This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
File:                     gho_IfsMKU1tSlKbLx29S9ERm9c.mft (raw, json)
Hash identifier:          8RjXBT6yOq29tQaGvyXEISv29yuljj3auksoIZg4KKA=
Subject key identifier:   DC:73:C0:A3:59:97:7A:7C:C7:74:C8:1A:37:13:F4:F3:96:06:36:03
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Certificate issuer:       /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial:       019BEE299667B7A3481CCEAE82191E4B03BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
Manifest number:          1247
Signing time:             Sat 24 Jan 2026 04:01:01 +0000
Manifest this update:     Sat 24 Jan 2026 04:01:01 +0000
Manifest next update:     Sun 25 Jan 2026 04:01:01 +0000
Files and hashes:         1: 2FTZk29N4ByQY45BtJSQSIVpVRM.roa (hash: rAVovOm/njZtMMmGMfPRxJdixQBe2en8/pj68uz5a98=)
                          2: 6r3q3z9OFjrJ9qoUTQKhOroMbaM.roa (hash: 29mycutC5foPo3U8nHm9mrCTYw4984xkZIx+WiI1F9M=)
                          3: 94DmWvO75aSCrTILT7xO5QfIZ4Q.roa (hash: yowEVWaH5JasWlMxUT7Mgz1/3iSP8rVz/KjlsGeBATs=)
                          4: Lw_o47E9qYaZtJPZjp5m1M1e0_o.roa (hash: TnHpGib6gDq3lP3ubauOs2iA7D/xB8DKvaZF7GPTkuk=)
                          5: MRCItQ1B9948OVdVK1kL96AGPQI.roa (hash: ZQgpMxwvj3QAdwytn7kSRtX4MaK4Pcv8MlZ4Lzpi3Pg=)
                          6: OFjegJjxvcb4sj9nFgT2lfhHX4s.roa (hash: IYubfyClKzPMzSFo0EthrRHOvnb4H46ku4bTbgAoW7k=)
                          7: OKCXW7_MWWto3GWe7wi0avKoJxY.roa (hash: WqcSKwFHiTej52k827avLCbdmV9f2szfzxuzHTMps/4=)
                          8: OQ-6VTdp1vw9GrjNLFmvI9JYOrs.roa (hash: ZPmtBIJ2La5bnUm+sApv+AeoWDVjiZhyYSZEHB1jKmo=)
                          9: OxJM60qRQUOtdqYrv27xs3_kv9k.roa (hash: w3ZIUcbiJQn/X+ANNYduQprQtRgqv43tl64iIBJ+uVs=)
                          10: PyHODj5n0DejAoWrQZBIRXaXo6Y.roa (hash: 3ofBNW8DPxuvHoS9tkTr0YH1zUrrGyXEWYQ/aOGrjNI=)
                          11: WGYchnyCAbqQd8pzwZhRwcjvgv8.roa (hash: I9YjzWZ/pqf8yScr+6TqbtawBHd4EYuPwRC5bUBqVQw=)
                          12: Wz0IiveJRR3iZ_TFadI3Bt6mJJE.roa (hash: CImcnKPxhqg5cF+ps6Yupe+fhV0VE9C6rzuLTV7FS3Q=)
                          13: X2QsnfxAM9ScjVh_AzAztNDaXJg.roa (hash: L4YEdLYOkjYPPZMBRJDRYkJkVBQq0athDIG3eYPShmM=)
                          14: Z_IuqEKKfXuEOIP93u24e6BLk0E.roa (hash: 9YG/wmkjQ+naLweN0fWYFNb6KTTbRHlNigN8yWNOBNk=)
                          15: gho_IfsMKU1tSlKbLx29S9ERm9c.crl (hash: geoLJ46N1J9CiAyICKUfQtQmj1aRisphmUV3JPKOtvU=)
                          16: t4R25ZXPVStjauKJN0GTtODr3yU.roa (hash: g5h7UJb9yZQYOvckJX3+K/kTtGb30JhlTLu3Ss9IriI=)
                          17: u26dzWx1WsuAyPhRE3IG1GMmdJc.roa (hash: gEHPHjFqESUZPon7FHlszrJPYiDLqkhRmgKIOhvsfGY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 25 Jan 2026 04:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:ee:29:96:67:b7:a3:48:1c:ce:ae:82:19:1e:4b:03:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
        Validity
            Not Before: Jan 24 04:01:01 2026 GMT
            Not After : Jan 25 04:01:01 2026 GMT
        Subject: CN=dc73c0a359977a7cc774c81a3713f4f396063603
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:32:89:35:02:08:7e:ed:71:e2:80:f1:af:22:
                    7f:e4:bb:4c:15:08:5e:e7:15:02:2a:3e:13:d1:d6:
                    04:c3:c1:ab:d0:4f:94:5d:60:43:f5:6b:77:84:9f:
                    6c:73:4a:2c:63:c3:84:c6:0c:5a:be:7e:77:2a:d7:
                    e4:42:5a:f8:d5:b8:f8:a1:c3:2e:df:5e:43:42:8d:
                    e0:cf:11:ec:98:56:b4:54:ba:85:31:0d:9b:05:0d:
                    39:51:ca:ae:6b:55:e7:f5:39:c7:5e:da:7c:19:ac:
                    26:79:89:ea:43:7c:b5:9a:7e:ae:5e:0f:f2:4a:d1:
                    7a:03:46:a6:10:c1:66:90:02:2b:69:3e:49:ca:b4:
                    8b:bd:9b:8e:97:59:58:9c:c4:8a:d0:24:b4:4f:42:
                    35:02:5a:b8:93:ce:8c:35:b0:da:36:6f:c5:da:bd:
                    17:c2:32:ae:7b:db:cf:e8:17:3d:8c:f7:e3:84:da:
                    96:44:17:aa:f4:36:38:ce:70:0b:f4:4e:f9:44:69:
                    41:ce:4c:3f:d8:fd:6a:7d:7a:33:b0:7c:d6:d1:2d:
                    b9:b5:a7:db:4f:2e:93:cb:48:c6:54:7a:76:bd:23:
                    cb:9c:d6:26:00:ee:65:1a:a2:eb:1c:cd:77:5e:5b:
                    a9:fd:21:20:63:fb:d9:62:6b:cb:10:be:51:04:1c:
                    ed:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:73:C0:A3:59:97:7A:7C:C7:74:C8:1A:37:13:F4:F3:96:06:36:03
            X509v3 Authority Key Identifier:
                keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:33:14:13:ef:c7:2a:94:8d:3b:df:3d:84:8e:1d:d2:1a:dd:
         4d:f5:95:5a:19:5a:c9:b1:c4:f5:f3:12:bf:06:1d:34:b0:7a:
         b3:ab:70:bf:c4:61:01:9f:1c:35:e0:48:c3:47:4d:cf:5b:96:
         02:59:17:2f:99:4b:91:7f:37:48:bf:c0:dd:cb:fb:64:59:60:
         6c:fc:be:da:35:a6:c7:ec:dd:01:b8:0e:51:26:5e:b2:db:28:
         ab:c9:aa:81:a9:e4:4e:e6:ea:21:94:93:17:ef:73:68:bc:53:
         55:79:6b:91:dc:8e:30:30:70:b4:a9:c9:89:5e:19:d3:71:fe:
         a9:1d:78:0f:13:41:07:79:fa:1a:26:89:5e:3b:e9:b4:98:e5:
         d1:7e:57:e9:8b:ec:fc:c8:a9:20:42:37:12:d7:69:83:92:f2:
         49:66:82:ef:4d:42:32:10:03:9e:5b:b0:cc:2b:4f:a2:17:87:
         0f:c3:a3:d7:b1:6c:ce:7a:ba:6d:85:e6:ae:da:32:e0:0f:16:
         e4:b4:c3:ab:74:b0:7b:7d:e6:ec:f0:ad:d2:5a:5f:9c:17:6f:
         b9:ff:93:59:7f:52:0d:b6:6d:d8:cc:b3:91:76:88:df:23:ab:
         d8:fd:57:f8:96:25:89:8d:2f:db:34:eb:6a:fd:5f:9a:bf:31:
         b9:08:92:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZvuKZZnt6NIHM6ughkeSwO9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjYwMTI0MDQwMTAxWhcNMjYwMTI1MDQwMTAxWjAzMTEwLwYDVQQD
EyhkYzczYzBhMzU5OTc3YTdjYzc3NGM4MWEzNzEzZjRmMzk2MDYzNjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTKJNQIIfu1x4oDxryJ/5LtMFQhe
5xUCKj4T0dYEw8Gr0E+UXWBD9Wt3hJ9sc0osY8OExgxavn53KtfkQlr41bj4ocMu
315DQo3gzxHsmFa0VLqFMQ2bBQ05Ucqua1Xn9TnHXtp8GawmeYnqQ3y1mn6uXg/y
StF6A0amEMFmkAIraT5JyrSLvZuOl1lYnMSK0CS0T0I1Alq4k86MNbDaNm/F2r0X
wjKue9vP6Bc9jPfjhNqWRBeq9DY4znAL9E75RGlBzkw/2P1qfXozsHzW0S25tafb
Ty6Ty0jGVHp2vSPLnNYmAO5lGqLrHM13Xlup/SEgY/vZYmvLEL5RBBztXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNxzwKNZl3p8x3TIGjcT9POWBjYDMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAajMUE+/H
KpSNO989hI4d0hrdTfWVWhlaybHE9fMSvwYdNLB6s6twv8RhAZ8cNeBIw0dNz1uW
AlkXL5lLkX83SL/A3cv7ZFlgbPy+2jWmx+zdAbgOUSZestsoq8mqgankTubqIZST
F+9zaLxTVXlrkdyOMDBwtKnJiV4Z03H+qR14DxNBB3n6GiaJXjvptJjl0X5X6Yvs
/MipIEI3Etdpg5LySWaC701CMhADnluwzCtPoheHD8Oj17Fsznq6bYXmrtoy4A8W
5LTDq3Swe33m7PCt0lpfnBdvuf+TWX9SDbZt2MyzkXaI3yOr2P1X+JYliY0v2zTr
av1fmr8xuQiS1w==
-----END CERTIFICATE-----