This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/5a448a-5e7a-47e0-87da-cdcfbb100447/1/MZX3NBnoIjKXlM8X-6fpPzdTdKk.mft File: MZX3NBnoIjKXlM8X-6fpPzdTdKk.mft (raw, json) Hash identifier: 2PXhaOIUAbpUahoUmLjkkI3E2Ncpde7IAwtQcZCaY8w= Subject key identifier: CE:01:76:C4:D0:C4:DA:23:86:E0:21:61:AD:C3:C2:41:95:ED:F6:18 Authority key identifier: 31:95:F7:34:19:E8:22:32:97:94:CF:17:FB:A7:E9:3F:37:53:74:A9 Certificate issuer: /CN=3195f73419e822329794cf17fba7e93f375374a9 Certificate serial: 019B522A926D3FBE41A5735DCE44CA143532 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MZX3NBnoIjKXlM8X-6fpPzdTdKk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/5a448a-5e7a-47e0-87da-cdcfbb100447/1/MZX3NBnoIjKXlM8X-6fpPzdTdKk.mft Manifest number: 1339 Signing time: Wed 24 Dec 2025 21:01:20 +0000 Manifest this update: Wed 24 Dec 2025 21:01:20 +0000 Manifest next update: Thu 25 Dec 2025 21:01:20 +0000 Files and hashes: 1: MZX3NBnoIjKXlM8X-6fpPzdTdKk.crl (hash: QEoHbNMGjSry8btCQH0AFjHE10wFiJFMmOw+nRMGZlc=) 2: SCHcZAvBuEDabGE8ZnvuGrNm6LM.roa (hash: +7HN05BMaB78AnyjOqZ5Q8EXtIVzWFh5zSmSPi10HzA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/5a448a-5e7a-47e0-87da-cdcfbb100447/1/MZX3NBnoIjKXlM8X-6fpPzdTdKk.crl rsync://rpki.ripe.net/repository/DEFAULT/14/5a448a-5e7a-47e0-87da-cdcfbb100447/1/MZX3NBnoIjKXlM8X-6fpPzdTdKk.mft rsync://rpki.ripe.net/repository/DEFAULT/MZX3NBnoIjKXlM8X-6fpPzdTdKk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 18:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:52:2a:92:6d:3f:be:41:a5:73:5d:ce:44:ca:14:35:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3195f73419e822329794cf17fba7e93f375374a9 Validity Not Before: Dec 24 21:01:20 2025 GMT Not After : Dec 25 21:01:20 2025 GMT Subject: CN=ce0176c4d0c4da2386e02161adc3c24195edf618 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:f7:36:64:56:ce:c4:19:b5:44:3c:57:48:c7: c2:11:1b:af:60:ad:62:2f:97:7e:3e:48:1c:7b:10: 05:f4:59:02:63:65:00:41:f4:78:25:1f:8e:10:7e: 64:56:e0:84:ba:a8:c4:d5:6d:81:aa:93:22:b6:43: 61:6d:c2:3b:aa:96:c4:82:dd:9a:41:d0:07:f9:8e: 01:0e:a2:ab:be:70:ef:fa:fa:25:b8:d2:2a:ef:36: f8:63:25:f1:ee:a3:0a:b0:99:0d:6a:b7:c9:64:83: 28:b9:4a:6f:f4:aa:17:4b:57:df:2b:26:cf:53:d2: 02:27:a2:e5:fb:92:67:53:76:b3:bd:2c:6f:96:9c: e3:c4:6c:43:70:e1:88:25:48:86:f9:cf:43:2d:2a: c0:29:6a:d8:d2:a3:7a:67:3b:d4:30:0c:fc:76:e9: ed:db:01:cb:e9:1e:c0:f8:46:79:d1:35:ab:01:4e: 14:5e:ce:5d:9f:81:7b:04:f0:22:fc:06:e8:12:ed: 1a:0c:d2:20:da:a4:5c:46:20:10:13:e7:b3:21:47: 08:70:c6:b4:a8:88:56:91:db:0b:21:4c:c6:95:b2: cd:bf:91:97:fa:b7:4b:72:51:ea:ab:80:c1:2a:39: b2:30:bc:bd:fa:ff:cd:54:1f:40:f2:bc:00:b7:19: cb:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:01:76:C4:D0:C4:DA:23:86:E0:21:61:AD:C3:C2:41:95:ED:F6:18 X509v3 Authority Key Identifier: keyid:31:95:F7:34:19:E8:22:32:97:94:CF:17:FB:A7:E9:3F:37:53:74:A9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MZX3NBnoIjKXlM8X-6fpPzdTdKk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/5a448a-5e7a-47e0-87da-cdcfbb100447/1/MZX3NBnoIjKXlM8X-6fpPzdTdKk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/5a448a-5e7a-47e0-87da-cdcfbb100447/1/MZX3NBnoIjKXlM8X-6fpPzdTdKk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 49:6c:13:d0:06:aa:d5:34:40:87:69:fc:a1:89:a5:8d:4a:a5: 60:11:d0:d4:90:0e:e5:ba:6d:6b:bf:95:8e:8c:aa:fa:53:de: a8:23:47:0d:c3:9c:e5:e1:81:dc:c4:00:21:d2:15:da:12:ca: ab:d0:d5:3c:2d:b8:09:86:06:cb:5f:9d:00:0c:83:50:9d:42: 0a:14:ef:4a:b0:d3:32:8e:4c:a2:de:44:ce:b3:66:96:aa:ae: 0a:bb:bd:aa:44:5d:56:ce:e1:e9:14:2a:ce:25:8a:f5:58:1d: 1f:64:99:60:5b:df:f5:49:ff:e6:c2:29:d5:ce:5e:26:47:96: 5d:62:bb:18:b2:4a:85:ab:7b:09:e1:fb:7c:01:07:92:8f:df: 63:e3:fe:12:19:27:6d:3f:69:47:2a:fe:21:90:4f:c5:8f:66: f0:88:0b:cb:44:41:21:89:f2:1a:f5:fd:ab:11:c3:52:ee:eb: d4:ca:08:2a:b3:d2:1e:f3:0e:ef:33:4c:0c:56:5d:35:66:7d: d1:3a:e4:79:9f:e9:f5:5b:6a:ce:2e:ad:e0:c8:45:b9:9b:9b: 31:e4:78:9b:c1:99:78:26:97:a4:86:26:90:a6:e6:6f:0c:4e: f4:ab:e3:ff:04:20:c8:2e:0b:c3:8b:95:cf:a2:0e:a4:63:65: 0f:ec:40:63 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtSKpJtP75BpXNdzkTKFDUyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMxOTVmNzM0MTllODIyMzI5Nzk0Y2YxN2ZiYTdlOTNmMzc1 Mzc0YTkwHhcNMjUxMjI0MjEwMTIwWhcNMjUxMjI1MjEwMTIwWjAzMTEwLwYDVQQD EyhjZTAxNzZjNGQwYzRkYTIzODZlMDIxNjFhZGMzYzI0MTk1ZWRmNjE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/c2ZFbOxBm1RDxXSMfCERuvYK1i L5d+PkgcexAF9FkCY2UAQfR4JR+OEH5kVuCEuqjE1W2BqpMitkNhbcI7qpbEgt2a QdAH+Y4BDqKrvnDv+voluNIq7zb4YyXx7qMKsJkNarfJZIMouUpv9KoXS1ffKybP U9ICJ6Ll+5JnU3azvSxvlpzjxGxDcOGIJUiG+c9DLSrAKWrY0qN6ZzvUMAz8dunt 2wHL6R7A+EZ50TWrAU4UXs5dn4F7BPAi/AboEu0aDNIg2qRcRiAQE+ezIUcIcMa0 qIhWkdsLIUzGlbLNv5GX+rdLclHqq4DBKjmyMLy9+v/NVB9A8rwAtxnLnQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM4BdsTQxNojhuAhYa3DwkGV7fYYMB8GA1UdIwQY MBaAFDGV9zQZ6CIyl5TPF/un6T83U3SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTVpYM05Cbm9JaktYbE04WC02ZnBQemRUZEtrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC81YTQ0OGEtNWU3YS00N2UwLTg3ZGEt Y2RjZmJiMTAwNDQ3LzEvTVpYM05Cbm9JaktYbE04WC02ZnBQemRUZEtrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC81YTQ0OGEtNWU3YS00N2UwLTg3ZGEtY2RjZmJiMTAwNDQ3 LzEvTVpYM05Cbm9JaktYbE04WC02ZnBQemRUZEtrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASWwT0Aaq 1TRAh2n8oYmljUqlYBHQ1JAO5bpta7+Vjoyq+lPeqCNHDcOc5eGB3MQAIdIV2hLK q9DVPC24CYYGy1+dAAyDUJ1CChTvSrDTMo5Mot5EzrNmlqquCru9qkRdVs7h6RQq ziWK9VgdH2SZYFvf9Un/5sIp1c5eJkeWXWK7GLJKhat7CeH7fAEHko/fY+P+Ehkn bT9pRyr+IZBPxY9m8IgLy0RBIYnyGvX9qxHDUu7r1MoIKrPSHvMO7zNMDFZdNWZ9 0TrkeZ/p9Vtqzi6t4MhFuZubMeR4m8GZeCaXpIYmkKbmbwxO9Kvj/wQgyC4Lw4uV z6IOpGNlD+xAYw== -----END CERTIFICATE-----Generated at Thu Dec 25 04:32:22 2025 by rpki-client