This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/5a448a-5e7a-47e0-87da-cdcfbb100447/1/MZX3NBnoIjKXlM8X-6fpPzdTdKk.mft File: MZX3NBnoIjKXlM8X-6fpPzdTdKk.mft (raw, json) Hash identifier: 5+6od1bGZZnzF4pM3QVqLJW6dpQ+k0rBA+dzDLVDoP4= Subject key identifier: AF:DE:40:2E:77:FA:1A:D7:1D:B2:9E:B9:BF:B0:07:CA:C8:08:EA:43 Authority key identifier: 31:95:F7:34:19:E8:22:32:97:94:CF:17:FB:A7:E9:3F:37:53:74:A9 Certificate issuer: /CN=3195f73419e822329794cf17fba7e93f375374a9 Certificate serial: 019B59E4118C82023DE47228787C7D9B07BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MZX3NBnoIjKXlM8X-6fpPzdTdKk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/5a448a-5e7a-47e0-87da-cdcfbb100447/1/MZX3NBnoIjKXlM8X-6fpPzdTdKk.mft Manifest number: 133D Signing time: Fri 26 Dec 2025 09:01:17 +0000 Manifest this update: Fri 26 Dec 2025 09:01:17 +0000 Manifest next update: Sat 27 Dec 2025 09:01:17 +0000 Files and hashes: 1: MZX3NBnoIjKXlM8X-6fpPzdTdKk.crl (hash: Y41aPeL15WsDRvnc5mpYkj8Pky6wMw6BLmTNJdsKwR4=) 2: SCHcZAvBuEDabGE8ZnvuGrNm6LM.roa (hash: +7HN05BMaB78AnyjOqZ5Q8EXtIVzWFh5zSmSPi10HzA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/5a448a-5e7a-47e0-87da-cdcfbb100447/1/MZX3NBnoIjKXlM8X-6fpPzdTdKk.crl rsync://rpki.ripe.net/repository/DEFAULT/14/5a448a-5e7a-47e0-87da-cdcfbb100447/1/MZX3NBnoIjKXlM8X-6fpPzdTdKk.mft rsync://rpki.ripe.net/repository/DEFAULT/MZX3NBnoIjKXlM8X-6fpPzdTdKk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:e4:11:8c:82:02:3d:e4:72:28:78:7c:7d:9b:07:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3195f73419e822329794cf17fba7e93f375374a9 Validity Not Before: Dec 26 09:01:17 2025 GMT Not After : Dec 27 09:01:17 2025 GMT Subject: CN=afde402e77fa1ad71db29eb9bfb007cac808ea43 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:b0:8c:51:7b:cf:2d:47:e7:01:e6:ee:c3:f0: 2e:7c:05:b9:6a:43:92:2d:50:dc:37:b7:5d:38:49: c4:8a:ec:05:ca:63:2b:fe:d5:8b:13:c4:d4:fc:da: 5b:c5:da:19:6b:22:1a:c9:ee:05:2e:71:ca:a0:c1: 37:13:3a:82:bb:84:ba:d8:dd:3b:49:0c:80:5e:1e: 5f:af:67:de:54:32:b9:e4:8f:bb:2e:8c:40:42:bf: 56:e8:51:7b:9a:af:9f:66:c2:2b:7a:e3:e7:46:b0: 08:29:30:ee:a5:76:fa:bc:77:7d:b5:b4:82:f6:bd: 29:fd:c2:21:7e:0a:d2:77:10:03:2e:18:fb:02:d7: 2f:7d:8f:c6:e7:48:c5:ad:f7:08:0b:71:e2:18:e4: f3:5f:4a:95:f3:d5:29:2c:fb:40:72:fb:2c:4d:51: 01:42:5d:b3:7d:6d:16:4a:2d:4d:38:3c:3d:2e:3d: 27:bc:28:01:9f:a3:7e:ae:17:18:8a:a4:6c:b9:9f: a9:b2:6b:7d:2a:bb:f0:45:10:fb:fd:31:dd:71:a1: 6d:25:1a:5d:56:ee:1a:97:70:67:71:08:5f:cf:07: 9e:bc:ae:6a:76:e1:b3:ca:0c:71:0f:13:28:1d:eb: cd:4b:08:57:8b:0d:6b:2a:8c:ee:96:c2:69:ba:40: 2f:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:DE:40:2E:77:FA:1A:D7:1D:B2:9E:B9:BF:B0:07:CA:C8:08:EA:43 X509v3 Authority Key Identifier: keyid:31:95:F7:34:19:E8:22:32:97:94:CF:17:FB:A7:E9:3F:37:53:74:A9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MZX3NBnoIjKXlM8X-6fpPzdTdKk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/5a448a-5e7a-47e0-87da-cdcfbb100447/1/MZX3NBnoIjKXlM8X-6fpPzdTdKk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/5a448a-5e7a-47e0-87da-cdcfbb100447/1/MZX3NBnoIjKXlM8X-6fpPzdTdKk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 81:0f:4b:62:0f:2b:c8:e4:13:c0:6c:49:b2:96:2c:05:ae:c4: e0:d7:da:de:39:ad:71:04:c2:a8:a4:46:07:8d:e0:ef:31:cc: c5:64:3e:37:e2:3e:91:7d:82:47:7e:78:dd:bb:ef:bc:8b:a0: 72:1a:ca:f1:7d:a7:b0:ef:94:80:cd:a7:e6:87:7e:5c:ef:10: ed:c9:7c:ed:7a:a8:96:e5:d9:0a:70:06:5a:d6:d2:3b:9d:96: 20:c2:26:a2:97:d3:12:ae:ba:52:ce:16:71:6b:fb:b0:a4:d2: 30:a8:bc:77:03:e1:35:73:b7:28:bb:a6:a9:1f:de:95:e0:7e: e4:f3:cf:df:20:a1:61:21:14:61:82:3f:e3:4a:40:60:5a:61: 8e:07:94:0c:67:d4:52:75:44:09:10:6e:ae:20:08:ea:a2:9f: f8:a9:1f:8c:9a:46:6b:03:42:b7:8d:27:5c:39:f4:ad:3d:79: 76:3d:cb:90:2b:cc:bc:dd:c7:66:b1:92:ec:14:9d:55:75:26: 1c:4a:cb:ca:4b:5e:68:a4:01:02:9e:30:c5:48:a2:a7:20:46: fa:59:73:c8:70:9c:63:77:bb:26:0e:e8:25:30:f2:a6:b4:f3: 79:a9:44:83:c0:40:b9:8a:2e:bf:c0:22:10:90:34:a1:c7:49: 3c:93:52:47 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZ5BGMggI95HIoeHx9mwe8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMxOTVmNzM0MTllODIyMzI5Nzk0Y2YxN2ZiYTdlOTNmMzc1 Mzc0YTkwHhcNMjUxMjI2MDkwMTE3WhcNMjUxMjI3MDkwMTE3WjAzMTEwLwYDVQQD EyhhZmRlNDAyZTc3ZmExYWQ3MWRiMjllYjliZmIwMDdjYWM4MDhlYTQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLCMUXvPLUfnAebuw/AufAW5akOS LVDcN7ddOEnEiuwFymMr/tWLE8TU/NpbxdoZayIaye4FLnHKoME3EzqCu4S62N07 SQyAXh5fr2feVDK55I+7LoxAQr9W6FF7mq+fZsIreuPnRrAIKTDupXb6vHd9tbSC 9r0p/cIhfgrSdxADLhj7AtcvfY/G50jFrfcIC3HiGOTzX0qV89UpLPtAcvssTVEB Ql2zfW0WSi1NODw9Lj0nvCgBn6N+rhcYiqRsuZ+psmt9KrvwRRD7/THdcaFtJRpd Vu4al3BncQhfzweevK5qduGzygxxDxMoHevNSwhXiw1rKozulsJpukAvYQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK/eQC53+hrXHbKeub+wB8rICOpDMB8GA1UdIwQY MBaAFDGV9zQZ6CIyl5TPF/un6T83U3SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTVpYM05Cbm9JaktYbE04WC02ZnBQemRUZEtrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC81YTQ0OGEtNWU3YS00N2UwLTg3ZGEt Y2RjZmJiMTAwNDQ3LzEvTVpYM05Cbm9JaktYbE04WC02ZnBQemRUZEtrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC81YTQ0OGEtNWU3YS00N2UwLTg3ZGEtY2RjZmJiMTAwNDQ3 LzEvTVpYM05Cbm9JaktYbE04WC02ZnBQemRUZEtrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgQ9LYg8r yOQTwGxJspYsBa7E4Nfa3jmtcQTCqKRGB43g7zHMxWQ+N+I+kX2CR3543bvvvIug chrK8X2nsO+UgM2n5od+XO8Q7cl87XqoluXZCnAGWtbSO52WIMImopfTEq66Us4W cWv7sKTSMKi8dwPhNXO3KLumqR/eleB+5PPP3yChYSEUYYI/40pAYFphjgeUDGfU UnVECRBuriAI6qKf+KkfjJpGawNCt40nXDn0rT15dj3LkCvMvN3HZrGS7BSdVXUm HErLykteaKQBAp4wxUiipyBG+llzyHCcY3e7Jg7oJTDyprTzealEg8BAuYouv8Ai EJA0ocdJPJNSRw== -----END CERTIFICATE-----Generated at Fri Dec 26 14:06:25 2025 by rpki-client