This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft
File:                     520NqzR6OOK4e1oiovfJ4hwYybw.mft (raw, json)
Hash identifier:          V406S14nzwDrMPr2Dv8CAiA0ISEnfni8ITmCZylRjEg=
Subject key identifier:   96:25:7D:D6:47:A7:37:CE:A7:A4:5A:11:21:1C:9C:68:2E:6C:25:28
Authority key identifier: E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC
Certificate issuer:       /CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc
Certificate serial:       019B38A116E8A010E0CE8FDE9D8432FEF618
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft
Manifest number:          1273
Signing time:             Fri 19 Dec 2025 22:00:39 +0000
Manifest this update:     Fri 19 Dec 2025 22:00:39 +0000
Manifest next update:     Sat 20 Dec 2025 22:00:39 +0000
Files and hashes:         1: 1-i_ESwYWDKjvxe-cLQFb33q5Qu0.roa (hash: MWN71QN/v297mIABIQi0BIqexEx6vQv3LxWHulQ1lh0=)
                          2: 3uMGCa1hGu4z3o3-_G7z4ipL-iU.roa (hash: W9UTR4UDUFmqfh0USMFmsobpW7zQlT5fd2b07I+b238=)
                          3: 520NqzR6OOK4e1oiovfJ4hwYybw.crl (hash: 24yfLbKIW7gGrFQLvhLFRCCHiEt6zi0ROBiD6CpZ3p4=)
                          4: 53Cd6ksm6jJ9RlO5imUtuWj1rJA.roa (hash: cQll3lCbJxJtoxzsBZdQMm8ZJ1gmBBCp3yO2flYfKKU=)
                          5: 5aybWk2Ky5dF88Dl5BHsEFM1SO0.roa (hash: H+JwBN0SZWGViTYdzpWvA1lltG+ihuV8ot5mKPyc2Ag=)
                          6: D51k8Yufzem8ogKjVaG-BE3-N9Q.roa (hash: LfZnqpQQPapIc1GbVrcmd90U2aDXCgwED1y7JLo14nI=)
                          7: EEzCfGegHPEpdqTqvMRMlcFre1Y.roa (hash: uwoju1vAFdOs3H0Q+w/qT7aEQBJpMP98DiaXonyIQ9M=)
                          8: EQAhdlSS1FIFJlau-mazb3tbQD8.roa (hash: EYIWh35VYrIjFevk0wSjam09x/CTgAsspbJddnJMeDU=)
                          9: PLzlfTmqAL1rzlLN1TFrpHpYMVU.roa (hash: INujx6I3LZF9XIVr4zE9W5J6NHU6IlkfUKgf+j8aJrU=)
                          10: QCPaGZ8bi2Da50RQ4k8ya1w0dq4.roa (hash: UeTuehE3XWxqnHJAwNv7xL7hPz4xW2vyEJKj+BsbTow=)
                          11: aAu5S5IbLCTcHF2sjNSq_YvIkRs.roa (hash: Ofs8Vq4O2KmWTmDnq5aKJmZojKw/IVecQ8WTuC45ixk=)
                          12: fjY_g_wwgFPVt57q0tJYGzzoSDw.roa (hash: qq4Ldl54/taiWut/8vwq9PH71gezdeLMf1VMPmsHUe8=)
                          13: nOw141dLNmkj2u2FTqG2Wvc-gVM.roa (hash: CQnQRUA/+q6ZVbEZKZtps04sWUzpVEunbxRhthCLZIQ=)
                          14: pw1_qD5J6o76enPdGNTr_4Viub8.roa (hash: L6pLEncIISYEMGBKzu7DbyUXVYEOgT4kfh4modTEATA=)
                          15: qigZWtFurHaD054OcaOqq49am_w.roa (hash: Sa19eTl0ldE9k7oxfeYcou5g3EZnF3X8bF0Hbur3zdE=)
                          16: tRNXUlx68rKP9UOE-hhExB1kws8.roa (hash: +Hd3tIKng2pbogIxn1dcX/j1LNU33NvuDwSbS4tdpEA=)
                          17: ve2cUb4I36o88cUncaHeOHK5tGk.roa (hash: 6gTupRG97QR/JQvN8ay2tdbOI4Q3EMkpnACGQxjxniI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 20 Dec 2025 17:13:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:38:a1:16:e8:a0:10:e0:ce:8f:de:9d:84:32:fe:f6:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc
        Validity
            Not Before: Dec 19 22:00:39 2025 GMT
            Not After : Dec 20 22:00:39 2025 GMT
        Subject: CN=96257dd647a737cea7a45a11211c9c682e6c2528
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:d8:52:f2:43:34:6e:e0:75:7c:5b:5a:89:ae:
                    ec:db:aa:57:e4:0b:2e:e1:ff:0e:6b:fd:5e:7e:7c:
                    7c:25:22:d0:bb:4b:bc:fc:5d:3c:5c:c8:4a:1c:1c:
                    fb:56:36:42:3e:25:30:18:19:68:ee:bf:1e:cf:f7:
                    86:6a:c5:c4:f6:21:97:9e:ad:8d:d8:e9:46:53:39:
                    3a:d1:2e:78:2b:1e:d4:3d:75:3d:55:81:74:bd:7d:
                    74:63:76:22:21:15:7f:a3:99:50:14:48:85:b6:44:
                    c8:57:f1:9f:48:78:ad:4f:23:ed:35:26:a6:a1:b7:
                    29:6f:eb:e0:89:47:3f:04:61:de:15:44:53:6c:f2:
                    6c:a6:bf:fc:70:42:b8:08:3c:fe:08:4d:7c:70:9d:
                    82:78:a7:de:27:1e:0b:22:96:45:27:ef:8e:2f:e5:
                    4b:87:23:af:5c:8b:53:35:fa:f6:1b:ef:88:39:da:
                    95:dd:7d:e2:4c:dd:c8:49:d3:8a:7d:bc:5c:99:84:
                    e0:fd:0f:d5:2f:3f:9e:7d:52:4b:5f:14:51:c7:37:
                    33:88:f3:3a:69:82:f7:dc:9c:da:24:3b:3d:bc:8f:
                    c4:77:80:d9:07:40:2a:99:9d:5b:52:a3:0c:3f:4e:
                    cb:fb:61:a4:b5:7d:32:44:a8:aa:62:00:79:d2:78:
                    e0:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:25:7D:D6:47:A7:37:CE:A7:A4:5A:11:21:1C:9C:68:2E:6C:25:28
            X509v3 Authority Key Identifier:
                keyid:E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:40:80:97:d9:b1:0c:e1:a5:97:e8:3b:0e:8c:82:a1:99:d9:
         a6:75:61:e9:2d:02:47:39:7f:79:4b:b1:49:7e:11:74:a3:eb:
         14:46:05:4c:5d:23:6b:3d:ee:0a:05:f0:52:f7:35:87:02:1e:
         3c:33:3b:98:c5:98:fa:10:eb:b2:14:07:e9:3a:cb:ab:f6:ee:
         6b:e5:64:3c:7e:56:5a:94:ba:83:62:5f:b8:74:4a:9b:f9:7e:
         bb:d1:b3:71:a2:6e:30:83:41:01:05:86:6a:36:94:76:3f:45:
         81:19:f0:88:e1:fe:89:6f:38:c0:4e:78:17:dd:21:cf:04:85:
         d2:25:3b:08:d9:7a:27:5c:34:60:ba:e0:a6:1c:92:5d:ed:4f:
         c0:96:64:50:32:50:17:ee:17:bb:fc:9b:f7:b7:bf:a7:c9:4f:
         0b:2b:80:f2:77:30:ad:08:4c:3e:c2:27:d7:70:6d:e5:a6:02:
         86:66:47:3f:de:be:ff:13:f1:91:4f:2f:d2:5f:e2:8c:6b:e8:
         f3:a2:ad:35:1e:d2:d5:04:ee:47:4f:32:71:b3:e8:77:da:c0:
         1d:20:cd:82:73:cb:a7:23:06:92:27:ce:78:98:df:96:8f:b3:
         74:54:1d:1e:71:67:3b:56:05:83:a5:8d:1e:5b:39:3f:42:1e:
         97:d6:a9:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZs4oRbooBDgzo/enYQy/vYYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NmQwZGFiMzQ3YTM4ZTJiODdiNWEyMmEyZjdjOWUyMWMx
OGM5YmMwHhcNMjUxMjE5MjIwMDM5WhcNMjUxMjIwMjIwMDM5WjAzMTEwLwYDVQQD
Eyg5NjI1N2RkNjQ3YTczN2NlYTdhNDVhMTEyMTFjOWM2ODJlNmMyNTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdhS8kM0buB1fFtaia7s26pX5Asu
4f8Oa/1efnx8JSLQu0u8/F08XMhKHBz7VjZCPiUwGBlo7r8ez/eGasXE9iGXnq2N
2OlGUzk60S54Kx7UPXU9VYF0vX10Y3YiIRV/o5lQFEiFtkTIV/GfSHitTyPtNSam
obcpb+vgiUc/BGHeFURTbPJspr/8cEK4CDz+CE18cJ2CeKfeJx4LIpZFJ++OL+VL
hyOvXItTNfr2G++IOdqV3X3iTN3ISdOKfbxcmYTg/Q/VLz+efVJLXxRRxzcziPM6
aYL33JzaJDs9vI/Ed4DZB0AqmZ1bUqMMP07L+2GktX0yRKiqYgB50njgGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJYlfdZHpzfOp6RaESEcnGgubCUoMB8GA1UdIwQY
MBaAFOdtDas0ejjiuHtaIqL3yeIcGMm8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDkt
YmQzYmZjOTliZGE5LzEvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDktYmQzYmZjOTliZGE5
LzEvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKkCAl9mx
DOGll+g7DoyCoZnZpnVh6S0CRzl/eUuxSX4RdKPrFEYFTF0jaz3uCgXwUvc1hwIe
PDM7mMWY+hDrshQH6TrLq/bua+VkPH5WWpS6g2JfuHRKm/l+u9GzcaJuMINBAQWG
ajaUdj9FgRnwiOH+iW84wE54F90hzwSF0iU7CNl6J1w0YLrgphySXe1PwJZkUDJQ
F+4Xu/yb97e/p8lPCyuA8ncwrQhMPsIn13Bt5aYChmZHP96+/xPxkU8v0l/ijGvo
86KtNR7S1QTuR08ycbPod9rAHSDNgnPLpyMGkifOeJjflo+zdFQdHnFnO1YFg6WN
Hls5P0Iel9apww==
-----END CERTIFICATE-----