This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.mft
File:                     MkdKx8qF4JwtSLM-e_Zvjtdk3g8.mft (raw, json)
Hash identifier:          PT2PAvXTNuHify+IMBuNK3tRW82xPC4PrgKloLu6X10=
Subject key identifier:   69:2B:11:0E:76:0B:C8:EA:34:2F:72:23:38:52:24:9D:9D:34:5C:EA
Authority key identifier: 32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
Certificate issuer:       /CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Certificate serial:       019B0D12ACDBCD756E4F5D7015B773723A99
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.mft
Manifest number:          1799
Signing time:             Thu 11 Dec 2025 11:01:26 +0000
Manifest this update:     Thu 11 Dec 2025 11:01:26 +0000
Manifest next update:     Fri 12 Dec 2025 11:01:26 +0000
Files and hashes:         1: 08x65D62xajmjuWxGOGX--5GFZ4.roa (hash: ku01TCluM3ObD1DEPpsLr/8jGhA1O5espf/zteTKSkk=)
                          2: 0UoizghhK2t_Hs9ANXwnp2V3H9g.roa (hash: j4VZblrlmGvi/zncbh9YoYNVMyrFMgKvx6DiuKh68sw=)
                          3: 1-fxNLZQMykWE3SLBLsEKwibzn3o.roa (hash: U9t8UfOKITE6D0gBLc/Dtn9zr6EfXzJkxHJL0LBQvTo=)
                          4: FDmDvOACHulfshItBSDCX5mBYSQ.roa (hash: aexzHKGvD/WM+wZ6/qx7vyWxEHAqx7gswtzEcmCk74k=)
                          5: FzyJ-A4chBzu8lQqhpLh4dfVe9s.roa (hash: kikBFtCVFZZA5yK1FlsJJ2Y15ol/mIm/K3+f2pwmt3Q=)
                          6: JRfXlKgZScSlnAP9_s4mWUCHMzI.roa (hash: Yofq9QzaUqxyhMLfnSLcXXtmS3vz0xWVOjl3kItQ1gM=)
                          7: MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl (hash: iaW/OoCsQfqZEWOSe35bhxuRe25+OtlDXeY6WV/GC/k=)
                          8: RV1rjCwSnXKPzqWOYcizuue6Tmw.roa (hash: ZJyuiQwoYun/WqH4NVoy2nm760NToV5F7bd+tbvhpZI=)
                          9: UI2cnhatNs5ZeysmslxEpLBSTew.roa (hash: axZPCQgEFKrONNIyjteNC+Y0RYmX6khaCS5yj1K7lFE=)
                          10: XIqtTjvuJ5glY39EaIP6KmILhoo.roa (hash: oyK+JoJZ3ZJXn7BAWGpujgyfoF5xI3Ds91YiwWdI2PE=)
                          11: XwhTClSP1UI8joFe2laQDXk_PGU.roa (hash: Vu9nNK134kjM8iGZdGpKi0T5ZrLtuDBr7FKT4joBB3w=)
                          12: b_MAVuI29oBciIh7vGGq0NJVEzc.roa (hash: hDxp3S5bhbbLqI6OACypq5MMFaQlI+7lCsYe3tJ2F9c=)
                          13: dOfaSe3fIYIhGR1xcwXjfUk3OeI.roa (hash: uz8UfxMH6M1zEnn7EFrd8TVCQANQpajV/Ux4YkN59Jk=)
                          14: ivBw7pb2lERE4O4pT70f-IjK-H8.roa (hash: 9+du4uvg6+sqYU99LVsbimMbdhpdO5ppSVPQO3/HDIY=)
                          15: vaL0J_r43BzBTm5r8Bo75j0pTF8.roa (hash: 75FzmVXUE4MjGcr9LiSgeGxgqkVwVmsZ6mF1xXYO59Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 12 Dec 2025 11:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:0d:12:ac:db:cd:75:6e:4f:5d:70:15:b7:73:72:3a:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
