This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft File: OneLgrqpeIoayvLsNothmB71HfI.mft (raw, json) Hash identifier: 7MDF4Jgx6UjLHMnIbRhqeq1cwlauoCKGtivvXjm/zvw= Subject key identifier: 80:C2:72:81:4D:FA:6E:90:80:AA:7B:95:7C:F9:64:D0:97:C0:A4:ED Authority key identifier: 3A:77:8B:82:BA:A9:78:8A:1A:CA:F2:EC:36:8B:61:98:1E:F5:1D:F2 Certificate issuer: /CN=3a778b82baa9788a1acaf2ec368b61981ef51df2 Certificate serial: 019C43C7006F547F5B0AC8E492C982921483 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OneLgrqpeIoayvLsNothmB71HfI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft Manifest number: 1816 Signing time: Mon 09 Feb 2026 19:00:41 +0000 Manifest this update: Mon 09 Feb 2026 19:00:41 +0000 Manifest next update: Tue 10 Feb 2026 19:00:41 +0000 Files and hashes: 1: OneLgrqpeIoayvLsNothmB71HfI.crl (hash: 72atwDGbTHr+Zo502RBp9oxuL5oJ/SQR4JFo1Z+Y3zE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.crl rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft rsync://rpki.ripe.net/repository/DEFAULT/OneLgrqpeIoayvLsNothmB71HfI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:c7:00:6f:54:7f:5b:0a:c8:e4:92:c9:82:92:14:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a778b82baa9788a1acaf2ec368b61981ef51df2 Validity Not Before: Feb 9 19:00:41 2026 GMT Not After : Feb 10 19:00:41 2026 GMT Subject: CN=80c272814dfa6e9080aa7b957cf964d097c0a4ed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:27:f4:06:91:dc:87:03:50:7e:9f:a4:73:54: 74:8a:9a:a9:a5:ee:37:f1:65:8f:0f:9c:2d:49:83: 09:75:17:d1:52:48:63:3c:e0:f3:f5:05:d3:fe:b1: 33:bc:16:ba:d3:72:4c:63:7b:69:ba:83:af:3b:7b: 87:92:14:54:0f:95:7d:99:56:44:49:1d:ff:d8:b3: af:2f:e7:df:20:c7:e7:3a:b4:ab:bf:be:98:51:08: b9:ef:80:93:d0:11:1a:ee:52:ff:48:a2:a9:e0:f3: af:7b:a7:fd:0e:ed:cc:4a:dd:e3:b9:29:01:83:3e: 60:a2:1e:94:ed:4a:e4:43:6d:36:3c:0a:97:63:63: f7:33:4c:f6:2c:21:bc:2b:0e:a9:b8:9d:37:af:e9: dd:9c:d3:d8:a5:28:ec:da:65:c9:5d:c3:0a:a7:0b: 31:87:d6:a1:c3:aa:f9:67:33:e0:59:4b:f1:f6:eb: 74:1b:ac:5d:ba:71:5e:86:18:a3:82:5c:a8:9f:75: 7e:03:7f:f0:fe:74:d6:db:d9:59:7e:0a:89:fc:0f: 73:35:11:94:2a:08:5d:d8:06:2b:b8:2d:b6:45:29: 64:a3:23:71:7f:23:10:95:d4:ed:f3:97:c6:bb:23: 8d:10:4e:93:49:9b:c9:13:1b:de:56:36:d9:62:a6: 25:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:C2:72:81:4D:FA:6E:90:80:AA:7B:95:7C:F9:64:D0:97:C0:A4:ED X509v3 Authority Key Identifier: keyid:3A:77:8B:82:BA:A9:78:8A:1A:CA:F2:EC:36:8B:61:98:1E:F5:1D:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OneLgrqpeIoayvLsNothmB71HfI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b2:ef:d9:ab:3c:02:4d:be:a6:ac:ad:7c:ce:d7:86:da:49:fc: 