This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft File: OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft (raw, json) Hash identifier: n+pCPIhy55HGj+wbBUWwsUOj6VeEF/J6pi8r0SduvBY= Subject key identifier: C7:B4:3D:23:4C:ED:F1:78:E8:C0:49:A9:CA:0F:F7:BB:0E:31:BA:66 Authority key identifier: 3A:74:E0:7C:2D:EF:CA:14:BF:2D:6C:7A:15:D5:A9:33:0D:09:37:48 Certificate issuer: /CN=3a74e07c2defca14bf2d6c7a15d5a9330d093748 Certificate serial: 019C43FE11FFE67F3DA00C0B6A352C909789 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft Manifest number: 078C Signing time: Mon 09 Feb 2026 20:00:49 +0000 Manifest this update: Mon 09 Feb 2026 20:00:49 +0000 Manifest next update: Tue 10 Feb 2026 20:00:49 +0000 Files and hashes: 1: OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl (hash: oJeB9EbY3Ry+XpKxHnMa73RWAH+RCOLIqrCagUL60tQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 20:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:fe:11:ff:e6:7f:3d:a0:0c:0b:6a:35:2c:90:97:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a74e07c2defca14bf2d6c7a15d5a9330d093748 Validity Not Before: Feb 9 20:00:49 2026 GMT Not After : Feb 10 20:00:49 2026 GMT Subject: CN=c7b43d234cedf178e8c049a9ca0ff7bb0e31ba66 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:c4:0c:c6:ce:e5:a1:b2:c2:85:5e:3d:ce:af: 96:ef:8b:b0:f1:88:94:15:af:e0:97:23:e9:32:16: 39:87:67:08:a6:1a:15:6c:c3:01:97:c0:66:5e:a3: 09:6a:f8:6a:cd:67:0c:56:c2:05:7f:da:c0:9f:8f: 23:6d:33:b8:98:40:e2:7b:e2:1b:4b:70:11:e2:33: f3:c3:ed:1d:05:0c:ba:40:f5:2f:3e:dc:80:2d:4e: 6d:ef:74:31:86:55:70:34:c8:9e:78:31:41:f2:eb: da:80:a4:fb:7f:e8:cd:b6:93:1c:bf:c7:57:da:b2: 52:f1:9a:2c:69:17:f3:44:bd:be:d0:f8:b6:3b:ba: dc:51:f3:f4:13:b5:d9:89:11:28:e1:75:7c:0b:70: 1a:a6:f3:59:05:64:23:f1:06:e1:69:fe:c9:fc:29: 7b:d8:6a:e0:e7:cd:3a:e5:0d:d3:46:bd:db:54:d1: 28:29:e6:5a:c0:63:a5:fb:e9:d5:01:9d:76:cd:ba: 3d:5b:9a:29:eb:85:8d:5d:a5:a0:90:3f:f3:33:7a: 7f:89:62:91:0c:55:f9:1e:e6:a3:b4:32:5d:da:30: 39:80:89:1e:4e:98:8d:8c:15:a1:fc:af:d5:35:89: 73:e4:b4:36:df:ab:36:85:d7:c0:c6:ac:42:c5:f1: 45:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:B4:3D:23:4C:ED:F1:78:E8:C0:49:A9:CA:0F:F7:BB:0E:31:BA:66 X509v3 Authority Key Identifier: keyid:3A:74:E0:7C:2D:EF:CA:14:BF:2D:6C:7A:15:D5:A9:33:0D:09:37:48 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 