This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/21a53c-63ef-4fc5-9549-3bf61779ddc7/1/rjRcTQnm4iTh2vRmV9PHEYewIjY.mft File: rjRcTQnm4iTh2vRmV9PHEYewIjY.mft (raw, json) Hash identifier: Oou92fZIJZoiBy1Pi6+MS8y14fExovPU4r/j+wwSv9I= Subject key identifier: 29:48:A6:1A:05:AF:D4:49:01:E6:23:72:AF:1E:70:9C:53:41:9A:8B Authority key identifier: AE:34:5C:4D:09:E6:E2:24:E1:DA:F4:66:57:D3:C7:11:87:B0:22:36 Certificate issuer: /CN=ae345c4d09e6e224e1daf46657d3c71187b02236 Certificate serial: 019C4246CD4D8F7CA4D2FAE50962D4EE4377 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rjRcTQnm4iTh2vRmV9PHEYewIjY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/21a53c-63ef-4fc5-9549-3bf61779ddc7/1/rjRcTQnm4iTh2vRmV9PHEYewIjY.mft Manifest number: 0759 Signing time: Mon 09 Feb 2026 12:01:02 +0000 Manifest this update: Mon 09 Feb 2026 12:01:02 +0000 Manifest next update: Tue 10 Feb 2026 12:01:02 +0000 Files and hashes: 1: rjRcTQnm4iTh2vRmV9PHEYewIjY.crl (hash: pXOSfCkQ7THVivH1bIA5bRaRRIw3qJiDnjo/7GodeYE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/21a53c-63ef-4fc5-9549-3bf61779ddc7/1/rjRcTQnm4iTh2vRmV9PHEYewIjY.crl rsync://rpki.ripe.net/repository/DEFAULT/f4/21a53c-63ef-4fc5-9549-3bf61779ddc7/1/rjRcTQnm4iTh2vRmV9PHEYewIjY.mft rsync://rpki.ripe.net/repository/DEFAULT/rjRcTQnm4iTh2vRmV9PHEYewIjY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 12:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:46:cd:4d:8f:7c:a4:d2:fa:e5:09:62:d4:ee:43:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ae345c4d09e6e224e1daf46657d3c71187b02236 Validity Not Before: Feb 9 12:01:02 2026 GMT Not After : Feb 10 12:01:02 2026 GMT Subject: CN=2948a61a05afd44901e62372af1e709c53419a8b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:b5:f0:41:af:36:76:17:0c:e6:87:63:8c:71: 24:b7:e9:d7:2e:97:8f:dd:05:4b:b5:31:c5:7b:9a: d3:4d:df:f2:9e:e7:61:43:b1:54:c7:74:cd:67:d8: 73:4a:12:91:32:49:54:d0:c1:8e:6d:8c:7b:11:d6: 30:28:d7:75:b8:62:2b:38:16:36:ea:67:4b:85:9d: 8c:be:5f:a0:66:8c:9d:76:62:bb:bb:fa:b3:7e:09: e3:05:68:8a:12:64:0d:d2:73:69:3b:0c:f1:49:91: 93:fd:30:8d:63:06:79:3e:55:63:dc:79:f7:21:d5: 5f:72:ed:9b:81:09:13:45:5d:6d:37:dd:5a:80:84: 06:8d:bd:5a:7d:26:e4:a0:43:0c:d9:e1:2c:94:0d: ce:ac:68:a2:01:35:f4:4f:07:6f:d6:2a:cb:d6:6d: d3:13:6f:79:a0:d5:47:43:84:91:27:e5:28:69:da: 2d:6c:15:91:1d:0e:85:f1:5a:9c:ba:31:9d:64:5c: 67:95:c0:2d:75:5c:45:a7:e9:e9:b3:16:ad:f0:08: d5:82:a6:ff:4d:3f:12:63:c4:24:27:a2:01:cf:49: 05:f7:50:78:c8:1c:39:93:dd:d1:2a:68:07:2f:70: ae:1e:43:56:2f:57:7f:44:73:87:0b:e2:c5:91:c6: f0:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:48:A6:1A:05:AF:D4:49:01:E6:23:72:AF:1E:70:9C:53:41:9A:8B X509v3 Authority Key Identifier: keyid:AE:34:5C:4D:09:E6:E2:24:E1:DA:F4:66:57:D3:C7:11:87:B0:22:36 