This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft File: 3frtS0AyNuLKi-twkcug4GpUPQo.mft (raw, json) Hash identifier: IV9rID/+ctmbs14SVBMMZ4mZfIYfcwH5/VJLG/QVyiU= Subject key identifier: 2D:B8:6F:75:06:F3:A2:2B:EC:71:15:76:90:5D:4B:CB:DC:47:EE:C0 Authority key identifier: DD:FA:ED:4B:40:32:36:E2:CA:8B:EB:70:91:CB:A0:E0:6A:54:3D:0A Certificate issuer: /CN=ddfaed4b403236e2ca8beb7091cba0e06a543d0a Certificate serial: 019C4322101079DD4E4AC5EA518205EEC74E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3frtS0AyNuLKi-twkcug4GpUPQo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft Manifest number: 0353 Signing time: Mon 09 Feb 2026 16:00:31 +0000 Manifest this update: Mon 09 Feb 2026 16:00:31 +0000 Manifest next update: Tue 10 Feb 2026 16:00:31 +0000 Files and hashes: 1: 3frtS0AyNuLKi-twkcug4GpUPQo.crl (hash: UlewQ9/v+5xRSpuozF0aRtk/nA/7a1b/oQa8E5AiNX8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.crl rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft rsync://rpki.ripe.net/repository/DEFAULT/3frtS0AyNuLKi-twkcug4GpUPQo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:22:10:10:79:dd:4e:4a:c5:ea:51:82:05:ee:c7:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ddfaed4b403236e2ca8beb7091cba0e06a543d0a Validity Not Before: Feb 9 16:00:31 2026 GMT Not After : Feb 10 16:00:31 2026 GMT Subject: CN=2db86f7506f3a22bec711576905d4bcbdc47eec0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:e3:e4:31:f5:25:b6:c8:6a:80:73:b9:22:d5: de:41:a4:92:6b:4e:e9:45:ea:96:47:af:a0:ba:f0: 34:c7:1a:6d:d2:7b:33:99:0d:00:4b:96:dd:88:01: 67:82:f1:8b:c0:2a:4e:ed:8c:57:3d:cb:b0:5f:27: 0b:68:82:70:d5:2b:1e:c1:df:45:41:d9:ea:17:32: 67:fd:eb:48:64:50:c6:a0:63:ca:f0:32:38:2b:6a: 2e:41:ae:8f:f0:52:ce:5e:3a:de:ee:31:06:9b:db: 96:14:5d:3a:29:a4:2e:42:3c:1c:77:60:7d:9a:38: b9:9b:54:54:fd:0a:ff:14:29:63:6c:8f:11:9a:a9: e1:35:89:17:33:5a:85:91:bd:0e:66:8f:b6:4a:70: 47:d7:8e:12:7b:b6:38:80:f7:07:8c:b6:ca:0e:9d: be:fa:dc:56:8b:a6:3b:72:9e:d8:85:58:56:26:a3: 00:d1:56:a8:f0:51:d9:f4:2b:92:e9:75:90:13:21: 3a:bd:06:34:1f:e6:12:ed:c4:42:de:a6:dd:0b:e0: d1:69:28:63:89:ed:c9:38:5d:43:3d:c0:b2:25:1f: 0c:df:b0:e5:79:2b:53:53:d5:49:af:fc:b4:87:d1: 4d:d8:46:1f:67:dc:ad:fd:22:ce:de:89:ec:4f:17: b4:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:B8:6F:75:06:F3:A2:2B:EC:71:15:76:90:5D:4B:CB:DC:47:EE:C0 X509v3 Authority Key Identifier: keyid:DD:FA:ED:4B:40:32:36:E2:CA:8B:EB:70:91:CB:A0:E0:6A:54:3D:0A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3frtS0AyNuLKi-twkcug4GpUPQo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption d5:3e:df:63:f5:63:10:a9:47:6f:77:f3:5c:61:ad:90:21:5b: 4a:81:6b:94:c9:c8:ef:f9:b8:86:6d:4d:d6:c5:c0:a9:6d:4f: fe:47:45:0e:aa:f6:4d:b9:bd:b6:98:ca:a8:21:7d:18:ed:eb: 0f:0d:2b:1e:10:83:20:21:c9:a5:0a:ae:f6:e3:5a:96:8b:23: 92:b5:55:6f:f1:f0:4a:75:2e:30:77:09:09:16:a3:a0:87:4e: 85:6e:e7:6c:10:b3:77:88:58:7d:3b:c9:38:0f:be:8e:ff:7b: 7d:f4:de:b2:c6:31:bf:8d:1c:fb:26:09:1a:fd:1c:42:b8:1d: cd:9e:f6:b1:f0:e7:14:c2:07:95:29:4c:d8:3d:8f:de:80:53: 0a:9e:d8:5e:ab:1b:c8:70:90:0e:46:48:af:e0:af:77:1f:b7: 28:a2:b2:04:b5:10:37:1c:80:c4:2d:21:b2:d1:67:b4:3d:90: 26:ce:df:ee:4c:fa:ab:ca:f7:90:fd:67:9c:f4:38:8d:aa:de: 4f:69:4e:40:c4:5d:84:4c:fe:49:d2:8b:a0:23:39:a4:39:53: a7:c0:65:69:39:0e:9b:79:6f:37:74:ba:99:dd:cd:4a:80:cf: 70:e6:12:3a:34:ec:c2:2d:50:e0:a7:a3:71:58:c9:2a:9b:82: 23:7b:9d:dc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDIhAQed1OSsXqUYIF7sdOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkZmFlZDRiNDAzMjM2ZTJjYThiZWI3MDkxY2JhMGUwNmE1 NDNkMGEwHhcNMjYwMjA5MTYwMDMxWhcNMjYwMjEwMTYwMDMxWjAzMTEwLwYDVQQD EygyZGI4NmY3NTA2ZjNhMjJiZWM3MTE1NzY5MDVkNGJjYmRjNDdlZWMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOPkMfUltshqgHO5ItXeQaSSa07p ReqWR6+guvA0xxpt0nszmQ0AS5bdiAFngvGLwCpO7YxXPcuwXycLaIJw1Ssewd9F QdnqFzJn/etIZFDGoGPK8DI4K2ouQa6P8FLOXjre7jEGm9uWFF06KaQuQjwcd2B9 mji5m1RU/Qr/FCljbI8RmqnhNYkXM1qFkb0OZo+2SnBH144Se7Y4gPcHjLbKDp2+ +txWi6Y7cp7YhVhWJqMA0Vao8FHZ9CuS6XWQEyE6vQY0H+YS7cRC3qbdC+DRaShj ie3JOF1DPcCyJR8M37DleStTU9VJr/y0h9FN2EYfZ9yt/SLO3onsTxe00wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC24b3UG86Ir7HEVdpBdS8vcR+7AMB8GA1UdIwQY MBaAFN367UtAMjbiyovrcJHLoOBqVD0KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM2ZydFMwQXlOdUxLaS10d2tjdWc0R3BVUFFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9jNTY5MTctMmNjMy00MDY3LTg1MGEt YjkzN2QxMjA1YWIxLzEvM2ZydFMwQXlOdUxLaS10d2tjdWc0R3BVUFFvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNS9jNTY5MTctMmNjMy00MDY3LTg1MGEtYjkzN2QxMjA1YWIx LzEvM2ZydFMwQXlOdUxLaS10d2tjdWc0R3BVUFFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1T7fY/Vj EKlHb3fzXGGtkCFbSoFrlMnI7/m4hm1N1sXAqW1P/kdFDqr2Tbm9tpjKqCF9GO3r Dw0rHhCDICHJpQqu9uNalosjkrVVb/HwSnUuMHcJCRajoIdOhW7nbBCzd4hYfTvJ OA++jv97ffTessYxv40c+yYJGv0cQrgdzZ72sfDnFMIHlSlM2D2P3oBTCp7YXqsb yHCQDkZIr+Cvdx+3KKKyBLUQNxyAxC0hstFntD2QJs7f7kz6q8r3kP1nnPQ4jare T2lOQMRdhEz+SdKLoCM5pDlTp8BlaTkOm3lvN3S6md3NSoDPcOYSOjTswi1Q4Kej cVjJKpuCI3ud3A== -----END CERTIFICATE-----Generated at Mon Feb 9 18:40:41 2026 by rpki-client