh/GwaIPy/k2WWILt /2hfVzoc/UZHdOPbQgbOcOr4PgH1ekklgyhPgCi5MFk5f+ZPt9Ctur5PtOdHxeMx ktOtXpZJeIAO81Vc6Ny7yOJ8WIPKel+9bzKcFhaSdDEPS4YT2T0UzOhllHqnJAN0 i4qmbShuGnVNUxC0NPCJEhRdBml9PZdYALixt1X7lfgHeWT6UPewM5+1j68X+DL8 qFkL0BwbgI1+vvPQMxvXJJ+VWyJG8i9MeRlAuRlrSU0/LNekB8DecWC+hhD+P1ex SihxoZsgo390CQ== -----END CERTIFICATE-----Generated at Mon Feb 9 18:41:28 2026 by rpki-client