This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Manifest

$ rpki-client -vvf krill.rg.net/repo/rpki-beacons-ca/0/656E4422ABF129649200EB019A815F2B12236E92.mft
File:                     656E4422ABF129649200EB019A815F2B12236E92.mft (raw, json)
Hash identifier:          tHmXe0ivTlAWtelj4sAzTCbBVuZBK05a8ITGCDXmY/g=
Subject key identifier:   4B:BB:D2:8E:32:5E:8B:F9:78:86:95:0F:00:05:55:C8:9F:33:D4:A9
Authority key identifier: 65:6E:44:22:AB:F1:29:64:92:00:EB:01:9A:81:5F:2B:12:23:6E:92
Certificate issuer:       /CN=656E4422ABF129649200EB019A815F2B12236E92
Certificate serial:       3AFBAEE032143BA119433C7CA521C481674985F7
Authority info access:    rsync://ca.rg.net/rpki/RGnet-OU/ZW5EIqvxKWSSAOsBmoFfKxIjbpI.cer
Subject info access:      rsync://krill.rg.net/repo/rpki-beacons-ca/0/656E4422ABF129649200EB019A815F2B12236E92.mft
Manifest number:          0220
Signing time:             Tue 06 Jan 2026 04:19:39 +0000
Manifest this update:     Tue 06 Jan 2026 04:14:39 +0000
Manifest next update:     Wed 07 Jan 2026 04:19:39 +0000
Files and hashes:         1: 34352e3133322e3139312e302f32342d3234203d3e2033393730.roa (hash: piR0xY2W/Fg7dFVRqqqeApVksNlAZNhoOxCqAZQ09I0=)
                          2: 3134372e32382e31302e302f32332d3234203d3e2039343334.roa (hash: VtH6E5X9bla/lP/1oDgzLC/IGBeO4Y+MgLQlG/MHRAA=)
                          3: 3134372e32382e31302e302f32332d3234203d3e203437303635.roa (hash: InllrUkC+i/L8Vq1qSaFZSxY2gcH0Pb1ZOihADOfZw0=)
                          4: 656E4422ABF129649200EB019A815F2B12236E92.crl (hash: lvB+oZ1rnqCIx17CrGZktgy39rk+akxNvgKnvFusu+w=)
                          5: 34352e3133322e3139302e302f32342d3234203d3e2030.roa (hash: 9ieyP3BjwnrGT7jHWN0miv3BwxPneURkOZZD4j2C8Tw=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:fb:ae:e0:32:14:3b:a1:19:43:3c:7c:a5:21:c4:81:67:49:85:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=656E4422ABF129649200EB019A815F2B12236E92
        Validity
            Not Before: Jan  6 04:14:39 2026 GMT
            Not After : Jan  7 04:19:39 2026 GMT
        Subject: CN=4BBBD28E325E8BF97886950F000555C89F33D4A9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:00:cd:bc:30:2a:0c:fd:c2:b9:19:57:87:45:
                    4a:cc:de:a0:4e:95:30:42:d0:ed:b3:92:31:c0:b7:
                    fc:23:80:a2:29:14:2f:8f:cd:58:18:e2:60:40:73:
                    50:02:3a:fe:3e:5d:a6:9d:95:5f:4d:f0:88:2b:61:
                    64:8b:1b:c8:ed:d6:1f:fd:38:21:b2:e2:c3:5d:fe:
                    d9:de:30:a3:b5:9b:d7:58:d8:e4:32:0d:21:52:85:
                    46:de:58:8e:13:ad:b9:23:85:ab:60:8e:d8:1b:88:
                    ea:9d:64:6c:8d:fb:b5:a1:79:89:fd:ea:c3:5b:ef:
                    a7:58:41:8e:49:8b:7e:f9:1b:0e:99:1b:c3:3a:e9:
                    d2:c6:02:80:b3:70:6d:9b:ff:e7:76:b6:24:99:e7:
                    e7:36:7d:f7:79:92:52:3c:27:f7:d7:1a:f8:ae:9b:
                    43:49:ca:84:7e:1e:98:1e:47:b7:72:83:89:d4:84:
                    17:21:ab:00:7a:88:5b:4f:10:d4:23:d3:06:83:ee:
                    61:1a:a6:fe:b3:78:9a:e5:58:68:b5:9a:7d:ef:40:
                    dd:a3:c5:1f:f6:50:d7:5a:6f:e6:39:4d:0b:5a:8a:
                    cf:38:52:ca:cc:39:24:15:01:c4:1b:68:be:0d:6d:
                    09:47:9e:5d:a6:ed:c4:2c:40:4a:65:5a:49:53:38:
                    16:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:BB:D2:8E:32:5E:8B:F9:78:86:95:0F:00:05:55:C8:9F:33:D4:A9
            X509v3 Authority Key Identifier:
                keyid:65:6E:44:22:AB:F1:29:64:92:00:EB:01:9A:81:5F:2B:12:23:6E:92

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://krill.rg.net/repo/rpki-beacons-ca/0/656E4422ABF129649200EB019A815F2B12236E92.crl

            Authority Information Access:
                CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/ZW5EIqvxKWSSAOsBmoFfKxIjbpI.cer

