This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/7a37ea-30d9-427b-a36e-64832b39057d/1/MzQyKd4lHMiCWnxEyP6T5KzbwRU.mft File: MzQyKd4lHMiCWnxEyP6T5KzbwRU.mft (raw, json) Hash identifier: uFUfOhW+N2ve0PxqoVQrJksr4vBMPVFy8P9pwBXXNmc= Subject key identifier: 2D:7D:BD:82:AB:F0:84:6D:48:B3:C1:59:90:10:1B:19:47:57:A1:CA Authority key identifier: 33:34:32:29:DE:25:1C:C8:82:5A:7C:44:C8:FE:93:E4:AC:DB:C1:15 Certificate issuer: /CN=33343229de251cc8825a7c44c8fe93e4acdbc115 Certificate serial: 019B40C90A9C607387E18D9E0E59DB29C08F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MzQyKd4lHMiCWnxEyP6T5KzbwRU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/7a37ea-30d9-427b-a36e-64832b39057d/1/MzQyKd4lHMiCWnxEyP6T5KzbwRU.mft Manifest number: 1D Signing time: Sun 21 Dec 2025 12:01:15 +0000 Manifest this update: Sun 21 Dec 2025 12:01:15 +0000 Manifest next update: Mon 22 Dec 2025 12:01:15 +0000 Files and hashes: 1: 531zAUPBYKumyQ0xpfkhVrEVZeg.roa (hash: zmS5aMegf4cAdrpghAhABvhGFxJN7kA/8Rf6S1OUbjM=) 2: MzQyKd4lHMiCWnxEyP6T5KzbwRU.crl (hash: WgC/FaBVwbtSRUr2dUWcRTzlQErmwqj+HWvYE+P/8tw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/7a37ea-30d9-427b-a36e-64832b39057d/1/MzQyKd4lHMiCWnxEyP6T5KzbwRU.crl rsync://rpki.ripe.net/repository/DEFAULT/4c/7a37ea-30d9-427b-a36e-64832b39057d/1/MzQyKd4lHMiCWnxEyP6T5KzbwRU.mft rsync://rpki.ripe.net/repository/DEFAULT/MzQyKd4lHMiCWnxEyP6T5KzbwRU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 12:01:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:c9:0a:9c:60:73:87:e1:8d:9e:0e:59:db:29:c0:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=33343229de251cc8825a7c44c8fe93e4acdbc115 Validity Not Before: Dec 21 12:01:15 2025 GMT Not After : Dec 22 12:01:15 2025 GMT Subject: CN=2d7dbd82abf0846d48b3c15990101b194757a1ca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:75:67:9e:73:da:b6:73:1c:8d:71:e9:df:03: 45:39:32:cd:b4:c7:ad:04:6f:51:a3:ae:48:49:0b: 22:ca:2c:66:d3:51:cc:69:ff:e2:ab:bd:fb:9f:4d: 5b:3b:6a:bc:a7:06:08:4b:c2:10:36:87:3a:0a:c5: 65:44:65:b1:d7:6d:a8:44:6c:ac:3f:03:64:04:da: e7:0d:91:62:01:87:83:2a:27:6e:af:e4:25:9e:eb: 45:85:c7:15:d1:be:18:69:62:59:c2:1f:84:82:6c: e0:6e:3f:37:d6:3c:02:2e:8d:2d:b0:2d:58:8e:96: 26:5d:f3:93:9f:74:74:9f:a5:c1:57:93:6c:5b:c8: 1a:92:0d:e3:35:eb:c4:f2:07:5e:5b:25:e3:05:b0: 94:bd:e6:1f:84:bf:2d:15:af:eb:a2:83:05:e2:c3: 43:1c:eb:57:56:c6:8e:a2:e8:64:e7:4b:27:35:f2: 33:6d:3e:64:96:0a:47:17:20:9b:62:03:51:b7:cd: a3:42:50:6c:2c:b3:b7:c4:bb:57:e6:d5:c6:99:3d: 8e:0d:74:d6:3c:08:0c:b3:62:71:d3:e3:51:f3:ae: 11:72:29:18:6e:83:c6:34:35:6e:ef:ef:75:20:7d: 86:b8:fe:8e:cd:01:8a:8c:b6:13:29:c3:b1:8e:50: 96:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:7D:BD:82:AB:F0:84:6D:48:B3:C1:59:90:10:1B:19:47:57:A1:CA X509v3 Authority Key Identifier: keyid:33:34:32:29:DE:25:1C:C8:82:5A:7C:44:C8:FE:93:E4:AC:DB:C1:15 