This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/524bfe-c5ae-4f67-8413-2748c4002c2e/1/MZLFLzYKOnL-IkQaw_x-DlIl7pE.mft File: MZLFLzYKOnL-IkQaw_x-DlIl7pE.mft (raw, json) Hash identifier: ocvDJoFSqPcjS0dit7cbxi8I946sCzLiIkp+IU9tzVw= Subject key identifier: 0D:8A:99:6D:AF:0D:AF:B4:98:A3:4C:EF:F2:94:9A:98:7D:0C:2D:FD Authority key identifier: 31:92:C5:2F:36:0A:3A:72:FE:22:44:1A:C3:FC:7E:0E:52:25:EE:91 Certificate issuer: /CN=3192c52f360a3a72fe22441ac3fc7e0e5225ee91 Certificate serial: 019AF2ADB3F0B029E31E84797E4FE798CF1A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MZLFLzYKOnL-IkQaw_x-DlIl7pE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/524bfe-c5ae-4f67-8413-2748c4002c2e/1/MZLFLzYKOnL-IkQaw_x-DlIl7pE.mft Manifest number: 16B7 Signing time: Sat 06 Dec 2025 08:01:01 +0000 Manifest this update: Sat 06 Dec 2025 08:01:01 +0000 Manifest next update: Sun 07 Dec 2025 08:01:01 +0000 Files and hashes: 1: LgelsY-16hZE8VmZ4UWScnrAkQA.roa (hash: 5MPF2K6ZagDsXMwY0mVJRSAJCcCewM4ZcbU+TqCGJzs=) 2: MZLFLzYKOnL-IkQaw_x-DlIl7pE.crl (hash: 5s53Nuifgm75XhKMBF+MyJEsk0nJ53pvfFaAZ7wvXi8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/524bfe-c5ae-4f67-8413-2748c4002c2e/1/MZLFLzYKOnL-IkQaw_x-DlIl7pE.crl rsync://rpki.ripe.net/repository/DEFAULT/0f/524bfe-c5ae-4f67-8413-2748c4002c2e/1/MZLFLzYKOnL-IkQaw_x-DlIl7pE.mft rsync://rpki.ripe.net/repository/DEFAULT/MZLFLzYKOnL-IkQaw_x-DlIl7pE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:b3:f0:b0:29:e3:1e:84:79:7e:4f:e7:98:cf:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3192c52f360a3a72fe22441ac3fc7e0e5225ee91 Validity Not Before: Dec 6 08:01:01 2025 GMT Not After : Dec 7 08:01:01 2025 GMT Subject: CN=0d8a996daf0dafb498a34ceff2949a987d0c2dfd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:8f:80:e3:5e:c3:6d:e2:d5:04:a8:93:76:a4: 1c:9c:23:09:b4:8b:c1:77:f0:79:79:08:53:9b:ca: ce:0d:db:ae:cd:3e:0f:fa:57:36:a6:f6:0b:84:cd: b2:9c:ef:c3:3b:61:7c:05:4d:c7:23:ce:a1:15:ea: 1a:0b:d5:30:4b:7d:6a:19:e1:4e:dd:fc:25:7e:41: f9:93:e8:09:ea:93:5b:2d:41:71:81:eb:f8:aa:0e: 86:72:46:96:02:5a:4c:e7:6e:82:78:f3:0e:0c:b4: dd:ed:49:ac:ce:70:f9:09:91:1c:69:e3:e2:4e:08: 61:f6:eb:f3:70:07:5e:de:fb:4c:86:54:56:f9:ed: 24:d8:b6:01:ec:36:dd:4a:77:b3:54:df:9a:2b:b4: f5:92:84:a4:00:19:bd:39:29:a9:d3:78:26:7e:61: f4:e1:c2:f1:69:ad:42:4b:22:f5:82:0b:18:43:07: c6:01:0a:54:70:52:3b:98:ce:26:a3:8f:6b:26:2a: 58:2d:0d:e7:c9:1c:44:4e:24:81:9a:4b:5e:6b:e9: 69:78:11:19:74:9e:b6:22:df:5e:66:80:61:d6:1e: 3a:e3:a6:57:dd:59:56:63:0a:60:f5:86:9b:84:51: f4:b4:0f:6f:55:de:c7:e2:c4:df:c2:ed:bd:6e:d0: 9c:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:8A:99:6D:AF:0D:AF:B4:98:A3:4C:EF:F2:94:9A:98:7D:0C:2D:FD X509v3 Authority Key Identifier: keyid:31:92:C5:2F:36:0A:3A:72:FE:22:44:1A:C3:FC:7E:0E:52:25:EE:91 