This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/2d4858-dbcf-46d1-86d3-0c867457692b/1/RGMFqaHfoG26hXtD8N6eYi9JUaM.mft File: RGMFqaHfoG26hXtD8N6eYi9JUaM.mft (raw, json) Hash identifier: wV9o4HN3Ryp+4fqo3ei9+wOxne9XgIsUleRqkpbdXGY= Subject key identifier: 42:BD:8A:C4:BD:94:65:64:EE:84:AC:70:0A:2E:7D:F7:E1:BE:5F:4D Authority key identifier: 44:63:05:A9:A1:DF:A0:6D:BA:85:7B:43:F0:DE:9E:62:2F:49:51:A3 Certificate issuer: /CN=446305a9a1dfa06dba857b43f0de9e622f4951a3 Certificate serial: 019C432265A5BFC6760FC5A7619B8A256E56 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RGMFqaHfoG26hXtD8N6eYi9JUaM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/2d4858-dbcf-46d1-86d3-0c867457692b/1/RGMFqaHfoG26hXtD8N6eYi9JUaM.mft Manifest number: 0C9E Signing time: Mon 09 Feb 2026 16:00:53 +0000 Manifest this update: Mon 09 Feb 2026 16:00:53 +0000 Manifest next update: Tue 10 Feb 2026 16:00:53 +0000 Files and hashes: 1: RGMFqaHfoG26hXtD8N6eYi9JUaM.crl (hash: NuFXtG/IGEYAvWvk+BCA6x/z3FEg7rD3bmjQCf/Jy2Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/2d4858-dbcf-46d1-86d3-0c867457692b/1/RGMFqaHfoG26hXtD8N6eYi9JUaM.crl rsync://rpki.ripe.net/repository/DEFAULT/f1/2d4858-dbcf-46d1-86d3-0c867457692b/1/RGMFqaHfoG26hXtD8N6eYi9JUaM.mft rsync://rpki.ripe.net/repository/DEFAULT/RGMFqaHfoG26hXtD8N6eYi9JUaM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:22:65:a5:bf:c6:76:0f:c5:a7:61:9b:8a:25:6e:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=446305a9a1dfa06dba857b43f0de9e622f4951a3 Validity Not Before: Feb 9 16:00:53 2026 GMT Not After : Feb 10 16:00:53 2026 GMT Subject: CN=42bd8ac4bd946564ee84ac700a2e7df7e1be5f4d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:96:24:ca:b1:8d:5f:27:54:b8:58:91:e2:77: ce:bd:ac:89:71:08:bd:b8:34:c5:b1:18:64:6f:8e: 66:b1:1e:5e:1b:cb:e3:ae:c8:a9:1d:29:95:6b:2b: 0f:f8:f5:35:17:4d:4c:b7:fb:68:09:2a:a6:30:d3: 89:64:78:14:e2:a7:70:64:96:e2:e5:4a:be:a0:93: 27:d5:77:f2:ac:ff:a5:58:43:0f:74:8a:9e:0d:48: b1:e1:a4:09:e7:22:70:b9:2b:0c:bd:c3:d2:79:6c: cb:fb:20:2b:1c:39:4e:b1:0a:30:61:51:84:dd:87: 30:68:e1:67:8e:7d:ee:31:28:50:f5:b8:cb:2c:5f: 0d:8b:ba:f9:02:03:fd:6a:2e:e4:da:63:28:3e:69: 70:59:40:ed:3a:d3:7c:a4:52:d8:c5:37:6a:fc:b7: a6:89:98:e0:cf:60:0f:ed:8b:9f:df:55:fa:fc:db: 03:ef:84:64:f8:a3:35:45:50:68:3c:6b:a0:f0:55: 49:19:e4:52:28:a1:ae:77:48:09:55:02:08:eb:fe: 9f:27:a2:1c:17:2c:99:45:d9:15:70:44:32:62:7c: e0:be:02:cd:e4:a4:d4:24:79:c0:cb:63:01:3e:83: ff:38:44:16:53:58:2f:10:0b:11:f9:1c:f4:83:05: fe:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:BD:8A:C4:BD:94:65:64:EE:84:AC:70:0A:2E:7D:F7:E1:BE:5F:4D X509v3 Authority Key Identifier: keyid:44:63:05:A9:A1:DF:A0:6D:BA:85:7B:43:F0:DE:9E:62:2F:49:51:A3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RGMFqaHfoG26hXtD8N6eYi9JUaM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/2d4858-dbcf-46d1-86d3-0c867457692b/1/RGMFqaHfoG26hXtD8N6eYi9JUaM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/2d4858-dbcf-46d1-86d3-0c867457692b/1/RGMFqaHfoG26hXtD8N6eYi9JUaM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 98:27:50:90:7e:02:5b:52:cc:c8:72:31:9d:e9:53:b8:1c:a7: 05:bf:b7:fb:7f:e4:f8:35:8a:04:1e:e8:a0:7c:3e:8f:1e:23: 5e:d4:db:99:bf:28:dc:73:a7:40:10:06:b4:b5:2c:3f:c6:6a: 7c:06:d7:f7:72:39:0a:12:51:9d:83:96:22:27:eb:b1:a5:37: 8e:6f:cd:78:6c:da:30:10:21:e2:01:48:59:98:8b:bf:0b:bd: fa:cc:47:5d:d8:5b:1f:c9:fd:53:11:8e:27:39:69:95:e7:fe: 80:b0:78:56:94:97:da:70:57:5c:d2:bd:91:84:7a:e9:f0:31: 6c:37:b7:04:b5:a2:9b:14:92:d6:71:73:f2:2b:74:b9:d9:f5: 3f:14:f3:b3:21:c7:d5:37:6a:f0:cf:5a:60:11:c5:0f:e8:d3: 2e:b2:1b:51:9e:59:48:f6:1d:b4:9f:fe:10:4c:ec:5f:82:b9: 92:1f:7b:fc:23:5f:3d:1a:93:80:49:c5:ff:4c:2c:e0:a5:92: e4:8b:ae:a2:1f:3a:01:f7:fd:5d:ee:7f:58:4f:5f:a4:79:24: 7e:77:9c:05:d0:5e:33:5c:e6:84:62:7c:44:83:ac:7f:eb:91: fb:d4:ee:1e:5b:ca:11:cf:0e:a7:4e:b8:c9:0e:6b:94:6d:51: 12:8f:98:4e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDImWlv8Z2D8WnYZuKJW5WMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ0NjMwNWE5YTFkZmEwNmRiYTg1N2I0M2YwZGU5ZTYyMmY0 OTUxYTMwHhcNMjYwMjA5MTYwMDUzWhcNMjYwMjEwMTYwMDUzWjAzMTEwLwYDVQQD Eyg0MmJkOGFjNGJkOTQ2NTY0ZWU4NGFjNzAwYTJlN2RmN2UxYmU1ZjRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZYkyrGNXydUuFiR4nfOvayJcQi9 uDTFsRhkb45msR5eG8vjrsipHSmVaysP+PU1F01Mt/toCSqmMNOJZHgU4qdwZJbi 5Uq+oJMn1XfyrP+lWEMPdIqeDUix4aQJ5yJwuSsMvcPSeWzL+yArHDlOsQowYVGE 3YcwaOFnjn3uMShQ9bjLLF8Ni7r5AgP9ai7k2mMoPmlwWUDtOtN8pFLYxTdq/Lem iZjgz2AP7Yuf31X6/NsD74Rk+KM1RVBoPGug8FVJGeRSKKGud0gJVQII6/6fJ6Ic FyyZRdkVcEQyYnzgvgLN5KTUJHnAy2MBPoP/OEQWU1gvEAsR+Rz0gwX+oQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEK9isS9lGVk7oSscAoufffhvl9NMB8GA1UdIwQY MBaAFERjBamh36BtuoV7Q/DenmIvSVGjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUkdNRnFhSGZvRzI2aFh0RDhONmVZaTlKVWFNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yZDQ4NTgtZGJjZi00NmQxLTg2ZDMt MGM4Njc0NTc2OTJiLzEvUkdNRnFhSGZvRzI2aFh0RDhONmVZaTlKVWFNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMS8yZDQ4NTgtZGJjZi00NmQxLTg2ZDMtMGM4Njc0NTc2OTJi LzEvUkdNRnFhSGZvRzI2aFh0RDhONmVZaTlKVWFNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmCdQkH4C W1LMyHIxnelTuBynBb+3+3/k+DWKBB7ooHw+jx4jXtTbmb8o3HOnQBAGtLUsP8Zq fAbX93I5ChJRnYOWIifrsaU3jm/NeGzaMBAh4gFIWZiLvwu9+sxHXdhbH8n9UxGO Jzlplef+gLB4VpSX2nBXXNK9kYR66fAxbDe3BLWimxSS1nFz8it0udn1PxTzsyHH 1Tdq8M9aYBHFD+jTLrIbUZ5ZSPYdtJ/+EEzsX4K5kh97/CNfPRqTgEnF/0ws4KWS 5Iuuoh86Aff9Xe5/WE9fpHkkfnecBdBeM1zmhGJ8RIOsf+uR+9TuHlvKEc8Op064 yQ5rlG1REo+YTg== -----END CERTIFICATE-----Generated at Mon Feb 9 18:42:04 2026 by rpki-client