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MzQyKd4lHMiCWnxEyP6T5KzbwRU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/7a37ea-30d9-427b-a36e-64832b39057d/1/MzQyKd4lHMiCWnxEyP6T5KzbwRU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/7a37ea-30d9-427b-a36e-64832b39057d/1/MzQyKd4lHMiCWnxEyP6T5KzbwRU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 56:97:5a:06:91:5f:a9:f6:18:f3:fd:f4:eb:af:6c:8c:f9:d5: bb:5b:c2:b2:05:2b:b2:87:0a:5f:08:ad:56:69:1d:7b:92:0c: 76:67:56:f8:70:26:ce:26:d6:a4:6a:ab:47:19:14:90:03:54: 81:a9:c4:95:86:7f:9e:b5:de:b3:b0:4e:51:52:ac:27:0a:62: ec:05:14:1f:c0:40:b7:7f:09:ad:df:6e:75:ba:0d:c4:79:03: 99:dd:46:30:97:92:d8:ba:ca:c5:8b:2d:bd:98:8d:d6:7f:9e: db:10:b7:6a:7e:62:9b:4c:80:0f:8a:b2:b8:ab:45:e7:3a:76: 32:a3:18:e2:2b:aa:bb:9b:0c:01:ad:2c:61:67:f2:39:d9:c7: d3:9f:a5:ac:e1:24:76:68:b7:83:1e:47:98:a6:91:47:93:0b: 13:8b:ae:38:ac:20:fc:7b:ca:f5:29:a9:09:c6:e5:4c:f0:d7: ff:2b:4b:39:d8:83:bb:61:08:e7:2a:12:05:ac:7c:80:80:d9: 49:84:2c:f6:7f:bf:85:32:6e:a9:c4:47:86:8b:8e:c8:d4:5d: f1:80:69:54:cc:d7:13:ed:d7:8f:72:28:1d:69:08:c7:ff:04: b1:45:ca:c8:bb:42:29:8b:e5:ea:36:3a:59:a8:7a:97:47:58: d7:cd:b8:d6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAyQqcYHOH4Y2eDlnbKcCPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMzMzQzMjI5ZGUyNTFjYzg4MjVhN2M0NGM4ZmU5M2U0YWNk YmMxMTUwHhcNMjUxMjIxMTIwMTE1WhcNMjUxMjIyMTIwMTE1WjAzMTEwLwYDVQQD EygyZDdkYmQ4MmFiZjA4NDZkNDhiM2MxNTk5MDEwMWIxOTQ3NTdhMWNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnVnnnPatnMcjXHp3wNFOTLNtMet BG9Ro65ISQsiyixm01HMaf/iq737n01bO2q8pwYIS8IQNoc6CsVlRGWx122oRGys PwNkBNrnDZFiAYeDKidur+QlnutFhccV0b4YaWJZwh+Egmzgbj831jwCLo0tsC1Y jpYmXfOTn3R0n6XBV5NsW8gakg3jNevE8gdeWyXjBbCUveYfhL8tFa/rooMF4sND HOtXVsaOouhk50snNfIzbT5klgpHFyCbYgNRt82jQlBsLLO3xLtX5tXGmT2ODXTW PAgMs2Jx0+NR864RcikYboPGNDVu7+91IH2GuP6OzQGKjLYTKcOxjlCWxQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC19vYKr8IRtSLPBWZAQGxlHV6HKMB8GA1UdIwQY MBaAFDM0MineJRzIglp8RMj+k+Ss28EVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTXpReUtkNGxITWlDV254RXlQNlQ1S3pid1JVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy83YTM3ZWEtMzBkOS00MjdiLWEzNmUt NjQ4MzJiMzkwNTdkLzEvTXpReUtkNGxITWlDV254RXlQNlQ1S3pid1JVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Yy83YTM3ZWEtMzBkOS00MjdiLWEzNmUtNjQ4MzJiMzkwNTdk LzEvTXpReUtkNGxITWlDV254RXlQNlQ1S3pid1JVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVpdaBpFf qfYY8/30669sjPnVu1vCsgUrsocKXwitVmkde5IMdmdW+HAmzibWpGqrRxkUkANU ganElYZ/nrXes7BOUVKsJwpi7AUUH8BAt38Jrd9udboNxHkDmd1GMJeS2LrKxYst vZiN1n+e2xC3an5im0yAD4qyuKtF5zp2MqMY4iuqu5sMAa0sYWfyOdnH05+lrOEk dmi3gx5HmKaRR5MLE4uuOKwg/HvK9SmpCcblTPDX/ytLOdiDu2EI5yoSBax8gIDZ SYQs9n+/hTJuqcRHhouOyNRd8YBpVMzXE+3Xj3IoHWkIx/8EsUXKyLtCKYvl6jY6 Wah6l0dY18241g== -----END CERTIFICATE-----Generated at Sun Dec 21 19:01:44 2025 by rpki-client