This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft File: WnMRox5rU6F10ZE1sryZOh-5hLE.mft (raw, json) Hash identifier: dhsWL5dLfxiNzAx6VRRFfHk6ZH7IGMgLhfXbuQMeDQ0= Subject key identifier: 32:36:70:4B:45:EA:8F:64:0D:28:6B:9B:FB:66:D7:75:7B:BF:B0:4D Authority key identifier: 5A:73:11:A3:1E:6B:53:A1:75:D1:91:35:B2:BC:99:3A:1F:B9:84:B1 Certificate issuer: /CN=5a7311a31e6b53a175d19135b2bc993a1fb984b1 Certificate serial: 019B476F8755F4483B9C769014E14D8234A8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft Manifest number: 15B3 Signing time: Mon 22 Dec 2025 19:00:49 +0000 Manifest this update: Mon 22 Dec 2025 19:00:49 +0000 Manifest next update: Tue 23 Dec 2025 19:00:49 +0000 Files and hashes: 1: WnMRox5rU6F10ZE1sryZOh-5hLE.crl (hash: 4nAPmfhYA0YkFJZZLAY9N4ElsE8pHyxPH94zINNPr0s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.crl rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 19:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:47:6f:87:55:f4:48:3b:9c:76:90:14:e1:4d:82:34:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5a7311a31e6b53a175d19135b2bc993a1fb984b1 Validity Not Before: Dec 22 19:00:49 2025 GMT Not After : Dec 23 19:00:49 2025 GMT Subject: CN=3236704b45ea8f640d286b9bfb66d7757bbfb04d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:39:22:ce:e1:27:09:04:36:db:0e:49:eb:53: d2:95:05:1e:21:12:05:d1:6a:f2:52:2a:80:d7:57: 26:c0:0d:f3:3b:3a:65:40:2e:58:91:e9:3c:67:65: 19:cb:c8:33:c3:e4:e7:5e:11:55:5e:89:32:a3:be: fd:88:bc:7f:7b:d5:31:c5:53:3a:e0:61:42:52:cc: ea:ce:c1:5f:1c:5c:84:c0:63:ef:83:d1:45:bb:19: 55:71:fe:48:3a:53:1f:10:eb:82:a8:72:64:08:aa: 65:42:69:0f:0d:14:36:c2:44:d9:b4:f1:3d:a5:a8: c2:f2:d6:df:08:11:15:f7:9f:69:ab:27:0d:28:9a: d8:ce:0f:4d:33:d5:d9:fd:61:69:09:94:10:03:1f: 46:43:39:84:78:7b:28:65:2e:ff:5c:6b:7f:83:0c: 92:e0:3a:bd:a7:95:31:12:8f:6c:60:ac:ce:0a:fc: 2d:9f:1d:e2:a2:fb:9a:a9:a9:d9:66:cd:ee:7c:68: 37:eb:22:28:4a:f2:ab:ff:8a:5a:77:cf:a8:88:8e: 4c:84:48:c4:da:e0:10:33:4c:13:c0:d8:69:bf:d3: 24:a4:58:13:f6:7d:9f:18:7e:91:34:8a:b8:ab:de: 2d:2d:cb:0c:23:4f:c9:3a:53:52:c3:7a:e4:7b:16: f4:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:36:70:4B:45:EA:8F:64:0D:28:6B:9B:FB:66:D7:75:7B:BF:B0:4D X509v3 Authority Key Identifier: keyid:5A:73:11:A3:1E:6B:53:A1:75:D1:91:35:B2:BC:99:3A:1F:B9:84:B1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9f:0b:f8:47:b0:16:68:57:e2:12:60:36:54:1c:d6:2c:ef:cc: a8:92:9f:44:d3:3f:63:0f:9c:b8:07:47:54:ba:9b:ec:5f:73: 19:e7:8b:78:2a:d3:a4:8f:eb:06:b7:58:e8:dc:1b:d1:40:be: fe:15:f3:4e:82:20:ee:87:94:53:53:d1:f3:aa:f5:d8:21:9e: 2e:eb:e2:13:71:cd:d9:39:d5:18:1e:19:e6:8a:bc:78:56:62: f5:de:3d:b1:74:e1:1a:83:24:11:04:20:31:70:05:98:bc:bd: 64:ed:29:ea:24:80:b7:bb:40:26:df:d7:a4:63:71:85:d6:ee: e2:4a:09:fb:1a:18:2b:fb:c2:86:77:6a:bc:64:4c:72:11:e7: d1:8e:73:d6:fd:46:a7:1f:83:59:e8:c5:87:83:c6:ce:98:a5: a0:c8:99:3b:64:d7:d3:44:e6:f6:56:2c:c8:c4:ca:89:8d:7e: d4:de:60:84:14:10:cf:ab:1b:cf:8d:64:45:25:fd:3f:fb:06: 65:2e:07:a9:7a:5a:47:34:3b:ed:e8:50:a6:57:60:0e:b9:d4: 48:fc:24:29:4b:24:0b:a6:b8:7c:bc:7b:43:70:6b:41:89:e8: e6:e4:1f:29:31:84:93:b7:fb:11:75:52:b9:73:cb:c9:ab:ec: 12:d2:72:4c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtHb4dV9Eg7nHaQFOFNgjSoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVhNzMxMWEzMWU2YjUzYTE3NWQxOTEzNWIyYmM5OTNhMWZi OTg0YjEwHhcNMjUxMjIyMTkwMDQ5WhcNMjUxMjIzMTkwMDQ5WjAzMTEwLwYDVQQD EygzMjM2NzA0YjQ1ZWE4ZjY0MGQyODZiOWJmYjY2ZDc3NTdiYmZiMDRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizkizuEnCQQ22w5J61PSlQUeIRIF 0WryUiqA11cmwA3zOzplQC5Ykek8Z2UZy8gzw+TnXhFVXokyo779iLx/e9UxxVM6 4GFCUszqzsFfHFyEwGPvg9FFuxlVcf5IOlMfEOuCqHJkCKplQmkPDRQ2wkTZtPE9 pajC8tbfCBEV959pqycNKJrYzg9NM9XZ/WFpCZQQAx9GQzmEeHsoZS7/XGt/gwyS 4Dq9p5UxEo9sYKzOCvwtnx3iovuaqanZZs3ufGg36yIoSvKr/4pad8+oiI5MhEjE 2uAQM0wTwNhpv9MkpFgT9n2fGH6RNIq4q94tLcsMI0/JOlNSw3rkexb0mwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDI2cEtF6o9kDShrm/tm13V7v7BNMB8GA1UdIwQY MBaAFFpzEaMea1OhddGRNbK8mTofuYSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9lNjc3ODEtMTcxZC00MGQ3LTkwMzct MWJhYTgzYzhhMDM2LzEvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS9lNjc3ODEtMTcxZC00MGQ3LTkwMzctMWJhYTgzYzhhMDM2 LzEvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnwv4R7AW aFfiEmA2VBzWLO/MqJKfRNM/Yw+cuAdHVLqb7F9zGeeLeCrTpI/rBrdY6Nwb0UC+ /hXzToIg7oeUU1PR86r12CGeLuviE3HN2TnVGB4Z5oq8eFZi9d49sXThGoMkEQQg MXAFmLy9ZO0p6iSAt7tAJt/XpGNxhdbu4koJ+xoYK/vChndqvGRMchHn0Y5z1v1G px+DWejFh4PGzpiloMiZO2TX00Tm9lYsyMTKiY1+1N5ghBQQz6sbz41kRSX9P/sG ZS4HqXpaRzQ77ehQpldgDrnUSPwkKUskC6a4fLx7Q3BrQYno5uQfKTGEk7f7EXVS uXPLyavsEtJyTA== -----END CERTIFICATE-----Generated at Tue Dec 23 03:14:40 2025 by rpki-client