This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft File: Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft (raw, json) Hash identifier: k7OQu74KeFU1yK73MJUD2zN77gIsJ9LEvM5qszG8808= Subject key identifier: BC:6A:11:36:67:47:5F:9D:05:17:09:5F:CF:E9:2A:90:00:89:9E:CF Authority key identifier: 5D:FD:38:3E:16:8D:2E:C9:FB:C3:90:EA:8D:99:A4:BA:F7:EC:3B:5B Certificate issuer: /CN=5dfd383e168d2ec9fbc390ea8d99a4baf7ec3b5b Certificate serial: 019C43227850A550E86D9816C64DB8D2248A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xf04PhaNLsn7w5DqjZmkuvfsO1s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft Manifest number: 02A9 Signing time: Mon 09 Feb 2026 16:00:58 +0000 Manifest this update: Mon 09 Feb 2026 16:00:58 +0000 Manifest next update: Tue 10 Feb 2026 16:00:58 +0000 Files and hashes: 1: Xf04PhaNLsn7w5DqjZmkuvfsO1s.crl (hash: rvU06bczM/BsU1i9w+aHXyNu/7qQ1Ik3+75q0pyUWdY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.crl rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft rsync://rpki.ripe.net/repository/DEFAULT/Xf04PhaNLsn7w5DqjZmkuvfsO1s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:22:78:50:a5:50:e8:6d:98:16:c6:4d:b8:d2:24:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5dfd383e168d2ec9fbc390ea8d99a4baf7ec3b5b Validity Not Before: Feb 9 16:00:58 2026 GMT Not After : Feb 10 16:00:58 2026 GMT Subject: CN=bc6a113667475f9d0517095fcfe92a9000899ecf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:1a:43:7e:0f:f1:50:dd:76:28:7b:ec:c3:0d: 31:e8:cd:cc:5e:15:13:58:2c:d5:61:20:c3:b3:90: eb:06:ef:69:59:fe:3d:0f:a9:d2:8f:11:24:e8:ab: 74:43:d0:ce:ca:e5:bf:2b:2c:17:89:ba:1a:a4:6c: 8a:ee:06:f4:ff:39:79:0e:4f:cb:6a:5d:1b:b8:b5: f1:df:d3:23:ef:50:ff:57:b0:af:0e:70:68:69:9e: 6a:7a:46:14:10:d4:56:f7:80:b0:e3:24:cc:f2:73: 1e:01:2f:cc:8e:a1:e7:1f:01:ed:ff:7a:27:d3:26: c8:8f:f6:a0:e5:a4:8c:af:3a:5b:3a:28:18:6a:30: e6:c6:11:9d:2f:28:66:05:a9:5a:e8:f6:3c:cd:94: 53:a6:15:20:ce:cd:31:11:47:88:e3:ac:d0:e6:4a: 91:4c:54:fc:c8:ba:26:10:36:6e:b7:e2:bd:43:99: ae:3b:0f:7a:13:bb:1b:4d:eb:e3:19:b0:e7:b2:e8: ae:93:46:52:7c:3e:6a:71:52:10:b8:6c:07:d5:1a: 5c:2c:34:ee:65:9c:48:66:0d:73:9c:5e:3e:e5:3a: d7:c7:46:d2:86:63:0b:12:f0:90:ad:17:a9:2e:85: c8:df:b7:12:28:27:8f:4f:1b:7d:31:70:b0:d7:ae: 63:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:6A:11:36:67:47:5F:9D:05:17:09:5F:CF:E9:2A:90:00:89:9E:CF X509v3 Authority Key Identifier: keyid:5D:FD:38:3E:16:8D:2E:C9:FB:C3:90:EA:8D:99:A4:BA:F7:EC:3B:5B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xf04PhaNLsn7w5DqjZmkuvfsO1s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 