This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/5a448a-5e7a-47e0-87da-cdcfbb100447/1/MZX3NBnoIjKXlM8X-6fpPzdTdKk.mft File: MZX3NBnoIjKXlM8X-6fpPzdTdKk.mft (raw, json) Hash identifier: tf3kOnRkXcth/MWVzQnzUbGsbpiSravMBnLLxlxx3y4= Subject key identifier: E3:43:3D:5F:30:DD:6B:9D:2D:90:94:87:59:6F:41:7F:CA:74:01:A6 Authority key identifier: 31:95:F7:34:19:E8:22:32:97:94:CF:17:FB:A7:E9:3F:37:53:74:A9 Certificate issuer: /CN=3195f73419e822329794cf17fba7e93f375374a9 Certificate serial: 019AF389B8CE47C5BB11D2248B5345159C6B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MZX3NBnoIjKXlM8X-6fpPzdTdKk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/5a448a-5e7a-47e0-87da-cdcfbb100447/1/MZX3NBnoIjKXlM8X-6fpPzdTdKk.mft Manifest number: 1308 Signing time: Sat 06 Dec 2025 12:01:20 +0000 Manifest this update: Sat 06 Dec 2025 12:01:20 +0000 Manifest next update: Sun 07 Dec 2025 12:01:20 +0000 Files and hashes: 1: MZX3NBnoIjKXlM8X-6fpPzdTdKk.crl (hash: WsGKKN8uDQy+K61K0OdLrS+TB8/H58OnHeR59clYFfw=) 2: SCHcZAvBuEDabGE8ZnvuGrNm6LM.roa (hash: +7HN05BMaB78AnyjOqZ5Q8EXtIVzWFh5zSmSPi10HzA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/5a448a-5e7a-47e0-87da-cdcfbb100447/1/MZX3NBnoIjKXlM8X-6fpPzdTdKk.crl rsync://rpki.ripe.net/repository/DEFAULT/14/5a448a-5e7a-47e0-87da-cdcfbb100447/1/MZX3NBnoIjKXlM8X-6fpPzdTdKk.mft rsync://rpki.ripe.net/repository/DEFAULT/MZX3NBnoIjKXlM8X-6fpPzdTdKk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 12:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:89:b8:ce:47:c5:bb:11:d2:24:8b:53:45:15:9c:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3195f73419e822329794cf17fba7e93f375374a9 Validity Not Before: Dec 6 12:01:20 2025 GMT Not After : Dec 7 12:01:20 2025 GMT Subject: CN=e3433d5f30dd6b9d2d909487596f417fca7401a6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:5f:3e:63:34:29:62:1d:78:25:77:3e:70:e9: 5c:ac:ff:4f:1d:10:0c:eb:42:9d:dc:9a:87:9a:1e: 89:32:b2:c0:83:62:df:6b:cc:f6:8a:15:25:98:4f: 75:b2:1f:cf:58:cb:f2:53:9c:ca:ff:38:d4:e1:5c: 97:49:cd:6a:37:c0:cc:76:22:c2:3b:6c:4c:af:91: d3:a4:c6:00:9e:10:19:c1:bc:8b:22:51:74:80:d0: 63:9e:d7:57:1b:c7:31:49:0a:4c:13:43:f9:ba:cf: 45:cd:28:11:f0:dc:44:27:87:e1:40:51:2f:37:be: 4c:ac:59:b3:62:52:29:c7:d5:ed:2b:8c:25:a2:df: 88:7f:1b:71:03:bd:f4:21:bf:a1:ea:87:47:0e:88: be:1d:7a:7a:ae:f5:5e:be:f4:65:35:b6:6b:b8:e9: 39:74:58:88:88:ac:b0:3f:55:1a:c2:25:67:61:41: 90:6f:aa:28:d7:97:53:2e:d4:c1:71:25:67:c0:47: 92:a4:06:e7:7b:6c:e6:6f:e7:cb:77:fd:5f:e8:88: 5d:7d:02:e3:6f:d5:d0:49:11:a3:08:1d:67:e6:10: 93:70:9b:70:3e:11:2f:34:be:34:39:6a:7f:7d:fb: 1e:4a:f4:9b:49:b5:2c:b0:22:a6:bb:22:bf:1b:06: ba:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:43:3D:5F:30:DD:6B:9D:2D:90:94:87:59:6F:41:7F:CA:74:01:A6 X509v3 Authority Key Identifier: keyid:31:95:F7:34:19:E8:22:32:97:94:CF:17:FB:A7:E9:3F:37:53:74:A9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MZX3NBnoIjKXlM8X-6fpPzdTdKk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/5a448a-5e7a-47e0-87da-cdcfbb100447/1/MZX3NBnoIjKXlM8X-6fpPzdTdKk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/5a448a-5e7a-47e0-87da-cdcfbb100447/1/MZX3NBnoIjKXlM8X-6fpPzdTdKk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 86:83:51:53:7c:9a:63:d3:55:d0:46:d7:74:11:cf:49:e5:a6: 22:9c:8b:ec:49:8c:0c:a6:fd:d6:6a:1e:ea:e1:9b:94:eb:f0: 77:ae:77:44:c7:73:bd:74:b1:01:05:45:0e:ae:bf:4c:36:c8: dd:55:83:d0:5b:92:53:0f:b3:12:4c:72:12:43:73:3b:2c:31: 01:e7:de:73:d3:00:79:b0:e4:c3:30:83:6b:22:dd:71:df:76: 9c:b7:25:2a:25:7e:39:09:1e:2c:96:f4:16:3f:37:4e:4b:c4: 2d:19:33:e2:5e:1c:8c:a7:7c:6d:e9:09:99:91:8a:46:e7:97: c8:bc:03:62:fa:ae:cf:ec:df:1b:c0:86:2e:15:3e:c2:ac:ed: a4:78:4d:19:35:13:6e:0d:7d:28:1b:74:86:e8:cc:77:67:8f: 24:84:be:fe:39:d8:51:b0:9f:e4:f2:41:a2:61:b9:2c:7e:5a: 70:a5:5c:df:8e:68:50:31:f0:45:8f:7f:ca:64:d0:be:d8:ff: eb:b4:f3:16:3b:62:f6:a7:99:58:73:cc:bc:22:11:58:14:17: 5b:e5:8f:5a:fd:0a:85:6d:3c:8c:80:c3:3f:25:3b:32:ed:2a: b7:21:02:03:f9:db:fc:bd:f0:51:88:98:d6:1f:23:f3:d5:97: d0:f7:c4:cb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzibjOR8W7EdIki1NFFZxrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMxOTVmNzM0MTllODIyMzI5Nzk0Y2YxN2ZiYTdlOTNmMzc1 Mzc0YTkwHhcNMjUxMjA2MTIwMTIwWhcNMjUxMjA3MTIwMTIwWjAzMTEwLwYDVQQD EyhlMzQzM2Q1ZjMwZGQ2YjlkMmQ5MDk0ODc1OTZmNDE3ZmNhNzQwMWE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3F8+YzQpYh14JXc+cOlcrP9PHRAM 60Kd3JqHmh6JMrLAg2Lfa8z2ihUlmE91sh/PWMvyU5zK/zjU4VyXSc1qN8DMdiLC O2xMr5HTpMYAnhAZwbyLIlF0gNBjntdXG8cxSQpME0P5us9FzSgR8NxEJ4fhQFEv N75MrFmzYlIpx9XtK4wlot+IfxtxA730Ib+h6odHDoi+HXp6rvVevvRlNbZruOk5 dFiIiKywP1UawiVnYUGQb6oo15dTLtTBcSVnwEeSpAbne2zmb+fLd/1f6IhdfQLj b9XQSRGjCB1n5hCTcJtwPhEvNL40OWp/ffseSvSbSbUssCKmuyK/Gwa6ywIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFONDPV8w3WudLZCUh1lvQX/KdAGmMB8GA1UdIwQY MBaAFDGV9zQZ6CIyl5TPF/un6T83U3SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTVpYM05Cbm9JaktYbE04WC02ZnBQemRUZEtrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC81YTQ0OGEtNWU3YS00N2UwLTg3ZGEt Y2RjZmJiMTAwNDQ3LzEvTVpYM05Cbm9JaktYbE04WC02ZnBQemRUZEtrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC81YTQ0OGEtNWU3YS00N2UwLTg3ZGEtY2RjZmJiMTAwNDQ3 LzEvTVpYM05Cbm9JaktYbE04WC02ZnBQemRUZEtrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhoNRU3ya Y9NV0EbXdBHPSeWmIpyL7EmMDKb91moe6uGblOvwd653RMdzvXSxAQVFDq6/TDbI 3VWD0FuSUw+zEkxyEkNzOywxAefec9MAebDkwzCDayLdcd92nLclKiV+OQkeLJb0 Fj83TkvELRkz4l4cjKd8bekJmZGKRueXyLwDYvquz+zfG8CGLhU+wqztpHhNGTUT bg19KBt0hujMd2ePJIS+/jnYUbCf5PJBomG5LH5acKVc345oUDHwRY9/ymTQvtj/ 67TzFjti9qeZWHPMvCIRWBQXW+WPWv0KhW08jIDDPyU7Mu0qtyECA/nb/L3wUYiY 1h8j89WX0PfEyw== -----END CERTIFICATE-----Generated at Sat Dec 6 20:30:25 2025 by rpki-client