This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft File: WnMRox5rU6F10ZE1sryZOh-5hLE.mft (raw, json) Hash identifier: 5bBPISZBOUV9SQs+PUtOGkmT0z/o8PKUpC4UOxuY7yo= Subject key identifier: 21:13:24:9C:B9:78:B7:73:E3:68:78:99:4D:A5:A0:2C:1B:A0:5B:4C Authority key identifier: 5A:73:11:A3:1E:6B:53:A1:75:D1:91:35:B2:BC:99:3A:1F:B9:84:B1 Certificate issuer: /CN=5a7311a31e6b53a175d19135b2bc993a1fb984b1 Certificate serial: 019B75C8989BD9125F571B8B91383F566995 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft Manifest number: 15CB Signing time: Wed 31 Dec 2025 19:00:39 +0000 Manifest this update: Wed 31 Dec 2025 19:00:39 +0000 Manifest next update: Thu 01 Jan 2026 19:00:39 +0000 Files and hashes: 1: WnMRox5rU6F10ZE1sryZOh-5hLE.crl (hash: h9j21dAyEf9x9pW60PhwbPfPd1CLB3+8OLlIPvt1YZ4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.crl rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 01 Jan 2026 19:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:75:c8:98:9b:d9:12:5f:57:1b:8b:91:38:3f:56:69:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5a7311a31e6b53a175d19135b2bc993a1fb984b1 Validity Not Before: Dec 31 19:00:39 2025 GMT Not After : Jan 1 19:00:39 2026 GMT Subject: CN=2113249cb978b773e36878994da5a02c1ba05b4c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:3b:b0:61:e7:95:ba:db:c4:03:1b:f0:a1:73: 11:34:02:5c:db:93:85:a8:68:3c:b7:7f:e6:a8:08: 8c:0a:46:ef:b4:ab:f1:38:7e:69:8c:7f:20:6b:ef: 69:71:eb:87:ca:23:aa:28:78:0a:67:6a:d7:e7:04: f6:49:e5:4d:60:aa:38:c8:bb:8c:b3:a6:7b:4b:6f: 3c:f3:aa:f7:cc:10:4c:7d:e2:03:22:96:2d:6f:5e: f3:ae:13:e5:f6:3f:a0:4e:f9:35:cd:d9:b8:6c:bc: bf:c8:06:68:d2:06:83:a0:b3:6d:55:f1:ee:bc:b0: 2b:86:a5:e2:b8:b8:b4:22:c3:89:f1:90:07:41:35: be:66:a9:17:48:8a:a4:88:a4:f8:65:1d:d4:5d:54: 8e:40:e0:7d:2d:83:4d:55:7b:c1:be:20:53:52:c3: ef:2d:49:57:cd:8a:86:37:5a:b9:5b:6d:2d:fb:1d: e8:85:b7:80:55:d6:1e:06:b3:60:10:a8:04:88:5e: 2c:0c:cf:1b:0f:91:8c:9a:9e:6e:47:cd:a0:91:0f: 7d:bf:f7:b3:0d:e0:67:37:79:4d:b7:65:12:41:e4: 66:bb:4e:9d:b1:de:2f:8c:76:df:9b:44:2e:75:a7: b7:94:80:7d:f8:78:25:65:ef:c0:ec:47:5f:f1:24: 20:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:13:24:9C:B9:78:B7:73:E3:68:78:99:4D:A5:A0:2C:1B:A0:5B:4C X509v3 Authority Key Identifier: keyid:5A:73:11:A3:1E:6B:53:A1:75:D1:91:35:B2:BC:99:3A:1F:B9:84:B1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 