This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/5d6491-08ff-494d-8433-098f7c5fd975/1/WKdj8MRnq6pwHZaMN0nG2tA0ibA.mft File: WKdj8MRnq6pwHZaMN0nG2tA0ibA.mft (raw, json) Hash identifier: 0rkCFEa8RWYoXhJKNTZaUE1t4D8FQoBU/eKrURSNbbs= Subject key identifier: 97:09:56:06:46:29:4F:CD:66:5D:00:44:EF:D8:A6:57:55:FD:F3:F7 Authority key identifier: 58:A7:63:F0:C4:67:AB:AA:70:1D:96:8C:37:49:C6:DA:D0:34:89:B0 Certificate issuer: /CN=58a763f0c467abaa701d968c3749c6dad03489b0 Certificate serial: 019B1193D8E5BC011AA839383AE3AA8AED6B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WKdj8MRnq6pwHZaMN0nG2tA0ibA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/5d6491-08ff-494d-8433-098f7c5fd975/1/WKdj8MRnq6pwHZaMN0nG2tA0ibA.mft Manifest number: 0CC0 Signing time: Fri 12 Dec 2025 08:01:00 +0000 Manifest this update: Fri 12 Dec 2025 08:01:00 +0000 Manifest next update: Sat 13 Dec 2025 08:01:00 +0000 Files and hashes: 1: WKdj8MRnq6pwHZaMN0nG2tA0ibA.crl (hash: N5A4/xbDp2FYG4rI6Ho7dBK1J2R662wNOtH6D4aArCo=) 2: ZpykCbVPiyWDmZYOTfO_ZDkVQS8.roa (hash: dMJ7baRxj0geuiw7R0CU8VhA5Y/WfKmOFau3mkt++fI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/5d6491-08ff-494d-8433-098f7c5fd975/1/WKdj8MRnq6pwHZaMN0nG2tA0ibA.crl rsync://rpki.ripe.net/repository/DEFAULT/d8/5d6491-08ff-494d-8433-098f7c5fd975/1/WKdj8MRnq6pwHZaMN0nG2tA0ibA.mft rsync://rpki.ripe.net/repository/DEFAULT/WKdj8MRnq6pwHZaMN0nG2tA0ibA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 13 Dec 2025 08:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:11:93:d8:e5:bc:01:1a:a8:39:38:3a:e3:aa:8a:ed:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=58a763f0c467abaa701d968c3749c6dad03489b0 Validity Not Before: Dec 12 08:01:00 2025 GMT Not After : Dec 13 08:01:00 2025 GMT Subject: CN=9709560646294fcd665d0044efd8a65755fdf3f7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:33:a2:8c:53:6e:1e:08:76:2c:a8:9e:4a:b2: d5:33:30:b6:12:11:23:5c:0c:1e:cb:50:27:d6:3b: 0f:d7:f1:60:ca:d5:2a:9a:2f:4e:99:0d:45:4f:c3: ce:a8:45:a7:7d:3c:e1:0b:2d:be:09:ba:23:3c:99: e7:0b:04:a6:ea:f5:1a:13:5b:f3:8b:53:3f:cc:4e: 35:c3:75:c4:ae:3d:19:f5:02:a9:7c:09:fe:2c:75: 28:e8:0d:e8:2b:c1:46:ad:78:be:04:26:98:9e:0d: f1:42:35:e8:24:a4:dc:c8:7e:81:6b:1a:a2:d1:c4: 03:63:85:9c:84:ca:65:f0:7a:0a:84:21:30:84:4e: c9:97:b8:a5:63:0d:52:ae:85:b4:c3:5b:7b:74:52: dc:04:27:31:8e:8b:aa:fc:13:91:ff:24:0f:f1:17: eb:14:cb:06:f7:62:55:1b:5b:4c:e9:8b:21:93:09: 8f:e7:55:d7:e5:96:0a:c8:ac:92:3e:b3:50:b1:ed: 44:42:60:37:73:26:01:66:f3:31:87:2c:b1:b8:93: 7a:0f:5d:e9:ec:18:3e:e7:48:ba:f0:ca:37:b1:e7: da:2c:0a:7d:3d:b1:34:86:e5:90:89:12:ed:64:bc: 54:2a:8d:75:fc:f9:7f:4a:f2:d7:3a:b8:ae:7c:22: a9:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:09:56:06:46:29:4F:CD:66:5D:00:44:EF:D8:A6:57:55:FD:F3:F7 X509v3 Authority Key Identifier: keyid:58:A7:63:F0:C4:67:AB:AA:70:1D:96:8C:37:49:C6:DA:D0:34:89:B0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WKdj8MRnq6pwHZaMN0nG2tA0ibA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/5d6491-08ff-494d-8433-098f7c5fd975/1/WKdj8MRnq6pwHZaMN0nG2tA0ibA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/5d6491-08ff-494d-8433-098f7c5fd975/1/WKdj8MRnq6pwHZaMN0nG2tA0ibA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 32:01:aa:40:20:ae:eb:6f:c7:56:38:67:31:b5:80:e2:0a:aa: 37:a4:9f:48:34:20:40:c1:89:a8:44:2e:1f:78:89:c8:36:14: 50:5e:5b:ae:0d:11:ea:bf:c5:80:ea:3d:11:e3:fc:7d:70:70: c1:5e:d4:35:74:7a:b5:be:51:6a:b0:f1:92:5c:8f:85:e1:30: 5c:a0:1d:80:8d:d3:a1:16:d6:46:9c:f2:00:2b:71:5b:49:54: 98:8d:1e:3b:44:b7:f3:17:0a:fb:4b:49:88:2a:c4:c9:dd:d3: 72:9b:ff:eb:90:29:fc:19:f0:84:58:b8:cf:43:86:aa:17:ff: 6b:1d:1f:88:d2:24:d1:0a:8d:2b:d2:f1:68:4e:04:76:cb:24: 78:78:ab:71:eb:6f:3c:d5:da:52:93:9c:51:e1:1b:38:07:da: ae:b6:d7:5b:13:09:56:bb:dc:b6:6d:90:49:64:d4:80:d0:69: 24:a8:18:3a:72:e3:44:3f:63:0d:f0:66:c1:c4:29:d9:1d:fc: dc:8c:3f:29:fc:25:37:f1:55:df:fb:9e:b6:9c:4c:9b:5e:be: 5f:e3:15:d1:00:e0:a3:cd:33:9c:e2:f0:81:16:cb:94:5c:a7: 1d:f0:d2:39:17:ec:3a:5a:62:79:31:c5:0a:e2:c9:b9:56:98: 5e:66:c7:a4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsRk9jlvAEaqDk4OuOqiu1rMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU4YTc2M2YwYzQ2N2FiYWE3MDFkOTY4YzM3NDljNmRhZDAz NDg5YjAwHhcNMjUxMjEyMDgwMTAwWhcNMjUxMjEzMDgwMTAwWjAzMTEwLwYDVQQD Eyg5NzA5NTYwNjQ2Mjk0ZmNkNjY1ZDAwNDRlZmQ4YTY1NzU1ZmRmM2Y3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDOijFNuHgh2LKieSrLVMzC2EhEj XAwey1An1jsP1/FgytUqmi9OmQ1FT8POqEWnfTzhCy2+CbojPJnnCwSm6vUaE1vz i1M/zE41w3XErj0Z9QKpfAn+LHUo6A3oK8FGrXi+BCaYng3xQjXoJKTcyH6Baxqi 0cQDY4WchMpl8HoKhCEwhE7Jl7ilYw1SroW0w1t7dFLcBCcxjouq/BOR/yQP8Rfr FMsG92JVG1tM6YshkwmP51XX5ZYKyKySPrNQse1EQmA3cyYBZvMxhyyxuJN6D13p 7Bg+50i68Mo3sefaLAp9PbE0huWQiRLtZLxUKo11/Pl/SvLXOriufCKpRwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJcJVgZGKU/NZl0ARO/YpldV/fP3MB8GA1UdIwQY MBaAFFinY/DEZ6uqcB2WjDdJxtrQNImwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvV0tkajhNUm5xNnB3SFphTU4wbkcydEEwaWJBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC81ZDY0OTEtMDhmZi00OTRkLTg0MzMt MDk4ZjdjNWZkOTc1LzEvV0tkajhNUm5xNnB3SFphTU4wbkcydEEwaWJBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOC81ZDY0OTEtMDhmZi00OTRkLTg0MzMtMDk4ZjdjNWZkOTc1 LzEvV0tkajhNUm5xNnB3SFphTU4wbkcydEEwaWJBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMgGqQCCu 62/HVjhnMbWA4gqqN6SfSDQgQMGJqEQuH3iJyDYUUF5brg0R6r/FgOo9EeP8fXBw wV7UNXR6tb5RarDxklyPheEwXKAdgI3ToRbWRpzyACtxW0lUmI0eO0S38xcK+0tJ iCrEyd3Tcpv/65Ap/BnwhFi4z0OGqhf/ax0fiNIk0QqNK9LxaE4EdsskeHircetv PNXaUpOcUeEbOAfarrbXWxMJVrvctm2QSWTUgNBpJKgYOnLjRD9jDfBmwcQp2R38 3Iw/KfwlN/FV3/uetpxMm16+X+MV0QDgo80znOLwgRbLlFynHfDSORfsOlpieTHF CuLJuVaYXmbHpA== -----END CERTIFICATE-----Generated at Fri Dec 12 17:10:48 2025 by rpki-client