This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
File:                     XasLCOUfgYIkYp-zohHYPVvjVEA.mft (raw, json)
Hash identifier:          /WdQVjapIgXm7GAwzZoOzxxQBUG1aVx3YOdsn6djP+k=
Subject key identifier:   97:93:EB:6D:EF:A3:D1:37:F1:CC:99:56:1A:5F:77:F3:BD:F0:7A:C9
Authority key identifier: 5D:AB:0B:08:E5:1F:81:82:24:62:9F:B3:A2:11:D8:3D:5B:E3:54:40
Certificate issuer:       /CN=5dab0b08e51f818224629fb3a211d83d5be35440
Certificate serial:       019B3FED187729AFE9467383D86A8DD12F30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
Manifest number:          1597
Signing time:             Sun 21 Dec 2025 08:01:01 +0000
Manifest this update:     Sun 21 Dec 2025 08:01:01 +0000
Manifest next update:     Mon 22 Dec 2025 08:01:01 +0000
Files and hashes:         1: J3IfRy5hJG3sO5FFR3klCa0Rmag.roa (hash: y8cOLwfC28T1Q/CwomIs12ZpdB8agP1zP7ErrJL2HLM=)
                          2: XasLCOUfgYIkYp-zohHYPVvjVEA.crl (hash: 257BK3z0MLd6p0mehRC8iZOf10xBdM9VRpaRtDmu9KA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 22 Dec 2025 08:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:3f:ed:18:77:29:af:e9:46:73:83:d8:6a:8d:d1:2f:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5dab0b08e51f818224629fb3a211d83d5be35440
        Validity
            Not Before: Dec 21 08:01:01 2025 GMT
            Not After : Dec 22 08:01:01 2025 GMT
        Subject: CN=9793eb6defa3d137f1cc99561a5f77f3bdf07ac9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:cf:2e:bb:99:ec:ab:f5:3d:99:91:c6:08:45:
                    71:3d:06:7c:7a:b5:65:5d:5c:1c:c0:a4:e7:4a:fb:
                    80:2e:f4:68:57:3d:a3:19:e3:9c:4d:35:19:8d:04:
                    67:b8:e3:c3:9f:43:d2:35:a0:7a:49:ca:7d:0d:07:
                    34:cf:2c:f5:a4:83:90:e7:0d:0f:3c:45:f8:cb:49:
                    87:db:08:f1:87:79:f9:a8:ff:e2:66:24:7e:67:b4:
                    73:54:1b:66:94:93:89:a9:f4:88:b6:e2:83:3c:dc:
                    9e:ef:f6:d0:76:03:fb:ef:0b:53:12:a9:19:85:98:
                    2b:e7:4f:d1:b4:bc:1a:bb:4b:3a:62:16:fc:67:9a:
                    d7:64:ec:8d:10:83:b4:9b:f7:fe:2a:29:6e:58:54:
                    7b:e3:fa:33:cb:9b:f1:e7:79:32:68:1c:49:d3:3f:
                    5d:1b:c0:65:96:aa:b9:28:c0:e0:91:1b:1d:23:12:
                    cd:ed:83:5e:f8:55:15:b2:75:e7:2b:73:46:24:f3:
                    5d:9b:3f:4c:c0:a1:2f:f2:32:43:f6:74:ff:b0:4e:
                    83:b2:a1:ff:65:34:12:43:d3:18:bc:7f:c9:e1:33:
                    91:b8:b2:30:48:ab:5a:ad:f8:3a:76:85:75:a8:d8:
                    06:93:3c:38:b2:02:2d:59:1b:53:83:a1:78:71:88:
                    02:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:93:EB:6D:EF:A3:D1:37:F1:CC:99:56:1A:5F:77:F3:BD:F0:7A:C9
