This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/524bfe-c5ae-4f67-8413-2748c4002c2e/1/MZLFLzYKOnL-IkQaw_x-DlIl7pE.mft File: MZLFLzYKOnL-IkQaw_x-DlIl7pE.mft (raw, json) Hash identifier: LlB/Rikq7UUMGp8uaLkDYDCNpZXj1xfPa3QsJ+lnLis= Subject key identifier: 09:12:BB:0A:C6:E8:09:53:EC:0F:76:98:58:4F:F2:07:CB:02:D2:B8 Authority key identifier: 31:92:C5:2F:36:0A:3A:72:FE:22:44:1A:C3:FC:7E:0E:52:25:EE:91 Certificate issuer: /CN=3192c52f360a3a72fe22441ac3fc7e0e5225ee91 Certificate serial: 019B28C028BE18B4A568306E0AFF91630479 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MZLFLzYKOnL-IkQaw_x-DlIl7pE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/524bfe-c5ae-4f67-8413-2748c4002c2e/1/MZLFLzYKOnL-IkQaw_x-DlIl7pE.mft Manifest number: 16D3 Signing time: Tue 16 Dec 2025 20:00:40 +0000 Manifest this update: Tue 16 Dec 2025 20:00:40 +0000 Manifest next update: Wed 17 Dec 2025 20:00:40 +0000 Files and hashes: 1: LgelsY-16hZE8VmZ4UWScnrAkQA.roa (hash: 5MPF2K6ZagDsXMwY0mVJRSAJCcCewM4ZcbU+TqCGJzs=) 2: MZLFLzYKOnL-IkQaw_x-DlIl7pE.crl (hash: igyrq9Mv8oFMvcx4lPT2MEtiCCBfWYvr3AevMGywGLU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/524bfe-c5ae-4f67-8413-2748c4002c2e/1/MZLFLzYKOnL-IkQaw_x-DlIl7pE.crl rsync://rpki.ripe.net/repository/DEFAULT/0f/524bfe-c5ae-4f67-8413-2748c4002c2e/1/MZLFLzYKOnL-IkQaw_x-DlIl7pE.mft rsync://rpki.ripe.net/repository/DEFAULT/MZLFLzYKOnL-IkQaw_x-DlIl7pE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 14:45:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:28:c0:28:be:18:b4:a5:68:30:6e:0a:ff:91:63:04:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3192c52f360a3a72fe22441ac3fc7e0e5225ee91 Validity Not Before: Dec 16 20:00:40 2025 GMT Not After : Dec 17 20:00:40 2025 GMT Subject: CN=0912bb0ac6e80953ec0f7698584ff207cb02d2b8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:1f:75:dd:9b:c3:88:fd:eb:5f:58:1e:69:ac: 1a:bb:ab:47:18:b7:16:bc:01:df:73:64:0e:cd:36: da:e4:1a:da:d5:ef:13:27:c7:cc:61:9b:8a:a7:90: b5:cd:1d:07:b1:e8:bb:50:cc:8b:e8:2c:ee:ff:17: 89:70:a7:94:59:58:dc:8d:c5:0e:48:7d:92:4d:66: 9e:7a:21:85:a8:95:74:4a:f6:3c:19:46:2e:97:04: cc:0d:d1:88:33:ea:69:dd:34:84:e9:2b:2d:82:e7: c4:6a:34:d3:a7:4a:dc:6d:a0:8d:31:fe:6b:be:3d: fe:f4:77:2c:7b:0b:f1:bc:dd:e8:ed:e8:64:0a:22: 68:8d:4c:b1:50:7d:7f:1a:4b:b7:c6:04:0c:c7:b6: ab:ad:ee:76:8f:3a:ac:6e:9d:08:a6:ef:80:48:c3: 96:bb:10:d4:e8:4b:44:29:44:e0:52:62:04:56:1d: f1:c6:00:8f:fa:73:e2:f8:80:c2:05:39:dc:ef:bc: 10:00:98:e3:52:99:ec:13:09:6a:56:de:15:1f:5f: b0:d8:7a:e4:59:fc:03:41:e8:a9:f2:68:08:e3:9b: 77:1a:76:6c:75:58:9d:78:e4:eb:f7:a9:08:5d:01: 47:7d:9e:5f:d4:64:95:fe:91:b8:8b:92:d0:61:da: 97:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:12:BB:0A:C6:E8:09:53:EC:0F:76:98:58:4F:F2:07:CB:02:D2:B8 X509v3 Authority Key Identifier: keyid:31:92:C5:2F:36:0A:3A:72:FE:22:44:1A:C3:FC:7E:0E:52:25:EE:91 