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MZLFLzYKOnL-IkQaw_x-DlIl7pE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/524bfe-c5ae-4f67-8413-2748c4002c2e/1/MZLFLzYKOnL-IkQaw_x-DlIl7pE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/524bfe-c5ae-4f67-8413-2748c4002c2e/1/MZLFLzYKOnL-IkQaw_x-DlIl7pE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5b:fb:17:e4:e9:dc:26:48:7a:d5:cd:b2:c1:06:61:a1:08:7a: 67:4b:11:8f:a5:4f:2c:d8:30:7a:8e:57:03:06:fb:1c:89:83: e9:e9:27:b9:15:f7:84:01:d5:14:5f:4f:4c:66:97:75:c5:c0: 60:80:bf:47:2a:e7:42:03:50:3c:f0:0f:b9:b3:84:9b:f8:ca: 11:f0:cb:51:8f:fc:f5:95:b6:12:03:81:96:b3:f1:69:7e:fa: 42:a5:e9:02:50:9e:23:c6:96:af:3e:29:fd:eb:3e:05:24:9a: 49:57:dd:91:38:db:b1:57:18:05:1d:87:2c:8e:b7:5f:d2:ca: ea:ca:0c:83:6a:1d:d4:54:78:6f:e4:73:17:0b:69:73:48:91: c9:24:7e:e1:63:59:9f:25:56:55:be:29:06:6f:6a:6a:ad:9e: e6:16:0d:81:61:b7:7b:bb:05:fd:25:d4:10:49:fb:4d:fc:29: 93:b2:22:90:f2:7e:eb:ee:47:20:92:dd:56:0d:d3:31:cc:c4: f0:3b:23:0d:2a:f4:0c:a2:c5:8f:4d:87:b3:bd:de:b2:80:a3: 51:6c:ed:e6:70:96:3b:b1:76:2a:90:d0:c3:a4:bb:42:b6:5e: c2:db:a8:c8:77:02:a6:8f:ed:b8:b8:5b:e7:57:9d:c2:c8:c5: 7f:0b:77:9a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryrbPwsCnjHoR5fk/nmM8aMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMxOTJjNTJmMzYwYTNhNzJmZTIyNDQxYWMzZmM3ZTBlNTIy NWVlOTEwHhcNMjUxMjA2MDgwMTAxWhcNMjUxMjA3MDgwMTAxWjAzMTEwLwYDVQQD EygwZDhhOTk2ZGFmMGRhZmI0OThhMzRjZWZmMjk0OWE5ODdkMGMyZGZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4+A417DbeLVBKiTdqQcnCMJtIvB d/B5eQhTm8rODduuzT4P+lc2pvYLhM2ynO/DO2F8BU3HI86hFeoaC9UwS31qGeFO 3fwlfkH5k+gJ6pNbLUFxgev4qg6GckaWAlpM526CePMODLTd7UmsznD5CZEcaePi Tghh9uvzcAde3vtMhlRW+e0k2LYB7DbdSnezVN+aK7T1koSkABm9OSmp03gmfmH0 4cLxaa1CSyL1ggsYQwfGAQpUcFI7mM4mo49rJipYLQ3nyRxETiSBmktea+lpeBEZ dJ62It9eZoBh1h4646ZX3VlWYwpg9YabhFH0tA9vVd7H4sTfwu29btCcJQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA2KmW2vDa+0mKNM7/KUmph9DC39MB8GA1UdIwQY MBaAFDGSxS82Cjpy/iJEGsP8fg5SJe6RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTVpMRkx6WUtPbkwtSWtRYXdfeC1EbElsN3BFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi81MjRiZmUtYzVhZS00ZjY3LTg0MTMt Mjc0OGM0MDAyYzJlLzEvTVpMRkx6WUtPbkwtSWtRYXdfeC1EbElsN3BFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZi81MjRiZmUtYzVhZS00ZjY3LTg0MTMtMjc0OGM0MDAyYzJl LzEvTVpMRkx6WUtPbkwtSWtRYXdfeC1EbElsN3BFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW/sX5Onc Jkh61c2ywQZhoQh6Z0sRj6VPLNgweo5XAwb7HImD6eknuRX3hAHVFF9PTGaXdcXA YIC/RyrnQgNQPPAPubOEm/jKEfDLUY/89ZW2EgOBlrPxaX76QqXpAlCeI8aWrz4p /es+BSSaSVfdkTjbsVcYBR2HLI63X9LK6soMg2od1FR4b+RzFwtpc0iRySR+4WNZ nyVWVb4pBm9qaq2e5hYNgWG3e7sF/SXUEEn7Tfwpk7IikPJ+6+5HIJLdVg3TMczE 8DsjDSr0DKLFj02Hs73esoCjUWzt5nCWO7F2KpDQw6S7QrZewtuoyHcCpo/tuLhb 51edwsjFfwt3mg== -----END CERTIFICATE-----Generated at Sat Dec 6 09:26:42 2025 by rpki-client