This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft
File:                     hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft (raw, json)
Hash identifier:          UGFIiELF0cLhPTcyzTlFBg6Vt3o/ycMbWUZ8SfxF2e0=
Subject key identifier:   0B:4C:9D:3B:A2:10:7B:FA:7F:68:A3:68:22:FB:5F:35:03:E2:9F:20
Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Certificate issuer:       /CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Certificate serial:       019B37216425959D0A69F7590C100B5F9694
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft
Manifest number:          154A
Signing time:             Fri 19 Dec 2025 15:01:33 +0000
Manifest this update:     Fri 19 Dec 2025 15:01:33 +0000
Manifest next update:     Sat 20 Dec 2025 15:01:33 +0000
Files and hashes:         1: 0dOOZcxouEyBwDParynks7StwHE.roa (hash: JJ6ZudJMCas3SwJxwt6lm5WwMowMP1vWjiYzBqRT97Y=)
                          2: 0j_F7ObjeWM_-MDv2vnltyDHFUk.roa (hash: OsaLtzwPIW8gqCsltJsusg8e34JBn85Om/z5CrRK5Uo=)
                          3: 2sVCpnUAKblWh9v7qVEsEKRUfWA.roa (hash: 1CKYprr2EavvDbIEOzey7tbCXji3ClAfurVr7rHadc8=)
                          4: 7-L8h3vxgPMOucvJUyn6jvtlWq4.roa (hash: JqzKMiGM9qG/KoIssHAuY0XkXfUrBvh/Eg7mCU+N938=)
                          5: 9oLYcSPHMvCe-Pv2M_rza63XTow.roa (hash: wcB89ybRT1IhIFGZVbatLp94YXi4OhrbT8jvmNnsE+Y=)
                          6: FlI6inWj2TmnnIGOS7ZVGBf_bD0.roa (hash: 5X+YWS6gSiJ/Tn7alo0GG3dyffx54L0u6yH14DDRlbA=)
                          7: GaWyzUO0HJeBjasyRqC97NsCSD4.roa (hash: UvlgjWI3E2c5HU/6Dd5CAeuvj7bfQfjld2BSF5GNKKQ=)
                          8: IVO47FxImh-y3rWgAak5j9Lhqu0.roa (hash: UCZgxxNbeCBV4XvQFqq64x8nscbBvfYrvynDklgIEQw=)
                          9: JA31DZScZvYIwJfErV7LU6Pm8FI.roa (hash: j2dwdPSin1EaN8bZ47DvZWD73l5sMHPdzBMxjZwMols=)
                          10: OeMnrV0nVX6DCpX5ruJ0icY3qZM.roa (hash: CYtkRKt0tKCgVnuKUn9N15L60FkF9ZK/0wKUSmI7zGM=)
                          11: P3PfwPwkcE040d3Qr-D90iwF4_k.roa (hash: T1rptYAIYRS6lWsTlrVwQbPRhxvEwgxKU1Xm6hHDr7M=)
                          12: SYg89xuEXUG6bMD7Pl2CsVBcmVo.roa (hash: FafX8OoXWchxsyj8C7cAZtH+8tr3bEqU6ajEo9eZfcQ=)
                          13: V05XtxLuNAQpoO5H9P1IS4dSoX4.roa (hash: LXCIEksdGEPZzBTCWjbFwGM6+GL06zblhdET9a+UUAU=)
                          14: h6WkXFQCalKSUE8qQsL0s6At9NA.roa (hash: xC7sZws2p6+JMX2/NZkkNUsOt0/rPDjC11vfXSnqVOc=)
                          15: hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl (hash: FGO8M7aur88fKgqU+dJVYwy51TM1cIKLpDWNh6G/V8M=)
                          16: ijQaYqsX36Iual-crRkacGaVc58.roa (hash: ccJw28PP5f/TupBMNwlADhguaBvKtjfCXWHuFYXPLzA=)
                          17: tta7Y8CGam3Bk5ymO6HtDo5JmhU.roa (hash: XDbIU4BmGkvASLJz4BGT9b/lR8c31GenOVU33j6ph6w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 20 Dec 2025 15:01:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:37:21:64:25:95:9d:0a:69:f7:59:0c:10:0b:5f:96:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
        Validity
            Not Before: Dec 19 15:01:33 2025 GMT
            Not After : Dec 20 15:01:33 2025 GMT
        Subject: CN=0b4c9d3ba2107bfa7f68a36822fb5f3503e29f20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:67:64:14:f9:26:ff:fb:44:5e:84:12:a2:2f:
                    9b:de:ce:c1:28:51:56:e0:12:34:20:97:2e:77:52:
                    75:5d:a4:8c:8e:2d:23:d0:86:d7:42:3b:7b:81:c3:
                    08:eb:9e:9b:24:12:ff:05:68:de:9b:a2:a1:bc:ac:
                    66:0a:26:9a:8c:de:c5:04:46:7a:45:d9:ef:8d:0e:
                    5a:3b:68:1a:95:5b:5c:01:20:f1:11:b3:a5:bc:43:
                    66:13:93:ec:a7:3f:fa:23:69:1c:a3:06:69:77:71:
                    e0:6f:5a:0b:aa:d7:a8:04:68:69:d7:c4:8c:e3:07:
                    f8:bd:8a:98:55:a2:2f:7e:b5:83:51:d2:9f:64:4d:
                    05:32:be:d6:cd:10:4c:9b:57:26:f7:d4:a0:c8:37:
                    08:fb:6d:91:a9:a5:7d:b8:9d:1d:cc:10:74:9e:bb:
                    23:b8:23:7d:83:6d:a9:40:3b:e3:d3:18:e0:0f:ed:
                    8e:d8:f3:85:dc:59:9f:2b:22:0d:31:a2:39:28:9b:
                    5d:67:a3:ae:b4:12:44:66:71:47:22:ff:57:a0:ef:
                    d3:7e:0d:cb:95:eb:01:ee:c5:c4:23:a4:2d:3f:ea:
                    ee:90:0c:80:55:62:6a:37:b9:ae:8f:0b:63:9c:ca:
                    be:65:ed:70:c7:c4:47:36:83:a5:6c:50:0a:c6:fd:
                    f5:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:4C:9D:3B:A2:10:7B:FA:7F:68:A3:68:22:FB:5F:35:03:E2:9F:20
            X509v3 Authority Key Identifier:
                keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:a6:98:cb:56:50:b4:b5:1a:91:f4:52:9b:4d:f9:41:4e:44:
         99:f5:c7:a1:42:a9:0b:f4:79:d1:28:be:73:fa:73:23:62:75:
         fc:fa:91:1f:ac:57:a7:e0:9e:b9:1e:d3:07:25:b7:cd:39:17:
         a0:35:a4:7e:d8:15:88:78:84:1a:57:66:d9:76:4c:61:32:c5:
         e9:f0:fa:1c:61:b9:69:ab:2b:9c:4a:b4:fa:56:17:3a:49:fd:
         9f:2a:c7:a5:94:f3:fc:7b:36:aa:f5:6a:e8:3f:de:41:bd:7e:
         5f:b2:d2:3f:60:82:a0:45:0a:d6:87:64:87:12:94:a6:7a:e6:
         6e:73:c0:85:58:58:51:f4:84:d8:19:3e:a4:07:5b:c1:c9:0d:
         0a:6e:a6:6a:c7:6f:50:7f:78:d9:e7:f5:44:25:67:8f:72:b0:
         58:d2:e2:19:f7:83:35:21:6f:cc:6c:92:8c:b6:a2:16:85:19:
         8f:03:32:18:a6:1c:c7:fd:fe:ab:e5:63:4d:3c:03:cd:48:02:
         6b:ab:82:a5:01:29:46:fa:be:1c:18:ba:16:b8:55:7c:aa:e3:
         3f:24:1e:38:ca:6f:75:70:86:ca:1a:39:7b:e7:46:6a:10:b1:
         3f:ee:d7:c6:f2:41:ab:86:43:98:8b:45:2b:e1:74:43:60:9b:
         d7:38:23:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZs3IWQllZ0KafdZDBALX5aUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzNlZjQ2MTE2ZmQ5ZDIxYmZiNTMzZTQ0YmRlNTE3ODkw
YzI0ZGMwHhcNMjUxMjE5MTUwMTMzWhcNMjUxMjIwMTUwMTMzWjAzMTEwLwYDVQQD
EygwYjRjOWQzYmEyMTA3YmZhN2Y2OGEzNjgyMmZiNWYzNTAzZTI5ZjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWdkFPkm//tEXoQSoi+b3s7BKFFW
4BI0IJcud1J1XaSMji0j0IbXQjt7gcMI656bJBL/BWjem6KhvKxmCiaajN7FBEZ6
RdnvjQ5aO2galVtcASDxEbOlvENmE5Pspz/6I2kcowZpd3Hgb1oLqteoBGhp18SM
4wf4vYqYVaIvfrWDUdKfZE0FMr7WzRBMm1cm99SgyDcI+22RqaV9uJ0dzBB0nrsj
uCN9g22pQDvj0xjgD+2O2POF3FmfKyINMaI5KJtdZ6OutBJEZnFHIv9XoO/Tfg3L
lesB7sXEI6QtP+rukAyAVWJqN7mujwtjnMq+Ze1wx8RHNoOlbFAKxv31OwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAtMnTuiEHv6f2ijaCL7XzUD4p8gMB8GA1UdIwQY
MBaAFIUz70YRb9nSG/tTPkS95ReJDCTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAt
NzM5MjNkYWVmMTE0LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAtNzM5MjNkYWVmMTE0
LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtaaYy1ZQ
tLUakfRSm035QU5EmfXHoUKpC/R50Si+c/pzI2J1/PqRH6xXp+CeuR7TByW3zTkX
oDWkftgViHiEGldm2XZMYTLF6fD6HGG5aasrnEq0+lYXOkn9nyrHpZTz/Hs2qvVq
6D/eQb1+X7LSP2CCoEUK1odkhxKUpnrmbnPAhVhYUfSE2Bk+pAdbwckNCm6masdv
UH942ef1RCVnj3KwWNLiGfeDNSFvzGySjLaiFoUZjwMyGKYcx/3+q+VjTTwDzUgC
a6uCpQEpRvq+HBi6FrhVfKrjPyQeOMpvdXCGyho5e+dGahCxP+7XxvJBq4ZDmItF
K+F0Q2Cb1zgjmQ==
-----END CERTIFICATE-----