This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft
File:                     520NqzR6OOK4e1oiovfJ4hwYybw.mft (raw, json)
Hash identifier:          J62A0S8TlsGlPq6RVnqMzbrdGvyHeRnu2YXYd87nsNM=
Subject key identifier:   88:2C:5F:3F:91:41:CB:7D:D5:7C:27:22:18:B5:10:00:86:89:51:D3
Authority key identifier: E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC
Certificate issuer:       /CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc
Certificate serial:       019BDDA447BF47BD49A087E65DF24EC4DC46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft
Manifest number:          12C9
Signing time:             Tue 20 Jan 2026 23:01:29 +0000
Manifest this update:     Tue 20 Jan 2026 23:01:29 +0000
Manifest next update:     Wed 21 Jan 2026 23:01:29 +0000
Files and hashes:         1: 1dfOhFGT4Rz19mHWVabW0kWxTss.roa (hash: Rjg1gNguWYpEwGKvfk1H+hd0eMsqKT2A4N+C2/8Q+uQ=)
                          2: 520NqzR6OOK4e1oiovfJ4hwYybw.crl (hash: gtptrbwcMQrc79Tf4A0Q2fA+Sv28oTWUJ5VCBI8MoBE=)
                          3: 7EPxlfzuNdNfziGNw3Hj7EoZj1Q.roa (hash: fYUfx118C/cw672kHDWSH3DD1Ik9WuMEeaQ/qAV9tYE=)
                          4: 9EzrkfCb3685-QENXXhTIl2uZz4.roa (hash: 4o0MB77YQKRQiZHQrZxR1nkb/HsRFN1Kq0iR4K53WZA=)
                          5: DVIKLwP8b0UVJE_X0Zz4hLCMFmU.roa (hash: 2ROrixfhF0UtgJihhtThPaEztRX+VVHt8WTM1ZfZQ1o=)
                          6: Fn3txwFOnsHfJqp3dmOvAMcvgHc.roa (hash: 0tFPd6mFP89u9IcgrQmVyEuYoDxe9S4zwwRr4qndNks=)
                          7: RqZv9lI-beWajs98dICrEK2DwUM.roa (hash: z0DWSEDfb+oWc/lkT9R9ehjWWb2y0A0CPcHglnAYRf8=)
                          8: Ud0XI3ub85_CL2l55YZW3cXrctA.roa (hash: 2gMJyy7om8/uY1IqvCz0ubvDeUV63nAu6cUom48+3U0=)
                          9: ao5k8aMHz2Rr-UFohnKN0Vsy0ts.roa (hash: qeXz8tDdKItxGK8qtWsvUAbM0Ooz+MmMiDN8cvBIyTQ=)
                          10: bbXWGNkALy-ajnXnVwsq6VcslC8.roa (hash: lOmBCerqz+GglurufDI5e+15DQVwzjxcTvAfkACkLYE=)
                          11: jTMEUhkl6sKPDlW6gGgXZsH4VwQ.roa (hash: bLe2Zk8IquF+7aI/fXPQxZklmLIeFhH3W5DkdYCydQA=)
                          12: r-NoE_XHTABnwPRM9GdFHoEeHJo.roa (hash: qsD5Rt9CKRxXFQG5JSeN7cqv7sQvsG2HbFGsWmdhdi8=)
                          13: rIIpXZCn7E3HgJjpCaYYUR4k6ZI.roa (hash: Vvylnj2QqF4AFfq4GCTBxANmDk4TfXB5W5GNlTLI/Qw=)
                          14: rp3l1DRMo7bxNlcekPEumkx_Cu4.roa (hash: cvH000yVT30CU4NGwC5k2pFAaWGJcYLG4wfqKOyLWIU=)
                          15: s9E0mrs6RE5G3diI6qJ2dNaQlCY.roa (hash: ALHEFczsxrK3P9zm6czuHQOWsz9Vxib3j6fIwRLXdsA=)
                          16: smuPovOHBHHaIAv32qcc0ZyhNkQ.roa (hash: HcQ/8p3eoCWjnnKfMtVzm8focRBIq46dCnVV7vdjMxQ=)
                          17: v94LL-qGGgahldRNvzQc-ZVS3KI.roa (hash: a3YAXYAGQiNiI/eRCe9RKvTaP1hHvgR2d27wk4bq6Cw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 21 Jan 2026 22:38:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:dd:a4:47:bf:47:bd:49:a0:87:e6:5d:f2:4e:c4:dc:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc
        Validity
            Not Before: Jan 20 23:01:29 2026 GMT
            Not After : Jan 21 23:01:29 2026 GMT
        Subject: CN=882c5f3f9141cb7dd57c272218b51000868951d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:05:e1:1f:e1:e1:fc:13:7c:92:ce:87:51:9a:
                    4e:70:e2:03:88:b6:18:08:53:b7:aa:c8:b1:2a:9d:
                    2d:b2:7d:03:d8:46:41:54:1e:81:5a:5a:2b:18:e5:
                    ea:a7:99:4f:47:f0:7c:6e:5b:ad:52:c3:3f:cf:29:
                    80:87:10:4d:89:2a:e6:72:8c:6c:04:b2:5d:a5:6e:
                    25:cc:1a:2e:11:48:2d:ee:f2:39:9d:f7:e5:e0:a6:
                    3a:d9:c2:7d:93:55:b6:aa:f8:47:10:98:44:8a:ee:
                    94:c1:77:a5:72:c4:94:f4:a9:c3:3f:3d:bc:b4:8f:
                    69:fa:e0:de:45:4c:f7:3d:5b:a9:9a:ab:fd:a7:cc:
                    70:64:b2:d1:d7:10:87:80:dd:a8:39:55:2d:28:b8:
                    f1:8a:fd:84:e0:d8:c9:39:12:36:3a:18:35:a1:97:
                    b6:c5:f0:be:eb:29:1e:1d:5e:19:59:5f:13:f9:d8:
                    2a:f4:b0:6f:6e:f9:3f:c0:d5:3b:6f:64:8c:5f:d1:
                    0f:7f:ab:3f:de:67:f6:f5:9b:b5:62:81:78:88:b0:
                    8b:f7:03:fb:32:45:c8:f7:69:b7:78:b4:74:4f:fc:
                    c5:8f:fa:84:8f:36:d6:28:f2:a7:3b:c3:8b:57:b5:
                    6a:5b:f2:e8:df:9f:57:03:56:30:2c:32:e3:13:09:
                    67:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:2C:5F:3F:91:41:CB:7D:D5:7C:27:22:18:B5:10:00:86:89:51:D3
            X509v3 Authority Key Identifier:
                keyid:E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:6c:bc:eb:5b:fe:3d:fa:74:64:49:e3:24:45:84:15:47:c2:
         4a:12:1f:ad:e6:30:3f:79:c3:e8:6e:03:00:8f:7b:6b:fd:a5:
         6a:17:16:ba:32:f2:14:c6:b9:bd:1a:a0:97:dc:bc:58:92:4f:
         bf:35:bd:64:ab:a6:6b:13:b5:3b:0c:de:bb:ed:07:c0:da:a1:
         c4:17:6a:db:00:c5:19:45:d6:75:7e:62:12:ec:1d:1c:e1:58:
         2d:81:43:32:6e:49:91:bd:07:82:06:72:66:9e:71:8d:66:96:
         90:4d:35:1c:1b:ea:a2:23:6f:73:d8:30:83:11:7b:6f:36:db:
         b6:8c:45:9c:f1:09:d4:c9:ab:e3:37:b4:b6:06:a0:e4:39:19:
         f7:02:b3:1a:c3:18:b1:95:b8:be:e3:e8:b6:ba:a7:8f:74:24:
         fd:94:72:b6:a9:58:d8:3c:8c:e6:f5:03:f2:47:57:98:88:0b:
         3d:94:e4:a2:19:13:39:76:fc:72:aa:6a:e4:cc:e4:48:78:d0:
         af:a1:87:a3:cc:1d:30:0c:29:2b:6e:75:08:be:60:c9:ad:cc:
         bc:cf:1c:38:b0:78:40:7f:fb:9b:5d:ec:ec:24:13:f4:fa:8d:
         cd:0b:6c:5c:bf:c4:57:34:42:6f:f1:a4:29:6a:77:79:eb:85:
         c8:47:d4:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZvdpEe/R71JoIfmXfJOxNxGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NmQwZGFiMzQ3YTM4ZTJiODdiNWEyMmEyZjdjOWUyMWMx
OGM5YmMwHhcNMjYwMTIwMjMwMTI5WhcNMjYwMTIxMjMwMTI5WjAzMTEwLwYDVQQD
Eyg4ODJjNWYzZjkxNDFjYjdkZDU3YzI3MjIxOGI1MTAwMDg2ODk1MWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5QXhH+Hh/BN8ks6HUZpOcOIDiLYY
CFO3qsixKp0tsn0D2EZBVB6BWlorGOXqp5lPR/B8blutUsM/zymAhxBNiSrmcoxs
BLJdpW4lzBouEUgt7vI5nffl4KY62cJ9k1W2qvhHEJhEiu6UwXelcsSU9KnDPz28
tI9p+uDeRUz3PVupmqv9p8xwZLLR1xCHgN2oOVUtKLjxiv2E4NjJORI2Ohg1oZe2
xfC+6ykeHV4ZWV8T+dgq9LBvbvk/wNU7b2SMX9EPf6s/3mf29Zu1YoF4iLCL9wP7
MkXI92m3eLR0T/zFj/qEjzbWKPKnO8OLV7VqW/Lo359XA1YwLDLjEwln0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIgsXz+RQct91XwnIhi1EACGiVHTMB8GA1UdIwQY
MBaAFOdtDas0ejjiuHtaIqL3yeIcGMm8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDkt
YmQzYmZjOTliZGE5LzEvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDktYmQzYmZjOTliZGE5
LzEvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHmy861v+
Pfp0ZEnjJEWEFUfCShIfreYwP3nD6G4DAI97a/2lahcWujLyFMa5vRqgl9y8WJJP
vzW9ZKumaxO1Owzeu+0HwNqhxBdq2wDFGUXWdX5iEuwdHOFYLYFDMm5Jkb0HggZy
Zp5xjWaWkE01HBvqoiNvc9gwgxF7bzbbtoxFnPEJ1Mmr4ze0tgag5DkZ9wKzGsMY
sZW4vuPotrqnj3Qk/ZRytqlY2DyM5vUD8kdXmIgLPZTkohkTOXb8cqpq5MzkSHjQ
r6GHo8wdMAwpK251CL5gya3MvM8cOLB4QH/7m13s7CQT9PqNzQtsXL/EVzRCb/Gk
KWp3eeuFyEfUoA==
-----END CERTIFICATE-----