This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.mft File: dUI-b2St_Fh6CPgawqySYOsu1hU.mft (raw, json) Hash identifier: bmu+dEN9SHFr8+qGZpALOOBy7zVP2kyV2b4DUK7nKos= Subject key identifier: FE:6F:0E:3C:04:B1:07:48:39:1B:02:70:4E:AD:2F:A3:B8:C3:36:15 Authority key identifier: 75:42:3E:6F:64:AD:FC:58:7A:08:F8:1A:C2:AC:92:60:EB:2E:D6:15 Certificate issuer: /CN=75423e6f64adfc587a08f81ac2ac9260eb2ed615 Certificate serial: 019B66FB96AC2DDDF5E4E9A5B1E859070CB3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dUI-b2St_Fh6CPgawqySYOsu1hU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.mft Manifest number: 0E0F Signing time: Sun 28 Dec 2025 22:02:02 +0000 Manifest this update: Sun 28 Dec 2025 22:02:02 +0000 Manifest next update: Mon 29 Dec 2025 22:02:02 +0000 Files and hashes: 1: dUI-b2St_Fh6CPgawqySYOsu1hU.crl (hash: anAHCbhjS6ogyB1jUQXDyk6UAwza12Sv44Eo+3XoACA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.crl rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.mft rsync://rpki.ripe.net/repository/DEFAULT/dUI-b2St_Fh6CPgawqySYOsu1hU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 20:59:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:66:fb:96:ac:2d:dd:f5:e4:e9:a5:b1:e8:59:07:0c:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75423e6f64adfc587a08f81ac2ac9260eb2ed615 Validity Not Before: Dec 28 22:02:02 2025 GMT Not After : Dec 29 22:02:02 2025 GMT Subject: CN=fe6f0e3c04b10748391b02704ead2fa3b8c33615 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:c9:48:b4:e8:06:21:34:91:d4:bf:a7:c4:e7: 2c:de:8d:ed:e9:04:61:bd:36:da:23:fe:48:9b:52: b5:b8:1b:bc:b4:cf:4e:53:14:69:aa:e6:1e:fd:f9: 73:6d:bc:50:5d:32:4e:58:8b:25:16:62:31:85:cc: 0c:37:6d:69:e8:12:f0:b5:b2:9a:44:a9:e6:21:bc: 2c:82:ee:8d:a1:91:ab:c2:44:35:48:07:26:c5:5e: a0:eb:57:ef:a0:5c:63:f6:46:ff:e2:34:5d:29:9f: a6:bc:a7:ac:c0:9c:0f:cb:59:5c:2d:b4:25:62:09: 4c:d8:b4:31:87:5f:c5:c0:ba:35:75:d7:cd:a0:b5: a6:b0:a5:5f:b7:32:74:36:ff:23:45:7d:89:04:8e: 70:c5:2c:3c:77:0a:b8:f0:98:5b:1a:9a:9e:5e:21: 52:c4:eb:89:d2:3f:bc:5c:fd:27:25:97:81:68:47: 00:68:f7:34:ac:a5:7c:53:96:73:9f:f6:a2:20:2a: 42:bc:01:da:6f:56:66:9f:17:98:e4:ef:df:80:c2: 6e:8c:22:b7:64:e2:5c:37:26:c8:58:d4:bb:a0:73: f5:c8:53:5d:3a:3d:ad:c4:7e:c9:cf:8e:70:c6:80: 02:5e:37:71:8e:af:1e:ed:dc:3c:81:91:a5:ef:28: 32:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:6F:0E:3C:04:B1:07:48:39:1B:02:70:4E:AD:2F:A3:B8:C3:36:15 X509v3 Authority Key Identifier: keyid:75:42:3E:6F:64:AD:FC:58:7A:08:F8:1A:C2:AC:92:60:EB:2E:D6:15 