This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/cd504a-0189-4554-b501-639dc4d5f370/1/MzOeZKWFFMmwkemy5o4pNx5D498.mft File: MzOeZKWFFMmwkemy5o4pNx5D498.mft (raw, json) Hash identifier: mM548XxOLHr0w61jRLvGzL3DDWBlRsAYXC+F5h4FtWo= Subject key identifier: 1E:14:34:F5:00:74:D9:29:92:15:FC:EE:6A:B7:BF:62:78:69:0A:04 Authority key identifier: 33:33:9E:64:A5:85:14:C9:B0:91:E9:B2:E6:8E:29:37:1E:43:E3:DF Certificate issuer: /CN=33339e64a58514c9b091e9b2e68e29371e43e3df Certificate serial: 019AF12ED24791A20D99353A4B6A72D55526 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MzOeZKWFFMmwkemy5o4pNx5D498.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/cd504a-0189-4554-b501-639dc4d5f370/1/MzOeZKWFFMmwkemy5o4pNx5D498.mft Manifest number: 0BAB Signing time: Sat 06 Dec 2025 01:02:48 +0000 Manifest this update: Sat 06 Dec 2025 01:02:48 +0000 Manifest next update: Sun 07 Dec 2025 01:02:48 +0000 Files and hashes: 1: 0SGERXpsIldifCTWUfwaAPLWZj8.roa (hash: Wl6639BT2YEzAcDZ1BBEKA7sfTmRzgLCKdjibP72VaE=) 2: MzOeZKWFFMmwkemy5o4pNx5D498.crl (hash: Ej0v5SA0U06tDmJPprgagwny8b0XKz4kvo6vP+ZygoM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/cd504a-0189-4554-b501-639dc4d5f370/1/MzOeZKWFFMmwkemy5o4pNx5D498.crl rsync://rpki.ripe.net/repository/DEFAULT/6a/cd504a-0189-4554-b501-639dc4d5f370/1/MzOeZKWFFMmwkemy5o4pNx5D498.mft rsync://rpki.ripe.net/repository/DEFAULT/MzOeZKWFFMmwkemy5o4pNx5D498.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:d2:47:91:a2:0d:99:35:3a:4b:6a:72:d5:55:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=33339e64a58514c9b091e9b2e68e29371e43e3df Validity Not Before: Dec 6 01:02:48 2025 GMT Not After : Dec 7 01:02:48 2025 GMT Subject: CN=1e1434f50074d9299215fcee6ab7bf6278690a04 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:90:e8:92:f5:f4:7f:55:f8:54:f4:24:49:24: b4:75:c0:87:b2:39:ce:ff:25:20:8e:65:7f:e3:e1: c9:95:4d:2c:c1:ee:64:51:f3:c2:b7:3a:82:b5:1a: 90:91:27:ee:43:5f:7a:fb:b6:84:52:38:64:c3:ca: 66:96:e4:be:80:4b:4c:0b:5c:62:45:bb:5d:03:a5: f4:46:f4:0a:ee:98:c9:a0:1c:c4:12:e3:e9:93:f8: f2:1c:3e:43:ef:fb:6a:9e:74:c3:52:e6:78:ab:c7: ca:83:c6:bf:2f:3e:3d:2c:ed:db:e4:93:89:33:cc: 73:ec:2a:6b:9e:b9:6d:d7:36:07:e6:0e:e8:a2:31: 2a:16:4f:1c:83:f7:be:30:82:e0:31:79:06:17:27: 09:4d:30:b9:b6:15:12:2f:a0:82:95:b6:94:7e:af: 87:ce:2d:e5:a8:65:99:e1:13:4c:4c:8d:b8:49:4e: 18:f1:9b:f8:14:79:ca:8b:01:23:2a:e3:17:69:3f: f8:59:ed:e0:5f:ff:f1:04:e9:42:08:87:20:11:1f: 63:0a:9a:bd:ea:2f:45:5d:73:b8:4e:c0:c9:a7:19: c1:0e:fb:4b:f9:5d:49:05:7f:79:f3:2d:30:ae:1f: 57:c3:eb:1e:53:10:0b:f2:87:60:32:14:d8:30:f6: 7f:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:14:34:F5:00:74:D9:29:92:15:FC:EE:6A:B7:BF:62:78:69:0A:04 X509v3 Authority Key Identifier: keyid:33:33:9E:64:A5:85:14:C9:B0:91:E9:B2:E6:8E:29:37:1E:43:E3:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MzOeZKWFFMmwkemy5o4pNx5D498.