1f:52:b5:fa:84:f4:4d:0d:d8:d8:81:1c:1a:3f:37:c6:8b:20: e1:3a:fd:9e:8c:59:fd:10:63:7f:8b:70:fe:39:de:d4:40:18: 0d:38:c5:b5:93:1d:d8:0c:da:d6:47:f3:16:9f:79:86:59:88: ce:35:ce:63:90:ca:69:83:52:99:0b:47:a4:2a:2a:a9:86:82: 54:dd:33:b4:4e:55:99:48:ad:28:65:9f:ee:84:36:8a:e5:9b: 87:f9:f4:59:11:a1:e4:0d:d0:e4:a0:19:87:37:4c:59:e8:84: 89:7d:08:33:d8:24:9e:ff:0f:81:75:7f:67:40:71:dc:5e:9f: d3:8a:ad:7d:c2:3f:57:7f:14:8a:32:c3:75:23:62:57:76:56: c5:35:21:fa:12:7b:44:ba:7e:35:10:6c:87:ff:dd:65:35:4d: 24:6c:67:4b:03:5f:0c:d2:2e:29:8c:86:b7:4e:f4:29:20:14: a2:64:4d:29:cb:f5:10:7d:6c:8b:47:2f:a2:c9:96:b2:1b:c0: b5:e6:46:c2:24:82:98:91:96:08:ad:39:36:6f:40:4d:f0:c1: 21:7a:88:d6:ba:51:1b:cf:e5:36:d7:ca:41:0f:46:e5:ca:63: bd:d4:e7:fa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDxwBvVH9bCsjkksmCkhSDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhNzc4YjgyYmFhOTc4OGExYWNhZjJlYzM2OGI2MTk4MWVm NTFkZjIwHhcNMjYwMjA5MTkwMDQxWhcNMjYwMjEwMTkwMDQxWjAzMTEwLwYDVQQD Eyg4MGMyNzI4MTRkZmE2ZTkwODBhYTdiOTU3Y2Y5NjRkMDk3YzBhNGVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmif0BpHchwNQfp+kc1R0ipqppe43 8WWPD5wtSYMJdRfRUkhjPODz9QXT/rEzvBa603JMY3tpuoOvO3uHkhRUD5V9mVZE SR3/2LOvL+ffIMfnOrSrv76YUQi574CT0BEa7lL/SKKp4POve6f9Du3MSt3juSkB gz5goh6U7UrkQ202PAqXY2P3M0z2LCG8Kw6puJ03r+ndnNPYpSjs2mXJXcMKpwsx h9ahw6r5ZzPgWUvx9ut0G6xdunFehhijglyon3V+A3/w/nTW29lZfgqJ/A9zNRGU Kghd2AYruC22RSlkoyNxfyMQldTt85fGuyONEE6TSZvJExveVjbZYqYlyQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIDCcoFN+m6QgKp7lXz5ZNCXwKTtMB8GA1UdIwQY MBaAFDp3i4K6qXiKGsry7DaLYZge9R3yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT25lTGdycXBlSW9heXZMc05vdGhtQjcxSGZJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC80MDRjMDQtYTdmNS00Y2RmLThlOTct MThkMzNiZWI3YzMxLzEvT25lTGdycXBlSW9heXZMc05vdGhtQjcxSGZJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOC80MDRjMDQtYTdmNS00Y2RmLThlOTctMThkMzNiZWI3YzMx LzEvT25lTGdycXBlSW9heXZMc05vdGhtQjcxSGZJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsu/ZqzwC Tb6mrK18zteG2kn8H1K1+oT0TQ3Y2IEcGj83xosg4Tr9noxZ/RBjf4tw/jne1EAY DTjFtZMd2Aza1kfzFp95hlmIzjXOY5DKaYNSmQtHpCoqqYaCVN0ztE5VmUitKGWf 7oQ2iuWbh/n0WRGh5A3Q5KAZhzdMWeiEiX0IM9gknv8PgXV/Z0Bx3F6f04qtfcI/ V38UijLDdSNiV3ZWxTUh+hJ7RLp+NRBsh//dZTVNJGxnSwNfDNIuKYyGt070KSAU omRNKcv1EH1si0cvosmWshvAteZGwiSCmJGWCK05Nm9ATfDBIXqI1rpRG8/lNtfK QQ9G5cpjvdTn+g== -----END CERTIFICATE-----Generated at Mon Feb 9 20:53:32 2026 by rpki-client