This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/83adbb-3627-4b87-9f7d-ab40253b5e2b/1/YPa89uKxCboqFKc7l1rZVEhLS6U.mft
File:                     YPa89uKxCboqFKc7l1rZVEhLS6U.mft (raw, json)
Hash identifier:          J2CbwOVOZPtJA77dAr66bqQr2gflMI/cgMtt3hp3CnU=
Subject key identifier:   EA:B9:6B:39:F5:A1:FA:DB:B4:B1:F9:61:DD:E8:5D:09:91:DB:B8:49
Authority key identifier: 60:F6:BC:F6:E2:B1:09:BA:2A:14:A7:3B:97:5A:D9:54:48:4B:4B:A5
Certificate issuer:       /CN=60f6bcf6e2b109ba2a14a73b975ad954484b4ba5
Certificate serial:       019B40FFF5E393C318AED9D827313BC4C0F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YPa89uKxCboqFKc7l1rZVEhLS6U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/83adbb-3627-4b87-9f7d-ab40253b5e2b/1/YPa89uKxCboqFKc7l1rZVEhLS6U.mft
Manifest number:          0C0C
Signing time:             Sun 21 Dec 2025 13:01:14 +0000
Manifest this update:     Sun 21 Dec 2025 13:01:14 +0000
Manifest next update:     Mon 22 Dec 2025 13:01:14 +0000
Files and hashes:         1: YPa89uKxCboqFKc7l1rZVEhLS6U.crl (hash: N0vpurxo7vicnFeKiidQtHFsKCFvOWYxxgfr9fzLULw=)
                          2: oNp64lcp-PwrYsQaBw1j30tzyNw.roa (hash: FzeHCqPb/tC2Vmdnn3r7gfGFiDclam5dSTVPZrLAWO8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/83adbb-3627-4b87-9f7d-ab40253b5e2b/1/YPa89uKxCboqFKc7l1rZVEhLS6U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/83adbb-3627-4b87-9f7d-ab40253b5e2b/1/YPa89uKxCboqFKc7l1rZVEhLS6U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YPa89uKxCboqFKc7l1rZVEhLS6U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 22 Dec 2025 13:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:40:ff:f5:e3:93:c3:18:ae:d9:d8:27:31:3b:c4:c0:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60f6bcf6e2b109ba2a14a73b975ad954484b4ba5
        Validity
            Not Before: Dec 21 13:01:14 2025 GMT
            Not After : Dec 22 13:01:14 2025 GMT
        Subject: CN=eab96b39f5a1fadbb4b1f961dde85d0991dbb849
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:43:48:f8:89:8d:d0:c9:6a:ff:b2:ed:d0:98:
                    c8:15:d6:f6:e2:72:2b:5b:da:49:61:cc:6e:f4:ce:
                    3d:9e:2a:5b:38:e2:d8:e9:14:73:96:b6:62:e8:c4:
                    ba:46:b0:c0:8b:7b:2a:8b:bd:f5:b1:72:c1:21:ba:
                    d6:15:30:45:17:81:79:22:a1:67:8b:52:e2:44:18:
                    fa:a5:53:b6:31:2e:2b:82:fa:4e:12:3c:aa:27:d5:
                    0b:8e:23:a6:6a:19:2e:01:f3:50:1e:0a:61:64:ed:
                    4d:e4:b9:4c:fb:fc:87:43:4e:4a:76:b1:1e:5f:38:
                    d7:e6:52:e3:4f:89:48:75:89:c3:ff:d5:64:0b:98:
                    72:0d:f6:d3:e2:56:6e:63:19:57:34:be:de:96:30:
                    b3:69:5f:b7:cf:ca:24:c6:5d:f6:e1:1c:d4:ab:f3:
                    94:86:ec:35:ae:07:2f:e8:9c:c0:c9:6d:06:bb:a1:
                    dc:6d:05:6b:54:91:e6:ee:f6:d4:d7:8f:95:87:02:
                    38:44:fb:ed:14:6f:cc:8d:87:c8:af:68:fd:51:79:
                    03:9f:5f:f7:83:5e:63:00:b5:61:55:5a:4c:7f:d5:
                    65:0e:ab:9b:64:c8:45:f3:2b:21:2f:d7:d3:bd:ec:
                    64:72:fe:c7:5f:7b:fd:27:6d:d3:3f:d4:75:21:c5:
