This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft File: NuBUKH2-dgYtF3DYPGoWAADbDX0.mft (raw, json) Hash identifier: sn23tIoFwwYXtEep5gh+iO6o4UErekd4+zCxNjmIkls= Subject key identifier: C2:8C:7F:BF:E3:53:70:2E:2B:42:AF:38:87:B2:39:DA:A8:AB:7C:9A Authority key identifier: 36:E0:54:28:7D:BE:76:06:2D:17:70:D8:3C:6A:16:00:00:DB:0D:7D Certificate issuer: /CN=36e054287dbe76062d1770d83c6a160000db0d7d Certificate serial: 019C4321EAD70A4C6E35041DE542C3EF1440 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft Manifest number: 07BC Signing time: Mon 09 Feb 2026 16:00:22 +0000 Manifest this update: Mon 09 Feb 2026 16:00:22 +0000 Manifest next update: Tue 10 Feb 2026 16:00:22 +0000 Files and hashes: 1: NuBUKH2-dgYtF3DYPGoWAADbDX0.crl (hash: QQ46ZrQvHftjm3OoVo6ltwCIYL/8jtNPRH1QxyqGtbw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.crl rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:21:ea:d7:0a:4c:6e:35:04:1d:e5:42:c3:ef:14:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36e054287dbe76062d1770d83c6a160000db0d7d Validity Not Before: Feb 9 16:00:22 2026 GMT Not After : Feb 10 16:00:22 2026 GMT Subject: CN=c28c7fbfe353702e2b42af3887b239daa8ab7c9a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:42:ce:b4:55:ca:15:32:25:0f:f5:8a:22:bf: 42:bb:4c:26:67:a7:21:8c:d9:92:ac:71:e7:bc:46: 82:8e:4b:49:fb:9c:0c:aa:0f:b3:d0:f8:9a:30:3b: f5:33:bb:21:df:cc:12:f2:e4:32:dc:1b:f5:9b:6d: 7f:c8:24:75:b3:5f:ab:7c:84:81:91:04:6c:4e:00: f4:c4:38:b8:80:a8:a2:b6:0e:6e:b1:e0:45:6a:08: 31:bf:c0:ab:53:b4:a7:01:49:43:99:20:52:e5:1f: 65:ff:c5:95:25:65:98:5e:73:25:07:1c:61:71:61: 5b:bf:66:9e:2c:f6:ce:4b:62:01:d1:7f:2c:4f:c8: be:9c:7b:5a:47:59:49:a7:13:0b:39:89:5c:9f:97: e3:14:55:ec:66:78:f8:bc:10:01:f6:70:3a:eb:fb: 75:00:57:ac:a5:ce:b5:32:f4:12:b4:ab:76:e4:73: d5:a4:48:9d:bd:14:2c:eb:7b:78:58:3b:3b:f2:19: 17:c9:a1:e8:a2:35:e7:bf:41:42:86:5a:5c:4f:10: 7b:9a:a8:96:1b:6d:69:7b:d0:75:c2:ea:ce:73:cd: df:a5:2b:e9:48:8a:76:ba:49:23:37:28:06:35:3c: c1:fc:bf:06:29:bb:4f:c0:a8:7c:8e:10:c4:f3:8a: f7:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:8C:7F:BF:E3:53:70:2E:2B:42:AF:38:87:B2:39:DA:A8:AB:7C:9A X509v3 Authority Key Identifier: keyid:36:E0:54:28:7D:BE:76:06:2D:17:70:D8:3C:6A:16:00:00:DB:0D:7D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NuBUKH2-dgYtF3DYPGoWAADbDX0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/a2b8e6-8d54-439b-8ce1-c4974ac2672e/1/NuBUKH2-dgYtF3DYPGoWAADbDX0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8f:20:6f:2c:07:69:6d:da:db:62:78:59:c4:5b:0b:1e:e3:94: ed:3a:8b:82:d0:59:24:50:cf:d0:52:1a:9b:37:25:68:c4:8c: b9:62:45:87:9f:67:d6:59:aa:d4:77:c8:30:5f:c1:ae:e8:82: c0:ca:f4:72:7a:04:c7:ff:c5:ff:51:2a:25:62:0e:7c:1b:22: 16:69:1f:e9:23:e9:e1:83:10:f3:9d:30:42:f3:2e:2b:80:16: 69:65:3e:4b:de:6b:81:19:6a:1e:b7:19:1e:37:34:14:d5:f2: a6:f4:2e:2f:4d:30:f6:8d:8d:87:64:43:4f:f4:ac:5c:d1:d9: ab:b5:dc:bf:34:95:bf:33:41:78:f0:a6:cf:57:e6:ec:e1:f2: cf:0d:88:18:d7:e6:17:e2:b0:cc:19:f6:28:91:87:57:3c:69: e4:4e:fe:1f:89:0d:2a:e5:b6:6d:84:a8:eb:13:e5:da:ab:18: d6:62:b3:6c:b1:0a:54:c5:23:aa:b9:9e:22:44:79:e0:d7:84: 39:04:b2:23:2f:d7:51:fe:8b:c2:8d:9a:ac:e6:b4:4c:13:68: 6b:ec:37:79:09:b2:be:4c:b8:f8:bc:bf:de:a1:89:d4:a2:df: 95:b7:02:d0:cb:72:43:a4:5c:29:6a:76:e5:f9:bd:3e:97:14: 4a:fc:d1:bb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDIerXCkxuNQQd5ULD7xRAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2ZTA1NDI4N2RiZTc2MDYyZDE3NzBkODNjNmExNjAwMDBk YjBkN2QwHhcNMjYwMjA5MTYwMDIyWhcNMjYwMjEwMTYwMDIyWjAzMTEwLwYDVQQD EyhjMjhjN2ZiZmUzNTM3MDJlMmI0MmFmMzg4N2IyMzlkYWE4YWI3YzlhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ELOtFXKFTIlD/WKIr9Cu0wmZ6ch jNmSrHHnvEaCjktJ+5wMqg+z0PiaMDv1M7sh38wS8uQy3Bv1m21/yCR1s1+rfISB kQRsTgD0xDi4gKiitg5useBFaggxv8CrU7SnAUlDmSBS5R9l/8WVJWWYXnMlBxxh cWFbv2aeLPbOS2IB0X8sT8i+nHtaR1lJpxMLOYlcn5fjFFXsZnj4vBAB9nA66/t1 AFespc61MvQStKt25HPVpEidvRQs63t4WDs78hkXyaHoojXnv0FChlpcTxB7mqiW G21pe9B1wurOc83fpSvpSIp2ukkjNygGNTzB/L8GKbtPwKh8jhDE84r3RwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMKMf7/jU3AuK0KvOIeyOdqoq3yaMB8GA1UdIwQY MBaAFDbgVCh9vnYGLRdw2DxqFgAA2w19MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9hMmI4ZTYtOGQ1NC00MzliLThjZTEt YzQ5NzRhYzI2NzJlLzEvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYi9hMmI4ZTYtOGQ1NC00MzliLThjZTEtYzQ5NzRhYzI2NzJl LzEvTnVCVUtIMi1kZ1l0RjNEWVBHb1dBQURiRFgwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjyBvLAdp bdrbYnhZxFsLHuOU7TqLgtBZJFDP0FIamzclaMSMuWJFh59n1lmq1HfIMF/BruiC wMr0cnoEx//F/1EqJWIOfBsiFmkf6SPp4YMQ850wQvMuK4AWaWU+S95rgRlqHrcZ Hjc0FNXypvQuL00w9o2Nh2RDT/SsXNHZq7XcvzSVvzNBePCmz1fm7OHyzw2IGNfm F+KwzBn2KJGHVzxp5E7+H4kNKuW2bYSo6xPl2qsY1mKzbLEKVMUjqrmeIkR54NeE OQSyIy/XUf6Lwo2arOa0TBNoa+w3eQmyvky4+Ly/3qGJ1KLflbcC0MtyQ6RcKWp2 5fm9PpcUSvzRuw== -----END CERTIFICATE-----Generated at Mon Feb 9 23:52:22 2026 by rpki-client