56:2e:63:09:c7:a8:4a:cb:1f:c9:26:01:cc:c0:4b:85:e2:fe: 89:cd:e7:40:30:4a:08:54:54:db:3f:d7:34:6f:32:55:8b:ec: a1:e3:25:3e:40:28:cb:d8:1f:75:8a:6c:1a:a3:64:3a:38:9d: 82:59:5f:75:f9:09:f2:50:f2:49:e5:ca:89:2a:19:72:97:8f: 5e:a9:98:10:53:6f:b3:57:4a:f8:64:20:ce:e7:81:9d:44:45: 38:b5:37:f7:b1:5f:c0:ad:ab:d8:13:0a:0c:56:8c:41:b2:5f: 39:3a:3e:6b:b0:6a:c4:10:02:f5:67:e0:e4:19:d1:39:55:91: 9f:b7:db:0f:a7:90:51:d0:7b:7a:32:62:c1:c0:5e:b3:c7:ca: ae:75:41:d9:1d:6a:47:51:d5:30:68:8d:5d:cd:73:27:bd:48: f4:0c:0b:49:67:4b:67:2e:d4:10:73:40:50:46:6a:13:81:e6: 40:0c:70:29:9b:09:8d:96:7d:5c:9a:2c:58:08:e3:99:0b:7e: f7:c2:a3:b8:b4:c8:47:07:13:7b:0f:c0:dc:a4:03:de:5e:09: 05:08:03:38:37:39:9a:83:0c:80:b7:b6:5d:1a:fd:62:7c:f9: 50:d3:6d:5b:53:1c:48:67:9e:09:b3:0e:d5:3d:cd:91:46:1c: 90:25:d8:d0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDInhQpVDobZgWxk240iSKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkZmQzODNlMTY4ZDJlYzlmYmMzOTBlYThkOTlhNGJhZjdl YzNiNWIwHhcNMjYwMjA5MTYwMDU4WhcNMjYwMjEwMTYwMDU4WjAzMTEwLwYDVQQD EyhiYzZhMTEzNjY3NDc1ZjlkMDUxNzA5NWZjZmU5MmE5MDAwODk5ZWNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRpDfg/xUN12KHvsww0x6M3MXhUT WCzVYSDDs5DrBu9pWf49D6nSjxEk6Kt0Q9DOyuW/KywXiboapGyK7gb0/zl5Dk/L al0buLXx39Mj71D/V7CvDnBoaZ5qekYUENRW94Cw4yTM8nMeAS/MjqHnHwHt/3on 0ybIj/ag5aSMrzpbOigYajDmxhGdLyhmBala6PY8zZRTphUgzs0xEUeI46zQ5kqR TFT8yLomEDZut+K9Q5muOw96E7sbTevjGbDnsuiuk0ZSfD5qcVIQuGwH1RpcLDTu ZZxIZg1znF4+5TrXx0bShmMLEvCQrRepLoXI37cSKCePTxt9MXCw165jKwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLxqETZnR1+dBRcJX8/pKpAAiZ7PMB8GA1UdIwQY MBaAFF39OD4WjS7J+8OQ6o2ZpLr37DtbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGYwNFBoYU5Mc243dzVEcWpabWt1dmZzTzFzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8zNDQwNGEtNDEzMi00ZTgzLThlNDYt MzkwZTkzNWJlZGEzLzEvWGYwNFBoYU5Mc243dzVEcWpabWt1dmZzTzFzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOS8zNDQwNGEtNDEzMi00ZTgzLThlNDYtMzkwZTkzNWJlZGEz LzEvWGYwNFBoYU5Mc243dzVEcWpabWt1dmZzTzFzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVi5jCceo SssfySYBzMBLheL+ic3nQDBKCFRU2z/XNG8yVYvsoeMlPkAoy9gfdYpsGqNkOjid gllfdfkJ8lDySeXKiSoZcpePXqmYEFNvs1dK+GQgzueBnURFOLU397FfwK2r2BMK DFaMQbJfOTo+a7BqxBAC9Wfg5BnROVWRn7fbD6eQUdB7ejJiwcBes8fKrnVB2R1q R1HVMGiNXc1zJ71I9AwLSWdLZy7UEHNAUEZqE4HmQAxwKZsJjZZ9XJosWAjjmQt+ 98KjuLTIRwcTew/A3KQD3l4JBQgDODc5moMMgLe2XRr9Ynz5UNNtW1McSGeeCbMO 1T3NkUYckCXY0A== -----END CERTIFICATE-----Generated at Mon Feb 9 22:43:27 2026 by rpki-client