This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/9a52fd-0364-4150-aaca-41602fdc9fde/1/duKuT-DA1ssHSbh3rhVaYp_ir9Y.mft File: duKuT-DA1ssHSbh3rhVaYp_ir9Y.mft (raw, json) Hash identifier: GV8htdK0xzajUpK8vFIJjZbEXnBq98EdKz1bmUlet6g= Subject key identifier: 8D:66:04:B9:33:00:9F:8F:49:06:73:4F:2A:8A:FD:76:52:DA:0E:F7 Authority key identifier: 76:E2:AE:4F:E0:C0:D6:CB:07:49:B8:77:AE:15:5A:62:9F:E2:AF:D6 Certificate issuer: /CN=76e2ae4fe0c0d6cb0749b877ae155a629fe2afd6 Certificate serial: 019B33B2408C7509200C27DC06BC5F0F99CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/duKuT-DA1ssHSbh3rhVaYp_ir9Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/9a52fd-0364-4150-aaca-41602fdc9fde/1/duKuT-DA1ssHSbh3rhVaYp_ir9Y.mft Manifest number: 1781 Signing time: Thu 18 Dec 2025 23:01:18 +0000 Manifest this update: Thu 18 Dec 2025 23:01:18 +0000 Manifest next update: Fri 19 Dec 2025 23:01:18 +0000 Files and hashes: 1: duKuT-DA1ssHSbh3rhVaYp_ir9Y.crl (hash: 9cwrOaGwCsqEp2INWG+It93d3gsgskJuBYRTA2aBH70=) 2: x6TyoeiDznZ5SRtqywkNMGfQA5k.roa (hash: 1tj6LlfsRsB/tYIfqw9rOc/KrLH+6NOSUXP1XdEdR5k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/9a52fd-0364-4150-aaca-41602fdc9fde/1/duKuT-DA1ssHSbh3rhVaYp_ir9Y.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/9a52fd-0364-4150-aaca-41602fdc9fde/1/duKuT-DA1ssHSbh3rhVaYp_ir9Y.mft rsync://rpki.ripe.net/repository/DEFAULT/duKuT-DA1ssHSbh3rhVaYp_ir9Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:b2:40:8c:75:09:20:0c:27:dc:06:bc:5f:0f:99:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=76e2ae4fe0c0d6cb0749b877ae155a629fe2afd6 Validity Not Before: Dec 18 23:01:18 2025 GMT Not After : Dec 19 23:01:18 2025 GMT Subject: CN=8d6604b933009f8f4906734f2a8afd7652da0ef7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:5f:b9:03:b0:c3:24:8e:3d:68:b5:73:d3:e0: 91:ee:c7:7b:a7:a8:e9:05:71:cb:16:22:7b:c2:e8: 80:e8:d8:b9:ab:ef:5a:d7:cd:d1:a8:25:f7:32:f4: 8e:1a:ed:5a:e2:97:e0:82:8f:5b:f5:06:ba:53:8c: 5a:7a:4e:fe:bd:84:d4:55:2d:9c:39:b9:dd:05:23: 9d:8d:7a:86:13:60:2d:98:98:de:f6:5a:c4:7c:54: 5b:10:3e:09:ab:83:7e:49:0c:ad:b1:32:85:dd:38: 07:8a:41:e6:ed:d2:76:32:80:ca:c9:d1:2e:05:7c: 55:75:82:57:39:f9:2b:2a:a5:3a:e9:c8:84:30:6f: b5:51:ec:13:b8:ef:ca:b2:7d:99:a8:85:5d:76:1c: 22:8e:e8:30:ac:68:35:31:a5:4e:29:61:e8:2a:6c: 9d:66:a7:3d:a3:1a:c8:d7:7e:14:60:c8:3b:c2:ac: c3:cd:7d:58:ad:32:26:53:b3:39:a2:d2:e6:0e:7f: b5:81:61:6a:91:75:43:df:d4:6a:43:4e:8a:26:05: 93:37:e0:8d:36:e3:3a:20:6b:4a:ef:2b:b5:d7:70: ee:ef:c5:d9:63:03:0b:4d:52:01:a2:c9:d1:7b:8d: b2:03:23:54:58:5c:d2:3c:52:71:bb:da:bb:82:6b: 22:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:66:04:B9:33:00:9F:8F:49:06:73:4F:2A:8A:FD:76:52:DA:0E:F7 X509v3 Authority Key Identifier: keyid:76:E2:AE:4F:E0:C0:D6:CB:07:49:B8:77:AE:15:5A:62:9F:E2:AF:D6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/duKuT-DA1ssHSbh3rhVaYp_ir9Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/9a52fd-0364-4150-aaca-41602fdc9fde/1/duKuT-DA1ssHSbh3rhVaYp_ir9Y.