This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Manifest

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/521525856CBBA6D9D2254221C280DC930734AAB8.mft
File:                     521525856CBBA6D9D2254221C280DC930734AAB8.mft (raw, json)
Hash identifier:          nPmif7MV8NYWppIlTt6vhnn0wxM0T0ZnyCy4+qQPa50=
Subject key identifier:   22:20:07:3A:D2:31:23:9C:1A:F4:C7:44:62:81:47:2B:50:9E:92:C7
Authority key identifier: 52:15:25:85:6C:BB:A6:D9:D2:25:42:21:C2:80:DC:93:07:34:AA:B8
Certificate issuer:       /CN=521525856CBBA6D9D2254221C280DC930734AAB8
Certificate serial:       3ACF0B61B1CC8EA47CCB0195F183D5ACFC80734C
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/521525856CBBA6D9D2254221C280DC930734AAB8.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/521525856CBBA6D9D2254221C280DC930734AAB8.mft
Manifest number:          E3
Signing time:             Sat 20 Dec 2025 13:29:26 +0000
Manifest this update:     Sat 20 Dec 2025 13:24:26 +0000
Manifest next update:     Sun 21 Dec 2025 15:33:26 +0000
Files and hashes:         1: 326130363a613030333a313131313a3a2f34382d3438203d3e20323030363736.roa (hash: rOXq6KopS7nNrxLenr0thMMbHkGjihkrbeGzvVQ4fNc=)
                          2: 326130363a613030333a623030623a3a2f34382d3438203d3e20323030363736.roa (hash: kunZD4UEEwcG2nc99Wb+xz1yK+IdIm7SjegbAra8chc=)
                          3: 326130363a613030333a3a2f34382d3438203d3e20323030363736.roa (hash: PNV+6g1yuxZfiOErO1rlD/OjvHSDnl045B3ycAeUEw8=)
                          4: 39342e32342e3130382e302f32342d3234203d3e20323030363736.roa (hash: hbkkIcLL2dVYKU+9BKXYxvOgTE4cVlfb37zj8sIKpS0=)
                          5: 326130363a613030333a666666663a3a2f34382d3438203d3e203530373535.roa (hash: HVzJ9R68GMwZO9EL/DI2ZLp1a+F6uNrFmfl8+YGeZKc=)
                          6: 521525856CBBA6D9D2254221C280DC930734AAB8.crl (hash: NIjlHQH5K7oApjekdrMjsnC167Zwbk/6ZhiM4aEwSAc=)
                          7: 326130363a613030333a313333373a3a2f34382d3438203d3e20323030363736.roa (hash: qr/bfrnor+1gB61vuOA1czljaK/VRJBauBs1U2EbENw=)
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/521525856CBBA6D9D2254221C280DC930734AAB8.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/521525856CBBA6D9D2254221C280DC930734AAB8.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/521525856CBBA6D9D2254221C280DC930734AAB8.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 21 Dec 2025 15:33:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:cf:0b:61:b1:cc:8e:a4:7c:cb:01:95:f1:83:d5:ac:fc:80:73:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=521525856CBBA6D9D2254221C280DC930734AAB8
        Validity
            Not Before: Dec 20 13:24:26 2025 GMT
            Not After : Dec 21 15:33:26 2025 GMT
        Subject: CN=2220073AD231239C1AF4C7446281472B509E92C7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:97:a5:41:e7:3a:ac:e7:cd:cb:2a:f4:1f:ee:
                    d4:24:50:20:b8:c3:88:39:99:1b:ac:25:6b:ec:48:
                    ff:af:7f:2a:a0:86:ec:53:d2:d6:53:2a:72:7a:04:
                    3f:b1:a7:d3:29:3b:9f:d8:a0:85:15:37:88:1c:47:
                    b3:27:bd:a6:23:1c:ec:c1:8d:e5:63:49:20:25:fb:
                    bd:1b:17:d9:d8:b8:0b:76:76:d7:14:f0:b6:09:8d:
                    33:b3:3a:49:5d:b8:0c:9c:f1:37:5b:0a:1b:41:20:
                    35:47:09:fc:04:1e:5b:2c:e8:88:49:38:24:ba:c6:
                    e1:1c:d9:6d:7c:4d:1e:c4:ee:80:28:c2:5e:29:cc:
                    ba:76:dd:0e:26:9d:3f:27:b0:8e:80:df:7c:79:d6:
                    63:6a:c6:09:43:d0:0b:b5:bb:78:08:02:88:cf:37:
                    d1:a5:c8:e9:ad:80:13:86:6b:6e:0e:20:3a:fa:41:
                    fd:01:5a:7f:fd:d9:ae:13:e8:6d:21:29:5f:eb:c9:
                    59:b5:45:a4:ef:18:02:b9:ac:16:35:e9:b5:6d:69:
                    30:b9:e1:9c:02:ec:18:5e:d4:a9:ea:25:89:6e:dd:
                    45:fd:82:85:6e:0e:45:de:a1:7a:9b:ab:e1:0e:ea:
                    2f:31:02:98:39:5f:eb:55:46:01:30:9b:d8:e2:ec:
                    a4:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:20:07:3A:D2:31:23:9C:1A:F4:C7:44:62:81:47:2B:50:9E:92:C7
            X509v3 Authority Key Identifier:
                keyid:52:15:25:85:6C:BB:A6:D9:D2:25:42:21:C2:80:DC:93:07:34:AA:B8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/521525856CBBA6D9D2254221C280DC930734AAB8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/521525856CBBA6D9D2254221C280DC930734AAB8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/521525856CBBA6D9D2254221C280DC930734AAB8.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:fc:a6:3c:34:65:d7:d1:c7:de:c8:70:66:81:5a:8d:d4:88:
         ca:db:43:ef:97:6d:68:c8:72:3b:a6:9c:d2:f6:f0:90:22:f1:
         17:e5:a1:b9:8d:92:e9:a5:ce:2f:8a:ca:9b:26:88:d0:d4:41:
         6e:ef:25:ae:d7:7b:63:a7:5a:b5:5a:cb:26:aa:d7:76:7b:37:
         05:f3:2f:77:8f:e9:b0:cf:e3:5f:c5:ad:82:07:2c:2c:0e:bb:
         bd:0a:35:b4:d2:5e:c5:fd:5f:3f:7d:dd:d8:1f:71:a3:84:bc:
         32:18:fd:b6:95:0f:c8:fa:e8:fc:b8:b5:ab:8b:98:7a:cc:9f:
         3c:90:d3:02:43:81:c4:ec:7d:1f:52:70:2e:e2:74:40:53:a3:
         ce:fb:93:5a:e9:4a:52:0f:a5:45:41:15:59:08:b8:a1:bd:7a:
         7b:c8:bd:c8:12:42:be:b8:23:a8:d7:6e:3e:50:8a:f4:f5:76:
         0d:93:31:9f:28:c1:0c:62:72:43:9b:a0:a4:fb:e2:bd:0e:ce:
         a2:ee:4f:0a:d9:6f:f7:42:b9:67:1b:a0:21:a9:a3:02:61:cf:
         24:74:ef:cc:70:58:a5:d0:e1:e0:8c:7b:74:2c:14:bb:ec:c7:
         47:58:f4:d3:05:b6:2a:2b:df:13:65:01:72:b2:7c:25:cb:47:
         99:0f:a9:6a
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgIUOs8LYbHMjqR8ywGV8YPVrPyAc0wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTIxNTI1ODU2Q0JCQTZEOUQyMjU0MjIxQzI4MERDOTMw
NzM0QUFCODAeFw0yNTEyMjAxMzI0MjZaFw0yNTEyMjExNTMzMjZaMDMxMTAvBgNV
BAMTKDIyMjAwNzNBRDIzMTIzOUMxQUY0Qzc0NDYyODE0NzJCNTA5RTkyQzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+l6VB5zqs583LKvQf7tQkUCC4
w4g5mRusJWvsSP+vfyqghuxT0tZTKnJ6BD+xp9MpO5/YoIUVN4gcR7MnvaYjHOzB
jeVjSSAl+70bF9nYuAt2dtcU8LYJjTOzOklduAyc8TdbChtBIDVHCfwEHlss6IhJ
OCS6xuEc2W18TR7E7oAowl4pzLp23Q4mnT8nsI6A33x51mNqxglD0Au1u3gIAojP
N9GlyOmtgBOGa24OIDr6Qf0BWn/92a4T6G0hKV/ryVm1RaTvGAK5rBY16bVtaTC5
4ZwC7Bhe1KnqJYlu3UX9goVuDkXeoXqbq+EO6i8xApg5X+tVRgEwm9ji7KTXAgMB
AAGjggJ3MIICczAdBgNVHQ4EFgQUIiAHOtIxI5wa9MdEYoFHK1CekscwHwYDVR0j
BBgwFoAUUhUlhWy7ptnSJUIhwoDckwc0qrgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmFjYTNjYTYtMzRjYy00NzcyLWJhYzAtYTM1ZGQwMTk1
Y2U3LzQvNTIxNTI1ODU2Q0JCQTZEOUQyMjU0MjIxQzI4MERDOTMwNzM0QUFCOC5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzcvNTIxNTI1ODU2Q0JCQTZEOUQyMjU0MjIxQzI4MERDOTMwNzM0
QUFCOC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8yYWNhM2NhNi0z
NGNjLTQ3NzItYmFjMC1hMzVkZDAxOTVjZTcvNC81MjE1MjU4NTZDQkJBNkQ5RDIy
NTQyMjFDMjgwREM5MzA3MzRBQUI4Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVPymPDRl19HH3shwZoFa
jdSIyttD75dtaMhyO6ac0vbwkCLxF+WhuY2S6aXOL4rKmyaI0NRBbu8lrtd7Y6da
tVrLJqrXdns3BfMvd4/psM/jX8WtggcsLA67vQo1tNJexf1fP33d2B9xo4S8Mhj9
tpUPyPro/Li1q4uYesyfPJDTAkOBxOx9H1JwLuJ0QFOjzvuTWulKUg+lRUEVWQi4
ob16e8i9yBJCvrgjqNduPlCK9PV2DZMxnyjBDGJyQ5ugpPvivQ7Oou5PCtlv90K5
ZxugIamjAmHPJHTvzHBYpdDh4Ix7dCwUu+zHR1j00wW2KivfE2UBcrJ8JctHmQ+p
ag==
-----END CERTIFICATE-----