                    1e:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:B9:6B:39:F5:A1:FA:DB:B4:B1:F9:61:DD:E8:5D:09:91:DB:B8:49
            X509v3 Authority Key Identifier:
                keyid:60:F6:BC:F6:E2:B1:09:BA:2A:14:A7:3B:97:5A:D9:54:48:4B:4B:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YPa89uKxCboqFKc7l1rZVEhLS6U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/83adbb-3627-4b87-9f7d-ab40253b5e2b/1/YPa89uKxCboqFKc7l1rZVEhLS6U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/83adbb-3627-4b87-9f7d-ab40253b5e2b/1/YPa89uKxCboqFKc7l1rZVEhLS6U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:6b:5f:06:d2:7c:90:f8:fd:27:f7:b4:ae:2d:a0:80:6d:ba:
         0c:e6:10:39:5f:99:c3:e9:08:e7:c1:68:dc:29:6e:c3:e4:0b:
         80:bd:8c:34:13:af:3d:09:ac:9b:f8:06:f0:ef:32:f9:f3:33:
         86:58:73:cb:d7:d4:a0:88:11:08:da:b3:42:44:a1:b3:14:86:
         b2:e4:fc:45:d5:ed:81:5c:5f:6a:12:41:d7:3c:1d:7a:a3:b9:
         7a:45:df:a8:c0:0c:a0:8a:c1:a3:94:f3:87:fb:94:2c:14:c3:
         45:e0:e7:b0:5a:7a:e7:1d:95:34:e9:af:ce:a7:03:78:cd:df:
         77:a1:f0:71:98:a8:d1:e0:82:c9:cc:1b:3c:f4:56:00:4c:43:
         a2:1f:e8:1d:a1:b6:0a:86:0e:0a:65:2e:5e:55:2a:87:c2:48:
         94:56:c9:31:39:c1:8a:8b:2d:98:61:ff:81:84:d9:27:a0:95:
         bc:d7:be:0e:e6:c1:0c:d4:38:34:8e:59:dd:a1:80:2c:8f:5a:
         a7:0c:38:a2:32:03:39:3b:f4:89:90:2c:bc:e4:ab:d7:e1:52:
         af:68:3e:09:22:c7:a1:2c:39:40:6b:c0:c5:f1:db:2f:33:4c:
         d6:40:bc:f5:7c:f7:b4:23:8d:88:1a:9c:36:eb:f6:4b:9a:20:
         75:36:14:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZtA//Xjk8MYrtnYJzE7xMD0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZjZiY2Y2ZTJiMTA5YmEyYTE0YTczYjk3NWFkOTU0NDg0
YjRiYTUwHhcNMjUxMjIxMTMwMTE0WhcNMjUxMjIyMTMwMTE0WjAzMTEwLwYDVQQD
EyhlYWI5NmIzOWY1YTFmYWRiYjRiMWY5NjFkZGU4NWQwOTkxZGJiODQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApENI+ImN0Mlq/7Lt0JjIFdb24nIr
W9pJYcxu9M49nipbOOLY6RRzlrZi6MS6RrDAi3sqi731sXLBIbrWFTBFF4F5IqFn
i1LiRBj6pVO2MS4rgvpOEjyqJ9ULjiOmahkuAfNQHgphZO1N5LlM+/yHQ05KdrEe
XzjX5lLjT4lIdYnD/9VkC5hyDfbT4lZuYxlXNL7eljCzaV+3z8okxl324RzUq/OU
huw1rgcv6JzAyW0Gu6HcbQVrVJHm7vbU14+VhwI4RPvtFG/MjYfIr2j9UXkDn1/3
g15jALVhVVpMf9VlDqubZMhF8yshL9fTvexkcv7HX3v9J23TP9R1IcUegQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOq5azn1ofrbtLH5Yd3oXQmR27hJMB8GA1UdIwQY
MBaAFGD2vPbisQm6KhSnO5da2VRIS0ulMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVBhODl1S3hDYm9xRktjN2wxclpWRWhMUzZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS84M2FkYmItMzYyNy00Yjg3LTlmN2Qt
YWI0MDI1M2I1ZTJiLzEvWVBhODl1S3hDYm9xRktjN2wxclpWRWhMUzZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS84M2FkYmItMzYyNy00Yjg3LTlmN2QtYWI0MDI1M2I1ZTJi
LzEvWVBhODl1S3hDYm9xRktjN2wxclpWRWhMUzZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbmtfBtJ8
kPj9J/e0ri2ggG26DOYQOV+Zw+kI58Fo3Cluw+QLgL2MNBOvPQmsm/gG8O8y+fMz
hlhzy9fUoIgRCNqzQkShsxSGsuT8RdXtgVxfahJB1zwdeqO5ekXfqMAMoIrBo5Tz
h/uULBTDReDnsFp65x2VNOmvzqcDeM3fd6HwcZio0eCCycwbPPRWAExDoh/oHaG2
CoYOCmUuXlUqh8JIlFbJMTnBiostmGH/gYTZJ6CVvNe+DubBDNQ4NI5Z3aGALI9a
pww4ojIDOTv0iZAsvOSr1+FSr2g+CSLHoSw5QGvAxfHbLzNM1kC89Xz3tCONiBqc
Nuv2S5ogdTYUHg==
-----END CERTIFICATE-----
Generated at Sun Dec 21 15:39:25 2025 by rpki-client