This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/fbbe41-15b7-4f6e-9e07-8bcce303b919/1/DZHf1FaDQonB_QOg_vG1Kl79HZE.mft File: DZHf1FaDQonB_QOg_vG1Kl79HZE.mft (raw, json) Hash identifier: RKdwm6rvQEitAGHS3Gnx1xFsHKqfNy9862qyWZ53a8o= Subject key identifier: 82:1A:72:E8:32:81:6A:63:3C:89:2E:C0:C5:5E:19:3C:11:C8:C9:7D Authority key identifier: 0D:91:DF:D4:56:83:42:89:C1:FD:03:A0:FE:F1:B5:2A:5E:FD:1D:91 Certificate issuer: /CN=0d91dfd456834289c1fd03a0fef1b52a5efd1d91 Certificate serial: 019C43FDE25D0D59FF4BDEC199333FF64146 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DZHf1FaDQonB_QOg_vG1Kl79HZE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/fbbe41-15b7-4f6e-9e07-8bcce303b919/1/DZHf1FaDQonB_QOg_vG1Kl79HZE.mft Manifest number: 1078 Signing time: Mon 09 Feb 2026 20:00:37 +0000 Manifest this update: Mon 09 Feb 2026 20:00:37 +0000 Manifest next update: Tue 10 Feb 2026 20:00:37 +0000 Files and hashes: 1: DZHf1FaDQonB_QOg_vG1Kl79HZE.crl (hash: r/ZdLD9/cQBXfW+0ghfyecwScOmHYuh8H+HayhfQQrs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/fbbe41-15b7-4f6e-9e07-8bcce303b919/1/DZHf1FaDQonB_QOg_vG1Kl79HZE.crl rsync://rpki.ripe.net/repository/DEFAULT/ec/fbbe41-15b7-4f6e-9e07-8bcce303b919/1/DZHf1FaDQonB_QOg_vG1Kl79HZE.mft rsync://rpki.ripe.net/repository/DEFAULT/DZHf1FaDQonB_QOg_vG1Kl79HZE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 20:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:fd:e2:5d:0d:59:ff:4b:de:c1:99:33:3f:f6:41:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0d91dfd456834289c1fd03a0fef1b52a5efd1d91 Validity Not Before: Feb 9 20:00:37 2026 GMT Not After : Feb 10 20:00:37 2026 GMT Subject: CN=821a72e832816a633c892ec0c55e193c11c8c97d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:a5:fe:a2:43:85:e8:17:c4:48:eb:52:3b:ce: a2:c7:1d:09:ba:b0:a0:68:a8:9f:35:97:6d:5a:6f: 40:6f:d3:a1:07:70:ef:69:35:f1:15:19:c5:f9:5f: 30:9c:22:56:94:24:b4:7b:62:9f:63:5a:b2:63:f1: 89:d0:b5:df:8e:a9:8e:76:04:64:4a:d9:0b:fb:68: c3:f5:bd:c5:4e:93:d6:7a:c0:1e:e7:04:8a:d9:d7: d5:64:4a:26:67:5a:89:06:8e:0b:57:73:3e:4e:f9: 9a:c4:2b:1f:75:28:44:45:ca:c8:e2:19:dd:29:a8: 9d:90:a9:49:88:d3:c8:d4:aa:28:d8:da:e3:51:c8: ea:10:d3:05:70:58:a5:d1:b3:9b:e2:e9:fa:8e:38: ff:b6:b7:7c:ec:4c:7b:66:90:dd:e5:9e:90:ef:ae: d4:b6:5e:66:21:70:f2:1a:81:38:96:78:24:59:08: 03:21:cb:61:ce:da:4d:3b:1b:04:3b:bb:0b:af:d2: e7:90:de:70:bc:88:46:8c:cb:4c:5c:47:06:6d:be: 77:fa:07:fc:ff:70:fe:d1:9d:be:0c:d9:c8:76:16: 84:81:b6:00:33:bb:e6:ff:6a:44:16:7d:a3:e9:f0: ab:76:36:28:fe:c8:e2:aa:c8:dc:24:d4:ea:b3:b4: 0b:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:1A:72:E8:32:81:6A:63:3C:89:2E:C0:C5:5E:19:3C:11:C8:C9:7D X509v3 Authority Key Identifier: keyid:0D:91:DF:D4:56:83:42:89:C1:FD:03:A0:FE:F1:B5:2A:5E:FD:1D:91 