This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft File: 3dStS_QUF7o4OE1lvC0HwPaFCeE.mft (raw, json) Hash identifier: Lfbz+H+hgGC0dAYwdqTzECyJnYYddVHHWXgNeBtfago= Subject key identifier: 19:CB:B0:2F:2C:61:F9:73:45:04:E2:C9:79:9C:1F:9F:E3:91:EA:3F Authority key identifier: DD:D4:AD:4B:F4:14:17:BA:38:38:4D:65:BC:2D:07:C0:F6:85:09:E1 Certificate issuer: /CN=ddd4ad4bf41417ba38384d65bc2d07c0f68509e1 Certificate serial: 019C43901B8D3791E19E70AD081A85D81B9F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3dStS_QUF7o4OE1lvC0HwPaFCeE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft Manifest number: 17A1 Signing time: Mon 09 Feb 2026 18:00:43 +0000 Manifest this update: Mon 09 Feb 2026 18:00:43 +0000 Manifest next update: Tue 10 Feb 2026 18:00:43 +0000 Files and hashes: 1: 3dStS_QUF7o4OE1lvC0HwPaFCeE.crl (hash: rd2zXoxXe88iWib3cVfI9ZTlTyILyQktt837b4at2Ag=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft rsync://rpki.ripe.net/repository/DEFAULT/3dStS_QUF7o4OE1lvC0HwPaFCeE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:90:1b:8d:37:91:e1:9e:70:ad:08:1a:85:d8:1b:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ddd4ad4bf41417ba38384d65bc2d07c0f68509e1 Validity Not Before: Feb 9 18:00:43 2026 GMT Not After : Feb 10 18:00:43 2026 GMT Subject: CN=19cbb02f2c61f9734504e2c9799c1f9fe391ea3f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:0b:73:41:64:a3:bd:71:d1:2b:7d:26:43:82: b3:fd:a5:89:8f:6d:b5:f9:99:6a:89:67:2d:9b:f3: c2:5d:4c:51:6b:d1:4b:04:bf:03:9c:59:69:ae:2d: 39:9c:7d:7f:43:9d:b0:3f:bf:4b:d7:c9:34:b8:16: 43:ec:36:77:d9:0a:ca:c5:96:27:09:f7:d0:44:b0: 20:7e:1b:4c:2e:cf:0e:53:d9:c0:7e:b8:88:a5:d5: 09:92:05:3d:13:07:fe:12:8e:1b:44:06:4d:3b:08: c9:ac:8f:dc:03:c9:86:84:40:82:62:0c:88:2a:02: ab:58:1f:02:58:ec:38:4e:6e:98:a0:45:13:21:08: 5c:55:d5:c1:cf:7b:1b:8e:47:d1:fe:0e:7c:62:68: 0a:55:29:04:cc:09:07:29:73:6f:6c:72:a3:ea:49: f4:df:c0:db:1d:e3:02:63:4c:fc:6c:12:43:b2:1e: 50:27:3c:01:82:2a:5c:d3:ad:2f:9c:83:d0:24:02: 34:b5:30:55:cf:ef:51:08:34:34:fa:20:25:6d:83: b1:b6:84:27:3d:3b:12:1f:60:16:3e:df:0c:6b:99: fa:38:69:85:44:c4:dd:a3:85:14:70:fe:ad:6d:06: 7b:35:9c:7f:30:0a:83:c1:aa:cc:6b:6f:88:99:b1: b1:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:CB:B0:2F:2C:61:F9:73:45:04:E2:C9:79:9C:1F:9F:E3:91:EA:3F X509v3 Authority Key Identifier: keyid:DD:D4:AD:4B:F4:14:17:BA:38:38:4D:65:BC:2D:07:C0:F6:85:09:E1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3dStS_QUF7o4OE1lvC0HwPaFCeE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8a:b4:6e:57:7e:ea:b3:5a:4e:97:61:87:82:df:18:4c:0c:af: 