This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.mft File: AIce9D_KCSFC2TVYXyGSZG9HTBw.mft (raw, json) Hash identifier: Ua311LVzT89Is9HSKyv4NqIPmmBr9EGDb6BZbTfCSaY= Subject key identifier: B8:2D:89:E7:91:D3:B8:C9:D8:87:9D:07:49:14:C4:AE:6B:43:98:36 Authority key identifier: 00:87:1E:F4:3F:CA:09:21:42:D9:35:58:5F:21:92:64:6F:47:4C:1C Certificate issuer: /CN=00871ef43fca092142d935585f2192646f474c1c Certificate serial: 019C42EB4FD08CDCBDF6AEE3BFD8BDCD7CC7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AIce9D_KCSFC2TVYXyGSZG9HTBw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.mft Manifest number: 0104 Signing time: Mon 09 Feb 2026 15:00:43 +0000 Manifest this update: Mon 09 Feb 2026 15:00:43 +0000 Manifest next update: Tue 10 Feb 2026 15:00:43 +0000 Files and hashes: 1: AIce9D_KCSFC2TVYXyGSZG9HTBw.crl (hash: SQqQaL7URYUjSIggfwsQo6tfmt5FndSiIOuv2pbimX8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.crl rsync://rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.mft rsync://rpki.ripe.net/repository/DEFAULT/AIce9D_KCSFC2TVYXyGSZG9HTBw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:eb:4f:d0:8c:dc:bd:f6:ae:e3:bf:d8:bd:cd:7c:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=00871ef43fca092142d935585f2192646f474c1c Validity Not Before: Feb 9 15:00:43 2026 GMT Not After : Feb 10 15:00:43 2026 GMT Subject: CN=b82d89e791d3b8c9d8879d074914c4ae6b439836 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:dd:ac:14:c7:9b:b6:78:6c:23:a7:b0:c2:e4: bd:73:bb:5b:c3:21:88:0d:09:88:1e:71:48:98:4e: eb:65:d6:c0:28:fe:9f:fd:6b:c4:4d:59:c9:55:20: 55:a7:76:5f:54:b3:74:97:31:4b:65:d9:ce:4e:54: 41:84:d9:ef:fd:fc:23:d5:47:8b:fe:f3:85:39:51: 52:00:8a:8b:0d:5e:a0:57:39:ad:6a:1c:2d:30:55: f1:c3:07:d8:0a:33:93:4a:a2:af:6b:4e:ea:cd:17: 58:da:b7:1b:9e:fb:47:c1:e2:73:af:c2:e2:0e:cc: cf:45:ee:b7:ee:c0:b4:36:bf:12:94:20:e9:38:ba: 6d:dd:c5:4f:bc:ef:56:2c:80:a0:c1:1e:f3:b7:14: 68:f2:2d:53:31:d6:48:f4:32:1a:43:37:fe:94:be: 9f:02:39:7e:52:b5:e4:db:23:19:81:8a:92:0c:cb: 86:30:07:67:d5:67:c5:18:a9:77:97:2d:09:30:f8: 0c:72:45:53:03:9a:06:90:ea:b1:8a:a1:b0:8d:5f: 02:a7:50:b1:63:44:02:23:89:be:e3:e9:71:8b:62: a6:0c:41:dc:6d:ea:17:0b:f8:d1:ac:2e:11:a6:03: a9:c6:b8:e2:44:3f:80:91:a1:a5:95:32:c7:f6:09: c7:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:2D:89:E7:91:D3:B8:C9:D8:87:9D:07:49:14:C4:AE:6B:43:98:36 X509v3 Authority Key Identifier: keyid:00:87:1E:F4:3F:CA:09:21:42:D9:35:58:5F:21:92:64:6F:47:4C:1C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AIce9D_KCSFC2TVYXyGSZG9HTBw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 