This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/8b4d32-0365-4daa-9d5b-29920e5167d9/1/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.mft
File:                     oJ_aBHs6CxyCBDXmmTiGYNoyxj8.mft (raw, json)
Hash identifier:          fxU7s9bukVeTx56+mdWfDAYryIgbvUATOuhsMvtAOV4=
Subject key identifier:   DA:FE:98:E9:1B:C0:DF:B4:BC:81:48:D2:31:81:EE:46:E3:3F:88:80
Authority key identifier: A0:9F:DA:04:7B:3A:0B:1C:82:04:35:E6:99:38:86:60:DA:32:C6:3F
Certificate issuer:       /CN=a09fda047b3a0b1c820435e699388660da32c63f
Certificate serial:       019B38D88246B8C47876409BED97553FCA8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/8b4d32-0365-4daa-9d5b-29920e5167d9/1/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.mft
Manifest number:          06E1
Signing time:             Fri 19 Dec 2025 23:01:11 +0000
Manifest this update:     Fri 19 Dec 2025 23:01:11 +0000
Manifest next update:     Sat 20 Dec 2025 23:01:11 +0000
Files and hashes:         1: FfIlEvStYRtAHT_4tgisj2sboIA.roa (hash: u8VtTRQomqZri4fvKgtiux4C4c/ZHFagnd78Z59URa8=)
                          2: oJ_aBHs6CxyCBDXmmTiGYNoyxj8.crl (hash: mpNcScsEBPPzXA8sb0uhjQExWjQy2BlaHWJ1hPDJ3i4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/8b4d32-0365-4daa-9d5b-29920e5167d9/1/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/8b4d32-0365-4daa-9d5b-29920e5167d9/1/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 20 Dec 2025 16:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:38:d8:82:46:b8:c4:78:76:40:9b:ed:97:55:3f:ca:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a09fda047b3a0b1c820435e699388660da32c63f
        Validity
            Not Before: Dec 19 23:01:11 2025 GMT
            Not After : Dec 20 23:01:11 2025 GMT
        Subject: CN=dafe98e91bc0dfb4bc8148d23181ee46e33f8880
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:1a:d6:44:ca:97:36:bd:ec:89:d3:74:06:05:
                    2e:d6:a2:61:54:a1:7b:18:93:8b:05:0b:03:1e:e1:
                    a6:f1:5b:0c:07:33:a6:d2:29:8b:e8:7c:d6:02:02:
                    8d:ea:d3:d4:33:2d:b0:a5:19:65:52:f4:8e:12:7b:
                    6b:dd:55:11:c4:77:6b:2c:84:3e:50:eb:b4:75:3f:
                    a2:0d:88:d4:63:8b:c0:0b:40:42:a6:17:63:d4:74:
                    81:d1:b1:36:55:98:8b:06:76:8f:c8:67:9a:ef:54:
                    d5:a2:77:86:fd:3b:db:7d:34:21:ac:8c:cd:aa:f8:
                    5c:04:1f:75:15:ae:b9:45:26:11:12:37:eb:3b:39:
                    44:bd:51:f1:22:c5:c0:55:97:db:90:b2:19:c3:3c:
                    8a:e8:e2:49:2e:8c:7a:fc:2e:27:0d:73:ae:98:a2:
                    bd:9f:c9:ba:75:66:2a:00:c5:5f:bf:af:08:75:03:
                    f7:9f:d0:85:50:67:79:73:e1:2f:3b:d4:92:aa:0b:
                    60:ce:aa:da:d6:48:e2:b3:b7:5d:f9:43:58:d6:06:
                    f7:60:f3:8e:04:6b:29:4c:74:0d:d3:3f:2c:fb:3a:
                    8e:03:7f:6c:74:5d:b0:73:6c:c9:45:bc:a5:81:01:
                    9d:5d:9b:91:21:8b:db:f0:62:24:42:e5:46:ab:38:
                    49:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:FE:98:E9:1B:C0:DF:B4:BC:81:48:D2:31:81:EE:46:E3:3F:88:80
            X509v3 Authority Key Identifier:
                keyid:A0:9F:DA:04:7B:3A:0B:1C:82:04:35:E6:99:38:86:60:DA:32:C6:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/8b4d32-0365-4daa-9d5b-29920e5167d9/1/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/8b4d32-0365-4daa-9d5b-29920e5167d9/1/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:cd:cc:aa:2b:2e:ea:a4:b3:dc:3f:7a:26:ef:d5:fc:6d:5c:
         fd:58:0a:9e:5b:31:d4:7f:c8:ef:c9:c5:44:ed:b7:8b:8c:d6:
         fb:96:d4:fc:60:25:0e:37:73:1e:d2:f9:2b:f9:bf:d1:74:c8:
         55:6b:e4:43:f0:9a:eb:e6:bd:04:b8:37:8b:fc:5f:d0:5e:7b:
         b0:37:d9:d1:3a:56:35:d7:e7:7b:ef:d7:41:4a:8e:c0:de:00:
         6a:a8:38:21:21:e8:44:21:48:c1:1f:04:71:b0:88:9a:5c:b7:
         2c:c5:97:25:4b:2b:fa:f1:cb:4c:d8:e9:6b:99:ec:d1:b5:12:
         c9:7e:e3:bc:51:19:78:ed:1b:c6:63:31:0a:ab:f2:25:57:a2:
         c5:7c:47:14:a4:e7:02:c4:79:58:54:0b:f0:94:23:eb:46:c7:
         58:fc:bb:3b:f5:cb:28:40:87:8b:96:28:54:ce:ae:d2:43:2e:
         cc:dd:a9:55:47:0b:36:84:bc:c2:91:a4:29:35:c2:d8:8e:c6:
         b4:11:9a:4b:88:fc:10:49:26:30:d9:38:09:6e:4c:f2:9a:3c:
         4e:0f:59:39:00:c6:b1:be:42:e1:42:ff:f8:48:db:d2:73:e7:
         aa:73:5a:72:f5:21:a6:4b:bd:ec:49:59:bf:cb:9e:c2:5d:17:
         86:32:31:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZs42IJGuMR4dkCb7ZdVP8qNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwOWZkYTA0N2IzYTBiMWM4MjA0MzVlNjk5Mzg4NjYwZGEz
MmM2M2YwHhcNMjUxMjE5MjMwMTExWhcNMjUxMjIwMjMwMTExWjAzMTEwLwYDVQQD
EyhkYWZlOThlOTFiYzBkZmI0YmM4MTQ4ZDIzMTgxZWU0NmUzM2Y4ODgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRrWRMqXNr3sidN0BgUu1qJhVKF7
GJOLBQsDHuGm8VsMBzOm0imL6HzWAgKN6tPUMy2wpRllUvSOEntr3VURxHdrLIQ+
UOu0dT+iDYjUY4vAC0BCphdj1HSB0bE2VZiLBnaPyGea71TVoneG/TvbfTQhrIzN
qvhcBB91Fa65RSYREjfrOzlEvVHxIsXAVZfbkLIZwzyK6OJJLox6/C4nDXOumKK9
n8m6dWYqAMVfv68IdQP3n9CFUGd5c+EvO9SSqgtgzqra1kjis7dd+UNY1gb3YPOO
BGspTHQN0z8s+zqOA39sdF2wc2zJRbylgQGdXZuRIYvb8GIkQuVGqzhJ0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNr+mOkbwN+0vIFI0jGB7kbjP4iAMB8GA1UdIwQY
MBaAFKCf2gR7OgscggQ15pk4hmDaMsY/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0pfYUJIczZDeHlDQkRYbW1UaUdZTm95eGo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi84YjRkMzItMDM2NS00ZGFhLTlkNWIt
Mjk5MjBlNTE2N2Q5LzEvb0pfYUJIczZDeHlDQkRYbW1UaUdZTm95eGo4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi84YjRkMzItMDM2NS00ZGFhLTlkNWItMjk5MjBlNTE2N2Q5
LzEvb0pfYUJIczZDeHlDQkRYbW1UaUdZTm95eGo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApc3Mqisu
6qSz3D96Ju/V/G1c/VgKnlsx1H/I78nFRO23i4zW+5bU/GAlDjdzHtL5K/m/0XTI
VWvkQ/Ca6+a9BLg3i/xf0F57sDfZ0TpWNdfne+/XQUqOwN4Aaqg4ISHoRCFIwR8E
cbCImly3LMWXJUsr+vHLTNjpa5ns0bUSyX7jvFEZeO0bxmMxCqvyJVeixXxHFKTn
AsR5WFQL8JQj60bHWPy7O/XLKECHi5YoVM6u0kMuzN2pVUcLNoS8wpGkKTXC2I7G
tBGaS4j8EEkmMNk4CW5M8po8Tg9ZOQDGsb5C4UL/+Ejb0nPnqnNacvUhpku97ElZ
v8uewl0XhjIxRg==
-----END CERTIFICATE-----
Generated at Sat Dec 20 01:56:45 2025 by rpki-client