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/cd504a-0189-4554-b501-639dc4d5f370/1/MzOeZKWFFMmwkemy5o4pNx5D498.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/cd504a-0189-4554-b501-639dc4d5f370/1/MzOeZKWFFMmwkemy5o4pNx5D498.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8d:ae:06:8f:53:5f:fb:71:1a:59:6c:ab:30:08:d0:28:0b:6b: 7a:ee:7b:fc:80:e6:9a:01:d9:ed:ca:8e:7c:3b:f6:e8:cd:8f: 64:8f:39:1f:b6:e4:8b:cb:b9:a9:82:4e:69:12:26:9c:8e:79: 81:af:43:9b:c2:5a:10:57:4b:c9:54:03:ea:59:b8:26:e0:a1: d1:fa:26:9e:9d:bc:4c:3e:0b:80:39:4d:d2:76:d0:86:b5:cf: 09:46:03:e7:07:c9:f6:6a:bf:0c:37:c6:b9:16:d8:bb:91:d0: 18:1c:db:76:00:d4:70:a8:96:f8:be:cd:66:27:33:a3:b9:c1: f9:17:11:9e:17:04:dd:2e:4a:74:e9:98:48:d6:bf:67:40:24: 47:a3:41:c2:8b:4d:08:af:c7:de:1f:9c:25:c0:e6:94:b1:e3: 37:03:ac:4c:b2:7c:e0:45:a4:cd:67:21:c8:a8:14:90:ba:f8: 5d:62:0d:fe:cb:13:61:79:e4:54:d7:be:32:d6:16:4d:73:04: fd:bb:f5:99:7a:6f:60:3b:b7:66:90:f6:8e:21:79:25:4f:10: bf:c8:a4:48:b9:86:8f:c1:6c:49:57:ad:24:64:13:cb:c4:fe: 6f:02:2f:8d:2b:03:f9:0e:1f:5a:5d:a1:3b:f0:7f:53:00:00: a5:cf:ee:93 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLtJHkaINmTU6S2py1VUmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMzMzM5ZTY0YTU4NTE0YzliMDkxZTliMmU2OGUyOTM3MWU0 M2UzZGYwHhcNMjUxMjA2MDEwMjQ4WhcNMjUxMjA3MDEwMjQ4WjAzMTEwLwYDVQQD EygxZTE0MzRmNTAwNzRkOTI5OTIxNWZjZWU2YWI3YmY2Mjc4NjkwYTA0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5DokvX0f1X4VPQkSSS0dcCHsjnO /yUgjmV/4+HJlU0swe5kUfPCtzqCtRqQkSfuQ196+7aEUjhkw8pmluS+gEtMC1xi RbtdA6X0RvQK7pjJoBzEEuPpk/jyHD5D7/tqnnTDUuZ4q8fKg8a/Lz49LO3b5JOJ M8xz7Cprnrlt1zYH5g7oojEqFk8cg/e+MILgMXkGFycJTTC5thUSL6CClbaUfq+H zi3lqGWZ4RNMTI24SU4Y8Zv4FHnKiwEjKuMXaT/4We3gX//xBOlCCIcgER9jCpq9 6i9FXXO4TsDJpxnBDvtL+V1JBX958y0wrh9Xw+seUxAL8odgMhTYMPZ/gwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB4UNPUAdNkpkhX87mq3v2J4aQoEMB8GA1UdIwQY MBaAFDMznmSlhRTJsJHpsuaOKTceQ+PfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTXpPZVpLV0ZGTW13a2VteTVvNHBOeDVENDk4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9jZDUwNGEtMDE4OS00NTU0LWI1MDEt NjM5ZGM0ZDVmMzcwLzEvTXpPZVpLV0ZGTW13a2VteTVvNHBOeDVENDk4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82YS9jZDUwNGEtMDE4OS00NTU0LWI1MDEtNjM5ZGM0ZDVmMzcw LzEvTXpPZVpLV0ZGTW13a2VteTVvNHBOeDVENDk4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAja4Gj1Nf +3EaWWyrMAjQKAtreu57/IDmmgHZ7cqOfDv26M2PZI85H7bki8u5qYJOaRImnI55 ga9Dm8JaEFdLyVQD6lm4JuCh0fomnp28TD4LgDlN0nbQhrXPCUYD5wfJ9mq/DDfG uRbYu5HQGBzbdgDUcKiW+L7NZiczo7nB+RcRnhcE3S5KdOmYSNa/Z0AkR6NBwotN CK/H3h+cJcDmlLHjNwOsTLJ84EWkzWchyKgUkLr4XWIN/ssTYXnkVNe+MtYWTXME /bv1mXpvYDu3ZpD2jiF5JU8Qv8ikSLmGj8FsSVetJGQTy8T+bwIvjSsD+Q4fWl2h O/B/UwAApc/ukw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:17:41 2025 by rpki-client