This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/2a420d-9d0e-4ea8-95bc-f53d9e36e95a/1/txRZXFDDUZIbDemldUChXlwcYYo.mft
File:                     txRZXFDDUZIbDemldUChXlwcYYo.mft (raw, json)
Hash identifier:          8T7Pj7i+FFMjKZCTIJkSpPXe1FlbELf1+Nzaxf86IIo=
Subject key identifier:   2F:9F:2C:58:65:A8:FB:00:AE:DE:1A:A6:33:7D:CA:04:E3:A1:13:F1
Authority key identifier: B7:14:59:5C:50:C3:51:92:1B:0D:E9:A5:75:40:A1:5E:5C:1C:61:8A
Certificate issuer:       /CN=b714595c50c351921b0de9a57540a15e5c1c618a
Certificate serial:       019B3F4870B657713BAF8CFD8691C31FA577
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/txRZXFDDUZIbDemldUChXlwcYYo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/2a420d-9d0e-4ea8-95bc-f53d9e36e95a/1/txRZXFDDUZIbDemldUChXlwcYYo.mft
Manifest number:          11EB
Signing time:             Sun 21 Dec 2025 05:01:10 +0000
Manifest this update:     Sun 21 Dec 2025 05:01:10 +0000
Manifest next update:     Mon 22 Dec 2025 05:01:10 +0000
Files and hashes:         1: 2m5iIAK03n8_QUvPwXckjr2TMEU.roa (hash: ZU7+W8vWoLJfyvrECJJAIJpcDrdAhqoCYTZBjsh+l9c=)
                          2: txRZXFDDUZIbDemldUChXlwcYYo.crl (hash: ng9PI9OxP3QmQjoPTJ+X6atjddNABQ7uHDImfRHzBv8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/2a420d-9d0e-4ea8-95bc-f53d9e36e95a/1/txRZXFDDUZIbDemldUChXlwcYYo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/2a420d-9d0e-4ea8-95bc-f53d9e36e95a/1/txRZXFDDUZIbDemldUChXlwcYYo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/txRZXFDDUZIbDemldUChXlwcYYo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 22 Dec 2025 05:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:3f:48:70:b6:57:71:3b:af:8c:fd:86:91:c3:1f:a5:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b714595c50c351921b0de9a57540a15e5c1c618a
        Validity
            Not Before: Dec 21 05:01:10 2025 GMT
            Not After : Dec 22 05:01:10 2025 GMT
        Subject: CN=2f9f2c5865a8fb00aede1aa6337dca04e3a113f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:df:f4:73:ff:39:83:f3:dd:b6:03:3b:3c:35:
                    dc:f0:31:6a:c6:c8:f1:9a:ed:40:e3:9a:86:00:4f:
                    1f:8e:34:bf:9a:d4:84:7c:dd:da:0c:f9:e5:22:4e:
                    6d:b3:c0:43:4b:31:2a:8f:ff:54:38:cd:8c:63:83:
                    62:72:ec:52:72:42:08:4b:76:a0:8f:65:0a:b7:70:
                    3b:a8:94:ac:d3:7b:8d:b2:7e:8f:63:63:a2:d0:7e:
                    1f:6a:c9:7d:12:15:1c:a0:58:d5:b5:01:99:f5:d8:
                    2f:91:29:dd:76:05:c5:2c:5a:0c:ee:b4:f0:2d:e5:
                    d4:6e:26:02:e8:dd:c0:de:fc:f2:b0:a4:68:03:26:
                    fa:a9:5c:03:54:f1:d3:04:68:63:62:a1:68:f9:11:
                    e9:c0:34:4c:92:75:cd:c9:ca:54:3c:86:a0:79:70:
                    c6:78:ee:b9:4a:13:08:da:5d:fe:28:9a:30:dc:98:
                    14:f4:4d:4a:e1:5c:02:ee:28:eb:40:6d:d4:90:8b:
                    88:d3:8f:66:06:19:5e:8e:c0:d4:63:cb:1a:21:98:
                    0c:f2:46:d6:4e:49:37:ac:36:23:bc:f7:28:d3:27:
                    a9:dd:8f:15:2f:22:1a:47:b1:bd:e8:cb:c1:6f:bc:
                    39:7e:8e:fa:a5:f9:8a:a7:a7:7b:e5:cb:ca:45:b8:
                    65:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:9F:2C:58:65:A8:FB:00:AE:DE:1A:A6:33:7D:CA:04:E3:A1:13:F1
            X509v3 Authority Key Identifier:
                keyid:B7:14:59:5C:50:C3:51:92:1B:0D:E9:A5:75:40:A1:5E:5C:1C:61:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/txRZXFDDUZIbDemldUChXlwcYYo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/2a420d-9d0e-4ea8-95bc-f53d9e36e95a/1/txRZXFDDUZIbDemldUChXlwcYYo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/2a420d-9d0e-4ea8-95bc-f53d9e36e95a/1/txRZXFDDUZIbDemldUChXlwcYYo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:d9:95:2f:3c:2b:54:53:a3:85:d4:d2:72:c4:8c:da:99:5e:
         f8:db:5b:e8:f4:db:d8:d2:2a:fb:c6:7d:9f:1d:3b:86:81:60:
         11:86:83:4d:3b:7e:91:98:30:61:c6:e5:a5:10:aa:fa:dd:72:
         7a:ee:10:f6:f6:67:05:7d:5e:19:5e:79:bb:e4:5c:b1:fc:80:
         4a:cf:98:76:c0:da:09:b5:15:95:b6:6d:1c:50:29:af:73:c3:
         31:80:13:28:ae:22:72:a2:34:44:79:70:13:c1:9a:e0:b3:e2:
         53:fe:d1:5a:33:40:58:89:4c:8f:8a:0c:77:05:0c:a1:ee:ac:
         ba:e4:14:79:de:3f:ff:20:25:7d:96:0e:a1:d7:19:96:66:68:
         ff:fc:74:23:33:4d:84:28:14:c4:91:70:26:ec:45:a2:71:87:
         27:60:ab:1d:f2:44:21:b3:ed:c2:5f:06:78:01:be:8a:6f:d5:
         15:4f:bb:b2:e2:3f:d0:61:23:48:08:f8:49:0f:0f:da:f7:8d:
         79:42:56:40:84:cc:22:29:2e:43:44:27:97:4a:68:e3:d5:7e:
         0e:ff:8d:9e:6c:93:5c:f6:1a:f8:53:1d:47:1f:04:a9:3c:78:
         49:d1:9f:07:05:cf:36:0f:db:b7:40:ff:ee:c5:52:61:af:99:
         95:2b:5c:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZs/SHC2V3E7r4z9hpHDH6V3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3MTQ1OTVjNTBjMzUxOTIxYjBkZTlhNTc1NDBhMTVlNWMx
YzYxOGEwHhcNMjUxMjIxMDUwMTEwWhcNMjUxMjIyMDUwMTEwWjAzMTEwLwYDVQQD
EygyZjlmMmM1ODY1YThmYjAwYWVkZTFhYTYzMzdkY2EwNGUzYTExM2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtt/0c/85g/PdtgM7PDXc8DFqxsjx
mu1A45qGAE8fjjS/mtSEfN3aDPnlIk5ts8BDSzEqj/9UOM2MY4NicuxSckIIS3ag
j2UKt3A7qJSs03uNsn6PY2Oi0H4fasl9EhUcoFjVtQGZ9dgvkSnddgXFLFoM7rTw
LeXUbiYC6N3A3vzysKRoAyb6qVwDVPHTBGhjYqFo+RHpwDRMknXNycpUPIageXDG
eO65ShMI2l3+KJow3JgU9E1K4VwC7ijrQG3UkIuI049mBhlejsDUY8saIZgM8kbW
Tkk3rDYjvPco0yep3Y8VLyIaR7G96MvBb7w5fo76pfmKp6d75cvKRbhl7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC+fLFhlqPsArt4apjN9ygTjoRPxMB8GA1UdIwQY
MBaAFLcUWVxQw1GSGw3ppXVAoV5cHGGKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHhSWlhGRERVWkliRGVtbGRVQ2hYbHdjWVlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8yYTQyMGQtOWQwZS00ZWE4LTk1YmMt
ZjUzZDllMzZlOTVhLzEvdHhSWlhGRERVWkliRGVtbGRVQ2hYbHdjWVlvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8yYTQyMGQtOWQwZS00ZWE4LTk1YmMtZjUzZDllMzZlOTVh
LzEvdHhSWlhGRERVWkliRGVtbGRVQ2hYbHdjWVlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUtmVLzwr
VFOjhdTScsSM2ple+Ntb6PTb2NIq+8Z9nx07hoFgEYaDTTt+kZgwYcblpRCq+t1y
eu4Q9vZnBX1eGV55u+RcsfyASs+YdsDaCbUVlbZtHFApr3PDMYATKK4icqI0RHlw
E8Ga4LPiU/7RWjNAWIlMj4oMdwUMoe6suuQUed4//yAlfZYOodcZlmZo//x0IzNN
hCgUxJFwJuxFonGHJ2CrHfJEIbPtwl8GeAG+im/VFU+7suI/0GEjSAj4SQ8P2veN
eUJWQITMIikuQ0Qnl0po49V+Dv+NnmyTXPYa+FMdRx8EqTx4SdGfBwXPNg/bt0D/
7sVSYa+ZlStczg==
-----END CERTIFICATE-----
Generated at Sun Dec 21 14:16:07 2025 by rpki-client