This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/8HH00RnQt0-2bjen74eNRJ1U3cg.mft
File:                     8HH00RnQt0-2bjen74eNRJ1U3cg.mft (raw, json)
Hash identifier:          K0XpnABYBOcG2BR2yzLeuHZOwZgoa20YnVwlSXDihu4=
Subject key identifier:   A4:77:ED:E6:79:AC:B9:0B:B2:0E:EF:B7:3E:C7:58:F0:73:D6:EF:CA
Authority key identifier: F0:71:F4:D1:19:D0:B7:4F:B6:6E:37:A7:EF:87:8D:44:9D:54:DD:C8
Certificate issuer:       /CN=f071f4d119d0b74fb66e37a7ef878d449d54ddc8
Certificate serial:       019BFD65C30BD2CBF63F95F77BF1CFA8F3A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8HH00RnQt0-2bjen74eNRJ1U3cg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/8HH00RnQt0-2bjen74eNRJ1U3cg.mft
Manifest number:          17EE
Signing time:             Tue 27 Jan 2026 03:01:03 +0000
Manifest this update:     Tue 27 Jan 2026 03:01:03 +0000
Manifest next update:     Wed 28 Jan 2026 03:01:03 +0000
Files and hashes:         1: 8HH00RnQt0-2bjen74eNRJ1U3cg.crl (hash: X2c+YurkTFqAK0567jvFT9OXAGWZ43VEWB+nLQ+1Xvc=)
                          2: ndNKivh3eGWkwwwoBkB-DTBLeAk.roa (hash: 1Ul5VkOu4uH6nlTFxGEpna5ymLuVxA+ZTlonloh+hpk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/8HH00RnQt0-2bjen74eNRJ1U3cg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/8HH00RnQt0-2bjen74eNRJ1U3cg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8HH00RnQt0-2bjen74eNRJ1U3cg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 27 Jan 2026 20:39:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:fd:65:c3:0b:d2:cb:f6:3f:95:f7:7b:f1:cf:a8:f3:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f071f4d119d0b74fb66e37a7ef878d449d54ddc8
        Validity
            Not Before: Jan 27 03:01:03 2026 GMT
            Not After : Jan 28 03:01:03 2026 GMT
        Subject: CN=a477ede679acb90bb20eefb73ec758f073d6efca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:c1:7a:16:dc:de:fa:3b:4a:58:ec:17:c4:56:
                    4f:a9:4d:1e:a9:e6:9f:35:fa:27:ad:d0:37:e1:2b:
                    5f:24:19:09:6a:f0:0f:7e:25:59:2a:b7:29:47:8d:
                    a6:b4:46:60:3b:a6:fc:8d:ed:3c:7c:73:2a:8f:83:
                    42:32:1b:67:70:14:19:58:ea:44:ff:07:1b:31:9e:
                    f3:26:34:15:ee:dd:e5:91:e3:07:eb:43:94:e0:9b:
                    40:d2:62:ed:0d:04:34:e9:14:ad:82:c9:1a:e8:2c:
                    09:86:ea:b8:55:93:6f:45:da:6d:88:44:53:02:6a:
                    05:48:f9:c8:4c:17:8f:11:73:32:05:ee:65:e2:b6:
                    0b:66:0b:fe:76:d5:60:ca:91:1b:95:48:0b:cb:0e:
                    ad:2b:63:d3:b9:5f:08:ff:70:b5:e2:8d:2f:fe:e0:
                    66:ef:2a:84:19:5c:6c:d7:db:2e:00:ef:d4:cb:d9:
                    02:f6:bf:78:22:bf:23:4a:36:6e:e4:0e:d0:8c:7f:
                    c7:54:e4:09:2e:6c:fa:75:64:41:f8:07:4c:9a:18:
                    76:c0:30:4f:12:f2:ea:6a:07:3a:e0:a7:c9:cf:56:
                    f5:88:d9:86:03:d1:c8:c0:c8:b2:28:61:4e:37:17:
                    17:29:74:2f:3f:be:91:c9:14:5b:e2:f0:d8:1f:7c:
                    0e:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:77:ED:E6:79:AC:B9:0B:B2:0E:EF:B7:3E:C7:58:F0:73:D6:EF:CA
