This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Manifest

$ rpki-client -vvf rpki-repo.as207960.net/repo/rpki_ca_25405c76c7a043c89ace167e9d2cf79c/0/3B86A4A45380C6D455CDE580DED1BC5612D0A578.mft
File:                     3B86A4A45380C6D455CDE580DED1BC5612D0A578.mft (raw, json)
Hash identifier:          l1RhsWsN3enqt1KE8E8e/1toKOdLE0EAFCGNjlLyypY=
Subject key identifier:   7F:36:94:6A:96:CB:DE:0E:2E:05:9C:65:BF:FD:5B:01:91:59:EF:1E
Authority key identifier: 3B:86:A4:A4:53:80:C6:D4:55:CD:E5:80:DE:D1:BC:56:12:D0:A5:78
Certificate issuer:       /CN=3B86A4A45380C6D455CDE580DED1BC5612D0A578
Certificate serial:       5DEC893422D88952F8F77259792BB0C754C05D04
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/3B86A4A45380C6D455CDE580DED1BC5612D0A578.cer
Subject info access:      rsync://rpki-repo.as207960.net/repo/rpki_ca_25405c76c7a043c89ace167e9d2cf79c/0/3B86A4A45380C6D455CDE580DED1BC5612D0A578.mft
Manifest number:          029F
Signing time:             Sat 13 Dec 2025 08:30:14 +0000
Manifest this update:     Sat 13 Dec 2025 08:25:14 +0000
Manifest next update:     Sun 14 Dec 2025 08:53:14 +0000
Files and hashes:         1: 326131313a663263303a666664653a3a2f34382d3438203d3e20323135303639.roa (hash: scCBjh8HfhV3GwKDOrHZF1YXj718at6+uNm0y/KBmOw=)
                          2: 3B86A4A45380C6D455CDE580DED1BC5612D0A578.crl (hash: y8XPqam6/0oItodi1Uek/42QJupYmKOBs+Ho7AVJ+mI=)
                          3: 326131313a663263303a666664643a3a2f34382d3438203d3e20323135303639.roa (hash: pRpvcvkpUIjn6KDjm+Ywf0niLgvvVoNWrBKMV64s3Gs=)
                          4: 326131313a663263303a666664343a3a2f34362d3436203d3e20323135303639.roa (hash: b4lO7qQITmIuTe+1DZpcfLD2H0yGfI8Xz4qwvBeBNzo=)
                          5: 326131313a663263303a666664303a3a2f34382d3438203d3e20323135303639.roa (hash: onhCLB3gV3HdQhsHYazqCSyNdZ/2h865cbuFqj2YlvA=)
                          6: 326131313a663263303a666664313a3a2f34382d3438203d3e20323135303639.roa (hash: Kgbp0+Zk4p3tpOkyAtCJ3HEWdnZBbzm3NgMcGrByxQs=)
                          7: 326131313a663263303a666664633a3a2f34382d3438203d3e20323135303639.roa (hash: fW3/1bM6uuAVh4/BqcyWFGfZeggD1zO77SW4GWfaw4U=)
Validation:               OK
Signature path:           rsync://rpki-repo.as207960.net/repo/rpki_ca_25405c76c7a043c89ace167e9d2cf79c/0/3B86A4A45380C6D455CDE580DED1BC5612D0A578.crl
                          rsync://rpki-repo.as207960.net/repo/rpki_ca_25405c76c7a043c89ace167e9d2cf79c/0/3B86A4A45380C6D455CDE580DED1BC5612D0A578.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/3B86A4A45380C6D455CDE580DED1BC5612D0A578.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Dec 2025 08:53:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:ec:89:34:22:d8:89:52:f8:f7:72:59:79:2b:b0:c7:54:c0:5d:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3B86A4A45380C6D455CDE580DED1BC5612D0A578