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DZHf1FaDQonB_QOg_vG1Kl79HZE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/fbbe41-15b7-4f6e-9e07-8bcce303b919/1/DZHf1FaDQonB_QOg_vG1Kl79HZE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/fbbe41-15b7-4f6e-9e07-8bcce303b919/1/DZHf1FaDQonB_QOg_vG1Kl79HZE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 04:09:04:f9:b1:f4:f1:e3:14:a1:0a:36:e8:88:03:4f:cc:eb: 9c:35:3a:74:ca:99:a4:89:ce:83:d0:33:65:af:57:b8:da:c2: 9c:4a:21:15:97:d1:bd:e7:02:b7:5e:d2:1c:48:c0:5e:1f:9f: eb:b6:36:c5:1a:8d:63:ee:1f:4b:a0:97:66:6b:c9:0c:7a:82: a3:b6:7c:c7:64:da:7a:23:67:99:57:b7:07:dd:c0:a8:91:37: 0a:1e:8f:73:87:46:fa:82:96:1d:e7:80:6b:f7:e1:e1:93:91: 11:db:ea:f8:1b:c8:d3:7b:03:d9:ad:24:60:77:38:3e:ed:f4: 15:a1:5d:b3:12:35:b6:bf:f4:6f:29:64:b5:ef:ae:ad:65:52: fe:79:91:88:ee:1e:24:e5:35:87:4f:86:f5:a8:ee:1e:50:1f: e8:dc:2e:8a:38:44:cd:19:4a:e0:8d:b3:1f:ff:2f:04:dd:88: 6e:9d:b3:43:12:29:8e:59:52:32:c9:22:80:55:65:df:b7:f7: eb:5f:b2:3b:b9:ee:c6:db:3d:bf:7b:66:8a:1c:9c:b0:a7:48: 1f:cb:8e:00:2c:e7:da:6a:c2:64:97:40:d5:ec:b4:a5:b3:bb: dc:d5:7f:40:60:cf:44:9d:6f:a4:a0:70:34:35:a8:b3:da:35: cc:ec:b7:11 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxD/eJdDVn/S97BmTM/9kFGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkOTFkZmQ0NTY4MzQyODljMWZkMDNhMGZlZjFiNTJhNWVm ZDFkOTEwHhcNMjYwMjA5MjAwMDM3WhcNMjYwMjEwMjAwMDM3WjAzMTEwLwYDVQQD Eyg4MjFhNzJlODMyODE2YTYzM2M4OTJlYzBjNTVlMTkzYzExYzhjOTdkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxaX+okOF6BfESOtSO86ixx0JurCg aKifNZdtWm9Ab9OhB3DvaTXxFRnF+V8wnCJWlCS0e2KfY1qyY/GJ0LXfjqmOdgRk StkL+2jD9b3FTpPWesAe5wSK2dfVZEomZ1qJBo4LV3M+TvmaxCsfdShERcrI4hnd KaidkKlJiNPI1Koo2NrjUcjqENMFcFil0bOb4un6jjj/trd87Ex7ZpDd5Z6Q767U tl5mIXDyGoE4lngkWQgDIcthztpNOxsEO7sLr9LnkN5wvIhGjMtMXEcGbb53+gf8 /3D+0Z2+DNnIdhaEgbYAM7vm/2pEFn2j6fCrdjYo/sjiqsjcJNTqs7QLCwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIIacugygWpjPIkuwMVeGTwRyMl9MB8GA1UdIwQY MBaAFA2R39RWg0KJwf0DoP7xtSpe/R2RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRFpIZjFGYURRb25CX1FPZ192RzFLbDc5SFpFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9mYmJlNDEtMTViNy00ZjZlLTllMDct OGJjY2UzMDNiOTE5LzEvRFpIZjFGYURRb25CX1FPZ192RzFLbDc5SFpFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYy9mYmJlNDEtMTViNy00ZjZlLTllMDctOGJjY2UzMDNiOTE5 LzEvRFpIZjFGYURRb25CX1FPZ192RzFLbDc5SFpFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABAkE+bH0 8eMUoQo26IgDT8zrnDU6dMqZpInOg9AzZa9XuNrCnEohFZfRvecCt17SHEjAXh+f 67Y2xRqNY+4fS6CXZmvJDHqCo7Z8x2TaeiNnmVe3B93AqJE3Ch6Pc4dG+oKWHeeA a/fh4ZOREdvq+BvI03sD2a0kYHc4Pu30FaFdsxI1tr/0bylkte+urWVS/nmRiO4e JOU1h0+G9ajuHlAf6NwuijhEzRlK4I2zH/8vBN2Ibp2zQxIpjllSMskigFVl37f3 61+yO7nuxts9v3tmihycsKdIH8uOACzn2mrCZJdA1ey0pbO73NV/QGDPRJ1vpKBw NDWos9o1zOy3EQ== -----END CERTIFICATE-----Generated at Tue Feb 10 01:47:46 2026 by rpki-client