This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft File: WnMRox5rU6F10ZE1sryZOh-5hLE.mft (raw, json) Hash identifier: FeieZqqVpWrPfPuFF0E6PgFTfUbPKsRE3N1dsbNnwok= Subject key identifier: C4:67:8C:43:49:AB:76:02:0F:48:CE:82:69:C3:17:48:BA:1C:8D:C0 Authority key identifier: 5A:73:11:A3:1E:6B:53:A1:75:D1:91:35:B2:BC:99:3A:1F:B9:84:B1 Certificate issuer: /CN=5a7311a31e6b53a175d19135b2bc993a1fb984b1 Certificate serial: 019AF276C3A4BC3639551322310E2521C770 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft Manifest number: 1587 Signing time: Sat 06 Dec 2025 07:01:00 +0000 Manifest this update: Sat 06 Dec 2025 07:01:00 +0000 Manifest next update: Sun 07 Dec 2025 07:01:00 +0000 Files and hashes: 1: WnMRox5rU6F10ZE1sryZOh-5hLE.crl (hash: SUR6rhMCKyuZ6/QW+QjsS55gFjnVpyfjFaMxgDQ43QQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.crl rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 07:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:76:c3:a4:bc:36:39:55:13:22:31:0e:25:21:c7:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5a7311a31e6b53a175d19135b2bc993a1fb984b1 Validity Not Before: Dec 6 07:01:00 2025 GMT Not After : Dec 7 07:01:00 2025 GMT Subject: CN=c4678c4349ab76020f48ce8269c31748ba1c8dc0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:e4:0d:b7:0c:25:57:e1:31:f8:98:cb:8a:f5: 07:f3:37:a5:f9:ec:ad:eb:2f:cb:18:7c:c5:c6:3b: da:32:97:f4:bc:10:b6:2c:00:08:34:ab:6a:71:20: d2:9f:49:04:64:2a:af:86:49:22:0e:e5:ce:ef:41: 82:5d:c5:04:b4:8c:84:e6:30:74:ee:73:bb:d6:77: 33:27:19:45:1d:2b:6e:ca:50:d5:86:78:35:f8:61: d5:1e:8b:33:3a:96:bd:80:75:c1:80:8b:fc:a9:6b: 46:d4:fd:47:50:62:dd:e5:e3:fb:f7:91:f7:a2:fa: 3c:e2:f6:1a:8a:e7:8f:a6:e4:28:44:d0:ec:77:8e: 83:8f:41:f1:32:f9:5a:16:a9:98:7f:68:6b:89:0e: 9b:c8:0e:49:7c:1d:91:05:79:0f:6d:b6:b7:57:a0: 4f:88:f7:83:8a:1d:3c:0a:ec:b8:c7:f6:c1:3b:e7: 93:14:66:e8:20:f8:5e:59:56:5b:a5:17:99:ed:94: 0c:9e:3d:e3:79:90:11:17:ad:62:0e:03:3f:de:4b: 45:c4:19:f4:d2:74:87:f8:52:3e:b9:03:00:a0:42: 27:41:1f:fd:81:06:61:50:84:10:f1:90:24:30:4c: b9:0a:ea:22:8b:6c:bb:fe:ff:7a:a0:e9:b2:91:9f: 37:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:67:8C:43:49:AB:76:02:0F:48:CE:82:69:C3:17:48:BA:1C:8D:C0 X509v3 Authority Key Identifier: keyid:5A:73:11:A3:1E:6B:53:A1:75:D1:91:35:B2:BC:99:3A:1F:B9:84:B1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3f:67:59:26:54:65:0d:03:9b:2e:f7:dc:52:f8:6e:fe:70:cd: f3:c8:62:94:bb:d1:6d:e2:96:54:7d:66:1a:1e:4a:80:0e:67: d9:1c:6d:bb:3b:7c:a7:39:46:7c:f3:f2:0f:8e:dd:3e:d6:35: 6f:f0:a9:56:0e:f5:8f:e5:dd:1b:4a:17:bb:47:fb:00:ec:af: a5:ea:30:42:78:df:04:be:60:7c:9e:68:7a:7d:ad:84:be:50: 20:f5:c9:ae:71:e9:bb:95:d4:91:ca:1f:05:bd:df:47:8c:92: 95:b5:83:19:46:58:5f:d3:39:f5:e8:38:25:50:6d:f5:1c:a4: 1c:2e:f3:73:c2:8f:53:9e:65:ae:92:82:9e:bb:14:2e:4a:58: 4e:55:b4:8f:b0:34:c7:0e:70:a8:6a:13:41:9c:f8:cd:83:35: 63:fa:6f:6e:bb:ca:c6:d5:e5:9d:c1:24:9d:c1:a3:47:6a:df: 62:c0:76:a4:cf:1d:28:be:c4:b1:48:ad:88:e8:87:f2:77:0f: 73:ac:99:6c:29:b3:f8:40:65:4a:05:c2:e1:cd:e4:85:40:d8: 95:87:83:48:30:19:1d:3a:23:5b:e8:66:79:b4:ca:90:e4:7f: ef:0c:90:ce:ac:c4:7c:eb:69:a4:b7:0a:49:33:88:20:c8:f3: b2:76:69:52 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydsOkvDY5VRMiMQ4lIcdwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVhNzMxMWEzMWU2YjUzYTE3NWQxOTEzNWIyYmM5OTNhMWZi OTg0YjEwHhcNMjUxMjA2MDcwMTAwWhcNMjUxMjA3MDcwMTAwWjAzMTEwLwYDVQQD EyhjNDY3OGM0MzQ5YWI3NjAyMGY0OGNlODI2OWMzMTc0OGJhMWM4ZGMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuQNtwwlV+Ex+JjLivUH8zel+eyt 6y/LGHzFxjvaMpf0vBC2LAAINKtqcSDSn0kEZCqvhkkiDuXO70GCXcUEtIyE5jB0 7nO71nczJxlFHStuylDVhng1+GHVHoszOpa9gHXBgIv8qWtG1P1HUGLd5eP795H3 ovo84vYaiuePpuQoRNDsd46Dj0HxMvlaFqmYf2hriQ6byA5JfB2RBXkPbba3V6BP iPeDih08Cuy4x/bBO+eTFGboIPheWVZbpReZ7ZQMnj3jeZARF61iDgM/3ktFxBn0 0nSH+FI+uQMAoEInQR/9gQZhUIQQ8ZAkMEy5Cuoii2y7/v96oOmykZ83+QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMRnjENJq3YCD0jOgmnDF0i6HI3AMB8GA1UdIwQY MBaAFFpzEaMea1OhddGRNbK8mTofuYSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9lNjc3ODEtMTcxZC00MGQ3LTkwMzct MWJhYTgzYzhhMDM2LzEvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS9lNjc3ODEtMTcxZC00MGQ3LTkwMzctMWJhYTgzYzhhMDM2 LzEvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP2dZJlRl DQObLvfcUvhu/nDN88hilLvRbeKWVH1mGh5KgA5n2Rxtuzt8pzlGfPPyD47dPtY1 b/CpVg71j+XdG0oXu0f7AOyvpeowQnjfBL5gfJ5oen2thL5QIPXJrnHpu5XUkcof Bb3fR4ySlbWDGUZYX9M59eg4JVBt9RykHC7zc8KPU55lrpKCnrsULkpYTlW0j7A0 xw5wqGoTQZz4zYM1Y/pvbrvKxtXlncEkncGjR2rfYsB2pM8dKL7EsUitiOiH8ncP c6yZbCmz+EBlSgXC4c3khUDYlYeDSDAZHTojW+hmebTKkOR/7wyQzqzEfOtppLcK STOIIMjzsnZpUg== -----END CERTIFICATE-----Generated at Sat Dec 6 15:38:01 2025 by rpki-client