This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/5d6491-08ff-494d-8433-098f7c5fd975/1/WKdj8MRnq6pwHZaMN0nG2tA0ibA.mft File: WKdj8MRnq6pwHZaMN0nG2tA0ibA.mft (raw, json) Hash identifier: 9OiR/VMIsIQRmnWPGvJIqdbm5fvEgKSZgsQoBR5k5+o= Subject key identifier: 88:4A:99:E1:FC:15:9B:EE:EA:01:AC:29:49:2E:10:50:72:1A:62:DA Authority key identifier: 58:A7:63:F0:C4:67:AB:AA:70:1D:96:8C:37:49:C6:DA:D0:34:89:B0 Certificate issuer: /CN=58a763f0c467abaa701d968c3749c6dad03489b0 Certificate serial: 019B3C102CB497D0222D1701D4CA8E0B85AE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WKdj8MRnq6pwHZaMN0nG2tA0ibA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/5d6491-08ff-494d-8433-098f7c5fd975/1/WKdj8MRnq6pwHZaMN0nG2tA0ibA.mft Manifest number: 0CD6 Signing time: Sat 20 Dec 2025 14:00:51 +0000 Manifest this update: Sat 20 Dec 2025 14:00:51 +0000 Manifest next update: Sun 21 Dec 2025 14:00:51 +0000 Files and hashes: 1: WKdj8MRnq6pwHZaMN0nG2tA0ibA.crl (hash: sNe1GrfWEtOe53WeRDfLT6OyhBu2cmbX50ePn0pZssQ=) 2: ZpykCbVPiyWDmZYOTfO_ZDkVQS8.roa (hash: dMJ7baRxj0geuiw7R0CU8VhA5Y/WfKmOFau3mkt++fI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/5d6491-08ff-494d-8433-098f7c5fd975/1/WKdj8MRnq6pwHZaMN0nG2tA0ibA.crl rsync://rpki.ripe.net/repository/DEFAULT/d8/5d6491-08ff-494d-8433-098f7c5fd975/1/WKdj8MRnq6pwHZaMN0nG2tA0ibA.mft rsync://rpki.ripe.net/repository/DEFAULT/WKdj8MRnq6pwHZaMN0nG2tA0ibA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:10:2c:b4:97:d0:22:2d:17:01:d4:ca:8e:0b:85:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=58a763f0c467abaa701d968c3749c6dad03489b0 Validity Not Before: Dec 20 14:00:51 2025 GMT Not After : Dec 21 14:00:51 2025 GMT Subject: CN=884a99e1fc159beeea01ac29492e1050721a62da Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:36:40:d4:b3:ce:6d:a6:04:43:67:4d:82:c0: 70:2a:42:06:b0:34:8a:ce:3a:08:e2:c7:5e:86:d7: 8c:82:59:29:17:9a:83:2f:a4:92:09:27:04:aa:3d: 46:7f:15:28:f5:8d:05:1a:08:ce:17:94:08:5e:b8: 00:5d:ce:2e:fe:f0:4d:a3:22:24:37:f5:f1:69:ad: cc:6b:58:34:e7:4a:8d:6c:af:fa:f5:96:4d:37:64: c0:13:58:5a:b3:2c:d0:35:2b:fd:25:3e:e8:ca:fe: 72:5d:b7:a9:19:b9:af:09:f2:9a:4b:e0:64:d4:4f: 2f:31:6e:36:e2:9a:af:75:2e:62:72:fa:af:f4:f4: b9:75:87:7f:9d:e9:2f:75:ac:90:42:cd:87:0b:66: 46:c8:6d:90:0b:2a:89:f3:47:37:e2:b2:04:84:ec: 06:88:de:d0:04:67:41:2f:2b:d8:74:2f:2d:ef:00: 8f:43:84:80:30:b2:d0:d0:0a:f5:b3:40:e6:cd:d3: 3c:21:2a:c7:46:be:13:8b:32:b5:53:6e:67:f3:b7: cc:8d:0e:fd:37:e4:15:6c:d5:b5:9f:ce:c6:c3:9b: de:5f:bb:20:38:c6:71:68:a1:2d:61:8d:37:bd:b3: 62:7c:fe:75:08:67:6b:30:39:1c:b9:29:e3:55:1e: 9e:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:4A:99:E1:FC:15:9B:EE:EA:01:AC:29:49:2E:10:50:72:1A:62:DA X509v3 Authority Key Identifier: keyid:58:A7:63:F0:C4:67:AB:AA:70:1D:96:8C:37:49:C6:DA:D0:34:89:B0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WKdj8MRnq6pwHZaMN0nG2tA0ibA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/5d6491-08ff-494d-8433-098f7c5fd975/1/WKdj8MRnq6pwHZaMN0nG2tA0ibA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/5d6491-08ff-494d-8433-098f7c5fd975/1/WKdj8MRnq6pwHZaMN0nG2tA0ibA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 86:e5:8c:1b:7c:bd:c5:d8:d0:23:6b:2a:5a:af:59:51:02:d2: fd:8f:5c:22:d5:08:a6:dd:b9:70:b6:cf:e1:b2:9a:d9:53:78: c1:c0:96:be:08:69:7f:2b:9e:d8:c8:41:4c:10:eb:bc:6b:60: a5:5f:b0:31:ef:19:1c:2f:74:3c:8f:3f:b9:ba:5f:17:18:8f: 16:78:63:69:bb:85:98:02:9d:97:b1:00:f5:2d:9e:05:6c:62: d4:d8:05:a5:3c:e4:7e:18:f3:17:25:10:e1:10:cf:fa:98:24: 5e:e5:0f:1b:fa:3b:c9:17:2a:1f:77:56:fe:ba:b5:f5:54:5b: 58:30:c2:97:cf:41:d8:d9:39:c5:15:20:c5:b2:44:d9:50:ea: 71:71:e1:ed:a7:b9:a0:40:64:53:62:4d:b8:a6:cb:24:46:e8: ff:83:62:0c:d7:e2:48:65:d1:74:e3:09:dd:c6:33:cb:ea:ac: 29:2e:f8:b4:6f:dc:bd:50:3f:80:b5:1c:cf:b1:12:f1:55:70: bf:ac:19:ef:36:88:ae:45:da:85:a6:ce:f0:d9:ad:ef:f5:48: 70:e1:8b:dd:68:9d:33:b9:ad:e0:7f:67:a1:29:0a:b7:7f:b0: ff:f6:be:68:e5:bd:f5:cd:c4:b0:e4:95:55:70:a5:4a:27:71: f3:08:80:9c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8ECy0l9AiLRcB1MqOC4WuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU4YTc2M2YwYzQ2N2FiYWE3MDFkOTY4YzM3NDljNmRhZDAz NDg5YjAwHhcNMjUxMjIwMTQwMDUxWhcNMjUxMjIxMTQwMDUxWjAzMTEwLwYDVQQD Eyg4ODRhOTllMWZjMTU5YmVlZWEwMWFjMjk0OTJlMTA1MDcyMWE2MmRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzZA1LPObaYEQ2dNgsBwKkIGsDSK zjoI4sdehteMglkpF5qDL6SSCScEqj1GfxUo9Y0FGgjOF5QIXrgAXc4u/vBNoyIk N/Xxaa3Ma1g050qNbK/69ZZNN2TAE1hasyzQNSv9JT7oyv5yXbepGbmvCfKaS+Bk 1E8vMW424pqvdS5icvqv9PS5dYd/nekvdayQQs2HC2ZGyG2QCyqJ80c34rIEhOwG iN7QBGdBLyvYdC8t7wCPQ4SAMLLQ0Ar1s0DmzdM8ISrHRr4TizK1U25n87fMjQ79 N+QVbNW1n87Gw5veX7sgOMZxaKEtYY03vbNifP51CGdrMDkcuSnjVR6eKQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIhKmeH8FZvu6gGsKUkuEFByGmLaMB8GA1UdIwQY MBaAFFinY/DEZ6uqcB2WjDdJxtrQNImwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvV0tkajhNUm5xNnB3SFphTU4wbkcydEEwaWJBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC81ZDY0OTEtMDhmZi00OTRkLTg0MzMt MDk4ZjdjNWZkOTc1LzEvV0tkajhNUm5xNnB3SFphTU4wbkcydEEwaWJBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOC81ZDY0OTEtMDhmZi00OTRkLTg0MzMtMDk4ZjdjNWZkOTc1 LzEvV0tkajhNUm5xNnB3SFphTU4wbkcydEEwaWJBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhuWMG3y9 xdjQI2sqWq9ZUQLS/Y9cItUIpt25cLbP4bKa2VN4wcCWvghpfyue2MhBTBDrvGtg pV+wMe8ZHC90PI8/ubpfFxiPFnhjabuFmAKdl7EA9S2eBWxi1NgFpTzkfhjzFyUQ 4RDP+pgkXuUPG/o7yRcqH3dW/rq19VRbWDDCl89B2Nk5xRUgxbJE2VDqcXHh7ae5 oEBkU2JNuKbLJEbo/4NiDNfiSGXRdOMJ3cYzy+qsKS74tG/cvVA/gLUcz7ES8VVw v6wZ7zaIrkXahabO8Nmt7/VIcOGL3WidM7mt4H9noSkKt3+w//a+aOW99c3EsOSV VXClSidx8wiAnA== -----END CERTIFICATE-----Generated at Sat Dec 20 20:03:18 2025 by rpki-client