        Validity
            Not Before: Dec 13 08:25:14 2025 GMT
            Not After : Dec 14 08:53:14 2025 GMT
        Subject: CN=7F36946A96CBDE0E2E059C65BFFD5B019159EF1E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:c5:52:1e:a3:8a:d5:39:c5:10:4a:df:25:9e:
                    aa:10:32:25:0a:68:e5:08:e4:6c:36:49:fa:19:4f:
                    f9:7b:bd:2e:5e:6d:60:fe:4b:d4:1d:5b:36:75:2c:
                    d5:23:5e:cf:36:08:13:ad:a2:57:3e:f5:34:8e:82:
                    8a:1a:95:c3:f2:58:40:9d:96:c7:eb:de:7f:f7:d1:
                    d2:63:0d:01:d2:c7:a7:f4:e8:f9:3b:9e:6b:c3:ea:
                    c4:eb:e0:cd:e0:33:b5:38:34:1a:5f:13:1e:aa:5e:
                    f8:01:96:6c:e1:1d:14:ab:41:de:9b:32:58:ad:9c:
                    94:37:87:22:df:fe:7d:90:96:9c:fa:c8:b2:6f:40:
                    f0:2a:91:bc:d9:0b:92:d0:ae:29:88:08:a1:ac:5e:
                    22:4c:ab:9e:1e:b3:bb:2b:62:eb:97:9d:06:67:30:
                    fe:c0:b3:21:ac:70:8e:35:ff:74:e2:0b:c0:88:4b:
                    97:0d:b3:8f:ec:73:92:3a:9e:59:df:4e:89:af:e7:
                    32:dd:2b:b3:6c:b3:75:6c:b4:a6:87:01:e0:f6:79:
                    44:6f:4f:21:9c:f4:f5:fb:92:c9:cc:e8:bb:63:25:
                    c4:39:36:cd:06:fc:85:a1:ee:b1:f9:ea:ec:30:bb:
                    3a:43:08:a7:77:87:29:cc:af:5f:4d:74:b2:f6:09:
                    25:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:36:94:6A:96:CB:DE:0E:2E:05:9C:65:BF:FD:5B:01:91:59:EF:1E
            X509v3 Authority Key Identifier:
                keyid:3B:86:A4:A4:53:80:C6:D4:55:CD:E5:80:DE:D1:BC:56:12:D0:A5:78

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.as207960.net/repo/rpki_ca_25405c76c7a043c89ace167e9d2cf79c/0/3B86A4A45380C6D455CDE580DED1BC5612D0A578.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/3B86A4A45380C6D455CDE580DED1BC5612D0A578.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.as207960.net/repo/rpki_ca_25405c76c7a043c89ace167e9d2cf79c/0/3B86A4A45380C6D455CDE580DED1BC5612D0A578.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:9d:de:fa:16:84:ae:0a:97:d7:b1:5e:27:8f:75:30:6f:d9:
         f2:08:1f:4b:02:ae:a3:3a:d7:a2:5b:47:b2:bb:ad:b9:0a:8f:
         9f:55:f1:7c:38:36:67:bf:0c:da:79:42:ed:2b:2a:dc:e2:dd:
         5b:48:77:69:d5:38:f9:3c:cc:45:fe:65:8a:c1:3e:e0:ec:90:
         e4:cb:c9:95:93:1a:10:8e:f1:df:14:80:1d:5d:c3:27:f0:f6:
         bb:af:94:52:ce:16:32:19:39:91:a4:fd:2d:e8:62:5e:5a:4a:
         ff:bb:a9:e6:5f:8f:9b:89:08:01:18:71:16:df:b0:a1:67:9e:
         71:16:8b:7a:38:87:6a:ce:a7:c1:d3:80:96:c9:18:e1:b6:55:
         03:f4:55:60:5a:77:60:bd:9f:92:b3:c1:b6:72:0f:ff:26:b8:
         b3:43:25:aa:33:40:11:84:3e:13:b7:a0:1a:3d:53:a0:3b:bc:
         86:f3:4c:47:ec:a3:69:70:d5:75:a4:1e:04:a1:b4:28:42:1c:
         75:2f:24:9b:97:41:c8:36:4a:38:65:12:b7:ee:d9:20:0c:92:
         32:6c:1b:7f:fb:e4:35:20:68:ee:35:0e:67:fe:a8:5f:68:70:
         93:31:fb:f4:c5:ef:2e:54:2b:5e:bb:13:8f:45:c1:2f:07:6a:
         3d:d8:52:0d
-----BEGIN CERTIFICATE-----
MIIFbjCCBFagAwIBAgIUXeyJNCLYiVL493JZeSuwx1TAXQQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0I4NkE0QTQ1MzgwQzZENDU1Q0RFNTgwREVEMUJDNTYx
MkQwQTU3ODAeFw0yNTEyMTMwODI1MTRaFw0yNTEyMTQwODUzMTRaMDMxMTAvBgNV
BAMTKDdGMzY5NDZBOTZDQkRFMEUyRTA1OUM2NUJGRkQ1QjAxOTE1OUVGMUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQxVIeo4rVOcUQSt8lnqoQMiUK
aOUI5Gw2SfoZT/l7vS5ebWD+S9QdWzZ1LNUjXs82CBOtolc+9TSOgooalcPyWECd
lsfr3n/30dJjDQHSx6f06Pk7nmvD6sTr4M3gM7U4NBpfEx6qXvgBlmzhHRSrQd6b
MlitnJQ3hyLf/n2Qlpz6yLJvQPAqkbzZC5LQrimICKGsXiJMq54es7srYuuXnQZn
MP7AsyGscI41/3TiC8CIS5cNs4/sc5I6nlnfTomv5zLdK7Nss3VstKaHAeD2eURv
TyGc9PX7ksnM6LtjJcQ5Ns0G/IWh7rH56uwwuzpDCKd3hynMr19NdLL2CSX9AgMB
AAGjggJ4MIICdDAdBgNVHQ4EFgQUfzaUapbL3g4uBZxlv/1bAZFZ7x4wHwYDVR0j
BBgwFoAUO4akpFOAxtRVzeWA3tG8VhLQpXgwDgYDVR0PAQH/BAQDAgeAMIGPBgNV
HR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3Jwa2ktcmVwby5hczIwNzk2MC5uZXQv
cmVwby9ycGtpX2NhXzI1NDA1Yzc2YzdhMDQzYzg5YWNlMTY3ZTlkMmNmNzljLzAv
M0I4NkE0QTQ1MzgwQzZENDU1Q0RFNTgwREVEMUJDNTYxMkQwQTU3OC5jcmwwgZ4G
CCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3luYy5wYWFz
LnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9kZGU4MzdmYi02MzkwLTQxYjUtODJh
MC1mMGQwMmMwM2EyYzYvNy8zQjg2QTRBNDUzODBDNkQ0NTVDREU1ODBERUQxQkM1
NjEyRDBBNTc4LmNlcjCBmgYIKwYBBQUHAQsEgY0wgYowgYcGCCsGAQUFBzALhnty
c3luYzovL3Jwa2ktcmVwby5hczIwNzk2MC5uZXQvcmVwby9ycGtpX2NhXzI1NDA1
Yzc2YzdhMDQzYzg5YWNlMTY3ZTlkMmNmNzljLzAvM0I4NkE0QTQ1MzgwQzZENDU1
Q0RFNTgwREVEMUJDNTYxMkQwQTU3OC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUF
BwEIAQH/BAYwBKACBQAwDQYJKoZIhvcNAQELBQADggEBAKud3voWhK4Kl9exXieP
dTBv2fIIH0sCrqM616JbR7K7rbkKj59V8Xw4Nme/DNp5Qu0rKtzi3VtId2nVOPk8
zEX+ZYrBPuDskOTLyZWTGhCO8d8UgB1dwyfw9ruvlFLOFjIZOZGk/S3oYl5aSv+7
qeZfj5uJCAEYcRbfsKFnnnEWi3o4h2rOp8HTgJbJGOG2VQP0VWBad2C9n5KzwbZy
D/8muLNDJaozQBGEPhO3oBo9U6A7vIbzTEfso2lw1XWkHgShtChCHHUvJJuXQcg2
SjhlErfu2SAMkjJsG3/75DUgaO41Dmf+qF9ocJMx+/TF7y5UK167E49FwS8Haj3Y
Ug0=
-----END CERTIFICATE-----