This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/6ae58c-7618-41ba-a343-c46d7bac02fc/1/a1fF3_cOv-Z6QA1V8lnbLDcZIZY.mft
File:                     a1fF3_cOv-Z6QA1V8lnbLDcZIZY.mft (raw, json)
Hash identifier:          sJhv8l+c2kr2x/cU0yRPoCUmdLUBI3/nynOtHB0qs5Y=
Subject key identifier:   5D:2E:FB:69:CB:ED:5C:73:BA:3E:4B:1D:8D:50:70:72:1C:F8:7B:3C
Authority key identifier: 6B:57:C5:DF:F7:0E:BF:E6:7A:40:0D:55:F2:59:DB:2C:37:19:21:96
Certificate issuer:       /CN=6b57c5dff70ebfe67a400d55f259db2c37192196
Certificate serial:       019B424926AB4D58ECD6BD8E776B1E897482
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a1fF3_cOv-Z6QA1V8lnbLDcZIZY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fa/6ae58c-7618-41ba-a343-c46d7bac02fc/1/a1fF3_cOv-Z6QA1V8lnbLDcZIZY.mft
Manifest number:          054B
Signing time:             Sun 21 Dec 2025 19:00:48 +0000
Manifest this update:     Sun 21 Dec 2025 19:00:48 +0000
Manifest next update:     Mon 22 Dec 2025 19:00:48 +0000
Files and hashes:         1: DXY1aPZOR4ljjfKNnTzK-ui2GtQ.roa (hash: HmRJXl6KdbWQ5yFSi3ORZiwzeQcQdEBbSpqG5+7FJoc=)
                          2: a1fF3_cOv-Z6QA1V8lnbLDcZIZY.crl (hash: 2V/XvkO36eRcPz632b2JSxBM8FhYNO/xY/qcme7Pvd0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fa/6ae58c-7618-41ba-a343-c46d7bac02fc/1/a1fF3_cOv-Z6QA1V8lnbLDcZIZY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fa/6ae58c-7618-41ba-a343-c46d7bac02fc/1/a1fF3_cOv-Z6QA1V8lnbLDcZIZY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a1fF3_cOv-Z6QA1V8lnbLDcZIZY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 22 Dec 2025 13:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:42:49:26:ab:4d:58:ec:d6:bd:8e:77:6b:1e:89:74:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b57c5dff70ebfe67a400d55f259db2c37192196
        Validity
            Not Before: Dec 21 19:00:48 2025 GMT
            Not After : Dec 22 19:00:48 2025 GMT
        Subject: CN=5d2efb69cbed5c73ba3e4b1d8d5070721cf87b3c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:35:ac:46:c6:1f:5a:a1:e9:58:19:d9:c5:c8:
                    de:55:43:6e:e9:94:4e:d7:fd:df:78:8f:c9:ae:61:
                    f2:f2:78:4d:d9:65:ff:f7:36:f4:31:e6:a3:f3:52:
                    2e:02:53:eb:cc:a0:4c:30:e3:d5:01:39:cc:cb:c6:
                    37:e9:12:9c:12:71:bf:08:57:68:d4:a6:0f:c8:88:
                    1f:29:b4:c5:53:ca:ef:cb:14:19:75:e6:e1:10:ec:
                    a2:36:4a:61:22:1d:0d:ed:40:c1:aa:3e:f5:98:01:
                    d8:96:5d:41:db:25:44:19:5b:21:ff:c7:93:d2:eb:
                    fa:a7:35:00:bc:59:c2:9c:7f:eb:c5:f6:7a:d8:5f:
                    eb:5e:95:6f:11:08:6b:8b:b8:54:fc:28:6a:ae:6c:
                    2d:cf:5e:2d:13:20:1c:5f:22:87:99:ef:5a:4d:ee:
                    2f:08:2c:5f:a8:21:93:ac:40:c1:74:a7:a2:41:4c:
                    94:8b:fb:e5:6e:cb:ca:fb:57:7d:b1:0d:78:e5:c2:
                    e9:7c:4a:19:30:7f:26:aa:3b:ea:ce:9f:b7:29:0d:
                    43:20:23:ca:c4:c3:20:5d:24:8e:d1:d5:57:b1:e7:
                    f1:f5:07:a6:0a:f4:ef:d5:98:68:4b:73:fb:f8:96:
                    ba:b3:1a:04:ac:ea:5c:9c:9e:66:c9:cb:6f:fd:16:
                    7f:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:2E:FB:69:CB:ED:5C:73:BA:3E:4B:1D:8D:50:70:72:1C:F8:7B:3C
            X509v3 Authority Key Identifier:
                keyid:6B:57:C5:DF:F7:0E:BF:E6:7A:40:0D:55:F2:59:DB:2C:37:19:21:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1fF3_cOv-Z6QA1V8lnbLDcZIZY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/6ae58c-7618-41ba-a343-c46d7bac02fc/1/a1fF3_cOv-Z6QA1V8lnbLDcZIZY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/6ae58c-7618-41ba-a343-c46d7bac02fc/1/a1fF3_cOv-Z6QA1V8lnbLDcZIZY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:b6:bb:f3:95:9d:88:bf:0e:a5:1e:55:fb:d0:1e:28:ea:52:
         60:08:54:a6:ca:31:a4:b8:74:39:48:2b:04:43:5d:32:85:e6:
         ba:4f:43:c1:ea:a4:92:14:0f:8c:27:4f:ac:26:06:71:34:28:
         db:72:16:a2:a9:87:2a:59:c7:ac:c6:09:2b:0f:8b:42:29:08:
         74:2e:91:f1:59:e4:c8:35:0b:cc:6e:84:3d:0e:7f:13:b3:07:
         d0:95:29:cb:b2:1f:5c:dd:ca:52:c1:62:c9:44:be:70:8a:89:
         ad:b9:d8:3f:25:10:32:0e:c2:a8:db:2f:79:17:ca:80:8d:e8:
         8f:5d:93:11:e3:b6:ab:77:c4:d1:6c:90:c8:47:48:68:91:52:
         75:85:98:cc:3a:3e:d5:85:9d:fc:81:9d:33:e4:e6:41:12:58:
         f9:84:cd:7a:c5:af:77:93:03:a6:56:0a:3a:07:bb:35:d7:48:
         f6:58:cc:ec:35:93:95:1a:be:48:c8:9d:a5:be:55:77:3d:24:
         2e:4c:3f:eb:0d:06:b9:c2:74:6a:a3:07:8b:cd:18:3f:21:03:
         48:d9:8c:3b:b6:68:05:05:8e:80:11:67:da:b8:a0:ea:99:1d:
         73:ac:8c:62:80:a1:32:e4:d9:13:39:86:ce:2e:e7:1d:bb:3a:
         62:6d:9d:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZtCSSarTVjs1r2Od2seiXSCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNTdjNWRmZjcwZWJmZTY3YTQwMGQ1NWYyNTlkYjJjMzcx
OTIxOTYwHhcNMjUxMjIxMTkwMDQ4WhcNMjUxMjIyMTkwMDQ4WjAzMTEwLwYDVQQD
Eyg1ZDJlZmI2OWNiZWQ1YzczYmEzZTRiMWQ4ZDUwNzA3MjFjZjg3YjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1jWsRsYfWqHpWBnZxcjeVUNu6ZRO
1/3feI/JrmHy8nhN2WX/9zb0Meaj81IuAlPrzKBMMOPVATnMy8Y36RKcEnG/CFdo
1KYPyIgfKbTFU8rvyxQZdebhEOyiNkphIh0N7UDBqj71mAHYll1B2yVEGVsh/8eT
0uv6pzUAvFnCnH/rxfZ62F/rXpVvEQhri7hU/Chqrmwtz14tEyAcXyKHme9aTe4v
CCxfqCGTrEDBdKeiQUyUi/vlbsvK+1d9sQ145cLpfEoZMH8mqjvqzp+3KQ1DICPK
xMMgXSSO0dVXsefx9QemCvTv1ZhoS3P7+Ja6sxoErOpcnJ5myctv/RZ/4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF0u+2nL7Vxzuj5LHY1QcHIc+Hs8MB8GA1UdIwQY
MBaAFGtXxd/3Dr/mekANVfJZ2yw3GSGWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFmRjNfY092LVo2UUExVjhsbmJMRGNaSVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS82YWU1OGMtNzYxOC00MWJhLWEzNDMt
YzQ2ZDdiYWMwMmZjLzEvYTFmRjNfY092LVo2UUExVjhsbmJMRGNaSVpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS82YWU1OGMtNzYxOC00MWJhLWEzNDMtYzQ2ZDdiYWMwMmZj
LzEvYTFmRjNfY092LVo2UUExVjhsbmJMRGNaSVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWba785Wd
iL8OpR5V+9AeKOpSYAhUpsoxpLh0OUgrBENdMoXmuk9DweqkkhQPjCdPrCYGcTQo
23IWoqmHKlnHrMYJKw+LQikIdC6R8VnkyDULzG6EPQ5/E7MH0JUpy7IfXN3KUsFi
yUS+cIqJrbnYPyUQMg7CqNsveRfKgI3oj12TEeO2q3fE0WyQyEdIaJFSdYWYzDo+
1YWd/IGdM+TmQRJY+YTNesWvd5MDplYKOge7NddI9ljM7DWTlRq+SMidpb5Vdz0k
Lkw/6w0GucJ0aqMHi80YPyEDSNmMO7ZoBQWOgBFn2rig6pkdc6yMYoChMuTZEzmG
zi7nHbs6Ym2dtg==
-----END CERTIFICATE-----
Generated at Sun Dec 21 23:13:05 2025 by rpki-client