This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft File: MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft (raw, json) Hash identifier: cXl1JBg+0req4LtjETUx9TSZ4KRIUFuA5qz1HBrtTmE= Subject key identifier: 12:CF:35:06:B7:F3:4A:44:AD:90:5D:92:B6:4A:68:36:B4:44:D5:33 Authority key identifier: 30:AA:B0:2B:65:4E:91:5C:AD:CA:33:92:92:E2:8C:15:C4:7D:F8:58 Certificate issuer: /CN=30aab02b654e915cadca339292e28c15c47df858 Certificate serial: 019C43901E436990753D766ECBD00367223F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MKqwK2VOkVytyjOSkuKMFcR9-Fg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft Manifest number: 0672 Signing time: Mon 09 Feb 2026 18:00:44 +0000 Manifest this update: Mon 09 Feb 2026 18:00:44 +0000 Manifest next update: Tue 10 Feb 2026 18:00:44 +0000 Files and hashes: 1: MKqwK2VOkVytyjOSkuKMFcR9-Fg.crl (hash: yEsRHKL3qtsqgk5xivD+kcIyu9rFtpVvYbuEGeBd/e4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.crl rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft rsync://rpki.ripe.net/repository/DEFAULT/MKqwK2VOkVytyjOSkuKMFcR9-Fg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:90:1e:43:69:90:75:3d:76:6e:cb:d0:03:67:22:3f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=30aab02b654e915cadca339292e28c15c47df858 Validity Not Before: Feb 9 18:00:44 2026 GMT Not After : Feb 10 18:00:44 2026 GMT Subject: CN=12cf3506b7f34a44ad905d92b64a6836b444d533 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:83:34:6d:5c:be:7c:23:bb:2f:c1:8c:1b:e8:a8: 2d:b9:d2:30:f3:27:95:74:e7:80:d7:8c:8a:04:5a: ae:2f:df:08:b5:57:02:cf:8b:62:de:91:6f:31:65: 67:b5:3f:ae:d8:bf:01:64:1f:ee:c3:f8:c7:1d:1e: e7:45:65:b4:72:67:7a:30:2f:d5:10:63:e1:53:8a: 54:13:53:b1:f3:87:15:46:0d:d1:84:19:41:c1:ad: 4e:0f:56:23:4e:5e:2b:1c:bb:96:af:1d:29:c9:f7: c9:5f:6b:5d:6e:1b:b3:f8:8a:49:19:14:fd:7f:bf: f7:79:65:02:d8:c9:35:9b:aa:8c:73:c2:f6:88:71: d1:24:95:38:4c:c7:ac:23:16:81:6c:f1:d8:c4:04: 65:fb:e0:c7:ba:7b:3f:4e:86:d3:1e:7a:1b:27:22: 1c:32:40:4d:8c:c9:1a:1c:bb:59:29:9a:b2:15:05: e1:c5:5c:c1:fb:51:2c:92:5b:ea:71:1d:82:e6:6e: 6d:a4:e7:28:be:20:01:87:7d:38:9f:92:73:a7:59: 76:db:18:f7:be:17:6a:cd:b7:bb:07:1c:ea:29:5d: 81:48:6e:51:24:49:54:57:b9:22:ea:fb:5b:41:3b: 9f:a0:7c:6d:bd:94:24:f8:88:de:ed:9c:1b:24:97: 65:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:CF:35:06:B7:F3:4A:44:AD:90:5D:92:B6:4A:68:36:B4:44:D5:33 X509v3 Authority Key Identifier: keyid:30:AA:B0:2B:65:4E:91:5C:AD:CA:33:92:92:E2:8C:15:C4:7D:F8:58 