This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft File: itMkK15lo9DZHGsZ60CRlZskMUg.mft (raw, json) Hash identifier: P8h3562cR+Ns7JmOYOoLTf1Z88iLGvJHMlXHf1BGH5s= Subject key identifier: 86:D7:FE:9E:00:30:E6:0E:0B:19:41:DF:70:4C:DB:89:50:C1:03:1C Authority key identifier: 8A:D3:24:2B:5E:65:A3:D0:D9:1C:6B:19:EB:40:91:95:9B:24:31:48 Certificate issuer: /CN=8ad3242b5e65a3d0d91c6b19eb4091959b243148 Certificate serial: 019C4321DA2E055CFB944A8D078571AB40F4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/itMkK15lo9DZHGsZ60CRlZskMUg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft Manifest number: 051C Signing time: Mon 09 Feb 2026 16:00:17 +0000 Manifest this update: Mon 09 Feb 2026 16:00:17 +0000 Manifest next update: Tue 10 Feb 2026 16:00:17 +0000 Files and hashes: 1: itMkK15lo9DZHGsZ60CRlZskMUg.crl (hash: 7Mtvn/FX17tm8wZphT+tbV9AtiLhTzGYtpuiF3DGr3A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.crl rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft rsync://rpki.ripe.net/repository/DEFAULT/itMkK15lo9DZHGsZ60CRlZskMUg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:21:da:2e:05:5c:fb:94:4a:8d:07:85:71:ab:40:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8ad3242b5e65a3d0d91c6b19eb4091959b243148 Validity Not Before: Feb 9 16:00:17 2026 GMT Not After : Feb 10 16:00:17 2026 GMT Subject: CN=86d7fe9e0030e60e0b1941df704cdb8950c1031c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:c9:20:75:1d:e9:e3:4b:b2:63:e0:6b:b9:53: ce:74:f7:06:cf:0c:83:40:fc:8d:49:e5:50:22:5e: 4a:e8:f7:66:a5:80:c9:c4:58:c2:23:a2:a4:c0:16: 4c:1c:04:ad:56:f8:c9:43:19:84:bb:96:26:a9:21: 6b:1f:8b:8d:5e:50:ab:de:45:c9:dc:3c:67:3b:00: b5:c5:c7:7c:49:03:a2:3c:26:08:8f:c9:9a:cb:d4: 52:b5:27:8a:b3:dd:f9:da:81:a8:d9:91:c9:3b:55: 7d:57:39:f5:d9:79:32:45:26:c6:21:e6:5d:f8:ea: 6e:16:a8:db:a0:f5:40:3f:b9:de:0d:15:f9:39:8a: 55:01:eb:cb:bc:c2:4f:79:1b:c2:81:5e:ff:5c:fe: 3a:2e:3a:62:11:bc:69:20:18:fe:99:8f:94:2d:34: e9:76:fc:19:5f:15:fe:99:71:5f:27:f8:6b:20:3a: 2b:9f:5a:6d:c0:34:82:98:18:ca:dc:42:45:57:7e: c9:09:78:ee:3f:4f:18:a4:fd:99:60:2d:ec:59:f3: 71:f7:75:c4:77:3b:30:cf:9d:af:d0:b2:38:f8:3d: 36:ee:cd:23:0a:27:9f:d4:4b:b5:19:94:e7:79:d0: 5d:2c:84:25:f9:9a:91:9a:46:e2:d6:b0:57:96:a3: 84:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:D7:FE:9E:00:30:E6:0E:0B:19:41:DF:70:4C:DB:89:50:C1:03:1C X509v3 Authority Key Identifier: keyid:8A:D3:24:2B:5E:65:A3:D0:D9:1C:6B:19:EB:40:91:95:9B:24:31:48 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itMkK15lo9DZHGsZ60CRlZskMUg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 