This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft File: XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft (raw, json) Hash identifier: Pi/HfhF3bh0giz6c1/66cJkF5ff1kPZBtDmqCY1IXR0= Subject key identifier: 09:FC:B2:DC:71:67:42:EB:6D:D2:C1:29:23:91:44:AC:50:C6:36:AC Authority key identifier: 5E:BB:65:36:7D:82:42:B0:15:9A:25:39:CB:5A:02:33:54:2E:F9:63 Certificate issuer: /CN=5ebb65367d8242b0159a2539cb5a0233542ef963 Certificate serial: 019C43C7181AC39831D17DB68F35D8004445 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft Manifest number: 08E5 Signing time: Mon 09 Feb 2026 19:00:47 +0000 Manifest this update: Mon 09 Feb 2026 19:00:47 +0000 Manifest next update: Tue 10 Feb 2026 19:00:47 +0000 Files and hashes: 1: XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl (hash: 657bF8FdA18HUROq/RHrBmAyt+v89yNv5XkP+MpdTTY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:c7:18:1a:c3:98:31:d1:7d:b6:8f:35:d8:00:44:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5ebb65367d8242b0159a2539cb5a0233542ef963 Validity Not Before: Feb 9 19:00:47 2026 GMT Not After : Feb 10 19:00:47 2026 GMT Subject: CN=09fcb2dc716742eb6dd2c129239144ac50c636ac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:d3:f2:72:f4:be:5e:3c:e2:17:96:a9:19:8d: 05:22:1a:9d:70:a9:26:c9:c9:87:74:6b:4b:f0:1d: 68:79:5b:27:9a:51:44:89:c4:a2:e2:ed:53:e8:5e: 62:a8:93:6d:3a:c9:b4:23:80:3f:fb:fa:9b:22:17: 54:ab:be:85:e6:4b:b9:0a:dd:8e:ed:84:3d:29:74: f2:85:2e:ef:c1:86:97:a6:07:91:51:8d:97:64:ac: 71:c2:82:54:17:5a:e5:7d:56:b3:e7:27:6b:06:e1: 55:f3:96:94:58:53:b8:9b:81:43:30:2b:16:4f:9a: 98:b5:90:a5:20:89:2b:81:ce:6d:f4:a7:67:56:8a: 69:c8:cc:62:f2:4f:01:ec:80:0f:e9:8e:81:38:03: 35:9d:50:eb:b9:05:e0:29:1c:40:7c:29:71:07:1c: 1f:f1:c5:04:4b:c4:f4:58:d4:aa:35:53:a1:b0:98: ff:90:75:e9:09:9e:7a:2e:4c:b1:d3:22:93:93:af: 6b:a6:d8:8d:61:cf:44:71:b1:ea:79:8a:64:9e:95: 8f:d6:b0:f4:3f:69:8c:56:2a:96:72:2c:b2:09:d8: ae:0d:2c:57:7e:05:64:36:c3:6b:b0:77:8f:3c:d2: c9:d7:e7:ce:7c:03:b4:20:fc:32:9b:38:93:55:cc: 9f:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:FC:B2:DC:71:67:42:EB:6D:D2:C1:29:23:91:44:AC:50:C6:36:AC X509v3 Authority Key Identifier: keyid:5E:BB:65:36:7D:82:42:B0:15:9A:25:39:CB:5A:02:33:54:2E:F9:63 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2a:a5:c9:8b:b6:e0:76:66:61:08:34:9e:3a:b8:c5:68:9f:53: 98:dd:d8:49:f8:a7:c2:d4:79:dd:6a:0d:fd:9d:38:e9:7f:3f: e8:dd:27:60:a3:0d:55:50:1c:ce:82:b0:66:39:fd:78:04:79: 91:01:e3:f5:c4:52:cc:a4:9c:52:b2:d3:75:92:b0:84:8f:f1: 70:8e:6a:de:f5:ee:e4:23:7b:39:7c:fe:e9:be:17:10:e7:72: bf:e8:ed:db:fa:2a:68:95:a2:81:2a:28:45:17:b6:f5:fb:6e: 29:6d:ac:ae:09:81:c7:92:b8:49:d0:ac:65:b8:3c:5e:8a:48: a0:9f:57:1b:50:b2:87:24:c9:34:58:8f:3d:3b:de:43:8b:63: dc:71:e3:ef:38:f1:84:12:c3:8d:db:e4:9f:76:b8:23:46:dd: 53:50:30:5d:cb:e8:1a:6f:80:19:d8:4b:3c:65:0f:73:7d:1d: 69:9b:e8:b4:35:1b:d9:47:f5:6b:e8:2a:23:a0:92:61:af:ab: 0f:d8:a2:c0:ad:7b:80:68:9b:fb:f7:73:6e:74:1a:e2:51:0f: d0:5a:e9:62:12:ce:d2:81:5f:89:71:17:0a:3c:dc:9e:3d:66: 36:ca:6f:39:47:0e:93:c8:12:b5:f0:58:8a:f9:e9:3e:b8:c8: 7a:e7:eb:2e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDxxgaw5gx0X22jzXYAERFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlYmI2NTM2N2Q4MjQyYjAxNTlhMjUzOWNiNWEwMjMzNTQy ZWY5NjMwHhcNMjYwMjA5MTkwMDQ3WhcNMjYwMjEwMTkwMDQ3WjAzMTEwLwYDVQQD EygwOWZjYjJkYzcxNjc0MmViNmRkMmMxMjkyMzkxNDRhYzUwYzYzNmFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntPycvS+XjziF5apGY0FIhqdcKkm ycmHdGtL8B1oeVsnmlFEicSi4u1T6F5iqJNtOsm0I4A/+/qbIhdUq76F5ku5Ct2O 7YQ9KXTyhS7vwYaXpgeRUY2XZKxxwoJUF1rlfVaz5ydrBuFV85aUWFO4m4FDMCsW T5qYtZClIIkrgc5t9KdnVoppyMxi8k8B7IAP6Y6BOAM1nVDruQXgKRxAfClxBxwf 8cUES8T0WNSqNVOhsJj/kHXpCZ56Lkyx0yKTk69rptiNYc9EcbHqeYpknpWP1rD0 P2mMViqWciyyCdiuDSxXfgVkNsNrsHePPNLJ1+fOfAO0IPwymziTVcyfdQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAn8stxxZ0LrbdLBKSORRKxQxjasMB8GA1UdIwQY MBaAFF67ZTZ9gkKwFZolOctaAjNULvljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy81NDMwZDYtZWRjMC00NDI4LWIyNGEt MzAwZjVjYWJlZTExLzEvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy81NDMwZDYtZWRjMC00NDI4LWIyNGEtMzAwZjVjYWJlZTEx LzEvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKqXJi7bg dmZhCDSeOrjFaJ9TmN3YSfinwtR53WoN/Z046X8/6N0nYKMNVVAczoKwZjn9eAR5 kQHj9cRSzKScUrLTdZKwhI/xcI5q3vXu5CN7OXz+6b4XEOdyv+jt2/oqaJWigSoo RRe29ftuKW2srgmBx5K4SdCsZbg8XopIoJ9XG1CyhyTJNFiPPTveQ4tj3HHj7zjx hBLDjdvkn3a4I0bdU1AwXcvoGm+AGdhLPGUPc30daZvotDUb2Uf1a+gqI6CSYa+r D9iiwK17gGib+/dzbnQa4lEP0FrpYhLO0oFfiXEXCjzcnj1mNspvOUcOk8gStfBY ivnpPrjIeufrLg== -----END CERTIFICATE-----Generated at Mon Feb 9 21:09:56 2026 by rpki-client