This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft File: XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft (raw, json) Hash identifier: OzJSqR6L20DWN5qvqJt3XiInYdzK6dTnvhCHWyXupuM= Subject key identifier: BB:6C:58:BA:50:F0:0D:63:DD:DA:F4:B9:A0:51:99:2E:51:75:06:AC Authority key identifier: 5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D Certificate issuer: /CN=5cdf301ac01526d08cdec242cc5a140141fb153d Certificate serial: 019C42B47D47D2A7224D7ABFC367017ACDF7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft Manifest number: 0434 Signing time: Mon 09 Feb 2026 14:00:50 +0000 Manifest this update: Mon 09 Feb 2026 14:00:50 +0000 Manifest next update: Tue 10 Feb 2026 14:00:50 +0000 Files and hashes: 1: XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl (hash: bbpxB7bYFOdaKr4ORzwl/Bfm4Er3ShmOH8YtnSNl2TU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:b4:7d:47:d2:a7:22:4d:7a:bf:c3:67:01:7a:cd:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5cdf301ac01526d08cdec242cc5a140141fb153d Validity Not Before: Feb 9 14:00:50 2026 GMT Not After : Feb 10 14:00:50 2026 GMT Subject: CN=bb6c58ba50f00d63dddaf4b9a051992e517506ac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:4f:cd:d0:0a:99:c3:e4:86:da:40:7a:19:24: 40:13:bb:70:2c:3c:3a:52:f6:0f:dd:c9:53:aa:cf: 02:03:85:44:99:c8:48:10:5c:aa:98:6d:f6:1a:55: 41:ad:a0:91:a3:29:f4:f9:0d:74:96:f8:e8:22:42: 27:02:69:66:83:a9:37:68:0d:e3:0c:9c:dd:1f:78: 17:05:74:ba:c2:74:90:6b:cb:56:be:67:93:10:b9: da:6d:7b:f0:f3:35:ec:27:85:f3:a3:b6:62:9f:aa: c5:d6:47:7f:0d:73:a5:54:67:06:46:bf:78:d2:c7: 2b:e9:b4:be:bd:c9:30:c1:43:e5:6d:c5:6d:0e:d0: 7f:e3:70:f5:38:54:e1:52:83:87:3e:fc:b6:68:b7: d5:a1:9e:b1:92:92:b0:85:f9:2c:06:ed:5a:05:fa: af:21:98:8e:31:ef:21:bf:dd:c5:7a:92:c4:57:8b: eb:de:a6:3a:5c:44:47:56:dd:e2:1f:e0:d7:fa:93: c4:e6:01:37:be:26:f3:c5:af:23:71:d0:d7:83:d6: 77:de:2f:59:cc:51:1b:5b:83:03:39:98:19:68:74: 69:24:d4:25:2c:15:5c:43:17:ef:48:b5:04:81:6c: 43:d9:5d:b9:df:cc:4f:89:a9:5e:9f:ea:b1:7f:13: 7d:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:6C:58:BA:50:F0:0D:63:DD:DA:F4:B9:A0:51:99:2E:51:75:06:AC X509v3 Authority Key Identifier: keyid:5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption bb:23:96:8c:45:88:07:5a:5e:a1:d1:a5:ba:11:eb:3c:5b:06: 34:2d:d3:01:fc:4f:eb:d0:db:72:ea:a3:9b:82:ca:58:7d:4d: d8:c1:97:d2:08:d7:d3:ce:40:9e:b9:f0:38:da:ed:91:be:6b: 27:43:4a:cb:24:10:85:d2:cc:7e:19:f7:70:50:66:af:8d:64: 9f:6e:e0:75:5d:bd:b2:1c:0e:f1:b0:e6:38:2b:0d:32:b9:3a: 73:38:c4:25:0f:79:13:dc:f5:00:3b:f0:de:4a:9e:05:d2:6e: d5:7e:71:f2:7d:7a:f6:35:de:a6:b3:13:6a:d6:f7:52:d2:3d: 8e:24:13:df:0c:fb:3f:2a:9a:81:da:b0:55:f6:b5:e2:f8:c6: 95:d8:cf:60:b1:6d:4a:15:41:88:4f:4f:66:68:02:b9:c2:56: 83:b1:e2:0d:f0:d0:95:1b:4b:cb:83:58:78:4e:e3:f5:17:58: 71:21:bd:4a:07:42:09:aa:89:e1:5e:4e:f6:99:89:11:35:d5: 7f:4a:1a:de:a7:84:dd:fe:3a:00:ec:16:c8:25:68:b4:fb:f4: f9:0b:19:08:17:16:1b:3e:b7:38:4d:7f:83:d6:9f:59:08:01: be:89:fa:5a:7d:ff:12:e3:3f:14:f8:42:21:e1:2a:69:6d:19: 34:94:3f:99 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCtH1H0qciTXq/w2cBes33MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjZGYzMDFhYzAxNTI2ZDA4Y2RlYzI0MmNjNWExNDAxNDFm YjE1M2QwHhcNMjYwMjA5MTQwMDUwWhcNMjYwMjEwMTQwMDUwWjAzMTEwLwYDVQQD EyhiYjZjNThiYTUwZjAwZDYzZGRkYWY0YjlhMDUxOTkyZTUxNzUwNmFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7U/N0AqZw+SG2kB6GSRAE7twLDw6 UvYP3clTqs8CA4VEmchIEFyqmG32GlVBraCRoyn0+Q10lvjoIkInAmlmg6k3aA3j DJzdH3gXBXS6wnSQa8tWvmeTELnabXvw8zXsJ4Xzo7Zin6rF1kd/DXOlVGcGRr94 0scr6bS+vckwwUPlbcVtDtB/43D1OFThUoOHPvy2aLfVoZ6xkpKwhfksBu1aBfqv IZiOMe8hv93FepLEV4vr3qY6XERHVt3iH+DX+pPE5gE3vibzxa8jcdDXg9Z33i9Z zFEbW4MDOZgZaHRpJNQlLBVcQxfvSLUEgWxD2V2538xPialen+qxfxN9jwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLtsWLpQ8A1j3dr0uaBRmS5RdQasMB8GA1UdIwQY MBaAFFzfMBrAFSbQjN7CQsxaFAFB+xU9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMt Yzk2NDIyMGJhZTgwLzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMtYzk2NDIyMGJhZTgw LzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuyOWjEWI B1peodGluhHrPFsGNC3TAfxP69Dbcuqjm4LKWH1N2MGX0gjX085AnrnwONrtkb5r J0NKyyQQhdLMfhn3cFBmr41kn27gdV29shwO8bDmOCsNMrk6czjEJQ95E9z1ADvw 3kqeBdJu1X5x8n169jXeprMTatb3UtI9jiQT3wz7PyqagdqwVfa14vjGldjPYLFt ShVBiE9PZmgCucJWg7HiDfDQlRtLy4NYeE7j9RdYcSG9SgdCCaqJ4V5O9pmJETXV f0oa3qeE3f46AOwWyCVotPv0+QsZCBcWGz63OE1/g9afWQgBvon6Wn3/EuM/FPhC IeEqaW0ZNJQ/mQ== -----END CERTIFICATE-----Generated at Mon Feb 9 21:07:28 2026 by rpki-client