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rjRcTQnm4iTh2vRmV9PHEYewIjY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/21a53c-63ef-4fc5-9549-3bf61779ddc7/1/rjRcTQnm4iTh2vRmV9PHEYewIjY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/21a53c-63ef-4fc5-9549-3bf61779ddc7/1/rjRcTQnm4iTh2vRmV9PHEYewIjY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 98:e2:53:29:00:0f:ca:c1:76:ea:28:7a:9b:87:2b:6d:90:1c: 0f:0f:01:70:17:e1:6e:69:70:22:cb:56:26:b4:3f:71:e4:62: 26:0b:09:72:68:95:fa:df:41:99:14:13:55:99:7c:b2:be:75: d1:b8:13:6d:72:37:37:cb:1d:3c:ff:fc:18:f0:0a:1b:14:df: 20:06:f0:91:2e:cf:03:09:e4:f0:db:e7:d9:91:21:87:5f:2a: 7f:a6:c1:14:dc:4e:dd:e3:90:12:af:91:15:76:1f:22:32:95: 69:df:1b:bb:3e:bc:50:33:91:25:81:1f:59:29:b5:81:de:ab: d9:bb:5d:41:68:34:84:2a:7b:a3:27:3c:34:25:ba:3c:80:84: a0:8c:d1:12:41:c5:d9:79:7f:5c:36:52:07:cb:09:ad:a0:3d: db:a0:83:89:b6:99:9d:f2:31:be:02:bd:eb:dd:03:f7:c7:84: d2:07:e9:a0:c1:ba:48:99:7e:4b:60:19:e3:d0:cf:d6:27:30: 0e:ec:d6:55:4d:83:82:0c:50:13:30:3b:19:71:c2:e8:b6:42: d6:8b:14:b7:f1:4d:ac:39:47:9f:6e:de:4c:4a:69:4e:50:a2: a1:29:ff:9f:48:25:df:ad:5e:2d:4f:e6:97:f9:6c:79:06:7e: 97:14:8c:98 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCRs1Nj3yk0vrlCWLU7kN3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFlMzQ1YzRkMDllNmUyMjRlMWRhZjQ2NjU3ZDNjNzExODdi MDIyMzYwHhcNMjYwMjA5MTIwMTAyWhcNMjYwMjEwMTIwMTAyWjAzMTEwLwYDVQQD EygyOTQ4YTYxYTA1YWZkNDQ5MDFlNjIzNzJhZjFlNzA5YzUzNDE5YThiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLXwQa82dhcM5odjjHEkt+nXLpeP 3QVLtTHFe5rTTd/ynudhQ7FUx3TNZ9hzShKRMklU0MGObYx7EdYwKNd1uGIrOBY2 6mdLhZ2Mvl+gZoyddmK7u/qzfgnjBWiKEmQN0nNpOwzxSZGT/TCNYwZ5PlVj3Hn3 IdVfcu2bgQkTRV1tN91agIQGjb1afSbkoEMM2eEslA3OrGiiATX0Twdv1irL1m3T E295oNVHQ4SRJ+UoadotbBWRHQ6F8VqcujGdZFxnlcAtdVxFp+npsxat8AjVgqb/ TT8SY8QkJ6IBz0kF91B4yBw5k93RKmgHL3CuHkNWL1d/RHOHC+LFkcbwnwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFClIphoFr9RJAeYjcq8ecJxTQZqLMB8GA1UdIwQY MBaAFK40XE0J5uIk4dr0ZlfTxxGHsCI2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcmpSY1RRbm00aVRoMnZSbVY5UEhFWWV3SWpZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8yMWE1M2MtNjNlZi00ZmM1LTk1NDkt M2JmNjE3NzlkZGM3LzEvcmpSY1RRbm00aVRoMnZSbVY5UEhFWWV3SWpZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNC8yMWE1M2MtNjNlZi00ZmM1LTk1NDktM2JmNjE3NzlkZGM3 LzEvcmpSY1RRbm00aVRoMnZSbVY5UEhFWWV3SWpZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmOJTKQAP ysF26ih6m4crbZAcDw8BcBfhbmlwIstWJrQ/ceRiJgsJcmiV+t9BmRQTVZl8sr51 0bgTbXI3N8sdPP/8GPAKGxTfIAbwkS7PAwnk8Nvn2ZEhh18qf6bBFNxO3eOQEq+R FXYfIjKVad8buz68UDORJYEfWSm1gd6r2btdQWg0hCp7oyc8NCW6PICEoIzREkHF 2Xl/XDZSB8sJraA926CDibaZnfIxvgK9690D98eE0gfpoMG6SJl+S2AZ49DP1icw DuzWVU2DggxQEzA7GXHC6LZC1osUt/FNrDlHn27eTEppTlCioSn/n0gl361eLU/m l/lseQZ+lxSMmA== -----END CERTIFICATE-----Generated at Mon Feb 9 19:59:35 2026 by rpki-client