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MZLFLzYKOnL-IkQaw_x-DlIl7pE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/524bfe-c5ae-4f67-8413-2748c4002c2e/1/MZLFLzYKOnL-IkQaw_x-DlIl7pE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/524bfe-c5ae-4f67-8413-2748c4002c2e/1/MZLFLzYKOnL-IkQaw_x-DlIl7pE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 43:52:56:f2:f2:48:02:dd:7b:e5:06:6c:29:68:0b:9f:c4:06: dd:65:a8:42:12:3a:15:5f:c4:49:3c:01:d0:75:04:79:c7:12: 49:a3:c2:79:61:41:4a:c1:b4:87:a1:1b:2b:3a:7c:bf:5c:f1: 14:03:5b:52:94:3d:ba:7d:f8:26:d1:85:91:96:82:f0:6a:1a: 06:29:55:4e:45:6a:29:84:f7:cf:40:50:0d:b0:00:ff:f3:9d: b8:9d:50:fb:38:fc:7b:f2:04:74:cd:38:90:57:d3:28:48:77: 03:f7:d6:a8:a2:3f:eb:35:7c:5c:3b:20:a9:64:59:5e:55:e4: e5:95:e9:38:45:2d:e6:00:ca:e4:ab:c2:f6:b7:3f:b7:f8:d4: 9d:5e:99:ba:e9:27:19:5b:e3:a2:2e:4b:04:e2:a8:e3:d3:13: 81:b7:8d:f4:9c:a2:21:84:97:eb:0b:5e:df:88:a9:da:a6:04: 18:a6:eb:5b:d3:e8:76:f0:c3:80:0f:68:05:70:67:53:98:d0: ed:99:eb:62:0b:9e:c0:71:bb:0c:ec:80:84:16:88:99:72:9f: 5d:d2:16:c6:de:75:07:17:ab:ec:f3:8b:d8:28:99:94:07:1f: 1d:49:c9:e2:fa:74:6c:88:4b:ed:7c:ae:da:fe:55:cd:80:9a: 28:c9:b4:2a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsowCi+GLSlaDBuCv+RYwR5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMxOTJjNTJmMzYwYTNhNzJmZTIyNDQxYWMzZmM3ZTBlNTIy NWVlOTEwHhcNMjUxMjE2MjAwMDQwWhcNMjUxMjE3MjAwMDQwWjAzMTEwLwYDVQQD EygwOTEyYmIwYWM2ZTgwOTUzZWMwZjc2OTg1ODRmZjIwN2NiMDJkMmI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvx913ZvDiP3rX1geaawau6tHGLcW vAHfc2QOzTba5Bra1e8TJ8fMYZuKp5C1zR0Hsei7UMyL6Czu/xeJcKeUWVjcjcUO SH2STWaeeiGFqJV0SvY8GUYulwTMDdGIM+pp3TSE6SstgufEajTTp0rcbaCNMf5r vj3+9HcsewvxvN3o7ehkCiJojUyxUH1/Gku3xgQMx7arre52jzqsbp0Ipu+ASMOW uxDU6EtEKUTgUmIEVh3xxgCP+nPi+IDCBTnc77wQAJjjUpnsEwlqVt4VH1+w2Hrk WfwDQeip8mgI45t3GnZsdVideOTr96kIXQFHfZ5f1GSV/pG4i5LQYdqX/QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAkSuwrG6AlT7A92mFhP8gfLAtK4MB8GA1UdIwQY MBaAFDGSxS82Cjpy/iJEGsP8fg5SJe6RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTVpMRkx6WUtPbkwtSWtRYXdfeC1EbElsN3BFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi81MjRiZmUtYzVhZS00ZjY3LTg0MTMt Mjc0OGM0MDAyYzJlLzEvTVpMRkx6WUtPbkwtSWtRYXdfeC1EbElsN3BFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZi81MjRiZmUtYzVhZS00ZjY3LTg0MTMtMjc0OGM0MDAyYzJl LzEvTVpMRkx6WUtPbkwtSWtRYXdfeC1EbElsN3BFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ1JW8vJI At175QZsKWgLn8QG3WWoQhI6FV/ESTwB0HUEeccSSaPCeWFBSsG0h6EbKzp8v1zx FANbUpQ9un34JtGFkZaC8GoaBilVTkVqKYT3z0BQDbAA//OduJ1Q+zj8e/IEdM04 kFfTKEh3A/fWqKI/6zV8XDsgqWRZXlXk5ZXpOEUt5gDK5KvC9rc/t/jUnV6Zuukn GVvjoi5LBOKo49MTgbeN9JyiIYSX6wte34ip2qYEGKbrW9PodvDDgA9oBXBnU5jQ 7ZnrYguewHG7DOyAhBaImXKfXdIWxt51Bxer7POL2CiZlAcfHUnJ4vp0bIhL7Xyu 2v5VzYCaKMm0Kg== -----END CERTIFICATE-----Generated at Tue Dec 16 21:18:23 2025 by rpki-client