            Subject Information Access:
                Signed Object - URI:rsync://krill.rg.net/repo/rpki-beacons-ca/0/656E4422ABF129649200EB019A815F2B12236E92.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:d4:fe:81:ba:4d:93:d9:35:b2:85:85:ef:95:98:38:e0:9c:
         a4:3e:fb:8d:7e:72:56:c8:c8:14:22:e5:b3:47:73:7d:47:a7:
         6f:05:58:16:94:63:c6:2c:e1:e8:13:a8:ae:0a:28:95:47:8d:
         cf:40:5d:32:76:23:5e:77:22:49:d1:da:22:87:f7:82:e3:84:
         3f:d2:4c:48:85:b2:f8:df:ed:0d:49:3a:ad:89:17:b0:e8:58:
         15:d6:34:00:c9:03:e0:37:22:88:ea:47:61:22:09:58:29:e2:
         2c:3e:fa:b0:7f:a1:47:61:00:5a:1e:d9:56:18:e0:20:b0:9d:
         6d:81:05:0b:7c:2c:49:57:ce:a3:b0:b5:2e:18:f7:a9:59:79:
         41:3e:7d:f2:d8:f2:b2:6e:4b:e7:b5:59:96:d2:aa:b9:bc:4a:
         5e:b7:46:8e:b6:1a:e5:03:c3:49:3a:5d:86:56:ba:9a:11:fc:
         5e:f4:83:56:34:2f:71:9a:2e:b4:80:a0:38:f8:0b:e4:34:00:
         57:50:41:d0:e0:60:a0:42:5b:37:1a:ce:a6:d2:ff:9f:a0:c8:
         52:d9:5f:74:ed:19:2b:50:47:69:33:5b:b9:ac:fd:51:e5:a7:
         03:73:4c:80:01:db:a7:fe:f9:b3:22:b3:af:44:4c:07:9f:1c:
         eb:fc:bf:35
-----BEGIN CERTIFICATE-----
MIIE3DCCA8SgAwIBAgIUOvuu4DIUO6EZQzx8pSHEgWdJhfcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjU2RTQ0MjJBQkYxMjk2NDkyMDBFQjAxOUE4MTVGMkIx
MjIzNkU5MjAeFw0yNjAxMDYwNDE0MzlaFw0yNjAxMDcwNDE5MzlaMDMxMTAvBgNV
BAMTKDRCQkJEMjhFMzI1RThCRjk3ODg2OTUwRjAwMDU1NUM4OUYzM0Q0QTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZAM28MCoM/cK5GVeHRUrM3qBO
lTBC0O2zkjHAt/wjgKIpFC+PzVgY4mBAc1ACOv4+XaadlV9N8IgrYWSLG8jt1h/9
OCGy4sNd/tneMKO1m9dY2OQyDSFShUbeWI4TrbkjhatgjtgbiOqdZGyN+7WheYn9
6sNb76dYQY5Ji375Gw6ZG8M66dLGAoCzcG2b/+d2tiSZ5+c2ffd5klI8J/fXGviu
m0NJyoR+HpgeR7dyg4nUhBchqwB6iFtPENQj0waD7mEapv6zeJrlWGi1mn3vQN2j
xR/2UNdab+Y5TQtais84UsrMOSQVAcQbaL4NbQlHnl2m7cQsQEplWklTOBZ7AgMB
AAGjggHmMIIB4jAdBgNVHQ4EFgQUS7vSjjJei/l4hpUPAAVVyJ8z1KkwHwYDVR0j
BBgwFoAUZW5EIqvxKWSSAOsBmoFfKxIjbpIwDgYDVR0PAQH/BAQDAgeAMGkGA1Ud
HwRiMGAwXqBcoFqGWHJzeW5jOi8va3JpbGwucmcubmV0L3JlcG8vcnBraS1iZWFj
b25zLWNhLzAvNjU2RTQ0MjJBQkYxMjk2NDkyMDBFQjAxOUE4MTVGMkIxMjIzNkU5
Mi5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsGAQUFBzAChj9yc3luYzovL2NhLnJn
Lm5ldC9ycGtpL1JHbmV0LU9VL1pXNUVJcXZ4S1dTU0FPc0Jtb0ZmS3hJamJwSS5j
ZXIwdAYIKwYBBQUHAQsEaDBmMGQGCCsGAQUFBzALhlhyc3luYzovL2tyaWxsLnJn
Lm5ldC9yZXBvL3Jwa2ktYmVhY29ucy1jYS8wLzY1NkU0NDIyQUJGMTI5NjQ5MjAw
RUIwMTlBODE1RjJCMTIyMzZFOTIubWZ0MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIQYIKwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADAVBggrBgEFBQcB
CAEB/wQGMASgAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAU1P6Buk2T2TWyhYXvlZg4
4JykPvuNfnJWyMgUIuWzR3N9R6dvBVgWlGPGLOHoE6iuCiiVR43PQF0ydiNedyJJ
0doih/eC44Q/0kxIhbL43+0NSTqtiRew6FgV1jQAyQPgNyKI6kdhIglYKeIsPvqw
f6FHYQBaHtlWGOAgsJ1tgQULfCxJV86jsLUuGPepWXlBPn3y2PKybkvntVmW0qq5
vEpet0aOthrlA8NJOl2GVrqaEfxe9INWNC9xmi60gKA4+AvkNABXUEHQ4GCgQls3
Gs6m0v+foMhS2V907RkrUEdpM1u5rP1R5acDc0yAAdun/vmzIrOvREwHnxzr/L81
-----END CERTIFICATE-----