This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/d5eb6f-b781-4d52-8283-d2e10c97645f/1/gHmvy6Wodi-3n05eDXo17oTNPfQ.mft
File:                     gHmvy6Wodi-3n05eDXo17oTNPfQ.mft (raw, json)
Hash identifier:          M2Ci0V70iXZyF8BLZto8FJwjszaWkIY6nGHzi/7iBh8=
Subject key identifier:   30:C2:0D:6C:25:7A:6D:40:17:A7:7D:00:04:A3:20:90:D9:61:6D:50
Authority key identifier: 80:79:AF:CB:A5:A8:76:2F:B7:9F:4E:5E:0D:7A:35:EE:84:CD:3D:F4
Certificate issuer:       /CN=8079afcba5a8762fb79f4e5e0d7a35ee84cd3df4
Certificate serial:       019B39B3D073170F91D5588066FACE5B035B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gHmvy6Wodi-3n05eDXo17oTNPfQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/d5eb6f-b781-4d52-8283-d2e10c97645f/1/gHmvy6Wodi-3n05eDXo17oTNPfQ.mft
Manifest number:          0E03
Signing time:             Sat 20 Dec 2025 03:00:44 +0000
Manifest this update:     Sat 20 Dec 2025 03:00:44 +0000
Manifest next update:     Sun 21 Dec 2025 03:00:44 +0000
Files and hashes:         1: 8IUfLut7BygQV_kfUjYxZ6R1hWo.roa (hash: osXEgzEeRLXEDV95MIWOG4REHDOr18vMvAPD5SIJRo8=)
                          2: e906IBwj4MSiW-e8owQAWsQ_4Jo.roa (hash: P83ELX1oAyr6YQ0Ab0RC6iwmwrr6PxLhv5UjiehFQxc=)
                          3: eb3BGeh-4gG7gVQzfJYmE4N9iJk.roa (hash: ytxhtvq1ezR1if4ipOboDxmwy8xQfyDHM3VrrrzA9pU=)
                          4: g2b35-nULZDfmdIQobQp625Nk-I.roa (hash: daDEnydg6U3m1GEZ8hWZT3NDMPEI2dbQkvddvsu4lNo=)
                          5: gHmvy6Wodi-3n05eDXo17oTNPfQ.crl (hash: 7f95cFc+0ZKV1IikFAB8zK+WG36XWira61IXXmeiidE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/d5eb6f-b781-4d52-8283-d2e10c97645f/1/gHmvy6Wodi-3n05eDXo17oTNPfQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/d5eb6f-b781-4d52-8283-d2e10c97645f/1/gHmvy6Wodi-3n05eDXo17oTNPfQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gHmvy6Wodi-3n05eDXo17oTNPfQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 21 Dec 2025 01:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:39:b3:d0:73:17:0f:91:d5:58:80:66:fa:ce:5b:03:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8079afcba5a8762fb79f4e5e0d7a35ee84cd3df4
        Validity
            Not Before: Dec 20 03:00:44 2025 GMT
            Not After : Dec 21 03:00:44 2025 GMT
        Subject: CN=30c20d6c257a6d4017a77d0004a32090d9616d50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:f2:82:40:32:4c:99:b8:eb:84:ef:6e:c3:5b:
                    d8:35:15:8f:41:fd:55:f4:9f:a8:f9:02:05:31:11:
                    37:7e:17:1d:e3:ba:46:a9:7c:b3:41:db:d5:b2:67:
                    59:36:bc:0b:ec:16:93:58:fc:f5:4d:85:cf:4e:fd:
                    49:b2:50:56:4a:f8:73:6b:02:d6:f9:91:42:39:d7:
                    c0:65:74:83:ad:3e:1f:e4:e2:eb:d5:7d:89:67:5f:
                    21:db:b6:a7:31:d5:6f:73:48:5c:53:b1:3e:c4:b6:
                    1e:ec:dd:3a:cc:63:1f:55:07:68:67:8b:40:0c:79:
                    e5:a3:82:49:0a:ee:9c:fa:27:00:7d:6b:fd:09:6d:
                    af:89:4d:6f:62:50:cf:8d:7e:c4:71:73:6b:ed:a5:
                    c6:b2:1e:45:cf:e4:a7:77:1a:db:f0:7d:c4:8b:d6:
                    33:db:44:78:8e:eb:a8:c5:d6:9f:aa:7b:20:83:bb:
                    46:e2:ad:8b:88:7f:1d:ae:9d:cd:f4:70:f4:9b:e2:
                    45:b3:54:4d:6b:1e:78:40:a5:5e:fb:f4:96:dc:af:
                    2f:00:f3:88:d2:14:3e:6b:3d:0e:91:01:f6:5f:af:
                    27:ba:c0:54:18:44:87:de:c5:ad:5b:57:cf:e6:02:
                    75:eb:10:f6:2c:8a:19:28:b2:52:a4:fa:38:df:b1:
                    ae:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:C2:0D:6C:25:7A:6D:40:17:A7:7D:00:04:A3:20:90:D9:61:6D:50
            X509v3 Authority Key Identifier:
                keyid:80:79:AF:CB:A5:A8:76:2F:B7:9F:4E:5E:0D:7A:35:EE:84:CD:3D:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gHmvy6Wodi-3n05eDXo17oTNPfQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/d5eb6f-b781-4d52-8283-d2e10c97645f/1/gHmvy6Wodi-3n05eDXo17oTNPfQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/d5eb6f-b781-4d52-8283-d2e10c97645f/1/gHmvy6Wodi-3n05eDXo17oTNPfQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:f9:8e:67:49:2f:d3:88:9f:e9:6b:d7:88:26:ce:c1:1a:b1:
         dc:07:a1:09:d8:c0:64:09:cd:21:b3:e0:5c:56:ec:0c:65:03:
         3c:37:d2:88:ec:0a:36:f2:95:6c:44:9c:8e:86:47:a2:57:5c:
         5b:23:fb:5b:d3:04:8a:a7:a0:50:ac:a0:9b:51:7c:be:98:71:
         bd:67:e0:2a:5d:60:c0:81:f8:a0:4b:59:2f:a2:ea:3b:c0:57:
         6a:40:7a:0d:69:7d:de:46:6a:a6:27:17:a3:17:1e:85:ce:85:
         01:0d:39:63:91:2c:03:9e:71:85:74:c1:84:2f:b7:b8:fc:ec:
         7c:4a:e3:c2:92:d6:6f:56:f5:80:5a:d3:20:51:ae:7d:d9:b3:
         f1:31:a6:e0:e4:50:aa:27:26:a9:64:ea:11:aa:d3:99:e5:8b:
         b1:64:50:4f:7c:25:37:2c:2f:e0:ee:d5:53:74:36:09:b3:32:
         d7:77:95:0a:96:65:da:da:15:87:e2:65:f3:de:39:1f:aa:e1:
         64:af:cf:fe:10:51:a9:16:e4:f1:8e:4e:e1:20:94:0d:67:af:
         8f:68:bd:ab:b4:8f:91:da:3b:11:02:56:84:94:9c:3a:3a:e8:
         37:0d:37:ed:81:a8:a9:55:a6:2a:95:e9:87:3c:71:a6:39:4e:
         60:19:01:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZs5s9BzFw+R1ViAZvrOWwNbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNzlhZmNiYTVhODc2MmZiNzlmNGU1ZTBkN2EzNWVlODRj
ZDNkZjQwHhcNMjUxMjIwMDMwMDQ0WhcNMjUxMjIxMDMwMDQ0WjAzMTEwLwYDVQQD
EygzMGMyMGQ2YzI1N2E2ZDQwMTdhNzdkMDAwNGEzMjA5MGQ5NjE2ZDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPKCQDJMmbjrhO9uw1vYNRWPQf1V
9J+o+QIFMRE3fhcd47pGqXyzQdvVsmdZNrwL7BaTWPz1TYXPTv1JslBWSvhzawLW
+ZFCOdfAZXSDrT4f5OLr1X2JZ18h27anMdVvc0hcU7E+xLYe7N06zGMfVQdoZ4tA
DHnlo4JJCu6c+icAfWv9CW2viU1vYlDPjX7EcXNr7aXGsh5Fz+Sndxrb8H3Ei9Yz
20R4juuoxdafqnsgg7tG4q2LiH8drp3N9HD0m+JFs1RNax54QKVe+/SW3K8vAPOI
0hQ+az0OkQH2X68nusBUGESH3sWtW1fP5gJ16xD2LIoZKLJSpPo437GuBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDDCDWwlem1AF6d9AASjIJDZYW1QMB8GA1UdIwQY
MBaAFIB5r8ulqHYvt59OXg16Ne6EzT30MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0htdnk2V29kaS0zbjA1ZURYbzE3b1ROUGZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9kNWViNmYtYjc4MS00ZDUyLTgyODMt
ZDJlMTBjOTc2NDVmLzEvZ0htdnk2V29kaS0zbjA1ZURYbzE3b1ROUGZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9kNWViNmYtYjc4MS00ZDUyLTgyODMtZDJlMTBjOTc2NDVm
LzEvZ0htdnk2V29kaS0zbjA1ZURYbzE3b1ROUGZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJfmOZ0kv
04if6WvXiCbOwRqx3AehCdjAZAnNIbPgXFbsDGUDPDfSiOwKNvKVbEScjoZHoldc
WyP7W9MEiqegUKygm1F8vphxvWfgKl1gwIH4oEtZL6LqO8BXakB6DWl93kZqpicX
oxcehc6FAQ05Y5EsA55xhXTBhC+3uPzsfErjwpLWb1b1gFrTIFGufdmz8TGm4ORQ
qicmqWTqEarTmeWLsWRQT3wlNywv4O7VU3Q2CbMy13eVCpZl2toVh+Jl8945H6rh
ZK/P/hBRqRbk8Y5O4SCUDWevj2i9q7SPkdo7EQJWhJScOjroNw037YGoqVWmKpXp
hzxxpjlOYBkB8Q==
-----END CERTIFICATE-----
Generated at Sat Dec 20 09:41:27 2025 by rpki-client