            X509v3 Authority Key Identifier:
                keyid:F0:71:F4:D1:19:D0:B7:4F:B6:6E:37:A7:EF:87:8D:44:9D:54:DD:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8HH00RnQt0-2bjen74eNRJ1U3cg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/8HH00RnQt0-2bjen74eNRJ1U3cg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/8HH00RnQt0-2bjen74eNRJ1U3cg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:0c:95:92:a2:98:f5:8d:8e:93:f8:2d:5c:0d:66:58:8a:1d:
         3c:11:4d:4c:4f:55:d8:49:d9:3b:7b:2b:de:ee:66:00:2a:51:
         aa:ac:3c:f0:be:98:cf:2a:b8:69:d8:09:8c:a3:03:00:a6:1c:
         93:90:20:31:67:c6:d2:38:3c:a7:a1:d6:2e:fc:c6:ea:14:36:
         8f:80:37:93:76:7f:35:ae:b0:ca:f4:be:9d:84:1d:3a:4e:fd:
         73:38:e6:89:ac:a0:e2:b1:6b:b7:a9:16:65:19:6c:e6:85:e0:
         3d:63:9b:80:61:44:48:36:78:20:af:2e:7f:14:72:23:dc:33:
         d8:25:97:5d:07:a7:63:10:d0:71:a9:c7:61:fd:a7:d0:a1:67:
         5f:53:6c:41:af:05:58:4f:46:1f:55:43:07:39:69:3f:1a:de:
         7d:b4:c2:15:4c:45:76:61:70:ac:51:4c:f2:e0:c5:aa:7f:fd:
         71:07:57:9f:71:29:4d:78:c8:7e:62:29:d0:d0:09:96:fd:40:
         63:2b:63:f1:d7:30:50:06:b2:6e:0f:89:69:db:f2:8f:1a:56:
         40:46:f7:e9:6b:02:a4:fa:18:22:ab:f0:44:6a:44:65:d6:5c:
         b8:87:a8:73:90:e8:a3:f9:32:c2:4c:a6:06:64:d5:f1:ef:f1:
         5b:1f:ca:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZv9ZcML0sv2P5X3e/HPqPOpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNzFmNGQxMTlkMGI3NGZiNjZlMzdhN2VmODc4ZDQ0OWQ1
NGRkYzgwHhcNMjYwMTI3MDMwMTAzWhcNMjYwMTI4MDMwMTAzWjAzMTEwLwYDVQQD
EyhhNDc3ZWRlNjc5YWNiOTBiYjIwZWVmYjczZWM3NThmMDczZDZlZmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMF6Ftze+jtKWOwXxFZPqU0eqeaf
NfonrdA34StfJBkJavAPfiVZKrcpR42mtEZgO6b8je08fHMqj4NCMhtncBQZWOpE
/wcbMZ7zJjQV7t3lkeMH60OU4JtA0mLtDQQ06RStgska6CwJhuq4VZNvRdptiERT
AmoFSPnITBePEXMyBe5l4rYLZgv+dtVgypEblUgLyw6tK2PTuV8I/3C14o0v/uBm
7yqEGVxs19suAO/Uy9kC9r94Ir8jSjZu5A7QjH/HVOQJLmz6dWRB+AdMmhh2wDBP
EvLqagc64KfJz1b1iNmGA9HIwMiyKGFONxcXKXQvP76RyRRb4vDYH3wO/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKR37eZ5rLkLsg7vtz7HWPBz1u/KMB8GA1UdIwQY
MBaAFPBx9NEZ0LdPtm43p++HjUSdVN3IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEhIMDBSblF0MC0yYmplbjc0ZU5SSjFVM2NnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny82YTk2ODItMjAxYi00ZTAxLWJhMDkt
MDc0NzQ1MjRlZjlhLzEvOEhIMDBSblF0MC0yYmplbjc0ZU5SSjFVM2NnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny82YTk2ODItMjAxYi00ZTAxLWJhMDktMDc0NzQ1MjRlZjlh
LzEvOEhIMDBSblF0MC0yYmplbjc0ZU5SSjFVM2NnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADwyVkqKY
9Y2Ok/gtXA1mWIodPBFNTE9V2EnZO3sr3u5mACpRqqw88L6Yzyq4adgJjKMDAKYc
k5AgMWfG0jg8p6HWLvzG6hQ2j4A3k3Z/Na6wyvS+nYQdOk79czjmiayg4rFrt6kW
ZRls5oXgPWObgGFESDZ4IK8ufxRyI9wz2CWXXQenYxDQcanHYf2n0KFnX1NsQa8F
WE9GH1VDBzlpPxrefbTCFUxFdmFwrFFM8uDFqn/9cQdXn3EpTXjIfmIp0NAJlv1A
Yytj8dcwUAaybg+JadvyjxpWQEb36WsCpPoYIqvwRGpEZdZcuIeoc5Doo/kywkym
BmTV8e/xWx/Kxg==
-----END CERTIFICATE-----
Generated at Tue Jan 27 05:36:39 2026 by rpki-client