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/9a52fd-0364-4150-aaca-41602fdc9fde/1/duKuT-DA1ssHSbh3rhVaYp_ir9Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 38:f7:de:2e:b1:d5:9b:1b:b8:ca:7a:aa:2d:92:53:df:01:88: ae:95:6e:c9:74:13:6a:e5:82:44:06:b9:ac:3f:b4:b7:66:5b: e3:a0:ff:b9:c9:49:0a:82:8f:83:79:42:37:4a:c9:63:9a:90: a4:87:57:5b:76:68:4a:2d:66:b3:b0:65:c1:0e:21:26:8e:33: 4a:11:32:93:cb:6e:f0:37:a0:1e:98:5d:a2:6d:7e:7f:b5:87: 78:44:88:dd:18:c7:28:3a:0f:3b:95:5f:a5:a4:13:ba:bc:84: 0f:24:33:66:bc:3a:16:e5:12:55:5a:95:7d:bb:92:d9:79:a4: b0:37:0f:aa:c8:aa:8f:4c:93:9f:8a:9c:54:7d:db:9b:38:04: 63:3f:a8:fc:fc:3d:85:99:92:b4:4a:15:0f:37:e2:b7:9c:2a: 8d:5f:b3:07:e2:3d:41:96:fc:1f:64:07:68:4a:ee:07:e1:40: a8:76:f7:62:3a:7a:16:04:d1:79:e4:3d:5f:fe:0e:d8:bc:11: 4f:e2:8f:0a:4e:fd:94:65:3f:a6:08:a9:4a:d9:77:7f:d2:12: bb:2a:76:66:ac:40:28:9d:fb:1e:88:71:fb:74:ff:52:26:81: 27:87:ad:16:13:cb:f1:b0:1b:ef:2b:c4:b3:82:fc:85:9b:6b: e8:be:a1:f7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszskCMdQkgDCfcBrxfD5nPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc2ZTJhZTRmZTBjMGQ2Y2IwNzQ5Yjg3N2FlMTU1YTYyOWZl MmFmZDYwHhcNMjUxMjE4MjMwMTE4WhcNMjUxMjE5MjMwMTE4WjAzMTEwLwYDVQQD Eyg4ZDY2MDRiOTMzMDA5ZjhmNDkwNjczNGYyYThhZmQ3NjUyZGEwZWY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxF+5A7DDJI49aLVz0+CR7sd7p6jp BXHLFiJ7wuiA6Ni5q+9a183RqCX3MvSOGu1a4pfggo9b9Qa6U4xaek7+vYTUVS2c ObndBSOdjXqGE2AtmJje9lrEfFRbED4Jq4N+SQytsTKF3TgHikHm7dJ2MoDKydEu BXxVdYJXOfkrKqU66ciEMG+1UewTuO/Ksn2ZqIVddhwijugwrGg1MaVOKWHoKmyd Zqc9oxrI134UYMg7wqzDzX1YrTImU7M5otLmDn+1gWFqkXVD39RqQ06KJgWTN+CN NuM6IGtK7yu113Du78XZYwMLTVIBosnRe42yAyNUWFzSPFJxu9q7gmsi6QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI1mBLkzAJ+PSQZzTyqK/XZS2g73MB8GA1UdIwQY MBaAFHbirk/gwNbLB0m4d64VWmKf4q/WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZHVLdVQtREExc3NIU2JoM3JoVmFZcF9pcjlZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC85YTUyZmQtMDM2NC00MTUwLWFhY2Et NDE2MDJmZGM5ZmRlLzEvZHVLdVQtREExc3NIU2JoM3JoVmFZcF9pcjlZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC85YTUyZmQtMDM2NC00MTUwLWFhY2EtNDE2MDJmZGM5ZmRl LzEvZHVLdVQtREExc3NIU2JoM3JoVmFZcF9pcjlZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOPfeLrHV mxu4ynqqLZJT3wGIrpVuyXQTauWCRAa5rD+0t2Zb46D/uclJCoKPg3lCN0rJY5qQ pIdXW3ZoSi1ms7BlwQ4hJo4zShEyk8tu8DegHphdom1+f7WHeESI3RjHKDoPO5Vf paQTuryEDyQzZrw6FuUSVVqVfbuS2XmksDcPqsiqj0yTn4qcVH3bmzgEYz+o/Pw9 hZmStEoVDzfit5wqjV+zB+I9QZb8H2QHaEruB+FAqHb3Yjp6FgTReeQ9X/4O2LwR T+KPCk79lGU/pgipStl3f9ISuyp2ZqxAKJ37Hohx+3T/UiaBJ4etFhPL8bAb7yvE s4L8hZtr6L6h9w== -----END CERTIFICATE-----Generated at Fri Dec 19 06:19:06 2025 by rpki-client