This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft File: 23DOek5uSrOk6p8IH1kupfbSuao.mft (raw, json) Hash identifier: S+EmlTzIBH6Rg5cWsAaPLgUrEf923EpkRhQrg13XNXk= Subject key identifier: 18:AF:A8:06:2E:0D:2C:B9:29:27:80:6A:49:D4:E7:F5:A0:0D:DE:D0 Authority key identifier: DB:70:CE:7A:4E:6E:4A:B3:A4:EA:9F:08:1F:59:2E:A5:F6:D2:B9:AA Certificate issuer: /CN=db70ce7a4e6e4ab3a4ea9f081f592ea5f6d2b9aa Certificate serial: 019C420F474A09EF40176B3B27B82806C39E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft Manifest number: 0853 Signing time: Mon 09 Feb 2026 11:00:23 +0000 Manifest this update: Mon 09 Feb 2026 11:00:23 +0000 Manifest next update: Tue 10 Feb 2026 11:00:23 +0000 Files and hashes: 1: 23DOek5uSrOk6p8IH1kupfbSuao.crl (hash: RBkvNvgfTSWmhI5/pTmAl9F5Cq36PiDgY4of45fuVlw=) 2: hhh3z06Bpe2m47ehC44Gk6XsxWY.roa (hash: D+hS8HY9ljD+1P/aopr0G/yuhchBVZY0zZMSPMrBOWg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.crl rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 11:00:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:0f:47:4a:09:ef:40:17:6b:3b:27:b8:28:06:c3:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=db70ce7a4e6e4ab3a4ea9f081f592ea5f6d2b9aa Validity Not Before: Feb 9 11:00:23 2026 GMT Not After : Feb 10 11:00:23 2026 GMT Subject: CN=18afa8062e0d2cb92927806a49d4e7f5a00dded0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:ef:86:21:c7:0f:77:46:7d:07:8a:76:a3:78: c1:ba:c6:29:82:46:45:5e:a6:48:3c:b4:f6:e4:6e: 1d:12:2d:5b:8a:bc:5d:7c:c5:1f:4c:7a:f8:09:96: e1:cd:94:11:c5:cf:67:80:03:dd:e0:15:ec:e8:79: 3a:b6:b7:5f:92:2a:c9:7f:d5:c3:33:cf:4c:62:07: ca:5c:88:89:ee:5d:78:de:a3:31:e0:e2:39:67:23: 79:bf:f2:ee:d4:2a:6d:9f:35:7c:e3:ee:1b:a1:de: 0f:c9:21:d3:61:0c:95:db:34:8e:c6:0a:ca:00:99: c5:86:cc:c8:93:55:36:2e:2b:6d:e9:a1:39:1f:e0: 25:0d:4d:53:e3:b8:09:7e:c6:06:84:0c:47:08:e3: d6:8c:45:2a:4e:d2:e9:9b:46:46:17:c3:d9:ec:6e: ff:8d:92:2f:d3:81:80:a3:7b:dc:49:6c:e7:47:6b: c9:e2:ff:5c:aa:43:fd:66:96:f3:ce:b8:35:a7:60: 3b:2b:f7:49:25:ef:5d:40:5b:dd:2e:d2:be:0c:eb: 64:aa:99:63:28:af:55:78:2e:d6:6c:fd:2a:9e:42: 53:ae:c8:13:1e:75:41:07:2b:0f:31:e2:20:a7:ef: 25:2a:df:b7:df:1b:72:04:7a:90:a5:30:c3:50:86: 01:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:AF:A8:06:2E:0D:2C:B9:29:27:80:6A:49:D4:E7:F5:A0:0D:DE:D0 X509v3 Authority Key Identifier: keyid:DB:70:CE:7A:4E:6E:4A:B3:A4:EA:9F:08:1F:59:2E:A5:F6:D2:B9:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 