This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft File: NkITiw7v_lajLMuqWNb_5u3D8p4.mft (raw, json) Hash identifier: ufvZdMBlYry2M2D3r0LGjnpJ1v5V/AGv++7qskLzJRE= Subject key identifier: D4:72:6B:E9:5D:54:6E:BD:C5:E9:BE:C4:F8:EB:85:99:16:8A:69:5E Authority key identifier: 36:42:13:8B:0E:EF:FE:56:A3:2C:CB:AA:58:D6:FF:E6:ED:C3:F2:9E Certificate issuer: /CN=3642138b0eeffe56a32ccbaa58d6ffe6edc3f29e Certificate serial: 019C4134054420A3FA35EFDE371C320D0932 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NkITiw7v_lajLMuqWNb_5u3D8p4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft Manifest number: 0713 Signing time: Mon 09 Feb 2026 07:00:53 +0000 Manifest this update: Mon 09 Feb 2026 07:00:53 +0000 Manifest next update: Tue 10 Feb 2026 07:00:53 +0000 Files and hashes: 1: NkITiw7v_lajLMuqWNb_5u3D8p4.crl (hash: 7JhDet2IJM/SEDM1JXRLQRUXnqj7/c0pgPxUQ38XLuQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.crl rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft rsync://rpki.ripe.net/repository/DEFAULT/NkITiw7v_lajLMuqWNb_5u3D8p4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 07:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:41:34:05:44:20:a3:fa:35:ef:de:37:1c:32:0d:09:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3642138b0eeffe56a32ccbaa58d6ffe6edc3f29e Validity Not Before: Feb 9 07:00:53 2026 GMT Not After : Feb 10 07:00:53 2026 GMT Subject: CN=d4726be95d546ebdc5e9bec4f8eb8599168a695e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:5d:0c:1e:31:d3:ef:c7:7e:f4:df:81:8b:b9: 8e:45:82:20:58:70:2b:f4:cf:23:1a:90:d6:44:2c: e0:e1:43:2b:80:d3:0c:5d:81:2e:39:5b:d6:28:c6: 10:2f:d8:91:a3:71:3a:82:c5:f5:f4:c5:70:e2:76: df:c5:9b:1f:ae:6e:b9:a4:0a:d6:26:e7:a7:8b:58: e8:d4:09:cf:d8:e6:da:a0:a3:5b:e5:3b:9b:55:a1: 47:36:fb:da:79:5b:72:02:70:04:37:11:f6:a9:32: 7b:d0:7f:a1:ea:ae:fd:ee:16:7d:29:73:d8:17:c7: 0c:25:c0:40:3e:84:a8:b5:09:0b:de:11:70:3f:3e: 0b:be:d0:47:52:72:6a:0b:0e:fe:5a:7d:91:5d:b1: 43:b6:b5:50:46:0d:3e:0b:a7:16:11:c8:0c:41:73: 3c:1b:6b:6a:df:0e:e8:29:51:06:75:7c:c4:93:a7: e7:d9:a6:66:b1:87:54:29:c1:71:4f:f3:19:f2:9a: 45:f7:7c:8b:5d:65:c0:62:96:5f:3b:db:76:a2:78: 79:86:2f:e1:02:03:69:a5:97:95:2d:eb:04:2b:0f: 3e:62:b4:8e:7d:89:de:b0:76:3d:1f:a6:94:d1:e8: 8d:67:63:15:b6:81:39:7f:d2:4b:93:1e:01:fe:35: bc:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:72:6B:E9:5D:54:6E:BD:C5:E9:BE:C4:F8:EB:85:99:16:8A:69:5E X509v3 Authority Key Identifier: keyid:36:42:13:8B:0E:EF:FE:56:A3:2C:CB:AA:58:D6:FF:E6:ED:C3:F2:9E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NkITiw7v_lajLMuqWNb_5u3D8p4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0a:9b:08:48:df:be:72:a4:ba:25:50:bc:29:b7:22:d8:df:3c: fc:82:b5:9b:75:58:98:10:5e:26:8c:3d:17:43:fa:ed:bc:35: 79:4e:40:81:bb:8f:96:c9:90:1a:3c:91:bf:07:aa:c5:39:c9: 63:e1:b5:49:e9:75:34:44:98:69:31:d3:db:d8:6d:75:96:d3: 61:a8:66:2e:70:5d:74:44:81:8f:1b:40:62:c8:9a:21:46:a0: 80:c2:61:87:cf:8e:3c:21:10:3b:f5:f6:8b:4b:fa:70:c1:c0: 5f:cf:4c:fa:89:1e:0e:f2:79:42:ed:8f:a5:85:f3:d3:c6:32: bd:4b:cb:89:b3:41:54:90:98:b0:5b:85:65:4f:38:ff:13:4c: bd:f7:bc:4a:a6:ac:e9:7e:2a:cb:15:51:24:b4:22:6b:90:c0: 08:c2:0b:9a:25:4c:64:34:84:fb:7c:41:13:1e:e1:9d:8c:96: e9:f7:01:8c:48:9d:31:43:4e:66:b7:16:6b:55:28:be:a6:9c: 14:ad:a7:ee:e9:0d:5c:41:c1:e5:9d:71:f9:10:73:08:44:45: 1e:33:59:7f:db:e8:c6:76:82:61:e4:92:2a:44:e8:43:8e:4c: 14:22:2e:3b:59:72:ad:da:cb:92:a2:7b:40:04:9f:b6:fb:1d: ec:31:96:54 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxBNAVEIKP6Ne/eNxwyDQkyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2NDIxMzhiMGVlZmZlNTZhMzJjY2JhYTU4ZDZmZmU2ZWRj M2YyOWUwHhcNMjYwMjA5MDcwMDUzWhcNMjYwMjEwMDcwMDUzWjAzMTEwLwYDVQQD EyhkNDcyNmJlOTVkNTQ2ZWJkYzVlOWJlYzRmOGViODU5OTE2OGE2OTVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxl0MHjHT78d+9N+Bi7mORYIgWHAr 9M8jGpDWRCzg4UMrgNMMXYEuOVvWKMYQL9iRo3E6gsX19MVw4nbfxZsfrm65pArW Jueni1jo1AnP2ObaoKNb5TubVaFHNvvaeVtyAnAENxH2qTJ70H+h6q797hZ9KXPY F8cMJcBAPoSotQkL3hFwPz4LvtBHUnJqCw7+Wn2RXbFDtrVQRg0+C6cWEcgMQXM8 G2tq3w7oKVEGdXzEk6fn2aZmsYdUKcFxT/MZ8ppF93yLXWXAYpZfO9t2onh5hi/h AgNppZeVLesEKw8+YrSOfYnesHY9H6aU0eiNZ2MVtoE5f9JLkx4B/jW8/QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNRya+ldVG69xem+xPjrhZkWimleMB8GA1UdIwQY MBaAFDZCE4sO7/5WoyzLqljW/+btw/KeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTmtJVGl3N3ZfbGFqTE11cVdOYl81dTNEOHA0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS80YjVjZjEtNDMyMC00NGMyLTkzNTgt ZTA3Zjk1OTM1NmExLzEvTmtJVGl3N3ZfbGFqTE11cVdOYl81dTNEOHA0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOS80YjVjZjEtNDMyMC00NGMyLTkzNTgtZTA3Zjk1OTM1NmEx LzEvTmtJVGl3N3ZfbGFqTE11cVdOYl81dTNEOHA0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACpsISN++ cqS6JVC8Kbci2N88/IK1m3VYmBBeJow9F0P67bw1eU5AgbuPlsmQGjyRvweqxTnJ Y+G1Sel1NESYaTHT29htdZbTYahmLnBddESBjxtAYsiaIUaggMJhh8+OPCEQO/X2 i0v6cMHAX89M+okeDvJ5Qu2PpYXz08YyvUvLibNBVJCYsFuFZU84/xNMvfe8Sqas 6X4qyxVRJLQia5DACMILmiVMZDSE+3xBEx7hnYyW6fcBjEidMUNOZrcWa1Uovqac FK2n7ukNXEHB5Z1x+RBzCERFHjNZf9voxnaCYeSSKkToQ45MFCIuO1lyrdrLkqJ7 QASftvsd7DGWVA== -----END CERTIFICATE-----Generated at Mon Feb 9 16:54:48 2026 by rpki-client