This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/dOPDNpcglLGowT1BgWhX0Zejquk.mft
File:                     dOPDNpcglLGowT1BgWhX0Zejquk.mft (raw, json)
Hash identifier:          jXcww30Vk/nloxo/uQdeAKhYm1BO372ZYQltFTzFNFU=
Subject key identifier:   28:B9:27:57:20:40:9B:A1:29:24:BC:32:53:8C:6F:98:D5:E5:23:30
Authority key identifier: 74:E3:C3:36:97:20:94:B1:A8:C1:3D:41:81:68:57:D1:97:A3:AA:E9
Certificate issuer:       /CN=74e3c336972094b1a8c13d41816857d197a3aae9
Certificate serial:       019B0EC9D955466A91A1C06D79BD966F0981
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dOPDNpcglLGowT1BgWhX0Zejquk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/dOPDNpcglLGowT1BgWhX0Zejquk.mft
Manifest number:          1495
Signing time:             Thu 11 Dec 2025 19:01:07 +0000
Manifest this update:     Thu 11 Dec 2025 19:01:07 +0000
Manifest next update:     Fri 12 Dec 2025 19:01:07 +0000
Files and hashes:         1: 1jpCyAps9bajWpTTNjuuJqkvGNw.roa (hash: QdNF4dszmqN93C6OMT7lYcdmskEQt8kQtHTCFEeRLK4=)
                          2: 5TFH_eW2qIWRYXLPVqdNkYBm8RY.roa (hash: NHd1FZ0Cj9dSpCZXcpxcSuivwawk/XLiDV5hFVcK8gs=)
                          3: B-IzhwSKXhHkz88nSETOGD9yRG4.roa (hash: YnLpp9fGmyMsduAjb3ebFR0Lsy/94n7A+dxRiyz9BXo=)
                          4: LfVA7yFSUE0qhq_HYTK38H6PAlY.roa (hash: Kppg3VjpkBzGqtZq9DRkl+9W1VehTNUgM7T4eg/Jh/E=)
                          5: OI1U9tyTexI3zFMxN2_p-wXJb6Q.roa (hash: jEa8AhX1E/rcgU1N48+cRpXUd91VJFk6ahzuPB4XKow=)
                          6: UWwzSZwnxpR_r3Y4D6vttKdBBVs.roa (hash: 7svZa4xV7+uz3XJCftME26l72YGSUBkSe+OkDk5Vluk=)
                          7: VJ6MDr9v2VTJjopln-NK2ojxFwc.roa (hash: aCjSF+Bt+cDnTvcdibhV9s05hQuvY9LCYp3eMrgD2Ks=)
                          8: YOcpXFVJRTJW2caFAPTppkNQBuk.roa (hash: bsMm8G8+2Vegzn+c1SqEObi1wuYbeOXaQ994ZEYf674=)
                          9: a1U9llCdwrEqU4GkcwBsuwGny80.roa (hash: x9+7kA4QQzpZS4+gdNTWeXV2Ehq7i5FwV0w3Ws0zS7A=)
                          10: bilxvgHa_ortWdZiJoCPu9q2EO4.roa (hash: l/1X47j3OP5z+Rp05LuTXjyl7yZpgOm/aXT90ziTHDc=)
                          11: btX-zAe_zEJQ3ltM7sZKTKWNtzU.roa (hash: FXQNguGpvehosedHQRjCf06rJkvh5KY35ySN2Wig1dE=)
                          12: dOPDNpcglLGowT1BgWhX0Zejquk.crl (hash: el0SjFdvkZmgv3YQXh9evdR1M3DI2p8GSAT3HznlKeI=)
                          13: leLN7dUwqNQXTkicjPodaPNaHrA.roa (hash: /TZBYmyqPdbIBcWc+Ubi8mL2e3Sg1zgKUo/8XZMZsK8=)
                          14: ltEUPJ59iMmxTdNEYLGbM1Yq6jY.roa (hash: 4OyHOUV/gpG2mHKMCDQGjjKuCFHSFtOInlqympBF1Os=)