            X509v3 Authority Key Identifier:
                keyid:5D:AB:0B:08:E5:1F:81:82:24:62:9F:B3:A2:11:D8:3D:5B:E3:54:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:6f:b7:1b:ab:24:47:b6:c5:ab:02:d3:e5:54:8b:df:d8:50:
         f4:d7:43:cb:70:59:86:ea:1e:31:2d:83:fe:3d:81:83:78:62:
         a1:f3:16:ee:52:ed:5f:fa:f5:36:c0:85:f2:52:d6:cc:61:a3:
         74:cf:1c:4d:a0:6d:e6:5d:e3:9a:93:8a:86:7e:c4:46:59:8e:
         f6:8e:1e:24:ef:98:e8:a0:1f:fa:aa:06:c8:07:6c:54:aa:24:
         6d:92:0e:82:5b:2a:89:f4:6a:59:b2:f4:0d:44:9e:42:b5:75:
         13:90:3f:83:db:a7:8d:e1:75:a2:2d:41:1b:73:5f:f4:66:1c:
         60:7d:32:3b:4b:13:ea:33:44:f7:52:f4:03:3f:19:c9:d6:60:
         92:cf:58:fb:e8:65:90:99:90:3e:21:c1:02:fb:45:94:a1:c8:
         25:4b:1e:6c:58:16:2d:5d:01:6d:b8:ab:11:04:e9:3d:03:fa:
         e3:57:3f:81:f0:9b:69:d2:e4:d9:42:7d:79:3d:74:56:3c:73:
         15:08:68:13:69:55:d8:ad:33:3b:c5:45:18:27:d5:bd:e2:2a:
         a4:f3:ef:03:c3:30:40:f1:51:a0:07:85:ec:e5:2c:e5:85:5e:
         31:11:da:f5:95:f0:da:ce:99:63:da:51:73:9c:da:df:b9:d6:
         79:8d:94:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZs/7Rh3Ka/pRnOD2GqN0S8wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYWIwYjA4ZTUxZjgxODIyNDYyOWZiM2EyMTFkODNkNWJl
MzU0NDAwHhcNMjUxMjIxMDgwMTAxWhcNMjUxMjIyMDgwMTAxWjAzMTEwLwYDVQQD
Eyg5NzkzZWI2ZGVmYTNkMTM3ZjFjYzk5NTYxYTVmNzdmM2JkZjA3YWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoM8uu5nsq/U9mZHGCEVxPQZ8erVl
XVwcwKTnSvuALvRoVz2jGeOcTTUZjQRnuOPDn0PSNaB6Scp9DQc0zyz1pIOQ5w0P
PEX4y0mH2wjxh3n5qP/iZiR+Z7RzVBtmlJOJqfSItuKDPNye7/bQdgP77wtTEqkZ
hZgr50/RtLwau0s6Yhb8Z5rXZOyNEIO0m/f+KiluWFR74/ozy5vx53kyaBxJ0z9d
G8Bllqq5KMDgkRsdIxLN7YNe+FUVsnXnK3NGJPNdmz9MwKEv8jJD9nT/sE6DsqH/
ZTQSQ9MYvH/J4TORuLIwSKtarfg6doV1qNgGkzw4sgItWRtTg6F4cYgCMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJeT623vo9E38cyZVhpfd/O98HrJMB8GA1UdIwQY
MBaAFF2rCwjlH4GCJGKfs6IR2D1b41RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9lNjIwODktYjk4YS00ZmRkLTljNGUt
NjI3ODkxODJhMGYzLzEvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9lNjIwODktYjk4YS00ZmRkLTljNGUtNjI3ODkxODJhMGYz
LzEvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOG+3G6sk
R7bFqwLT5VSL39hQ9NdDy3BZhuoeMS2D/j2Bg3hiofMW7lLtX/r1NsCF8lLWzGGj
dM8cTaBt5l3jmpOKhn7ERlmO9o4eJO+Y6KAf+qoGyAdsVKokbZIOglsqifRqWbL0
DUSeQrV1E5A/g9unjeF1oi1BG3Nf9GYcYH0yO0sT6jNE91L0Az8ZydZgks9Y++hl
kJmQPiHBAvtFlKHIJUsebFgWLV0BbbirEQTpPQP641c/gfCbadLk2UJ9eT10Vjxz
FQhoE2lV2K0zO8VFGCfVveIqpPPvA8MwQPFRoAeF7OUs5YVeMRHa9ZXw2s6ZY9pR
c5za37nWeY2Udg==
-----END CERTIFICATE-----
Generated at Sun Dec 21 17:28:09 2025 by rpki-client