77:30:71:a4:4a:5b:e6:32:56:e1:12:26:dd:d8:6a:17:3f:42: e7:df:a8:53:8c:30:33:98:bd:1e:1b:ac:48:74:b5:4e:ea:05: 9d:60:4b:40:f2:92:28:54:9b:57:43:83:6e:e5:02:e7:c7:56: 58:63:ab:b7:7f:6c:8b:43:35:b0:e2:ee:7e:2a:07:68:c6:4e: 15:7e:a7:2a:fa:4b:ae:3e:75:b3:8d:cf:5b:3e:bd:39:51:25: ec:a0:4f:92:2a:38:b6:88:ee:46:93:a7:ee:83:2e:fa:39:a3: 60:07:ab:ce:b6:36:5b:21:e3:b5:5f:83:82:a1:65:c8:cb:82: 92:44:06:1f:02:93:e0:c4:d8:a4:18:6f:a7:ee:b7:a1:93:fc: 9c:ae:12:b7:7c:99:e7:8b:37:33:ea:ef:9c:e1:81:64:bb:fc: 71:0e:aa:1c:b1:e6:02:07:1a:aa:71:aa:60:ab:b3:4a:95:dc: 09:ad:d2:2d:33:78:7b:10:51:a6:8d:12:03:b0:ea:47:2b:a6: a0:f3:30:80:d8:b0:af:70:0e:d5:9e:07:56:16:76:4b:7b:49: 80:99:6f:94:cf:ca:ee:8d:ff:3d:33:41:bf:77:2f:48:b1:2c: 8e:73:16:34:47:ed:80:da:0e:92:72:29:58:22:03:2a:5c:72: ec:b3:c3:9d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxD/hH/5n89oAwLajUskJeJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhNzRlMDdjMmRlZmNhMTRiZjJkNmM3YTE1ZDVhOTMzMGQw OTM3NDgwHhcNMjYwMjA5MjAwMDQ5WhcNMjYwMjEwMjAwMDQ5WjAzMTEwLwYDVQQD EyhjN2I0M2QyMzRjZWRmMTc4ZThjMDQ5YTljYTBmZjdiYjBlMzFiYTY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwcQMxs7lobLChV49zq+W74uw8YiU Fa/glyPpMhY5h2cIphoVbMMBl8BmXqMJavhqzWcMVsIFf9rAn48jbTO4mEDie+Ib S3AR4jPzw+0dBQy6QPUvPtyALU5t73QxhlVwNMieeDFB8uvagKT7f+jNtpMcv8dX 2rJS8ZosaRfzRL2+0Pi2O7rcUfP0E7XZiREo4XV8C3AapvNZBWQj8Qbhaf7J/Cl7 2Grg58065Q3TRr3bVNEoKeZawGOl++nVAZ12zbo9W5op64WNXaWgkD/zM3p/iWKR DFX5HuajtDJd2jA5gIkeTpiNjBWh/K/VNYlz5LQ236s2hdfAxqxCxfFF3QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMe0PSNM7fF46MBJqcoP97sOMbpmMB8GA1UdIwQY MBaAFDp04Hwt78oUvy1sehXVqTMNCTdIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi82NTg3ZDgtNTg5OC00NWE0LWE1ZTMt ZDY0MmU0YjA4MWJkLzEvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZi82NTg3ZDgtNTg5OC00NWE0LWE1ZTMtZDY0MmU0YjA4MWJk LzEvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdzBxpEpb 5jJW4RIm3dhqFz9C59+oU4wwM5i9HhusSHS1TuoFnWBLQPKSKFSbV0ODbuUC58dW WGOrt39si0M1sOLufioHaMZOFX6nKvpLrj51s43PWz69OVEl7KBPkio4tojuRpOn 7oMu+jmjYAerzrY2WyHjtV+DgqFlyMuCkkQGHwKT4MTYpBhvp+63oZP8nK4St3yZ 54s3M+rvnOGBZLv8cQ6qHLHmAgcaqnGqYKuzSpXcCa3SLTN4exBRpo0SA7DqRyum oPMwgNiwr3AO1Z4HVhZ2S3tJgJlvlM/K7o3/PTNBv3cvSLEsjnMWNEftgNoOknIp WCIDKlxy7LPDnQ== -----END CERTIFICATE-----Generated at Tue Feb 10 01:35:56 2026 by rpki-client