This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft File: pr640lzi1AsMuuWcEeKSvTcXDfo.mft (raw, json) Hash identifier: aiCEzBxll1tG/Y5tCMGlyiJ5cv+SslRX3eR//X+8yp4= Subject key identifier: 98:91:98:7C:0C:BA:60:56:6C:40:71:A6:F2:3F:F8:09:9C:7E:49:68 Authority key identifier: A6:BE:B8:D2:5C:E2:D4:0B:0C:BA:E5:9C:11:E2:92:BD:37:17:0D:FA Certificate issuer: /CN=a6beb8d25ce2d40b0cbae59c11e292bd37170dfa Certificate serial: 019C420F73824ECCB6F7BFBD6678C30A6FFE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pr640lzi1AsMuuWcEeKSvTcXDfo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft Manifest number: 1207 Signing time: Mon 09 Feb 2026 11:00:34 +0000 Manifest this update: Mon 09 Feb 2026 11:00:34 +0000 Manifest next update: Tue 10 Feb 2026 11:00:34 +0000 Files and hashes: 1: pr640lzi1AsMuuWcEeKSvTcXDfo.crl (hash: pgMBZjShlkncsqowYwkkVlUaG1Fcg8iHyrwdYBU9GGE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.crl rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft rsync://rpki.ripe.net/repository/DEFAULT/pr640lzi1AsMuuWcEeKSvTcXDfo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 11:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:0f:73:82:4e:cc:b6:f7:bf:bd:66:78:c3:0a:6f:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a6beb8d25ce2d40b0cbae59c11e292bd37170dfa Validity Not Before: Feb 9 11:00:34 2026 GMT Not After : Feb 10 11:00:34 2026 GMT Subject: CN=9891987c0cba60566c4071a6f23ff8099c7e4968 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:af:cf:72:8c:2a:6a:8e:3d:dc:5a:7b:10:a8: e4:55:34:12:00:bd:ef:54:b6:1f:0b:58:cb:e9:a0: 51:96:d4:30:79:01:d3:50:5b:c5:8d:19:c9:b7:ff: 82:ff:6f:d2:f3:d6:68:e4:d6:c9:e8:de:d3:6d:36: d7:f9:74:08:60:e2:83:e7:63:21:69:96:12:fe:e0: ae:04:3b:17:d6:af:ed:34:bd:f3:5c:d9:88:7c:ab: 5a:a0:83:32:24:5c:31:f4:83:b4:56:3f:95:ce:e0: 2a:df:47:28:4a:57:ba:81:aa:83:6c:99:1d:f3:01: 3f:0a:7d:1f:93:9a:d3:5d:94:d2:4b:8b:3c:ba:80: 47:9f:71:52:5f:5b:c7:c9:df:00:a8:61:ea:ad:d5: 4f:6b:58:52:f7:83:a3:c3:27:52:53:4e:5e:32:d7: 5c:de:45:b3:30:b9:59:ad:69:f4:32:29:bd:7c:9f: 22:df:b6:45:b4:6f:35:20:74:5a:05:38:35:2c:08: 15:89:3f:a5:e9:2f:37:e4:33:81:91:46:5c:3c:40: bf:16:af:c7:99:b5:f5:55:56:d7:1e:54:91:92:0b: 91:de:39:66:a5:a8:dd:d8:b7:9f:ff:76:d1:99:ce: 8e:2c:71:3e:dd:f2:1d:be:a9:cc:f5:81:f5:43:47: 95:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:91:98:7C:0C:BA:60:56:6C:40:71:A6:F2:3F:F8:09:9C:7E:49:68 X509v3 Authority Key Identifier: keyid:A6:BE:B8:D2:5C:E2:D4:0B:0C:BA:E5:9C:11:E2:92:BD:37:17:0D:FA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pr640lzi1AsMuuWcEeKSvTcXDfo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7a:27:3d:63:3a:cc:56:5b:ae:03:28:ac:b7:00:fd:03:4c:dc: e1:d0:2b:52:6c:39:9d:f7:a2:60:86:c8:31:89:44:55:06:e6: 48:10:41:f1:bf:5a:a2:4e:6b:65:53:70:6f:70:ad:e0:c1:5f: 01:1f:3f:0e:89:03:cc:50:b2:b7:3b:d9:59:87:61:92:ae:66: 7d:31:59:29:a9:5a:61:bd:92:e6:8b:ea:97:5b:36:b0:2a:73: 07:a7:a0:f4:d3:70:aa:72:ad:5f:2f:96:b8:4c:5d:de:d0:e8: 33:e8:24:30:c4:7a:88:ef:f5:2c:e5:76:fc:e9:fb:c8:03:bb: 6c:62:3f:3e:f6:ee:25:87:6c:4d:35:12:fc:7f:29:47:a7:82: 43:7c:52:7a:c0:ba:f0:d3:01:54:12:04:9f:ca:83:02:cd:6f: 29:df:2e:9b:c2:19:27:b2:c2:3d:b3:9e:ef:e4:23:11:a8:cf: 27:60:de:81:bc:12:aa:fc:f9:59:40:20:6d:4f:18:be:b7:bb: 1e:68:f2:d3:08:64:6f:62:b2:ae:31:ef:9d:8f:28:6e:9e:17: d8:5d:8d:31:8a:54:da:ec:74:03:6a:96:b8:41:94:22:df:da: c1:80:2f:82:e4:14:9b:60:9e:63:07:09:8c:ea:cb:da:58:b8: 47:d9:1e:f5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCD3OCTsy297+9ZnjDCm/+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE2YmViOGQyNWNlMmQ0MGIwY2JhZTU5YzExZTI5MmJkMzcx NzBkZmEwHhcNMjYwMjA5MTEwMDM0WhcNMjYwMjEwMTEwMDM0WjAzMTEwLwYDVQQD Eyg5ODkxOTg3YzBjYmE2MDU2NmM0MDcxYTZmMjNmZjgwOTljN2U0OTY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA46/Pcowqao493Fp7EKjkVTQSAL3v VLYfC1jL6aBRltQweQHTUFvFjRnJt/+C/2/S89Zo5NbJ6N7TbTbX+XQIYOKD52Mh aZYS/uCuBDsX1q/tNL3zXNmIfKtaoIMyJFwx9IO0Vj+VzuAq30coSle6gaqDbJkd 8wE/Cn0fk5rTXZTSS4s8uoBHn3FSX1vHyd8AqGHqrdVPa1hS94OjwydSU05eMtdc 3kWzMLlZrWn0Mim9fJ8i37ZFtG81IHRaBTg1LAgViT+l6S835DOBkUZcPEC/Fq/H mbX1VVbXHlSRkguR3jlmpajd2Lef/3bRmc6OLHE+3fIdvqnM9YH1Q0eV6QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJiRmHwMumBWbEBxpvI/+AmcfkloMB8GA1UdIwQY MBaAFKa+uNJc4tQLDLrlnBHikr03Fw36MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcHI2NDBsemkxQXNNdXVXY0VlS1N2VGNYRGZvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS81NDI0ZDktNTM0OC00ZjZmLTkzOTAt NDVhNDBhMjFiOGQzLzEvcHI2NDBsemkxQXNNdXVXY0VlS1N2VGNYRGZvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMS81NDI0ZDktNTM0OC00ZjZmLTkzOTAtNDVhNDBhMjFiOGQz LzEvcHI2NDBsemkxQXNNdXVXY0VlS1N2VGNYRGZvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeic9YzrM VluuAyistwD9A0zc4dArUmw5nfeiYIbIMYlEVQbmSBBB8b9aok5rZVNwb3Ct4MFf AR8/DokDzFCytzvZWYdhkq5mfTFZKalaYb2S5ovql1s2sCpzB6eg9NNwqnKtXy+W uExd3tDoM+gkMMR6iO/1LOV2/On7yAO7bGI/PvbuJYdsTTUS/H8pR6eCQ3xSesC6 8NMBVBIEn8qDAs1vKd8um8IZJ7LCPbOe7+QjEajPJ2DegbwSqvz5WUAgbU8Yvre7 Hmjy0whkb2KyrjHvnY8obp4X2F2NMYpU2ux0A2qWuEGUIt/awYAvguQUm2CeYwcJ jOrL2li4R9ke9Q== -----END CERTIFICATE-----Generated at Mon Feb 9 18:47:29 2026 by rpki-client