45:21:7e:83:32:ea:b2:33:d4:b2:a7:2f:1f:b9:a0:52:52:b4: 5e:0e:03:4b:27:31:92:8b:19:0c:1e:b7:18:a5:12:8e:06:41: da:5c:e7:b2:65:0c:62:96:9a:51:0d:0d:84:eb:9f:8c:ad:8c: c1:f8:27:94:f5:fc:16:5c:fc:32:0b:3b:83:f8:57:da:55:41: 19:9d:f3:7e:76:7d:ef:13:00:63:ba:be:6b:ce:f0:73:cf:a9: a4:89:60:ac:61:37:45:2c:d1:19:ca:87:87:22:33:84:77:92: 6e:c9:44:80:9a:58:89:e8:09:48:39:12:45:17:2a:22:30:2a: 99:e0:2c:10:e5:0e:1f:e1:dc:61:21:bc:77:74:e0:86:7c:a8: 6f:82:13:45:3e:f5:2b:5d:a0:75:d9:2d:02:55:22:19:0b:fa: 74:03:54:db:51:b4:ea:d9:f2:d6:89:3b:8f:c0:c7:f5:24:87: a4:8c:d3:60:26:72:1c:e8:3f:b9:e2:ad:a2:0f:74:71:76:4f: 66:ab:95:a2:1f:b2:c5:ed:f2:b6:54:ea:c4:aa:7c:7a:a2:d0: d1:74:cf:78:71:cb:ec:73:5f:68:09:9b:66:94:37:09:63:cf: e2:d3:95:3c:b2:51:72:ab:f9:db:33:8c:f9:68:c7:59:4c:f6: fd:15:77:53 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDIdouBVz7lEqNB4Vxq0D0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhhZDMyNDJiNWU2NWEzZDBkOTFjNmIxOWViNDA5MTk1OWIy NDMxNDgwHhcNMjYwMjA5MTYwMDE3WhcNMjYwMjEwMTYwMDE3WjAzMTEwLwYDVQQD Eyg4NmQ3ZmU5ZTAwMzBlNjBlMGIxOTQxZGY3MDRjZGI4OTUwYzEwMzFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMkgdR3p40uyY+BruVPOdPcGzwyD QPyNSeVQIl5K6PdmpYDJxFjCI6KkwBZMHAStVvjJQxmEu5YmqSFrH4uNXlCr3kXJ 3DxnOwC1xcd8SQOiPCYIj8may9RStSeKs9352oGo2ZHJO1V9Vzn12XkyRSbGIeZd +OpuFqjboPVAP7neDRX5OYpVAevLvMJPeRvCgV7/XP46LjpiEbxpIBj+mY+ULTTp dvwZXxX+mXFfJ/hrIDorn1ptwDSCmBjK3EJFV37JCXjuP08YpP2ZYC3sWfNx93XE dzswz52v0LI4+D027s0jCief1Eu1GZTnedBdLIQl+ZqRmkbi1rBXlqOEJQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIbX/p4AMOYOCxlB33BM24lQwQMcMB8GA1UdIwQY MBaAFIrTJCteZaPQ2RxrGetAkZWbJDFIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaXRNa0sxNWxvOURaSEdzWjYwQ1JsWnNrTVVnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9kN2RlMTAtNWRjMC00ZDg5LTlhNjgt ZjcwNGIxZjUzYWNlLzEvaXRNa0sxNWxvOURaSEdzWjYwQ1JsWnNrTVVnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNy9kN2RlMTAtNWRjMC00ZDg5LTlhNjgtZjcwNGIxZjUzYWNl LzEvaXRNa0sxNWxvOURaSEdzWjYwQ1JsWnNrTVVnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARSF+gzLq sjPUsqcvH7mgUlK0Xg4DSycxkosZDB63GKUSjgZB2lznsmUMYpaaUQ0NhOufjK2M wfgnlPX8Flz8Mgs7g/hX2lVBGZ3zfnZ97xMAY7q+a87wc8+ppIlgrGE3RSzRGcqH hyIzhHeSbslEgJpYiegJSDkSRRcqIjAqmeAsEOUOH+HcYSG8d3Tghnyob4ITRT71 K12gddktAlUiGQv6dANU21G06tny1ok7j8DH9SSHpIzTYCZyHOg/ueKtog90cXZP ZquVoh+yxe3ytlTqxKp8eqLQ0XTPeHHL7HNfaAmbZpQ3CWPP4tOVPLJRcqv52zOM +WjHWUz2/RV3Uw== -----END CERTIFICATE-----Generated at Mon Feb 9 21:09:15 2026 by rpki-client