This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.mft
File:                     4qEN5v-uWQQnJEoDND22asVkJ1o.mft (raw, json)
Hash identifier:          Xu/uCM6mDR62F22HASD34vOKiLWucbvKscKpnfFUQi4=
Subject key identifier:   B9:DC:6E:12:97:E7:42:CD:E8:B2:4F:21:09:0F:06:EB:17:A0:81:F5
Authority key identifier: E2:A1:0D:E6:FF:AE:59:04:27:24:4A:03:34:3D:B6:6A:C5:64:27:5A
Certificate issuer:       /CN=e2a10de6ffae590427244a03343db66ac564275a
Certificate serial:       019B6EB3AAF6EA4DDE98F01BEC3DA1C67040
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4qEN5v-uWQQnJEoDND22asVkJ1o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.mft
Manifest number:          14EA
Signing time:             Tue 30 Dec 2025 10:00:27 +0000
Manifest this update:     Tue 30 Dec 2025 10:00:27 +0000
Manifest next update:     Wed 31 Dec 2025 10:00:27 +0000
Files and hashes:         1: 4qEN5v-uWQQnJEoDND22asVkJ1o.crl (hash: QONR3FwIHyUybp/fKME1YyO8c4xI1FFYeStcmtjHbnk=)
                          2: EMEQainrdjhvrSxfRt2EdTwfFho.roa (hash: MgfrBxxTqDVEh7a/Ypney2yykLPSmFU/4+sRkVkl74s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4qEN5v-uWQQnJEoDND22asVkJ1o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 31 Dec 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:6e:b3:aa:f6:ea:4d:de:98:f0:1b:ec:3d:a1:c6:70:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2a10de6ffae590427244a03343db66ac564275a
        Validity
            Not Before: Dec 30 10:00:27 2025 GMT
            Not After : Dec 31 10:00:27 2025 GMT
        Subject: CN=b9dc6e1297e742cde8b24f21090f06eb17a081f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:eb:c3:7a:8b:f3:eb:1a:fa:e3:bb:e4:f9:2a:
                    4d:d9:98:0e:0b:3a:c2:cb:e6:b6:df:5b:23:94:22:
                    e7:49:fc:8b:c1:d1:30:d8:af:a2:af:ed:55:27:73:
                    b5:83:d4:bf:1e:9e:e1:32:e1:d2:b8:f7:88:42:2d:
                    61:b5:06:78:da:16:57:0c:b0:26:14:73:1b:6a:c9:
                    c6:b0:0f:bf:2f:5d:99:0d:07:85:06:7a:3c:7f:f3:
                    30:3d:4c:2d:9b:09:ab:ca:b8:d7:0d:44:ca:32:6e:
                    8f:ee:b8:92:29:f2:10:e6:4e:ca:c7:74:14:6b:06:
                    50:83:27:36:c8:36:2b:cc:11:ba:8a:30:32:ba:c2:
                    9f:8a:6d:93:a8:51:0a:64:f0:2b:45:c4:c2:ab:60:
                    31:95:1f:7d:d1:df:a0:da:e4:df:eb:0c:9d:bf:f2:
                    c8:7f:25:79:6e:b4:8d:5b:de:0e:cc:23:a6:0c:f9:
                    d4:88:2a:99:e4:9e:33:e2:6a:16:bc:a0:36:c0:a8:
                    b5:be:c2:ca:0d:35:2d:17:f1:5e:01:82:92:52:48:
                    c1:ad:26:42:7c:66:d1:82:00:2d:d7:01:e5:b1:0c:
                    09:21:78:4e:75:41:0d:28:a5:66:0e:af:96:13:cd:
                    43:a6:bd:a4:76:11:fb:89:2e:73:e7:3e:dd:17:49:
                    fc:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:DC:6E:12:97:E7:42:CD:E8:B2:4F:21:09:0F:06:EB:17:A0:81:F5