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MKqwK2VOkVytyjOSkuKMFcR9-Fg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 62:45:ca:c2:f5:2b:f0:0d:13:eb:eb:8d:6d:a9:a7:2c:e5:58: bb:c8:43:e5:19:cc:c6:2b:b1:99:44:89:60:0e:8d:bb:29:38: d9:6e:9a:de:9a:4d:0a:69:9b:a8:5f:2c:61:6f:83:3c:da:8b: 04:a0:06:64:58:e7:ce:d2:ba:f4:02:ee:b5:36:9f:69:a2:50: 73:ba:72:8e:b6:1b:3d:61:c7:df:c7:9b:d4:9b:c1:9d:8b:68: e4:ed:c8:89:62:2c:e2:28:8b:d7:6f:54:c0:93:f6:79:76:b0: a8:41:86:f4:c8:9d:0e:30:5c:29:7a:1b:60:45:37:0e:db:ec: 45:1e:96:04:c3:eb:c3:e6:58:d9:28:94:e2:d4:3f:77:d9:51: 1d:2c:93:f7:89:dd:ed:dc:a1:30:b1:f8:38:36:b0:90:ff:12: 5d:3e:99:79:79:d7:06:22:49:08:3c:4b:3e:b7:7d:d7:84:e1: ca:ae:1b:a7:de:79:36:fc:27:09:3b:f1:6e:24:a1:fc:50:98: b7:45:d1:30:20:6b:1b:65:5c:cf:b0:ab:ac:9d:c0:93:76:c4: 29:8e:7b:1c:73:4a:ee:c4:22:2c:5e:5b:45:ec:77:dd:bc:49: 52:cb:6f:68:22:59:95:ee:83:a9:17:d6:41:31:9f:21:03:d2: e5:a3:8f:0c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDkB5DaZB1PXZuy9ADZyI/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMwYWFiMDJiNjU0ZTkxNWNhZGNhMzM5MjkyZTI4YzE1YzQ3 ZGY4NTgwHhcNMjYwMjA5MTgwMDQ0WhcNMjYwMjEwMTgwMDQ0WjAzMTEwLwYDVQQD EygxMmNmMzUwNmI3ZjM0YTQ0YWQ5MDVkOTJiNjRhNjgzNmI0NDRkNTMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzRtXL58I7svwYwb6KgtudIw8yeV dOeA14yKBFquL98ItVcCz4ti3pFvMWVntT+u2L8BZB/uw/jHHR7nRWW0cmd6MC/V EGPhU4pUE1Ox84cVRg3RhBlBwa1OD1YjTl4rHLuWrx0pyffJX2tdbhuz+IpJGRT9 f7/3eWUC2Mk1m6qMc8L2iHHRJJU4TMesIxaBbPHYxARl++DHuns/TobTHnobJyIc MkBNjMkaHLtZKZqyFQXhxVzB+1EsklvqcR2C5m5tpOcoviABh304n5Jzp1l22xj3 vhdqzbe7BxzqKV2BSG5RJElUV7ki6vtbQTufoHxtvZQk+Ije7ZwbJJdlEwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBLPNQa380pErZBdkrZKaDa0RNUzMB8GA1UdIwQY MBaAFDCqsCtlTpFcrcozkpLijBXEffhYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTUtxd0syVk9rVnl0eWpPU2t1S01GY1I5LUZnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS85YWZmNTQtNTk3MS00MDJmLWFiNjkt YTQxOTY3MGQxN2UxLzEvTUtxd0syVk9rVnl0eWpPU2t1S01GY1I5LUZnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNS85YWZmNTQtNTk3MS00MDJmLWFiNjktYTQxOTY3MGQxN2Ux LzEvTUtxd0syVk9rVnl0eWpPU2t1S01GY1I5LUZnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYkXKwvUr 8A0T6+uNbamnLOVYu8hD5RnMxiuxmUSJYA6Nuyk42W6a3ppNCmmbqF8sYW+DPNqL BKAGZFjnztK69ALutTafaaJQc7pyjrYbPWHH38eb1JvBnYto5O3IiWIs4iiL129U wJP2eXawqEGG9MidDjBcKXobYEU3DtvsRR6WBMPrw+ZY2SiU4tQ/d9lRHSyT94nd 7dyhMLH4ODawkP8SXT6ZeXnXBiJJCDxLPrd914Thyq4bp955NvwnCTvxbiSh/FCY t0XRMCBrG2Vcz7CrrJ3Ak3bEKY57HHNK7sQiLF5bRex33bxJUstvaCJZle6DqRfW QTGfIQPS5aOPDA== -----END CERTIFICATE-----Generated at Mon Feb 9 21:08:11 2026 by rpki-client