29:e6:6b:4f:4c:b8:c5:46:2d:7c:cb:ae:01:e1:5e:b3:0f:b6: 97:c7:24:f4:bb:9b:00:28:a8:ce:2e:79:8d:cc:79:75:a2:ff: 01:f7:ff:f4:b2:2f:fb:a2:33:c1:90:89:94:1d:2a:fd:77:5d: f7:b2:1c:9d:5c:e8:74:10:c2:d4:c9:ea:07:67:68:39:f1:16: 2e:92:da:f8:0f:1d:42:7a:e6:99:68:e1:0c:44:ea:79:c3:3f: c1:e6:73:61:1b:cd:68:3a:0b:28:47:e3:f1:56:38:4e:88:cc: 4e:1a:86:b5:67:e0:d5:f3:7c:f4:67:e1:be:b0:7f:a8:10:c8: a2:94:88:18:df:07:7e:96:0b:d4:bc:b0:23:4d:6c:06:ec:68: 8f:f9:8a:e5:04:5b:e0:38:2b:32:ce:8a:2e:d0:76:59:7f:98: ce:e7:c3:85:4c:74:a2:09:94:3e:8c:0a:e7:98:68:f1:89:3f: 3f:3c:3a:b0:ed:50:7b:d8:83:4f:d3:e5:fb:53:e1:d6:5e:78: 00:47:d0:d0:f7:87:26:b5:80:b5:96:69:92:fe:99:00:c2:19: a6:53:ca:ca:f4:32:03:ea:56:9a:2e:83:4b:bf:44:e7:bf:35: d2:48:a4:2e:16:e5:68:87:dd:02:e1:90:13:5c:3e:c0:0a:5f: 97:ea:ea:14 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCD0dKCe9AF2s7J7goBsOeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiNzBjZTdhNGU2ZTRhYjNhNGVhOWYwODFmNTkyZWE1ZjZk MmI5YWEwHhcNMjYwMjA5MTEwMDIzWhcNMjYwMjEwMTEwMDIzWjAzMTEwLwYDVQQD EygxOGFmYTgwNjJlMGQyY2I5MjkyNzgwNmE0OWQ0ZTdmNWEwMGRkZWQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr++GIccPd0Z9B4p2o3jBusYpgkZF XqZIPLT25G4dEi1birxdfMUfTHr4CZbhzZQRxc9ngAPd4BXs6Hk6trdfkirJf9XD M89MYgfKXIiJ7l143qMx4OI5ZyN5v/Lu1CptnzV84+4bod4PySHTYQyV2zSOxgrK AJnFhszIk1U2Litt6aE5H+AlDU1T47gJfsYGhAxHCOPWjEUqTtLpm0ZGF8PZ7G7/ jZIv04GAo3vcSWznR2vJ4v9cqkP9Zpbzzrg1p2A7K/dJJe9dQFvdLtK+DOtkqplj KK9VeC7WbP0qnkJTrsgTHnVBBysPMeIgp+8lKt+33xtyBHqQpTDDUIYBZQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBivqAYuDSy5KSeAaknU5/WgDd7QMB8GA1UdIwQY MBaAFNtwznpObkqzpOqfCB9ZLqX20rmqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMjNET2VrNXVTck9rNnA4SUgxa3VwZmJTdWFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi85ZGE2MDEtNjM1ZS00ZDA3LTgwOTYt MmNiMTdiN2JjNjE4LzEvMjNET2VrNXVTck9rNnA4SUgxa3VwZmJTdWFvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMi85ZGE2MDEtNjM1ZS00ZDA3LTgwOTYtMmNiMTdiN2JjNjE4 LzEvMjNET2VrNXVTck9rNnA4SUgxa3VwZmJTdWFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKeZrT0y4 xUYtfMuuAeFesw+2l8ck9LubACiozi55jcx5daL/Aff/9LIv+6IzwZCJlB0q/Xdd 97IcnVzodBDC1MnqB2doOfEWLpLa+A8dQnrmmWjhDETqecM/weZzYRvNaDoLKEfj 8VY4TojMThqGtWfg1fN89GfhvrB/qBDIopSIGN8HfpYL1LywI01sBuxoj/mK5QRb 4DgrMs6KLtB2WX+YzufDhUx0ogmUPowK55ho8Yk/Pzw6sO1Qe9iDT9Pl+1Ph1l54 AEfQ0PeHJrWAtZZpkv6ZAMIZplPKyvQyA+pWmi6DS79E57810kikLhblaIfdAuGQ E1w+wApfl+rqFA== -----END CERTIFICATE-----Generated at Mon Feb 9 18:40:36 2026 by rpki-client