            X509v3 Authority Key Identifier:
                keyid:E2:A1:0D:E6:FF:AE:59:04:27:24:4A:03:34:3D:B6:6A:C5:64:27:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4qEN5v-uWQQnJEoDND22asVkJ1o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:13:ed:57:0b:2c:8c:f1:7f:27:ff:20:0e:cf:55:78:88:80:
         fe:41:a7:6f:60:aa:a0:81:53:ba:36:c6:55:2f:70:a0:2d:5a:
         c4:e1:94:73:79:9b:99:df:83:34:17:f9:81:fa:e6:bf:b3:c8:
         f9:57:30:00:14:f8:f2:a7:5a:62:20:53:ce:4f:cc:17:74:58:
         2e:23:35:f8:a8:c8:a0:f8:18:19:a2:13:45:bb:eb:8f:6a:96:
         9c:33:0e:ae:f7:bd:aa:8f:cb:20:bf:c1:cb:67:f1:20:67:3a:
         d9:02:b5:f9:f5:26:ed:14:22:6e:b5:72:99:26:85:d7:80:64:
         49:42:d6:7a:03:2e:ff:86:e6:ac:d1:7e:17:ed:f7:2f:94:fb:
         48:cd:0b:45:b1:f9:2c:e0:db:ed:32:52:ed:93:46:ba:dc:df:
         8b:12:11:e6:4f:20:31:82:37:44:62:0b:f6:6b:66:cd:82:ef:
         0d:81:ea:b3:61:d1:0d:ab:1c:c4:a7:00:ed:7f:1c:69:f7:78:
         85:d2:9e:d8:25:ae:00:e1:ff:a8:52:55:31:8c:b4:b6:33:06:
         fc:e7:bb:b6:0c:6e:59:f9:ad:37:05:f9:00:58:1b:07:f1:75:
         1c:a2:da:b3:e0:95:44:d2:1e:cc:2b:32:ec:32:ba:f4:09:58:
         71:20:1e:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZtus6r26k3emPAb7D2hxnBAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYTEwZGU2ZmZhZTU5MDQyNzI0NGEwMzM0M2RiNjZhYzU2
NDI3NWEwHhcNMjUxMjMwMTAwMDI3WhcNMjUxMjMxMTAwMDI3WjAzMTEwLwYDVQQD
EyhiOWRjNmUxMjk3ZTc0MmNkZThiMjRmMjEwOTBmMDZlYjE3YTA4MWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+vDeovz6xr647vk+SpN2ZgOCzrC
y+a231sjlCLnSfyLwdEw2K+ir+1VJ3O1g9S/Hp7hMuHSuPeIQi1htQZ42hZXDLAm
FHMbasnGsA+/L12ZDQeFBno8f/MwPUwtmwmryrjXDUTKMm6P7riSKfIQ5k7Kx3QU
awZQgyc2yDYrzBG6ijAyusKfim2TqFEKZPArRcTCq2AxlR990d+g2uTf6wydv/LI
fyV5brSNW94OzCOmDPnUiCqZ5J4z4moWvKA2wKi1vsLKDTUtF/FeAYKSUkjBrSZC
fGbRggAt1wHlsQwJIXhOdUENKKVmDq+WE81Dpr2kdhH7iS5z5z7dF0n86wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLncbhKX50LN6LJPIQkPBusXoIH1MB8GA1UdIwQY
MBaAFOKhDeb/rlkEJyRKAzQ9tmrFZCdaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHFFTjV2LXVXUVFuSkVvRE5EMjJhc1ZrSjFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hOGJiNTctYzE4MS00Njk1LTliZTct
NTc1NTQwNTg2MjBiLzEvNHFFTjV2LXVXUVFuSkVvRE5EMjJhc1ZrSjFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hOGJiNTctYzE4MS00Njk1LTliZTctNTc1NTQwNTg2MjBi
LzEvNHFFTjV2LXVXUVFuSkVvRE5EMjJhc1ZrSjFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoxPtVwss
jPF/J/8gDs9VeIiA/kGnb2CqoIFTujbGVS9woC1axOGUc3mbmd+DNBf5gfrmv7PI
+VcwABT48qdaYiBTzk/MF3RYLiM1+KjIoPgYGaITRbvrj2qWnDMOrve9qo/LIL/B
y2fxIGc62QK1+fUm7RQibrVymSaF14BkSULWegMu/4bmrNF+F+33L5T7SM0LRbH5
LODb7TJS7ZNGutzfixIR5k8gMYI3RGIL9mtmzYLvDYHqs2HRDascxKcA7X8cafd4
hdKe2CWuAOH/qFJVMYy0tjMG/Oe7tgxuWfmtNwX5AFgbB/F1HKLas+CVRNIezCsy
7DK69AlYcSAeqQ==
-----END CERTIFICATE-----
Generated at Tue Dec 30 12:13:54 2025 by rpki-client