This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/d27b3a-3cec-4139-87e8-3518d806ffc3/1/WKNa-48AdsEVWKz_QGPy9YooF8o.mft File: WKNa-48AdsEVWKz_QGPy9YooF8o.mft (raw, json) Hash identifier: sAEBYOdtziPys2a+hBheoLv65qnVb2bZxuw8bDPDrxM= Subject key identifier: 91:D1:48:C4:0A:1E:1C:40:00:67:A0:F4:1A:45:55:1B:80:3B:3F:91 Authority key identifier: 58:A3:5A:FB:8F:00:76:C1:15:58:AC:FF:40:63:F2:F5:8A:28:17:CA Certificate issuer: /CN=58a35afb8f0076c11558acff4063f2f58a2817ca Certificate serial: 019B1E73C219B450B561B4AEA5D5CB39B0EC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WKNa-48AdsEVWKz_QGPy9YooF8o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/d27b3a-3cec-4139-87e8-3518d806ffc3/1/WKNa-48AdsEVWKz_QGPy9YooF8o.mft Manifest number: 055F Signing time: Sun 14 Dec 2025 20:01:01 +0000 Manifest this update: Sun 14 Dec 2025 20:01:01 +0000 Manifest next update: Mon 15 Dec 2025 20:01:01 +0000 Files and hashes: 1: WKNa-48AdsEVWKz_QGPy9YooF8o.crl (hash: y/N2ri9p2hPP+gm6/pJlximm9C6mn8i4m1tEVW9nUPg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/d27b3a-3cec-4139-87e8-3518d806ffc3/1/WKNa-48AdsEVWKz_QGPy9YooF8o.crl rsync://rpki.ripe.net/repository/DEFAULT/60/d27b3a-3cec-4139-87e8-3518d806ffc3/1/WKNa-48AdsEVWKz_QGPy9YooF8o.mft rsync://rpki.ripe.net/repository/DEFAULT/WKNa-48AdsEVWKz_QGPy9YooF8o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 20:01:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1e:73:c2:19:b4:50:b5:61:b4:ae:a5:d5:cb:39:b0:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=58a35afb8f0076c11558acff4063f2f58a2817ca Validity Not Before: Dec 14 20:01:01 2025 GMT Not After : Dec 15 20:01:01 2025 GMT Subject: CN=91d148c40a1e1c400067a0f41a45551b803b3f91 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:ea:ea:6e:d9:0f:c0:d0:64:20:24:68:d9:ce: 2f:78:b4:2a:27:bc:60:56:4a:df:0c:1e:99:db:59: b4:eb:25:7a:e2:64:46:61:9d:42:3a:cc:6c:94:78: 61:ea:eb:d1:30:bb:5d:19:1d:f5:d9:b1:71:08:3c: ab:80:fe:c6:88:68:9c:35:d8:c6:4c:69:f0:d1:68: c8:1b:0a:34:7d:45:0f:92:01:c8:18:59:b8:78:fa: 53:4a:cc:9a:b0:b4:cf:88:24:66:10:70:f7:cc:8f: 4e:97:74:cb:dd:60:6e:08:be:37:2d:a4:1d:9e:6b: 56:27:88:2b:99:61:b0:53:23:21:7a:49:94:44:24: 3a:57:78:0b:b1:65:e4:ae:9a:ff:bf:ec:da:39:b5: bc:74:08:60:ec:79:b3:80:db:0a:d8:eb:c6:22:11: df:25:8f:ad:61:54:09:6f:11:5b:d6:3f:79:33:c0: b3:0f:1b:62:b5:22:e3:71:d9:c1:83:5b:7b:e1:c1: 99:0b:da:57:da:b1:41:bd:fe:0e:97:65:6e:6f:8b: f6:bb:45:d9:eb:96:74:72:be:43:c3:2d:b7:ba:3c: 2a:d9:51:13:65:5f:cf:b6:47:f5:df:4c:f0:cb:30: c5:8d:2f:b2:2d:35:07:3d:42:0d:ab:79:6b:ed:bb: c1:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:D1:48:C4:0A:1E:1C:40:00:67:A0:F4:1A:45:55:1B:80:3B:3F:91 X509v3 Authority Key Identifier: keyid:58:A3:5A:FB:8F:00:76:C1:15:58:AC:FF:40:63:F2:F5:8A:28:17:CA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WKNa-48AdsEVWKz_QGPy9YooF8o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d27b3a-3cec-4139-87e8-3518d806ffc3/1/WKNa-48AdsEVWKz_QGPy9YooF8o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d27b3a-3cec-4139-87e8-3518d806ffc3/1/WKNa-48AdsEVWKz_QGPy9YooF8o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 68:07:1c:74:55:14:b6:3a:8e:c7:24:86:91:17:46:8b:20:a8: e5:5a:cf:e5:a9:a4:07:1b:c8:54:42:25:ee:5d:c5:38:2a:fb: 75:19:61:32:a0:ca:c2:3e:23:3d:bb:68:51:c9:c2:72:1e:0f: 5d:43:25:d3:c2:a9:bf:c7:53:d1:6f:88:01:38:f6:c6:4f:8e: 1a:d9:ae:0b:ea:06:82:3f:83:b8:d6:9f:4c:a9:aa:9d:da:02: 8a:73:cb:9d:40:33:e6:7e:de:dc:d9:11:17:0e:8a:b0:f4:c2: 8e:dc:04:bf:be:e0:7a:09:42:93:e5:9b:1a:86:d9:ce:d9:bb: b7:ee:5b:11:0f:2b:9a:19:76:fe:a2:dc:77:06:ac:05:32:7d: 7f:39:26:57:b2:b7:57:5d:8c:64:41:11:26:2f:1d:5f:90:4c: a8:c3:2d:70:33:d1:ca:de:fe:fa:54:55:bb:01:6c:8a:bf:0f: d4:b5:74:4c:72:af:b3:8c:c5:62:0f:b0:ef:5b:d2:c6:3e:47: a2:40:3f:e9:90:7d:64:72:9a:2e:78:aa:c5:44:30:8f:dc:fd: 74:43:a1:d7:51:28:4e:ec:cb:cb:a1:f4:21:b8:89:c2:8c:f5: bf:cd:b4:35:a1:21:5e:aa:76:90:95:08:e6:19:b4:65:13:77: 63:a9:c6:76 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsec8IZtFC1YbSupdXLObDsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU4YTM1YWZiOGYwMDc2YzExNTU4YWNmZjQwNjNmMmY1OGEy ODE3Y2EwHhcNMjUxMjE0MjAwMTAxWhcNMjUxMjE1MjAwMTAxWjAzMTEwLwYDVQQD Eyg5MWQxNDhjNDBhMWUxYzQwMDA2N2EwZjQxYTQ1NTUxYjgwM2IzZjkxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmerqbtkPwNBkICRo2c4veLQqJ7xg VkrfDB6Z21m06yV64mRGYZ1COsxslHhh6uvRMLtdGR312bFxCDyrgP7GiGicNdjG TGnw0WjIGwo0fUUPkgHIGFm4ePpTSsyasLTPiCRmEHD3zI9Ol3TL3WBuCL43LaQd nmtWJ4grmWGwUyMhekmURCQ6V3gLsWXkrpr/v+zaObW8dAhg7HmzgNsK2OvGIhHf JY+tYVQJbxFb1j95M8CzDxtitSLjcdnBg1t74cGZC9pX2rFBvf4Ol2Vub4v2u0XZ 65Z0cr5Dwy23ujwq2VETZV/Ptkf130zwyzDFjS+yLTUHPUINq3lr7bvBUQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJHRSMQKHhxAAGeg9BpFVRuAOz+RMB8GA1UdIwQY MBaAFFijWvuPAHbBFVis/0Bj8vWKKBfKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvV0tOYS00OEFkc0VWV0t6X1FHUHk5WW9vRjhvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9kMjdiM2EtM2NlYy00MTM5LTg3ZTgt MzUxOGQ4MDZmZmMzLzEvV0tOYS00OEFkc0VWV0t6X1FHUHk5WW9vRjhvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82MC9kMjdiM2EtM2NlYy00MTM5LTg3ZTgtMzUxOGQ4MDZmZmMz LzEvV0tOYS00OEFkc0VWV0t6X1FHUHk5WW9vRjhvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaAccdFUU tjqOxySGkRdGiyCo5VrP5amkBxvIVEIl7l3FOCr7dRlhMqDKwj4jPbtoUcnCch4P XUMl08Kpv8dT0W+IATj2xk+OGtmuC+oGgj+DuNafTKmqndoCinPLnUAz5n7e3NkR Fw6KsPTCjtwEv77geglCk+WbGobZztm7t+5bEQ8rmhl2/qLcdwasBTJ9fzkmV7K3 V12MZEERJi8dX5BMqMMtcDPRyt7++lRVuwFsir8P1LV0THKvs4zFYg+w71vSxj5H okA/6ZB9ZHKaLniqxUQwj9z9dEOh11EoTuzLy6H0IbiJwoz1v820NaEhXqp2kJUI 5hm0ZRN3Y6nGdg== -----END CERTIFICATE-----Generated at Mon Dec 15 04:55:58 2025 by rpki-client