88:ed:52:e0:8f:e1:a8:65:4e:b1:8e:a1:9b:a9:03:a2:85:0d: 5a:08:b5:72:dd:9e:4c:b0:a7:42:c5:9c:8b:e5:07:07:af:96: 87:f4:49:3d:4e:7a:4d:d1:dc:33:e9:08:7e:29:c2:1c:ee:55: c9:1a:8e:ea:37:0d:e8:be:87:56:ae:61:89:47:9e:19:ca:21: f4:0f:06:61:79:c1:97:fa:4f:90:76:5f:a6:31:b3:03:be:91: b3:c9:73:a9:12:68:df:12:9f:1b:66:ed:37:66:4c:82:94:fc: bc:91:9f:b9:b6:f8:ab:92:04:11:71:49:55:0d:0c:77:95:35: e3:9a:18:33:b7:a2:ba:47:f8:c5:56:58:8e:f0:8e:55:02:e7: b7:b1:10:68:cf:9d:ef:41:13:ac:6d:af:3c:da:d9:b5:6a:9e: 6b:d2:e1:f8:c1:27:b4:ca:27:e9:ac:1f:ce:28:66:27:24:91: 5a:20:29:89:8e:c0:2e:a2:1e:82:82:1a:45:ce:9d:ed:23:81: 45:3d:29:4a:0e:cb:20:be:80:f9:0e:33:44:76:ff:b9:17:b2: 10:83:b6:0f:a4:68:e5:a4:b4:ea:0a:d3:3c:a1:f7:1c:a0:3a: 8f:ef:41:ae:58:ef:21:9e:d3:fe:66:15:44:e0:73:7d:6e:6e: 12:91:59:38 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt1yJib2RJfVxuLkTg/VmmVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVhNzMxMWEzMWU2YjUzYTE3NWQxOTEzNWIyYmM5OTNhMWZi OTg0YjEwHhcNMjUxMjMxMTkwMDM5WhcNMjYwMTAxMTkwMDM5WjAzMTEwLwYDVQQD EygyMTEzMjQ5Y2I5NzhiNzczZTM2ODc4OTk0ZGE1YTAyYzFiYTA1YjRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2TuwYeeVutvEAxvwoXMRNAJc25OF qGg8t3/mqAiMCkbvtKvxOH5pjH8ga+9pceuHyiOqKHgKZ2rX5wT2SeVNYKo4yLuM s6Z7S28886r3zBBMfeIDIpYtb17zrhPl9j+gTvk1zdm4bLy/yAZo0gaDoLNtVfHu vLArhqXiuLi0IsOJ8ZAHQTW+ZqkXSIqkiKT4ZR3UXVSOQOB9LYNNVXvBviBTUsPv LUlXzYqGN1q5W20t+x3ohbeAVdYeBrNgEKgEiF4sDM8bD5GMmp5uR82gkQ99v/ez DeBnN3lNt2USQeRmu06dsd4vjHbfm0Qudae3lIB9+HglZe/A7Edf8SQg2wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCETJJy5eLdz42h4mU2loCwboFtMMB8GA1UdIwQY MBaAFFpzEaMea1OhddGRNbK8mTofuYSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9lNjc3ODEtMTcxZC00MGQ3LTkwMzct MWJhYTgzYzhhMDM2LzEvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS9lNjc3ODEtMTcxZC00MGQ3LTkwMzctMWJhYTgzYzhhMDM2 LzEvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiO1S4I/h qGVOsY6hm6kDooUNWgi1ct2eTLCnQsWci+UHB6+Wh/RJPU56TdHcM+kIfinCHO5V yRqO6jcN6L6HVq5hiUeeGcoh9A8GYXnBl/pPkHZfpjGzA76Rs8lzqRJo3xKfG2bt N2ZMgpT8vJGfubb4q5IEEXFJVQ0Md5U145oYM7eiukf4xVZYjvCOVQLnt7EQaM+d 70ETrG2vPNrZtWqea9Lh+MEntMon6awfzihmJySRWiApiY7ALqIegoIaRc6d7SOB RT0pSg7LIL6A+Q4zRHb/uReyEIO2D6Ro5aS06grTPKH3HKA6j+9BrljvIZ7T/mYV ROBzfW5uEpFZOA== -----END CERTIFICATE-----Generated at Thu Jan 1 03:51:13 2026 by rpki-client