This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.mft
File:                     CWmio5Y1t5dHbx8WM66PJ78ztTM.mft (raw, json)
Hash identifier:          wk0QufxfIu3t3vxJEgQj5CmUiUBt09yOyO3J/FoNun0=
Subject key identifier:   B2:86:70:3C:41:51:88:82:1E:BB:19:B6:46:66:37:2C:61:1C:E7:35
Authority key identifier: 09:69:A2:A3:96:35:B7:97:47:6F:1F:16:33:AE:8F:27:BF:33:B5:33
Certificate issuer:       /CN=0969a2a39635b797476f1f1633ae8f27bf33b533
Certificate serial:       019B3CEC0AAD037AC31D408B6A172E0E2BA1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CWmio5Y1t5dHbx8WM66PJ78ztTM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.mft
Manifest number:          08EF
Signing time:             Sat 20 Dec 2025 18:01:00 +0000
Manifest this update:     Sat 20 Dec 2025 18:01:00 +0000
Manifest next update:     Sun 21 Dec 2025 18:01:00 +0000
Files and hashes:         1: CWmio5Y1t5dHbx8WM66PJ78ztTM.crl (hash: o3pKtExi/WvPcLqTGT4GsPZSyzXmGtlMjY3+YMHDyW4=)
                          2: NsSedmTQW8OnTTsqv3X8CBZy-xU.roa (hash: WFkKh3bAC4MDDNtqyFfpo7GUVyreugPfu/r7LcM/fN4=)
                          3: TeB088r0q83Xt0BxDsUFRJ09n_w.roa (hash: G48KXbKrX68pg0VWA7DNE58/xU413WQGSqX5xHVo4rY=)
                          4: eZ1oRKw2ZmvD0_NWa-kdmh2g-eo.roa (hash: 2jAE9EFeYAI0mBmHLdLHHE90HLI9cIG+7iKSbXwklN4=)
                          5: l5LQQJ1hscP11M9PGOZJoYipJjA.roa (hash: 1Qefj38Zjj0ROOLLrKtBW86/Osz3b9lr4tBY77Lptdo=)
                          6: xpGPm8doChOtU-RLJwfI6J2_2pE.roa (hash: Q+zp0nrHHDLtwJs9nHZ2VnA34/82Rp5NA50n42Hv6uk=)
                          7: zV6ZdwRwY22YxnJ7o5KrLFiOSks.roa (hash: CU+aUbdKG8+gc+SLXpNeHe0gAI7HsoYH7L1e2ZbkQtc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CWmio5Y1t5dHbx8WM66PJ78ztTM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 21 Dec 2025 15:46:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:3c:ec:0a:ad:03:7a:c3:1d:40:8b:6a:17:2e:0e:2b:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0969a2a39635b797476f1f1633ae8f27bf33b533
        Validity
            Not Before: Dec 20 18:01:00 2025 GMT
            Not After : Dec 21 18:01:00 2025 GMT
        Subject: CN=b286703c415188821ebb19b64666372c611ce735
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:e7:56:7b:bc:61:60:2e:8c:4a:94:99:01:00:
                    e6:d6:e0:7a:3d:04:a7:d0:69:ff:2c:b7:1c:c5:61:
                    46:71:b4:f4:65:71:0c:7a:19:66:57:3a:90:bd:e0:
                    93:c1:aa:85:ba:b4:1f:46:d2:51:50:fd:b2:37:49:
                    90:2a:94:67:cd:20:f5:e7:3d:e6:ac:b8:46:7f:02:
                    a5:4c:c0:ba:04:00:4a:b8:d8:6e:48:6c:94:d0:1b:
                    70:63:d7:c4:7f:91:ee:27:c6:7b:83:92:e7:e1:d4:
                    25:4c:7f:c4:31:95:d8:40:69:64:16:73:10:b5:7a:
                    a6:e5:65:22:98:65:dc:05:56:cf:62:3c:de:cc:45:
                    bf:d6:8a:b0:9f:c4:ca:ee:67:f2:bc:32:5f:6f:6f:
                    f2:b4:3d:70:3e:9f:e2:d8:ad:fe:95:bf:48:10:05:
                    46:eb:96:a9:3f:27:41:ac:4b:b8:66:13:71:5b:d2:
                    e1:e8:36:53:d3:2f:54:e1:42:0c:d3:6d:7d:bf:ae:
                    b0:8d:c9:50:e1:dc:b8:fe:1b:e1:d8:84:7f:6e:cd:
                    78:32:38:df:dd:cc:ca:a7:8c:a6:0e:da:fa:1b:72:
                    37:e6:0e:27:a2:cc:65:eb:d0:62:85:38:5c:c8:80:
                    7b:33:e6:0c:5e:29:9f:f1:e8:6f:ac:00:49:50:b4:
                    c8:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:86:70:3C:41:51:88:82:1E:BB:19:B6:46:66:37:2C:61:1C:E7:35
            X509v3 Authority Key Identifier:
                keyid:09:69:A2:A3:96:35:B7:97:47:6F:1F:16:33:AE:8F:27:BF:33:B5:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CWmio5Y1t5dHbx8WM66PJ78ztTM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:78:01:3c:83:f8:56:64:ab:10:99:41:de:17:3c:84:c3:3a:
         92:42:c7:ff:ec:35:c0:86:69:78:02:19:3f:0a:35:68:07:07:
         48:63:58:b7:4e:5f:47:ff:4f:e3:29:da:51:63:8b:2c:be:43:
         82:4f:84:7e:8f:ab:7f:e8:6c:6e:cc:62:cf:85:5d:26:b4:4b:
         fe:5b:56:c3:bc:44:0a:78:cc:02:59:3d:05:b4:7b:5f:63:a0:
         6b:5a:cd:f0:64:32:c2:eb:46:44:2e:97:e3:46:30:eb:7c:c0:
         1e:b0:d6:fe:90:12:2c:df:7d:1e:af:7f:8e:37:08:17:7c:f6:
         a6:e5:1f:ab:94:e7:90:e4:46:db:b8:80:c9:4c:3c:43:02:4e:
         61:25:36:e0:6b:7d:86:d4:af:b0:fd:9e:bd:92:ca:ff:b8:24:
         ce:b8:52:5f:34:1a:5a:b4:95:49:ce:a9:c3:b2:28:3d:17:f0:
         e8:16:5f:8e:66:68:f9:ab:d4:b7:10:2f:b8:d5:e5:24:e2:9d:
         94:ea:c6:7f:b2:29:2f:c5:78:08:cf:4a:01:47:09:25:8d:d2:
         fb:89:a1:70:c1:bc:25:91:de:6a:34:e3:50:1b:ca:29:01:67:
         03:7b:d4:25:c2:50:a5:21:86:ff:e3:bb:26:8e:18:f0:00:ac:
         d9:80:0f:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZs87AqtA3rDHUCLahcuDiuhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NjlhMmEzOTYzNWI3OTc0NzZmMWYxNjMzYWU4ZjI3YmYz
M2I1MzMwHhcNMjUxMjIwMTgwMTAwWhcNMjUxMjIxMTgwMTAwWjAzMTEwLwYDVQQD
EyhiMjg2NzAzYzQxNTE4ODgyMWViYjE5YjY0NjY2MzcyYzYxMWNlNzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzOdWe7xhYC6MSpSZAQDm1uB6PQSn
0Gn/LLccxWFGcbT0ZXEMehlmVzqQveCTwaqFurQfRtJRUP2yN0mQKpRnzSD15z3m
rLhGfwKlTMC6BABKuNhuSGyU0BtwY9fEf5HuJ8Z7g5Ln4dQlTH/EMZXYQGlkFnMQ
tXqm5WUimGXcBVbPYjzezEW/1oqwn8TK7mfyvDJfb2/ytD1wPp/i2K3+lb9IEAVG
65apPydBrEu4ZhNxW9Lh6DZT0y9U4UIM0219v66wjclQ4dy4/hvh2IR/bs14Mjjf
3czKp4ymDtr6G3I35g4nosxl69BihThcyIB7M+YMXimf8ehvrABJULTI2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLKGcDxBUYiCHrsZtkZmNyxhHOc1MB8GA1UdIwQY
MBaAFAlpoqOWNbeXR28fFjOujye/M7UzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1dtaW81WTF0NWRIYng4V002NlBKNzh6dFRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC82ZGI0MjctZjdkYy00ZWE5LWFlOTUt
NDE0OTA4NzJmYzRlLzEvQ1dtaW81WTF0NWRIYng4V002NlBKNzh6dFRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC82ZGI0MjctZjdkYy00ZWE5LWFlOTUtNDE0OTA4NzJmYzRl
LzEvQ1dtaW81WTF0NWRIYng4V002NlBKNzh6dFRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACngBPIP4
VmSrEJlB3hc8hMM6kkLH/+w1wIZpeAIZPwo1aAcHSGNYt05fR/9P4ynaUWOLLL5D
gk+Efo+rf+hsbsxiz4VdJrRL/ltWw7xECnjMAlk9BbR7X2Oga1rN8GQywutGRC6X
40Yw63zAHrDW/pASLN99Hq9/jjcIF3z2puUfq5TnkORG27iAyUw8QwJOYSU24Gt9
htSvsP2evZLK/7gkzrhSXzQaWrSVSc6pw7IoPRfw6BZfjmZo+avUtxAvuNXlJOKd
lOrGf7IpL8V4CM9KAUcJJY3S+4mhcMG8JZHeajTjUBvKKQFnA3vUJcJQpSGG/+O7
Jo4Y8ACs2YAPOA==
-----END CERTIFICATE-----
Generated at Sun Dec 21 01:12:34 2025 by rpki-client