This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.mft File: dUI-b2St_Fh6CPgawqySYOsu1hU.mft (raw, json) Hash identifier: Zkc6hpiYv1jZL21aayXcGD6bnys1T8Jw2Fj5zILXKBA= Subject key identifier: CC:1A:8C:83:71:B8:22:10:0E:B0:61:95:5D:12:F7:F3:9B:D9:B9:79 Authority key identifier: 75:42:3E:6F:64:AD:FC:58:7A:08:F8:1A:C2:AC:92:60:EB:2E:D6:15 Certificate issuer: /CN=75423e6f64adfc587a08f81ac2ac9260eb2ed615 Certificate serial: 019B5977A5F96E68272BB6E643113689AE16 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dUI-b2St_Fh6CPgawqySYOsu1hU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.mft Manifest number: 0E08 Signing time: Fri 26 Dec 2025 07:02:52 +0000 Manifest this update: Fri 26 Dec 2025 07:02:52 +0000 Manifest next update: Sat 27 Dec 2025 07:02:52 +0000 Files and hashes: 1: dUI-b2St_Fh6CPgawqySYOsu1hU.crl (hash: atuhpVG1XfbDmbnwTkD6Mar9jxHACOAMgsQLSBglDEE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.crl rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.mft rsync://rpki.ripe.net/repository/DEFAULT/dUI-b2St_Fh6CPgawqySYOsu1hU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:77:a5:f9:6e:68:27:2b:b6:e6:43:11:36:89:ae:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75423e6f64adfc587a08f81ac2ac9260eb2ed615 Validity Not Before: Dec 26 07:02:52 2025 GMT Not After : Dec 27 07:02:52 2025 GMT Subject: CN=cc1a8c8371b822100eb061955d12f7f39bd9b979 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:26:e6:e8:30:a8:1c:0c:b0:0b:f0:61:49:ca: ac:3f:88:5e:1f:fa:e7:5d:80:9b:7c:21:3a:e2:11: 4d:4b:01:03:f5:47:9c:f3:45:bf:b4:0a:a9:93:2a: e9:66:06:93:c9:02:88:f3:00:a1:f8:28:51:f5:aa: 20:7f:e9:4d:3c:31:06:cb:8e:d8:cb:7f:28:1c:e1: 3d:8e:e4:64:c4:34:ae:4d:77:28:d9:25:48:aa:52: 4f:b4:4c:20:32:92:97:a5:5e:c9:2d:6c:8f:50:65: 9d:41:d6:c4:98:3b:4f:d8:62:29:97:c0:ac:b7:e9: da:50:30:83:ad:f3:e4:56:f1:4e:d0:6c:85:41:c5: f4:5a:ae:92:b8:d2:a4:bf:5a:4e:f5:df:ea:e7:46: be:18:b3:d0:0c:a8:ea:74:cc:f1:ac:28:99:be:f0: 83:c6:a2:15:3b:5e:f2:b9:eb:28:0a:26:6b:9a:32: 55:85:e1:7d:19:fb:ff:8e:bd:dd:df:11:55:12:e9: 8d:5a:54:e8:6e:ab:c9:cf:62:00:16:ef:4e:7d:06: 74:7c:e4:86:05:2e:18:d4:b7:19:e3:db:b0:77:62: f4:9f:7f:f3:4c:0f:c8:0a:13:23:5e:6c:9d:1a:65: 6b:e9:14:3e:f3:4d:9b:10:1a:fd:16:3f:97:c4:c2: 7e:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:1A:8C:83:71:B8:22:10:0E:B0:61:95:5D:12:F7:F3:9B:D9:B9:79 X509v3 Authority Key Identifier: keyid:75:42:3E:6F:64:AD:FC:58:7A:08:F8:1A:C2:AC:92:60:EB:2E:D6:15 