This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft
File:                     QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft (raw, json)
Hash identifier:          6Ma+PbZbCgQIyxzyHZp50xdn7Sas2sKHbSDdEO0EU7k=
Subject key identifier:   4A:8C:F1:E2:8F:3E:27:E1:C7:F7:E7:FF:AC:76:FD:4B:E2:45:0B:D7
Authority key identifier: 40:7C:70:83:46:0E:1A:4C:72:C4:BC:42:76:31:3D:3A:85:94:4A:87
Certificate issuer:       /CN=407c7083460e1a4c72c4bc4276313d3a85944a87
Certificate serial:       019B3D9090F329ECACC902083F0CEEA74368
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QHxwg0YOGkxyxLxCdjE9OoWUSoc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft
Manifest number:          0F19
Signing time:             Sat 20 Dec 2025 21:00:42 +0000
Manifest this update:     Sat 20 Dec 2025 21:00:42 +0000
Manifest next update:     Sun 21 Dec 2025 21:00:42 +0000
Files and hashes:         1: GQOl6LTvNyPMyG3KjW9Ajp0Bvpw.roa (hash: eZX/fpaYpvDnXloavaVJKtIU2XKfpzNfzwR74TFia7o=)
                          2: QHxwg0YOGkxyxLxCdjE9OoWUSoc.crl (hash: RuCARO3x8rYp0dhUIr2Ka6W3Lf4x3/TNghoe//Agrpk=)
                          3: b5Ug6NPJo2XtezY8UVzxnmPE-i0.roa (hash: VB+B1HYKvDBDwa8bPpxYYXoTuHADEZJRpgBpaSqbPu4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QHxwg0YOGkxyxLxCdjE9OoWUSoc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 21 Dec 2025 21:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:3d:90:90:f3:29:ec:ac:c9:02:08:3f:0c:ee:a7:43:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=407c7083460e1a4c72c4bc4276313d3a85944a87
        Validity
            Not Before: Dec 20 21:00:42 2025 GMT
            Not After : Dec 21 21:00:42 2025 GMT
        Subject: CN=4a8cf1e28f3e27e1c7f7e7ffac76fd4be2450bd7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:ff:e2:66:76:25:5a:1b:a3:7e:f4:07:74:7c:
                    42:07:fb:04:d1:f0:53:e8:d7:2e:88:d7:6f:a2:50:
                    44:6c:d6:19:cd:32:ee:8c:94:81:85:6c:df:a3:cd:
                    2b:77:bd:09:e0:eb:26:bf:aa:9c:a4:57:34:26:27:
                    69:a9:9f:6d:a5:2e:b1:7d:7c:52:1a:eb:bf:04:70:
                    ae:40:c7:f6:23:d4:65:df:11:49:28:39:10:52:7d:
                    df:b3:b0:6e:9c:1d:d7:be:82:bc:7f:91:bb:f0:5f:
                    b6:1b:e3:20:56:64:8f:00:65:4f:c3:ac:cc:93:c2:
                    be:08:51:9a:0e:ec:ac:09:58:be:88:b4:82:74:58:
                    90:cf:65:3e:29:67:3d:9d:5b:3d:49:04:14:e7:01:
                    1e:86:9e:d3:e0:cd:ed:e4:8f:01:4d:1d:1a:dd:b9:
                    98:62:c5:78:f3:25:89:34:bf:aa:6e:da:ee:2f:d1:
                    72:e2:3b:5e:be:7a:8a:79:fe:04:df:d1:7c:19:12:
                    dd:9d:93:0b:ec:b7:46:7b:ff:6f:a9:b8:7d:bf:51:
                    13:8f:31:34:ac:55:54:9c:42:4b:7a:68:ec:ec:e1:
                    8b:e4:79:2f:1b:a7:09:d6:51:30:a1:09:89:67:b3:
                    5b:10:38:fb:96:38:ed:90:59:d9:1e:68:32:e3:1a:
                    bc:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:8C:F1:E2:8F:3E:27:E1:C7:F7:E7:FF:AC:76:FD:4B:E2:45:0B:D7
            X509v3 Authority Key Identifier:
                keyid:40:7C:70:83:46:0E:1A:4C:72:C4:BC:42:76:31:3D:3A:85:94:4A:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHxwg0YOGkxyxLxCdjE9OoWUSoc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:29:2f:8f:5c:c2:f0:b4:31:6d:ee:07:2a:58:5f:bf:0f:42:
         64:b8:e4:9e:0a:f7:68:f7:10:0b:00:3e:d3:3e:86:90:1e:c2:
         89:2c:0a:bf:16:7a:f0:88:84:61:4b:18:90:e7:46:44:40:23:
         23:ca:d5:95:fe:c9:3c:bd:a0:cd:c7:92:4d:b9:32:b9:74:b3:
         9c:da:2d:72:70:e3:d2:26:ee:43:cc:11:02:b5:38:c4:20:a2:
         5c:83:79:d6:46:fa:f3:5a:b8:2b:c5:a8:eb:0e:ff:6d:97:a7:
         d7:37:fa:7d:33:cf:6b:ba:b3:5f:8b:b3:10:62:1f:b6:cb:6a:
         af:2c:c4:e5:51:c5:6d:e8:ae:5a:8f:31:c6:f2:b4:c8:2a:f5:
         ba:cd:5f:dc:4a:62:aa:86:16:fb:be:01:b1:01:61:bb:35:be:
         98:7a:63:3a:9d:e4:a1:f4:13:94:8a:97:76:85:9a:69:92:89:
         c7:8c:52:f3:3f:44:6a:d0:a6:a4:51:38:bf:ea:ce:34:b2:d8:
         37:de:e5:90:25:24:c5:b0:5c:e6:76:61:57:ad:d0:ea:72:6e:
         76:a6:90:8c:21:24:4a:b0:05:f8:b5:54:8e:48:a3:53:8a:94:
         01:84:87:eb:cf:cd:f2:e7:8b:86:02:26:17:f3:87:99:a5:d7:
         02:83:32:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZs9kJDzKeysyQIIPwzup0NoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2M3MDgzNDYwZTFhNGM3MmM0YmM0Mjc2MzEzZDNhODU5
NDRhODcwHhcNMjUxMjIwMjEwMDQyWhcNMjUxMjIxMjEwMDQyWjAzMTEwLwYDVQQD
Eyg0YThjZjFlMjhmM2UyN2UxYzdmN2U3ZmZhYzc2ZmQ0YmUyNDUwYmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz//iZnYlWhujfvQHdHxCB/sE0fBT
6NcuiNdvolBEbNYZzTLujJSBhWzfo80rd70J4Osmv6qcpFc0JidpqZ9tpS6xfXxS
Guu/BHCuQMf2I9Rl3xFJKDkQUn3fs7BunB3XvoK8f5G78F+2G+MgVmSPAGVPw6zM
k8K+CFGaDuysCVi+iLSCdFiQz2U+KWc9nVs9SQQU5wEehp7T4M3t5I8BTR0a3bmY
YsV48yWJNL+qbtruL9Fy4jtevnqKef4E39F8GRLdnZML7LdGe/9vqbh9v1ETjzE0
rFVUnEJLemjs7OGL5HkvG6cJ1lEwoQmJZ7NbEDj7ljjtkFnZHmgy4xq8UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEqM8eKPPifhx/fn/6x2/UviRQvXMB8GA1UdIwQY
MBaAFEB8cINGDhpMcsS8QnYxPTqFlEqHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUh4d2cwWU9Ha3h5eEx4Q2RqRTlPb1dVU29jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi84YTc1NjktZWQ3NC00YTkyLTg2Mjct
OTg1ZWQxNWM5YWViLzEvUUh4d2cwWU9Ha3h5eEx4Q2RqRTlPb1dVU29jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi84YTc1NjktZWQ3NC00YTkyLTg2MjctOTg1ZWQxNWM5YWVi
LzEvUUh4d2cwWU9Ha3h5eEx4Q2RqRTlPb1dVU29jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiikvj1zC
8LQxbe4HKlhfvw9CZLjkngr3aPcQCwA+0z6GkB7CiSwKvxZ68IiEYUsYkOdGREAj
I8rVlf7JPL2gzceSTbkyuXSznNotcnDj0ibuQ8wRArU4xCCiXIN51kb681q4K8Wo
6w7/bZen1zf6fTPPa7qzX4uzEGIftstqryzE5VHFbeiuWo8xxvK0yCr1us1f3Epi
qoYW+74BsQFhuzW+mHpjOp3kofQTlIqXdoWaaZKJx4xS8z9EatCmpFE4v+rONLLY
N97lkCUkxbBc5nZhV63Q6nJudqaQjCEkSrAF+LVUjkijU4qUAYSH68/N8ueLhgIm
F/OHmaXXAoMyCA==
-----END CERTIFICATE-----
Generated at Sun Dec 21 07:01:36 2025 by rpki-client