This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/38b792-18fb-4bed-990c-e950d87f8e25/1/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.mft
File:                     shXNjm2zVEGYTZx9_Jr7ZT5V3_E.mft (raw, json)
Hash identifier:          G7GI8zXM9kh7UHrgeA0si9Cjm0mL7ioymkUC4LC+b6k=
Subject key identifier:   17:43:B8:54:1F:C9:15:57:15:72:93:D1:16:B1:CF:DC:E4:BB:90:A8
Authority key identifier: B2:15:CD:8E:6D:B3:54:41:98:4D:9C:7D:FC:9A:FB:65:3E:55:DF:F1
Certificate issuer:       /CN=b215cd8e6db35441984d9c7dfc9afb653e55dff1
Certificate serial:       019B3E3561AAD2C1DD891147A0C2C5CD545B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/38b792-18fb-4bed-990c-e950d87f8e25/1/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.mft
Manifest number:          16F1
Signing time:             Sun 21 Dec 2025 00:00:44 +0000
Manifest this update:     Sun 21 Dec 2025 00:00:44 +0000
Manifest next update:     Mon 22 Dec 2025 00:00:44 +0000
Files and hashes:         1: UkWKB7R6wSYKBpsuiwwV880UfCk.roa (hash: pQhrMKgkx/zqcMJYjMVoXY14ZtF5KkWfSepRK8YAXxs=)
                          2: shXNjm2zVEGYTZx9_Jr7ZT5V3_E.crl (hash: /2Bu9ZmDGzXg/PWuNuEWY7rgrnczcMjYTHQcbUOnML8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/38b792-18fb-4bed-990c-e950d87f8e25/1/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/38b792-18fb-4bed-990c-e950d87f8e25/1/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 22 Dec 2025 00:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:3e:35:61:aa:d2:c1:dd:89:11:47:a0:c2:c5:cd:54:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b215cd8e6db35441984d9c7dfc9afb653e55dff1
        Validity
            Not Before: Dec 21 00:00:44 2025 GMT
            Not After : Dec 22 00:00:44 2025 GMT
        Subject: CN=1743b8541fc91557157293d116b1cfdce4bb90a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:f2:c4:70:93:73:a2:9e:7b:78:96:f9:d3:ed:
                    b7:a7:2d:a8:ad:16:e5:36:ae:ae:41:26:d7:60:fa:
                    a7:25:27:61:82:29:ba:69:d5:f0:99:43:2d:f2:88:
                    e1:e8:67:af:33:17:25:d2:6d:b9:9e:c6:c0:97:a7:
                    4d:4a:6c:ff:2e:0d:61:ea:ba:ea:60:23:ab:3a:12:
                    d7:c9:9f:60:b8:fb:8b:e9:eb:e5:51:e1:0c:bb:96:
                    c2:15:79:97:13:72:26:89:8a:66:2d:c8:b1:97:58:
                    cb:72:b2:23:82:fc:d1:a3:99:1b:a6:58:b0:8a:32:
                    30:eb:22:3b:e5:95:d5:da:f2:15:65:b4:05:ef:ab:
                    55:67:f4:98:d9:fc:90:9c:bc:70:cb:71:b8:c1:fb:
                    70:5e:76:2a:48:e7:09:79:65:5b:01:ac:ad:b7:90:
                    8f:5d:a4:09:4a:90:c6:bb:4c:fe:d5:71:f7:fc:7c:
                    d9:b3:a6:5a:cd:db:d6:f5:7d:97:2d:e4:0f:ef:da:
                    45:ed:c4:12:d4:78:dd:a3:55:7a:93:00:fa:4f:ee:
                    21:d6:9d:52:3f:40:a7:b4:2d:65:38:be:e1:05:85:
                    1c:f5:6c:ca:53:58:64:83:ae:71:25:fe:a8:5b:68:
                    b5:66:a4:0f:90:73:f1:d7:5b:7d:ed:18:ae:59:f4:
                    43:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:43:B8:54:1F:C9:15:57:15:72:93:D1:16:B1:CF:DC:E4:BB:90:A8
            X509v3 Authority Key Identifier:
                keyid:B2:15:CD:8E:6D:B3:54:41:98:4D:9C:7D:FC:9A:FB:65:3E:55:DF:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/38b792-18fb-4bed-990c-e950d87f8e25/1/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/38b792-18fb-4bed-990c-e950d87f8e25/1/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:4f:e9:97:a2:a7:9c:b3:dc:26:74:73:73:42:20:25:ca:14:
         5f:d2:f3:ab:ff:e4:f1:7c:5d:cd:9e:cf:92:dc:28:c3:8e:c4:
         dd:79:60:e3:ad:15:da:49:a0:60:90:36:c4:ac:d8:3f:d2:62:
         46:5b:f1:f4:ec:46:c5:89:fe:04:ba:dc:07:5b:d2:95:92:df:
         7f:0e:a0:02:4e:dc:70:40:73:b0:77:cc:e7:c8:ba:fd:dc:8d:
         bf:89:0b:ac:53:95:d6:c5:f0:63:bd:35:c4:23:49:6d:1a:9f:
         37:38:62:69:e7:26:a0:e6:b2:7a:4c:77:be:ca:cf:1e:88:c4:
         a3:e6:5c:df:b5:b4:fa:d8:73:26:a1:af:bb:fd:0d:56:17:c9:
         51:6f:85:13:d0:a5:ba:0e:ba:8f:b8:43:67:29:e1:8f:45:9f:
         93:aa:32:98:41:46:04:ab:e3:41:27:b6:52:20:b1:20:d9:cc:
         9e:d7:9f:0d:7a:ad:8e:c8:3f:e0:93:7b:4e:44:b4:7b:b9:66:
         73:79:e4:77:be:9c:9a:ab:cd:a2:35:99:72:8f:57:2a:44:60:
         e2:08:61:14:9a:40:0c:42:12:e1:8a:40:b8:77:f1:5d:23:69:
         2d:63:89:66:1c:81:f4:83:17:b2:96:d8:8a:5f:1b:8e:a7:59:
         ff:12:41:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZs+NWGq0sHdiRFHoMLFzVRbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMTVjZDhlNmRiMzU0NDE5ODRkOWM3ZGZjOWFmYjY1M2U1
NWRmZjEwHhcNMjUxMjIxMDAwMDQ0WhcNMjUxMjIyMDAwMDQ0WjAzMTEwLwYDVQQD
EygxNzQzYjg1NDFmYzkxNTU3MTU3MjkzZDExNmIxY2ZkY2U0YmI5MGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPLEcJNzop57eJb50+23py2orRbl
Nq6uQSbXYPqnJSdhgim6adXwmUMt8ojh6GevMxcl0m25nsbAl6dNSmz/Lg1h6rrq
YCOrOhLXyZ9guPuL6evlUeEMu5bCFXmXE3ImiYpmLcixl1jLcrIjgvzRo5kbpliw
ijIw6yI75ZXV2vIVZbQF76tVZ/SY2fyQnLxwy3G4wftwXnYqSOcJeWVbAaytt5CP
XaQJSpDGu0z+1XH3/HzZs6ZazdvW9X2XLeQP79pF7cQS1Hjdo1V6kwD6T+4h1p1S
P0CntC1lOL7hBYUc9WzKU1hkg65xJf6oW2i1ZqQPkHPx11t97RiuWfRD3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBdDuFQfyRVXFXKT0Raxz9zku5CoMB8GA1UdIwQY
MBaAFLIVzY5ts1RBmE2cffya+2U+Vd/xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2hYTmptMnpWRUdZVFp4OV9KcjdaVDVWM19FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zOGI3OTItMThmYi00YmVkLTk5MGMt
ZTk1MGQ4N2Y4ZTI1LzEvc2hYTmptMnpWRUdZVFp4OV9KcjdaVDVWM19FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zOGI3OTItMThmYi00YmVkLTk5MGMtZTk1MGQ4N2Y4ZTI1
LzEvc2hYTmptMnpWRUdZVFp4OV9KcjdaVDVWM19FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnU/pl6Kn
nLPcJnRzc0IgJcoUX9Lzq//k8XxdzZ7Pktwow47E3Xlg460V2kmgYJA2xKzYP9Ji
Rlvx9OxGxYn+BLrcB1vSlZLffw6gAk7ccEBzsHfM58i6/dyNv4kLrFOV1sXwY701
xCNJbRqfNzhiaecmoOayekx3vsrPHojEo+Zc37W0+thzJqGvu/0NVhfJUW+FE9Cl
ug66j7hDZynhj0Wfk6oymEFGBKvjQSe2UiCxINnMntefDXqtjsg/4JN7TkS0e7lm
c3nkd76cmqvNojWZco9XKkRg4ghhFJpADEIS4YpAuHfxXSNpLWOJZhyB9IMXspbY
il8bjqdZ/xJBHQ==
-----END CERTIFICATE-----
Generated at Sun Dec 21 06:43:07 2025 by rpki-client