This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/d5eb6f-b781-4d52-8283-d2e10c97645f/1/gHmvy6Wodi-3n05eDXo17oTNPfQ.mft
File:                     gHmvy6Wodi-3n05eDXo17oTNPfQ.mft (raw, json)
Hash identifier:          3/mF4CyznDls+Eed+iW7fM4hn9vSFy+NZJS4Os/2n/0=
Subject key identifier:   6B:1F:C6:8E:5A:AB:BE:B4:08:08:03:C6:A3:6D:A3:75:4D:04:60:CC
Authority key identifier: 80:79:AF:CB:A5:A8:76:2F:B7:9F:4E:5E:0D:7A:35:EE:84:CD:3D:F4
Certificate issuer:       /CN=8079afcba5a8762fb79f4e5e0d7a35ee84cd3df4
Certificate serial:       019B3BA22F92B104E9B2CAC9D3A4D64D26FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gHmvy6Wodi-3n05eDXo17oTNPfQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/d5eb6f-b781-4d52-8283-d2e10c97645f/1/gHmvy6Wodi-3n05eDXo17oTNPfQ.mft
Manifest number:          0E04
Signing time:             Sat 20 Dec 2025 12:00:43 +0000
Manifest this update:     Sat 20 Dec 2025 12:00:43 +0000
Manifest next update:     Sun 21 Dec 2025 12:00:43 +0000
Files and hashes:         1: 8IUfLut7BygQV_kfUjYxZ6R1hWo.roa (hash: osXEgzEeRLXEDV95MIWOG4REHDOr18vMvAPD5SIJRo8=)
                          2: e906IBwj4MSiW-e8owQAWsQ_4Jo.roa (hash: P83ELX1oAyr6YQ0Ab0RC6iwmwrr6PxLhv5UjiehFQxc=)
                          3: eb3BGeh-4gG7gVQzfJYmE4N9iJk.roa (hash: ytxhtvq1ezR1if4ipOboDxmwy8xQfyDHM3VrrrzA9pU=)
                          4: g2b35-nULZDfmdIQobQp625Nk-I.roa (hash: daDEnydg6U3m1GEZ8hWZT3NDMPEI2dbQkvddvsu4lNo=)
                          5: gHmvy6Wodi-3n05eDXo17oTNPfQ.crl (hash: duY08Hvqj9dFGAXf5MXwGFruCYagVYvakv35eL2I7I8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/d5eb6f-b781-4d52-8283-d2e10c97645f/1/gHmvy6Wodi-3n05eDXo17oTNPfQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/d5eb6f-b781-4d52-8283-d2e10c97645f/1/gHmvy6Wodi-3n05eDXo17oTNPfQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gHmvy6Wodi-3n05eDXo17oTNPfQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 21 Dec 2025 12:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:3b:a2:2f:92:b1:04:e9:b2:ca:c9:d3:a4:d6:4d:26:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8079afcba5a8762fb79f4e5e0d7a35ee84cd3df4
        Validity
            Not Before: Dec 20 12:00:43 2025 GMT
            Not After : Dec 21 12:00:43 2025 GMT
        Subject: CN=6b1fc68e5aabbeb4080803c6a36da3754d0460cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:6b:9f:36:a1:42:f0:4d:df:78:57:71:95:b5:
                    77:07:be:15:67:16:ba:d6:56:22:a6:32:31:7e:6e:
                    61:95:36:b6:9d:2e:4b:3a:6d:c3:7c:c8:45:6f:5b:
                    9c:e3:68:15:56:be:84:70:9f:3a:2a:65:63:c3:23:
                    e2:aa:82:c4:b3:7a:6a:36:41:c3:cb:d2:ec:87:d4:
                    e7:36:56:b7:00:7c:04:23:0f:b5:87:d7:b4:b9:46:
                    cb:a8:59:f3:77:15:66:7a:8e:06:f0:45:e5:7e:7e:
                    28:cd:c1:51:d0:ea:a1:5d:32:ca:72:34:3f:23:c8:
                    29:13:dc:64:39:e5:fa:e1:cd:0f:e8:ea:6e:3a:30:
                    ac:f9:38:5e:b0:f1:41:7c:58:48:d0:9f:2a:de:47:
                    dc:1e:39:ef:aa:43:6d:0c:16:a7:90:9b:97:94:0f:
                    39:0d:c5:16:93:75:ed:23:a6:1c:64:18:f8:35:79:
                    fc:92:e9:7a:ff:55:32:a1:8f:da:4f:82:2b:b3:0d:
                    b5:84:3d:a0:c7:ab:be:37:7f:09:5d:cb:31:53:4c:
                    06:0c:d8:60:1f:ce:f1:34:a2:2e:96:c2:58:a6:90:
