This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/5a448a-5e7a-47e0-87da-cdcfbb100447/1/MZX3NBnoIjKXlM8X-6fpPzdTdKk.mft File: MZX3NBnoIjKXlM8X-6fpPzdTdKk.mft (raw, json) Hash identifier: S8XZBBSlUeRvfMv0BxGs32O/ePHGBnSwCUu3XZe2DPI= Subject key identifier: 76:F6:A3:99:15:D2:BF:FB:64:55:F2:91:7C:82:FE:01:4E:CF:87:E2 Authority key identifier: 31:95:F7:34:19:E8:22:32:97:94:CF:17:FB:A7:E9:3F:37:53:74:A9 Certificate issuer: /CN=3195f73419e822329794cf17fba7e93f375374a9 Certificate serial: 019BF6BE6FD4C839FDEB7708F41B11B55FCF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MZX3NBnoIjKXlM8X-6fpPzdTdKk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/5a448a-5e7a-47e0-87da-cdcfbb100447/1/MZX3NBnoIjKXlM8X-6fpPzdTdKk.mft Manifest number: 138F Signing time: Sun 25 Jan 2026 20:00:34 +0000 Manifest this update: Sun 25 Jan 2026 20:00:34 +0000 Manifest next update: Mon 26 Jan 2026 20:00:34 +0000 Files and hashes: 1: LxGPVJPyHWs5hHWhFZXK4a7O2-M.roa (hash: DEIc9UcHZJ6CJFEO4vc1601YJk4dflrb/oBYiYPKpTI=) 2: MZX3NBnoIjKXlM8X-6fpPzdTdKk.crl (hash: D/pGCKbbohmHKJZ645iFOUwNEX/Q4zskFtBVwIKVoVk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/5a448a-5e7a-47e0-87da-cdcfbb100447/1/MZX3NBnoIjKXlM8X-6fpPzdTdKk.crl rsync://rpki.ripe.net/repository/DEFAULT/14/5a448a-5e7a-47e0-87da-cdcfbb100447/1/MZX3NBnoIjKXlM8X-6fpPzdTdKk.mft rsync://rpki.ripe.net/repository/DEFAULT/MZX3NBnoIjKXlM8X-6fpPzdTdKk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 20:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f6:be:6f:d4:c8:39:fd:eb:77:08:f4:1b:11:b5:5f:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3195f73419e822329794cf17fba7e93f375374a9 Validity Not Before: Jan 25 20:00:34 2026 GMT Not After : Jan 26 20:00:34 2026 GMT Subject: CN=76f6a39915d2bffb6455f2917c82fe014ecf87e2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:ef:de:75:72:33:d6:e2:8f:6c:82:56:35:b3: c6:23:28:6c:b7:2b:54:a3:ef:5c:d3:8e:69:a9:58: 3d:4e:76:d7:38:e4:cd:85:5f:ce:e5:2c:7f:83:d7: ff:2d:9d:15:1e:d5:8d:e7:ff:1f:01:02:a0:3e:f6: cd:65:42:ad:0f:94:9e:fb:c8:43:be:15:2d:42:f5: 38:e0:c0:7d:1c:df:76:b4:48:3b:6c:97:97:b9:d2: 3e:86:fe:3c:39:04:67:66:f3:e3:74:64:48:57:9d: 6c:78:1c:4e:67:81:73:fd:bd:92:12:76:02:ef:93: fe:4c:53:13:d9:3d:2c:44:db:6a:77:82:64:a9:de: 3f:0c:ec:35:37:4b:e2:b1:8c:12:cc:6c:a6:ad:13: 5e:4a:ab:16:63:e9:ec:f5:85:41:2c:ea:ca:96:22: 8f:3c:15:6e:92:23:6d:c7:b2:67:7e:b7:60:b2:18: 57:db:97:08:30:60:2d:90:32:60:d1:10:33:f9:be: 18:d7:b8:4d:8f:4e:02:e3:f4:b7:0d:85:ce:9f:de: 89:38:d1:ef:2c:e0:e9:d8:92:42:89:44:c6:da:4c: 5d:18:11:bb:08:1d:7b:88:11:0f:12:51:9f:58:6e: c5:5b:91:32:6c:a0:0f:f9:87:0c:a1:67:32:54:68: 17:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:F6:A3:99:15:D2:BF:FB:64:55:F2:91:7C:82:FE:01:4E:CF:87:E2 X509v3 Authority Key Identifier: keyid:31:95:F7:34:19:E8:22:32:97:94:CF:17:FB:A7:E9:3F:37:53:74:A9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MZX3NBnoIjKXlM8X-6fpPzdTdKk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/5a448a-5e7a-47e0-87da-cdcfbb100447/1/MZX3NBnoIjKXlM8X-6fpPzdTdKk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/5a448a-5e7a-47e0-87da-cdcfbb100447/1/MZX3NBnoIjKXlM8X-6fpPzdTdKk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 13:b7:e8:ca:de:25:08:e3:57:fd:7a:11:d0:e0:34:90:97:e6: 94:20:83:87:13:e5:17:68:6b:f6:a9:e2:ff:a3:28:bd:35:63: de:7a:7b:c7:fe:d5:8d:72:7f:6c:97:8a:ef:4c:06:77:a3:66: b6:ea:4c:b2:8c:32:a4:bf:0b:39:03:de:0f:a4:ec:c2:50:a4: 89:0f:be:11:b0:d9:20:6a:a8:3f:94:78:14:ea:02:b1:58:ab: 03:ed:04:2b:7c:a5:53:14:66:d1:6f:31:1c:3e:7a:f3:eb:92: 89:82:d2:a9:b4:5b:70:0a:cf:8b:d0:c1:fd:16:61:05:5d:c0: c4:5b:dc:11:93:d6:a8:94:7e:d9:0a:05:62:b1:3c:f8:26:e8: de:4a:bc:8e:84:5a:4a:8c:1e:d2:78:15:e8:60:65:33:e2:e6: 8d:18:80:95:ce:1a:3a:d0:d2:9f:26:55:3e:94:cf:6e:68:84: 65:d0:ab:ee:b4:0e:4d:48:19:d0:cd:a4:d7:c4:69:f3:ef:6a: 1d:c2:ca:a5:6c:a2:52:87:9a:14:24:f6:5d:22:cf:16:c5:e6: cf:ce:08:1e:a5:fd:35:fb:35:a0:c0:a3:1c:5d:78:1e:3c:fc: 8d:c2:9e:20:5a:88:98:ba:39:5d:5f:04:f5:0a:0a:d9:a4:71: 3e:65:77:74 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv2vm/UyDn963cI9BsRtV/PMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMxOTVmNzM0MTllODIyMzI5Nzk0Y2YxN2ZiYTdlOTNmMzc1 Mzc0YTkwHhcNMjYwMTI1MjAwMDM0WhcNMjYwMTI2MjAwMDM0WjAzMTEwLwYDVQQD Eyg3NmY2YTM5OTE1ZDJiZmZiNjQ1NWYyOTE3YzgyZmUwMTRlY2Y4N2UyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwu/edXIz1uKPbIJWNbPGIyhstytU o+9c045pqVg9TnbXOOTNhV/O5Sx/g9f/LZ0VHtWN5/8fAQKgPvbNZUKtD5Se+8hD vhUtQvU44MB9HN92tEg7bJeXudI+hv48OQRnZvPjdGRIV51seBxOZ4Fz/b2SEnYC 75P+TFMT2T0sRNtqd4Jkqd4/DOw1N0visYwSzGymrRNeSqsWY+ns9YVBLOrKliKP PBVukiNtx7JnfrdgshhX25cIMGAtkDJg0RAz+b4Y17hNj04C4/S3DYXOn96JONHv LODp2JJCiUTG2kxdGBG7CB17iBEPElGfWG7FW5EybKAP+YcMoWcyVGgXswIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHb2o5kV0r/7ZFXykXyC/gFOz4fiMB8GA1UdIwQY MBaAFDGV9zQZ6CIyl5TPF/un6T83U3SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTVpYM05Cbm9JaktYbE04WC02ZnBQemRUZEtrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC81YTQ0OGEtNWU3YS00N2UwLTg3ZGEt Y2RjZmJiMTAwNDQ3LzEvTVpYM05Cbm9JaktYbE04WC02ZnBQemRUZEtrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC81YTQ0OGEtNWU3YS00N2UwLTg3ZGEtY2RjZmJiMTAwNDQ3 LzEvTVpYM05Cbm9JaktYbE04WC02ZnBQemRUZEtrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE7foyt4l CONX/XoR0OA0kJfmlCCDhxPlF2hr9qni/6MovTVj3np7x/7VjXJ/bJeK70wGd6Nm tupMsowypL8LOQPeD6TswlCkiQ++EbDZIGqoP5R4FOoCsVirA+0EK3ylUxRm0W8x HD568+uSiYLSqbRbcArPi9DB/RZhBV3AxFvcEZPWqJR+2QoFYrE8+Cbo3kq8joRa Sowe0ngV6GBlM+LmjRiAlc4aOtDSnyZVPpTPbmiEZdCr7rQOTUgZ0M2k18Rp8+9q HcLKpWyiUoeaFCT2XSLPFsXmz84IHqX9Nfs1oMCjHF14Hjz8jcKeIFqImLo5XV8E 9QoK2aRxPmV3dA== -----END CERTIFICATE-----Generated at Mon Jan 26 04:00:27 2026 by rpki-client