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dUI-b2St_Fh6CPgawqySYOsu1hU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8c:5b:f8:9e:f4:94:58:ac:15:2c:32:ff:a0:ac:8e:7d:13:cb: 8e:5c:06:b2:66:db:81:0b:fd:4f:42:6e:5b:4c:7b:7d:ab:09: 36:f7:0a:f9:ab:74:75:b9:c8:bb:90:24:4e:d9:9c:d7:2c:5a: e8:fd:8a:80:8f:5b:4b:72:98:d3:8c:4a:db:cd:a1:f5:5f:3f: 3d:04:1b:f9:fe:1f:ec:03:7b:09:75:01:8d:fd:59:80:67:dd: 77:b2:44:96:a5:a4:70:ec:02:04:a9:5c:84:60:6c:8b:36:61: 52:10:f9:e4:74:7d:f7:a8:fc:fa:2a:5a:bb:ff:93:a6:94:01: 3f:c4:8f:e1:b2:f9:86:bd:c5:d6:3a:ee:72:72:e1:f4:2d:9e: 7e:29:01:62:25:eb:d5:f5:36:0a:47:5b:79:34:8f:4d:8c:ff: 31:7a:08:2d:fb:e5:e3:eb:c5:25:ff:2d:98:22:a0:4a:fc:2d: 23:bb:b4:62:f9:c3:f5:96:ad:67:10:41:a0:e1:c3:03:55:79: 3c:8b:69:19:2d:29:66:7e:06:71:3e:83:4d:94:eb:8a:ab:42: 9a:b3:29:cd:ad:0a:be:ca:31:14:84:83:a7:70:27:95:30:3c: 77:b6:47:65:7a:28:2d:a3:76:3e:83:f3:18:8f:54:e6:e4:03: b0:6e:8c:ba -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZd6X5bmgnK7bmQxE2ia4WMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc1NDIzZTZmNjRhZGZjNTg3YTA4ZjgxYWMyYWM5MjYwZWIy ZWQ2MTUwHhcNMjUxMjI2MDcwMjUyWhcNMjUxMjI3MDcwMjUyWjAzMTEwLwYDVQQD EyhjYzFhOGM4MzcxYjgyMjEwMGViMDYxOTU1ZDEyZjdmMzliZDliOTc5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCbm6DCoHAywC/BhScqsP4heH/rn XYCbfCE64hFNSwED9Uec80W/tAqpkyrpZgaTyQKI8wCh+ChR9aogf+lNPDEGy47Y y38oHOE9juRkxDSuTXco2SVIqlJPtEwgMpKXpV7JLWyPUGWdQdbEmDtP2GIpl8Cs t+naUDCDrfPkVvFO0GyFQcX0Wq6SuNKkv1pO9d/q50a+GLPQDKjqdMzxrCiZvvCD xqIVO17yuesoCiZrmjJVheF9Gfv/jr3d3xFVEumNWlTobqvJz2IAFu9OfQZ0fOSG BS4Y1LcZ49uwd2L0n3/zTA/IChMjXmydGmVr6RQ+802bEBr9Fj+XxMJ+3wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMwajINxuCIQDrBhlV0S9/Ob2bl5MB8GA1UdIwQY MBaAFHVCPm9krfxYegj4GsKskmDrLtYVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZFVJLWIyU3RfRmg2Q1BnYXdxeVNZT3N1MWhVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC82YjE2OGYtMmQ1MS00ODgyLWE4NjYt MjliNGY5MmFjOGZkLzEvZFVJLWIyU3RfRmg2Q1BnYXdxeVNZT3N1MWhVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZC82YjE2OGYtMmQ1MS00ODgyLWE4NjYtMjliNGY5MmFjOGZk LzEvZFVJLWIyU3RfRmg2Q1BnYXdxeVNZT3N1MWhVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjFv4nvSU WKwVLDL/oKyOfRPLjlwGsmbbgQv9T0JuW0x7fasJNvcK+at0dbnIu5AkTtmc1yxa 6P2KgI9bS3KY04xK282h9V8/PQQb+f4f7AN7CXUBjf1ZgGfdd7JElqWkcOwCBKlc hGBsizZhUhD55HR996j8+ipau/+TppQBP8SP4bL5hr3F1jrucnLh9C2efikBYiXr 1fU2CkdbeTSPTYz/MXoILfvl4+vFJf8tmCKgSvwtI7u0YvnD9ZatZxBBoOHDA1V5 PItpGS0pZn4GcT6DTZTriqtCmrMpza0KvsoxFISDp3AnlTA8d7ZHZXooLaN2PoPz GI9U5uQDsG6Mug== -----END CERTIFICATE-----Generated at Fri Dec 26 14:07:23 2025 by rpki-client