                          15: pzyfVcqGqM8oIh9yspKnplAOyo4.roa (hash: hsiUYyCYakxAYsQctvaT1faoOH457ARGeeeeMVZVUZk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/dOPDNpcglLGowT1BgWhX0Zejquk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/dOPDNpcglLGowT1BgWhX0Zejquk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dOPDNpcglLGowT1BgWhX0Zejquk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 12 Dec 2025 19:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:0e:c9:d9:55:46:6a:91:a1:c0:6d:79:bd:96:6f:09:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74e3c336972094b1a8c13d41816857d197a3aae9
        Validity
            Not Before: Dec 11 19:01:07 2025 GMT
            Not After : Dec 12 19:01:07 2025 GMT
        Subject: CN=28b9275720409ba12924bc32538c6f98d5e52330
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:9e:7e:af:b1:88:8b:51:6c:45:1f:06:0d:86:
                    b4:94:10:88:4f:5a:08:87:4f:b7:41:0d:e2:21:12:
                    04:4c:29:bf:a2:f8:7e:32:47:20:2f:2c:5c:fe:f1:
                    39:64:39:43:bf:a0:a5:55:3e:aa:54:e0:39:6f:5e:
                    6f:d6:42:10:12:21:10:03:c8:f4:06:2a:80:76:c6:
                    53:ac:5e:81:b2:a0:eb:58:39:09:ca:36:cb:56:7b:
                    b1:71:ab:ba:7a:10:0f:b3:b9:40:12:ed:06:49:08:
                    79:f7:1e:f6:5c:b1:a7:94:bb:4e:d3:26:5e:79:c0:
                    21:3f:b7:5f:2c:a9:58:9b:76:0f:35:f7:99:7d:9a:
                    10:7e:76:30:cd:37:e9:61:c8:29:9a:82:f1:7f:f9:
                    60:fb:1a:fb:4b:25:e6:50:db:7b:a8:cd:1a:8e:3c:
                    47:44:ca:1e:3b:e5:5c:0b:14:dd:b8:0f:db:d3:a8:
                    ba:e6:69:e2:64:6a:5d:1a:b2:4f:46:1e:0b:23:99:
                    0d:e6:13:5a:e3:19:d6:1a:e6:03:2b:b8:de:6b:15:
                    49:97:e7:9b:db:e6:90:2a:77:94:5b:64:d0:7b:d1:
                    11:b3:a3:b7:b5:dc:0b:80:41:38:d2:c3:bc:a3:fd:
                    d6:e0:d0:50:03:ee:72:6e:89:c6:f7:c1:2d:da:4d:
                    8b:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:B9:27:57:20:40:9B:A1:29:24:BC:32:53:8C:6F:98:D5:E5:23:30
            X509v3 Authority Key Identifier:
                keyid:74:E3:C3:36:97:20:94:B1:A8:C1:3D:41:81:68:57:D1:97:A3:AA:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dOPDNpcglLGowT1BgWhX0Zejquk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/dOPDNpcglLGowT1BgWhX0Zejquk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/dOPDNpcglLGowT1BgWhX0Zejquk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:84:a2:28:cf:7d:9d:5e:b7:7a:7f:cc:14:a3:39:e6:54:89:
         56:c0:0f:e2:08:f4:b7:60:3f:2e:a5:cd:46:1d:fb:50:04:cc:
         18:53:fd:ac:55:10:08:0c:91:db:02:98:22:dd:81:8c:3d:6f:
         56:84:23:0b:d0:b8:7f:bb:b2:c9:8a:70:ac:0b:14:06:cc:5d:
         f8:99:45:f2:a7:01:43:9a:61:23:12:49:97:bb:d4:cc:0f:3c:
         bd:50:37:3e:5c:1a:c0:1a:3e:46:99:8b:91:03:c6:e8:81:a3:
         cb:8a:e2:1d:c2:e6:62:da:7e:87:e1:45:47:b5:53:a4:79:08:
         0f:e4:f2:2a:73:09:51:92:6b:6f:fb:b8:6f:b2:36:08:c1:78:
         15:f2:e2:0d:fc:af:9f:a6:cc:69:97:fa:85:bb:94:91:1e:7c:
         23:32:37:4e:cc:21:b4:df:49:4a:73:65:c1:1a:cf:e8:d3:d9:
         75:6f:e2:24:f1:e0:8c:2c:0e:6d:10:c2:d0:13:60:8b:64:b6:
         30:d8:59:c7:da:18:f1:12:4d:b6:f1:df:54:c6:5f:4c:f7:52:
         cb:88:d7:cc:b8:f8:53:46:f7:f5:89:70:66:dd:4c:f7:16:05:
         6e:29:8d:b6:91:71:11:9f:b4:dc:2c:95:b9:aa:20:59:e9:72:
         ea:c4:a9:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZsOydlVRmqRocBteb2WbwmBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZTNjMzM2OTcyMDk0YjFhOGMxM2Q0MTgxNjg1N2QxOTdh
M2FhZTkwHhcNMjUxMjExMTkwMTA3WhcNMjUxMjEyMTkwMTA3WjAzMTEwLwYDVQQD
EygyOGI5Mjc1NzIwNDA5YmExMjkyNGJjMzI1MzhjNmY5OGQ1ZTUyMzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsp5+r7GIi1FsRR8GDYa0lBCIT1oI
h0+3QQ3iIRIETCm/ovh+MkcgLyxc/vE5ZDlDv6ClVT6qVOA5b15v1kIQEiEQA8j0
BiqAdsZTrF6BsqDrWDkJyjbLVnuxcau6ehAPs7lAEu0GSQh59x72XLGnlLtO0yZe
ecAhP7dfLKlYm3YPNfeZfZoQfnYwzTfpYcgpmoLxf/lg+xr7SyXmUNt7qM0ajjxH
RMoeO+VcCxTduA/b06i65mniZGpdGrJPRh4LI5kN5hNa4xnWGuYDK7jeaxVJl+eb
2+aQKneUW2TQe9ERs6O3tdwLgEE40sO8o/3W4NBQA+5ybonG98Et2k2LxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCi5J1cgQJuhKSS8MlOMb5jV5SMwMB8GA1UdIwQY
MBaAFHTjwzaXIJSxqME9QYFoV9GXo6rpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE9QRE5wY2dsTEdvd1QxQmdXaFgwWmVqcXVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8xOGM0OTgtMjE3MS00ZTFjLThkODAt
YTZjNDllYjI4Mjg3LzEvZE9QRE5wY2dsTEdvd1QxQmdXaFgwWmVqcXVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8xOGM0OTgtMjE3MS00ZTFjLThkODAtYTZjNDllYjI4Mjg3
LzEvZE9QRE5wY2dsTEdvd1QxQmdXaFgwWmVqcXVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjoSiKM99
nV63en/MFKM55lSJVsAP4gj0t2A/LqXNRh37UATMGFP9rFUQCAyR2wKYIt2BjD1v
VoQjC9C4f7uyyYpwrAsUBsxd+JlF8qcBQ5phIxJJl7vUzA88vVA3PlwawBo+RpmL
kQPG6IGjy4riHcLmYtp+h+FFR7VTpHkID+TyKnMJUZJrb/u4b7I2CMF4FfLiDfyv
n6bMaZf6hbuUkR58IzI3TswhtN9JSnNlwRrP6NPZdW/iJPHgjCwObRDC0BNgi2S2
MNhZx9oY8RJNtvHfVMZfTPdSy4jXzLj4U0b39YlwZt1M9xYFbimNtpFxEZ+03CyV
uaogWely6sSp+A==
-----END CERTIFICATE-----