9e:44:d6:bf:5b:a4:df:a1:46:d2:94:1a:f2:8b:53:92:53:b8: 3a:43:58:59:32:9a:12:f2:ba:14:70:e6:a6:ce:b1:7e:46:4d: 27:9d:7e:4d:d3:28:c1:17:56:de:63:8d:4e:f0:e6:74:ed:62: 7a:89:05:09:83:c6:3d:b5:c2:b6:08:03:32:0b:c9:bb:44:29: b3:95:10:65:af:ac:d4:b7:5a:75:66:65:21:67:31:45:c4:9f: 41:4a:be:37:7c:48:a5:1d:f2:5f:30:65:47:b3:4b:45:08:a7: 74:6a:9b:9e:e2:a9:76:ad:f6:1e:f3:f3:92:f0:3a:c8:a9:60: 26:da:c7:92:ce:4d:98:ed:ef:5d:7a:97:05:66:e6:7e:43:01: f7:b1:a4:97:dd:5b:42:59:6b:e8:f7:d4:3f:5c:4c:6c:2d:9b: 5d:61:81:d8:48:83:d0:73:49:5c:83:12:80:df:2f:6e:93:57: 5d:d1:c3:8f:90:38:90:55:9d:4d:40:5c:c9:c9:68:d6:d3:3a: 27:99:49:32:77:58:3c:01:2e:3c:7e:8b:98:e1:3a:46:78:88: 31:8d:8c:0a:dd:90:8b:3b:65:fd:37:c8:5f:d3:20:c9:74:a8: a9:3d:b2:40 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDkBuNN5HhnnCtCBqF2BufMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkZDRhZDRiZjQxNDE3YmEzODM4NGQ2NWJjMmQwN2MwZjY4 NTA5ZTEwHhcNMjYwMjA5MTgwMDQzWhcNMjYwMjEwMTgwMDQzWjAzMTEwLwYDVQQD EygxOWNiYjAyZjJjNjFmOTczNDUwNGUyYzk3OTljMWY5ZmUzOTFlYTNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwtzQWSjvXHRK30mQ4Kz/aWJj221 +ZlqiWctm/PCXUxRa9FLBL8DnFlpri05nH1/Q52wP79L18k0uBZD7DZ32QrKxZYn CffQRLAgfhtMLs8OU9nAfriIpdUJkgU9Ewf+Eo4bRAZNOwjJrI/cA8mGhECCYgyI KgKrWB8CWOw4Tm6YoEUTIQhcVdXBz3sbjkfR/g58YmgKVSkEzAkHKXNvbHKj6kn0 38DbHeMCY0z8bBJDsh5QJzwBgipc060vnIPQJAI0tTBVz+9RCDQ0+iAlbYOxtoQn PTsSH2AWPt8Ma5n6OGmFRMTdo4UUcP6tbQZ7NZx/MAqDwarMa2+ImbGx3QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBnLsC8sYflzRQTiyXmcH5/jkeo/MB8GA1UdIwQY MBaAFN3UrUv0FBe6ODhNZbwtB8D2hQnhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM2RTdFNfUVVGN280T0UxbHZDMEh3UGFGQ2VFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8wOTQ5NjktMTNlZC00YzE0LTg1NzUt N2JjOGMyMGEyMzVhLzEvM2RTdFNfUVVGN280T0UxbHZDMEh3UGFGQ2VFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC8wOTQ5NjktMTNlZC00YzE0LTg1NzUtN2JjOGMyMGEyMzVh LzEvM2RTdFNfUVVGN280T0UxbHZDMEh3UGFGQ2VFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAirRuV37q s1pOl2GHgt8YTAyvnkTWv1uk36FG0pQa8otTklO4OkNYWTKaEvK6FHDmps6xfkZN J51+TdMowRdW3mONTvDmdO1ieokFCYPGPbXCtggDMgvJu0Qps5UQZa+s1LdadWZl IWcxRcSfQUq+N3xIpR3yXzBlR7NLRQindGqbnuKpdq32HvPzkvA6yKlgJtrHks5N mO3vXXqXBWbmfkMB97Gkl91bQllr6PfUP1xMbC2bXWGB2EiD0HNJXIMSgN8vbpNX XdHDj5A4kFWdTUBcyclo1tM6J5lJMndYPAEuPH6LmOE6RniIMY2MCt2Qiztl/TfI X9MgyXSoqT2yQA== -----END CERTIFICATE-----Generated at Mon Feb 9 19:59:38 2026 by rpki-client