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dUI-b2St_Fh6CPgawqySYOsu1hU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption da:6d:f3:de:08:f2:35:3f:31:91:04:af:a4:55:fa:6a:10:33: 20:a4:2c:75:8e:a5:02:c5:ee:bc:a6:79:85:0d:08:8a:d0:42: f0:d2:88:3b:df:a0:44:08:01:9a:97:c2:20:68:b6:4c:0f:eb: 6f:b6:e0:39:8d:51:22:ac:83:07:44:88:a5:63:f1:1b:0c:8e: ae:8e:e9:91:c3:d6:bf:72:bd:92:84:05:5b:f4:bb:a9:2d:07: 45:fa:cb:98:b8:53:9c:bb:e9:ab:56:4c:3a:84:43:29:03:b4: 5f:ce:da:74:5b:bd:d5:48:fe:6a:48:f9:46:17:31:68:c1:80: 71:a9:1f:36:79:91:cc:f7:77:20:c8:56:24:79:da:63:d8:9f: c5:e8:8b:cb:52:0f:06:6a:1c:5a:ee:6e:a5:d6:7f:b1:fc:9d: 0e:66:48:a9:74:1a:2b:d3:4e:de:57:e3:40:1f:c4:bb:e1:8a: 0f:1c:00:5a:d4:c8:fc:ae:ed:8e:0d:d9:d6:e8:1f:34:04:f6: 7c:17:7c:21:77:d5:6e:6d:17:67:7e:0b:0b:fe:2a:c4:fb:b0: 72:74:2c:1c:68:52:84:c5:60:2d:ef:a6:d5:a8:bb:33:88:fa: d5:85:93:ec:86:98:59:4b:9f:f5:9c:aa:49:9a:eb:ec:5b:90: ac:41:f3:2b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtm+5asLd315OmlsehZBwyzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc1NDIzZTZmNjRhZGZjNTg3YTA4ZjgxYWMyYWM5MjYwZWIy ZWQ2MTUwHhcNMjUxMjI4MjIwMjAyWhcNMjUxMjI5MjIwMjAyWjAzMTEwLwYDVQQD EyhmZTZmMGUzYzA0YjEwNzQ4MzkxYjAyNzA0ZWFkMmZhM2I4YzMzNjE1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0slItOgGITSR1L+nxOcs3o3t6QRh vTbaI/5Im1K1uBu8tM9OUxRpquYe/flzbbxQXTJOWIslFmIxhcwMN21p6BLwtbKa RKnmIbwsgu6NoZGrwkQ1SAcmxV6g61fvoFxj9kb/4jRdKZ+mvKeswJwPy1lcLbQl YglM2LQxh1/FwLo1ddfNoLWmsKVftzJ0Nv8jRX2JBI5wxSw8dwq48JhbGpqeXiFS xOuJ0j+8XP0nJZeBaEcAaPc0rKV8U5Zzn/aiICpCvAHab1ZmnxeY5O/fgMJujCK3 ZOJcNybIWNS7oHP1yFNdOj2txH7Jz45wxoACXjdxjq8e7dw8gZGl7ygyLQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFP5vDjwEsQdIORsCcE6tL6O4wzYVMB8GA1UdIwQY MBaAFHVCPm9krfxYegj4GsKskmDrLtYVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZFVJLWIyU3RfRmg2Q1BnYXdxeVNZT3N1MWhVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC82YjE2OGYtMmQ1MS00ODgyLWE4NjYt MjliNGY5MmFjOGZkLzEvZFVJLWIyU3RfRmg2Q1BnYXdxeVNZT3N1MWhVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZC82YjE2OGYtMmQ1MS00ODgyLWE4NjYtMjliNGY5MmFjOGZk LzEvZFVJLWIyU3RfRmg2Q1BnYXdxeVNZT3N1MWhVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2m3z3gjy NT8xkQSvpFX6ahAzIKQsdY6lAsXuvKZ5hQ0IitBC8NKIO9+gRAgBmpfCIGi2TA/r b7bgOY1RIqyDB0SIpWPxGwyOro7pkcPWv3K9koQFW/S7qS0HRfrLmLhTnLvpq1ZM OoRDKQO0X87adFu91Uj+akj5RhcxaMGAcakfNnmRzPd3IMhWJHnaY9ifxeiLy1IP BmocWu5updZ/sfydDmZIqXQaK9NO3lfjQB/Eu+GKDxwAWtTI/K7tjg3Z1ugfNAT2 fBd8IXfVbm0XZ34LC/4qxPuwcnQsHGhShMVgLe+m1ai7M4j61YWT7IaYWUuf9Zyq SZrr7FuQrEHzKw== -----END CERTIFICATE-----Generated at Sun Dec 28 23:39:10 2025 by rpki-client