                    7a:c0:4f:81:e2:ce:66:56:96:b4:ad:df:0b:7d:e1:
                    3b:19:32:86:f9:26:f8:e8:33:29:e2:8a:8b:64:b2:
                    5b:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:1F:C6:8E:5A:AB:BE:B4:08:08:03:C6:A3:6D:A3:75:4D:04:60:CC
            X509v3 Authority Key Identifier:
                keyid:80:79:AF:CB:A5:A8:76:2F:B7:9F:4E:5E:0D:7A:35:EE:84:CD:3D:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gHmvy6Wodi-3n05eDXo17oTNPfQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/d5eb6f-b781-4d52-8283-d2e10c97645f/1/gHmvy6Wodi-3n05eDXo17oTNPfQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/d5eb6f-b781-4d52-8283-d2e10c97645f/1/gHmvy6Wodi-3n05eDXo17oTNPfQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c1:fd:97:43:91:8b:06:9d:2c:19:00:e9:34:69:d6:cb:94:ad:
         3b:35:71:e3:15:dc:87:85:60:d1:0d:6b:ca:4d:f0:d6:1a:32:
         6e:40:b7:e5:ba:38:49:20:db:49:bf:c4:e7:a5:19:1c:1a:21:
         80:4f:78:00:47:c3:d3:22:13:02:86:00:41:8e:aa:71:bc:8f:
         52:8f:ad:57:72:bf:c5:af:b1:9a:ce:5c:b6:fb:56:76:5f:6b:
         67:85:83:92:1e:b8:17:16:1a:68:87:1f:51:6f:00:cc:de:c1:
         cf:e2:3e:3d:73:4a:b6:26:20:58:78:9b:a9:e1:48:67:bb:ec:
         eb:68:f9:ae:39:77:2a:84:d1:ac:40:c1:be:f0:90:16:02:c0:
         4e:ec:31:4f:5e:38:d5:4f:4a:2c:2a:c6:fa:15:92:cd:d1:f9:
         56:30:12:50:5d:49:91:d3:e2:83:19:c4:35:bf:07:65:d9:36:
         9f:89:a1:21:27:19:88:4e:10:f3:fc:b5:07:83:25:17:29:b2:
         fb:64:12:7b:08:a3:f8:98:16:09:88:21:7d:ba:d1:07:32:d0:
         e0:94:d8:46:9c:9e:f1:b6:8e:39:38:34:a8:7f:30:47:55:49:
         28:1a:7b:9a:0c:35:84:b9:a0:61:4f:6b:d1:a2:bc:84:31:98:
         dd:d3:a7:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZs7oi+SsQTpssrJ06TWTSb+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNzlhZmNiYTVhODc2MmZiNzlmNGU1ZTBkN2EzNWVlODRj
ZDNkZjQwHhcNMjUxMjIwMTIwMDQzWhcNMjUxMjIxMTIwMDQzWjAzMTEwLwYDVQQD
Eyg2YjFmYzY4ZTVhYWJiZWI0MDgwODAzYzZhMzZkYTM3NTRkMDQ2MGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1GufNqFC8E3feFdxlbV3B74VZxa6
1lYipjIxfm5hlTa2nS5LOm3DfMhFb1uc42gVVr6EcJ86KmVjwyPiqoLEs3pqNkHD
y9Lsh9TnNla3AHwEIw+1h9e0uUbLqFnzdxVmeo4G8EXlfn4ozcFR0OqhXTLKcjQ/
I8gpE9xkOeX64c0P6OpuOjCs+ThesPFBfFhI0J8q3kfcHjnvqkNtDBankJuXlA85
DcUWk3XtI6YcZBj4NXn8kul6/1UyoY/aT4Irsw21hD2gx6u+N38JXcsxU0wGDNhg
H87xNKIulsJYppB6wE+B4s5mVpa0rd8LfeE7GTKG+Sb46DMp4oqLZLJbZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGsfxo5aq760CAgDxqNto3VNBGDMMB8GA1UdIwQY
MBaAFIB5r8ulqHYvt59OXg16Ne6EzT30MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0htdnk2V29kaS0zbjA1ZURYbzE3b1ROUGZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9kNWViNmYtYjc4MS00ZDUyLTgyODMt
ZDJlMTBjOTc2NDVmLzEvZ0htdnk2V29kaS0zbjA1ZURYbzE3b1ROUGZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9kNWViNmYtYjc4MS00ZDUyLTgyODMtZDJlMTBjOTc2NDVm
LzEvZ0htdnk2V29kaS0zbjA1ZURYbzE3b1ROUGZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwf2XQ5GL
Bp0sGQDpNGnWy5StOzVx4xXch4Vg0Q1ryk3w1hoybkC35bo4SSDbSb/E56UZHBoh
gE94AEfD0yITAoYAQY6qcbyPUo+tV3K/xa+xms5ctvtWdl9rZ4WDkh64FxYaaIcf
UW8AzN7Bz+I+PXNKtiYgWHibqeFIZ7vs62j5rjl3KoTRrEDBvvCQFgLATuwxT144
1U9KLCrG+hWSzdH5VjASUF1JkdPigxnENb8HZdk2n4mhIScZiE4Q8/y1B4MlFymy
+2QSewij+JgWCYghfbrRBzLQ4JTYRpye8baOOTg0qH8wR1VJKBp7mgw1hLmgYU9r
0aK8hDGY3dOnxw==
-----END CERTIFICATE-----
Generated at Sat Dec 20 21:28:43 2025 by rpki-client