This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/29c015-d747-4fc7-932b-df5cb9f0e3a4/1/CNHx-LQddPfYZrHlrf0Yr-ICcQg.mft File: CNHx-LQddPfYZrHlrf0Yr-ICcQg.mft (raw, json) Hash identifier: N2hi9VFhT0xQMJqQJQGu9iPWIL5e5/VQH+1YC/mQtiM= Subject key identifier: 2D:23:FD:1B:90:67:D2:CD:0A:D3:00:33:20:A5:FC:36:79:FF:4D:3A Authority key identifier: 08:D1:F1:F8:B4:1D:74:F7:D8:66:B1:E5:AD:FD:18:AF:E2:02:71:08 Certificate issuer: /CN=08d1f1f8b41d74f7d866b1e5adfd18afe2027108 Certificate serial: 019C42EB18340D897E8FBE573D479E31A3D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CNHx-LQddPfYZrHlrf0Yr-ICcQg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/29c015-d747-4fc7-932b-df5cb9f0e3a4/1/CNHx-LQddPfYZrHlrf0Yr-ICcQg.mft Manifest number: 1414 Signing time: Mon 09 Feb 2026 15:00:29 +0000 Manifest this update: Mon 09 Feb 2026 15:00:29 +0000 Manifest next update: Tue 10 Feb 2026 15:00:29 +0000 Files and hashes: 1: CNHx-LQddPfYZrHlrf0Yr-ICcQg.crl (hash: 0xuAjzaMFK9RjaIRZo6UISy+6RoA69BVGlG95EwDdoE=) 2: t_3KExq4t288IjtqVXAOQe_Eba8.roa (hash: ChTQhqA/DHUVGryflG/Am/U8Pp4mklmr4RiBocThAjs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/29c015-d747-4fc7-932b-df5cb9f0e3a4/1/CNHx-LQddPfYZrHlrf0Yr-ICcQg.crl rsync://rpki.ripe.net/repository/DEFAULT/e3/29c015-d747-4fc7-932b-df5cb9f0e3a4/1/CNHx-LQddPfYZrHlrf0Yr-ICcQg.mft rsync://rpki.ripe.net/repository/DEFAULT/CNHx-LQddPfYZrHlrf0Yr-ICcQg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:eb:18:34:0d:89:7e:8f:be:57:3d:47:9e:31:a3:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=08d1f1f8b41d74f7d866b1e5adfd18afe2027108 Validity Not Before: Feb 9 15:00:29 2026 GMT Not After : Feb 10 15:00:29 2026 GMT Subject: CN=2d23fd1b9067d2cd0ad3003320a5fc3679ff4d3a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:b8:14:43:b7:42:27:3e:8d:31:58:3e:aa:1f: 81:ce:dd:43:c5:5b:b6:2c:7f:71:36:72:69:8e:53: dd:df:4e:2d:d0:fb:b5:e3:9f:e3:11:c0:1f:df:84: 3e:34:3d:eb:5d:35:17:39:66:b1:1b:6e:5c:f2:22: a7:ee:69:8d:04:0b:d2:12:fc:08:9d:0c:77:e7:bc: 46:2c:55:a8:5d:7c:4b:a8:7b:9f:4f:59:4d:0c:00: 4d:79:c4:e4:9c:b9:1f:95:71:5b:0e:9f:b0:c6:04: de:fd:3e:2e:b8:8b:09:4a:d5:6b:d1:10:b7:91:a1: ef:13:10:f1:20:43:6d:02:4a:a0:59:a4:93:80:0d: c7:57:0a:a6:3b:b3:cd:f9:42:e8:a6:3f:30:cb:ed: 0a:c5:6e:34:00:91:ae:4e:76:af:8a:fa:d4:30:87: b1:d9:76:ae:ea:5d:3e:77:55:35:ea:3b:af:e1:8a: 5d:81:f9:12:8b:b8:fe:9b:81:44:6f:50:8f:a4:ce: cb:67:0e:58:30:0d:4a:6f:0b:74:c3:f0:78:c1:ef: 92:58:16:c4:d3:d9:d5:1c:93:37:ba:57:10:eb:f3: 32:46:95:54:e3:06:c6:9d:dd:f3:2e:80:fe:f2:58: 74:b4:8e:e4:95:79:69:5f:58:f3:47:eb:26:ca:80: 5f:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:23:FD:1B:90:67:D2:CD:0A:D3:00:33:20:A5:FC:36:79:FF:4D:3A X509v3 Authority Key Identifier: keyid:08:D1:F1:F8:B4:1D:74:F7:D8:66:B1:E5:AD:FD:18:AF:E2:02:71:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CNHx-LQddPfYZrHlrf0Yr-ICcQg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/29c015-d747-4fc7-932b-df5cb9f0e3a4/1/CNHx-LQddPfYZrHlrf0Yr-ICcQg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/29c015-d747-4fc7-932b-df5cb9f0e3a4/1/CNHx-LQddPfYZrHlrf0Yr-ICcQg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6e:e8:8b:7d:63:3a:e0:c9:78:d9:7a:c6:5f:48:60:76:0c:7f: 95:ed:b3:58:d6:0b:4d:52:26:fd:38:4e:c6:3a:bb:b1:26:9f: 94:f8:f9:e0:17:ce:b5:06:76:99:94:03:6f:5b:03:cb:85:8b: 8a:69:b0:06:ee:67:d6:b5:c0:e3:73:ae:31:30:5a:6a:6d:6b: 24:23:c6:41:35:ef:11:58:1e:16:5c:ac:61:98:95:06:b3:6a: cf:ac:ed:0e:b5:a7:e7:1e:b4:2d:df:63:25:40:99:be:96:63: 0d:ea:7f:41:a8:e4:37:f7:5b:7c:c7:a8:df:d8:16:90:76:ac: 5d:fd:e7:90:1e:8d:2d:77:49:67:4a:78:05:3a:74:52:01:e1: b7:8f:02:0a:33:ba:70:cd:a6:e3:df:35:b3:2a:a9:eb:1d:14: e4:d1:b6:c7:50:67:aa:86:02:0e:0a:20:c0:4d:9e:6a:2f:80: 6a:96:83:89:03:90:ab:8e:a8:58:1a:20:6d:26:b9:95:e7:21: 15:dd:f5:67:0e:92:00:35:52:c6:cf:90:ed:20:7c:4c:b5:2e: fa:36:de:14:26:d1:60:e3:22:da:b6:5d:fb:1a:11:e4:54:48: aa:7f:8d:90:7c:fd:9a:1c:08:7a:4c:ca:d0:7c:ed:a5:99:86: 57:40:76:c2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxC6xg0DYl+j75XPUeeMaPQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA4ZDFmMWY4YjQxZDc0ZjdkODY2YjFlNWFkZmQxOGFmZTIw MjcxMDgwHhcNMjYwMjA5MTUwMDI5WhcNMjYwMjEwMTUwMDI5WjAzMTEwLwYDVQQD EygyZDIzZmQxYjkwNjdkMmNkMGFkMzAwMzMyMGE1ZmMzNjc5ZmY0ZDNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbgUQ7dCJz6NMVg+qh+Bzt1DxVu2 LH9xNnJpjlPd304t0Pu145/jEcAf34Q+ND3rXTUXOWaxG25c8iKn7mmNBAvSEvwI nQx357xGLFWoXXxLqHufT1lNDABNecTknLkflXFbDp+wxgTe/T4uuIsJStVr0RC3 kaHvExDxIENtAkqgWaSTgA3HVwqmO7PN+ULopj8wy+0KxW40AJGuTnavivrUMIex 2Xau6l0+d1U16juv4YpdgfkSi7j+m4FEb1CPpM7LZw5YMA1Kbwt0w/B4we+SWBbE 09nVHJM3ulcQ6/MyRpVU4wbGnd3zLoD+8lh0tI7klXlpX1jzR+smyoBfIQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC0j/RuQZ9LNCtMAMyCl/DZ5/006MB8GA1UdIwQY MBaAFAjR8fi0HXT32Gax5a39GK/iAnEIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ05IeC1MUWRkUGZZWnJIbHJmMFlyLUlDY1FnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8yOWMwMTUtZDc0Ny00ZmM3LTkzMmIt ZGY1Y2I5ZjBlM2E0LzEvQ05IeC1MUWRkUGZZWnJIbHJmMFlyLUlDY1FnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMy8yOWMwMTUtZDc0Ny00ZmM3LTkzMmItZGY1Y2I5ZjBlM2E0 LzEvQ05IeC1MUWRkUGZZWnJIbHJmMFlyLUlDY1FnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbuiLfWM6 4Ml42XrGX0hgdgx/le2zWNYLTVIm/ThOxjq7sSaflPj54BfOtQZ2mZQDb1sDy4WL immwBu5n1rXA43OuMTBaam1rJCPGQTXvEVgeFlysYZiVBrNqz6ztDrWn5x60Ld9j JUCZvpZjDep/QajkN/dbfMeo39gWkHasXf3nkB6NLXdJZ0p4BTp0UgHht48CCjO6 cM2m4981syqp6x0U5NG2x1BnqoYCDgogwE2eai+AapaDiQOQq46oWBogbSa5lech Fd31Zw6SADVSxs+Q7SB8TLUu+jbeFCbRYOMi2rZd+xoR5FRIqn+NkHz9mhwIekzK 0HztpZmGV0B2wg== -----END CERTIFICATE-----Generated at Mon Feb 9 22:41:21 2026 by rpki-client