83:27:a5:25:12:2b:d6:55:d6:25:7f:ed:8e:5e:9c:b9:05:2b: 29:26:6e:68:85:61:62:d2:05:7c:16:d9:c0:68:be:5a:ef:a7: e7:12:77:0d:45:35:28:b0:91:cf:d7:f7:b6:46:b3:02:95:04: 9c:45:a3:2e:14:4d:ec:ec:28:cd:98:08:32:69:db:7f:39:1e: 7c:7f:06:55:8f:87:30:ad:dc:d2:bf:12:22:79:48:df:61:f1: 4d:f3:df:6b:a7:b4:49:c5:1a:d8:7d:d0:bc:76:48:69:bf:f3: 33:13:7e:28:ec:23:04:30:8f:88:81:56:e6:83:8c:44:27:a1: f3:6a:bb:72:33:cc:1c:cf:a8:10:78:63:ab:4d:3e:b9:a2:17: e2:21:96:02:f9:c3:29:be:a7:b5:c5:d3:e1:ad:81:c6:92:d5: ce:3f:4f:8c:ff:34:c9:0b:87:92:13:ad:fc:36:c7:3a:c4:33: 41:97:b7:c5:c4:06:87:bf:42:33:9f:9e:5d:2b:bc:23:0e:13: 3e:8d:1e:ec:ac:b4:b4:e9:94:07:4c:e4:02:99:23:d6:32:7e: 86:bf:83:d5:66:ed:59:10:92:5c:45:48:b1:1c:9e:99:e7:13: 0e:b8:73:d2:29:24:f1:e1:7b:4c:7c:7e:06:56:83:82:5d:06: 20:b1:fe:45 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxC60/QjNy99q7jv9i9zXzHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAwODcxZWY0M2ZjYTA5MjE0MmQ5MzU1ODVmMjE5MjY0NmY0 NzRjMWMwHhcNMjYwMjA5MTUwMDQzWhcNMjYwMjEwMTUwMDQzWjAzMTEwLwYDVQQD EyhiODJkODllNzkxZDNiOGM5ZDg4NzlkMDc0OTE0YzRhZTZiNDM5ODM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0t2sFMebtnhsI6ewwuS9c7tbwyGI DQmIHnFImE7rZdbAKP6f/WvETVnJVSBVp3ZfVLN0lzFLZdnOTlRBhNnv/fwj1UeL /vOFOVFSAIqLDV6gVzmtahwtMFXxwwfYCjOTSqKva07qzRdY2rcbnvtHweJzr8Li DszPRe637sC0Nr8SlCDpOLpt3cVPvO9WLICgwR7ztxRo8i1TMdZI9DIaQzf+lL6f Ajl+UrXk2yMZgYqSDMuGMAdn1WfFGKl3ly0JMPgMckVTA5oGkOqxiqGwjV8Cp1Cx Y0QCI4m+4+lxi2KmDEHcbeoXC/jRrC4RpgOpxrjiRD+AkaGllTLH9gnHZQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLgtieeR07jJ2IedB0kUxK5rQ5g2MB8GA1UdIwQY MBaAFACHHvQ/ygkhQtk1WF8hkmRvR0wcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQUljZTlEX0tDU0ZDMlRWWVh5R1NaRzlIVEJ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi83YmI1NzYtMzVkYS00YWMxLWI3ZWUt MGE5YzRiZGRjOGFjLzEvQUljZTlEX0tDU0ZDMlRWWVh5R1NaRzlIVEJ3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZi83YmI1NzYtMzVkYS00YWMxLWI3ZWUtMGE5YzRiZGRjOGFj LzEvQUljZTlEX0tDU0ZDMlRWWVh5R1NaRzlIVEJ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgyelJRIr 1lXWJX/tjl6cuQUrKSZuaIVhYtIFfBbZwGi+Wu+n5xJ3DUU1KLCRz9f3tkazApUE nEWjLhRN7OwozZgIMmnbfzkefH8GVY+HMK3c0r8SInlI32HxTfPfa6e0ScUa2H3Q vHZIab/zMxN+KOwjBDCPiIFW5oOMRCeh82q7cjPMHM+oEHhjq00+uaIX4iGWAvnD Kb6ntcXT4a2BxpLVzj9PjP80yQuHkhOt/DbHOsQzQZe3xcQGh79CM5+eXSu8Iw4T Po0e7Ky0tOmUB0zkApkj1jJ+hr+D1WbtWRCSXEVIsRyemecTDrhz0ikk8eF7THx+ BlaDgl0GILH+RQ== -----END CERTIFICATE-----Generated at Tue Feb 10 00:12:48 2026 by rpki-client