        Validity
            Not Before: Dec 11 11:01:26 2025 GMT
            Not After : Dec 12 11:01:26 2025 GMT
        Subject: CN=692b110e760bc8ea342f72233852249d9d345cea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:db:0e:0b:42:57:bb:a5:a1:56:5e:40:13:5d:
                    23:fa:87:b2:e3:57:9b:2c:0f:19:63:b8:45:8f:eb:
                    d1:fe:95:51:d5:00:d7:4d:e2:d1:85:aa:72:0c:15:
                    26:32:50:19:d5:fb:2b:27:6b:11:d6:fc:65:a8:99:
                    ee:d8:bc:4c:3a:c3:a4:3b:d3:d8:c3:4a:8a:51:cd:
                    7e:9d:63:ba:c1:c7:ca:95:a8:ed:50:f1:c8:14:b5:
                    71:66:ae:22:33:ab:e9:36:13:77:db:15:e5:64:ec:
                    07:04:c3:e3:ea:07:9b:d1:bc:5d:bb:94:70:0f:09:
                    e3:e6:7d:ba:b8:97:4c:27:3c:5c:08:a4:4d:60:a5:
                    2c:34:31:73:eb:d5:8a:fd:c9:c8:7f:29:ea:e3:5f:
                    a6:c3:55:f2:2f:02:df:28:eb:9d:e1:28:5f:39:71:
                    9a:49:10:46:2a:64:46:9e:e5:d2:e7:da:6c:74:f8:
                    11:bd:d3:fe:40:a8:d8:cf:84:7c:55:9b:8f:5a:4d:
                    22:7c:e9:57:30:33:a8:0a:a4:92:4e:10:97:93:d5:
                    ff:dc:d6:11:24:90:3f:87:5c:72:0a:46:01:bf:3d:
                    59:33:16:41:c3:16:85:5d:dc:0e:d8:a8:82:81:88:
                    ac:0b:80:ab:a0:82:ed:8e:9e:43:7a:21:2f:0c:cd:
                    bd:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:2B:11:0E:76:0B:C8:EA:34:2F:72:23:38:52:24:9D:9D:34:5C:EA
            X509v3 Authority Key Identifier:
                keyid:32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         dd:9f:2b:44:48:e1:f3:2d:99:07:f3:ad:29:dc:87:ea:1d:e9:
         0b:d3:51:9a:d0:3a:0b:e6:e7:04:c4:a6:8a:6c:19:d7:d6:3b:
         a4:c3:3d:0a:8c:41:00:c8:7b:4b:55:be:10:1f:58:6e:15:05:
         61:b9:d0:60:26:4e:1c:3f:71:45:48:98:48:93:1e:89:a4:7b:
         c9:10:7b:54:05:76:86:78:0a:d4:2c:2f:dc:98:ad:9d:70:90:
         29:82:8e:77:f4:1c:06:e3:dd:23:46:d1:a6:7e:c8:ac:93:c8:
         3b:89:48:8d:f3:b8:2e:20:bf:24:c0:d5:2d:a1:3e:a6:0e:c3:
         8a:68:cf:37:10:01:23:56:f6:b1:8e:fd:6a:1d:6d:b2:bc:2c:
         42:ed:35:7a:fe:3d:b5:26:a2:6d:87:75:91:b7:ec:29:9c:ac:
         37:78:ca:85:7e:31:2a:62:94:55:cf:1c:04:db:7a:95:16:e2:
         33:1e:61:0b:3a:42:b2:da:f9:73:61:b6:16:f5:f8:04:37:92:
         16:3c:43:05:73:54:57:ce:bd:73:ad:3b:97:f4:fb:50:16:43:
         f6:e2:62:b9:71:2f:f4:b2:2b:64:bc:eb:17:af:58:6f:a1:79:
         e7:d6:58:6b:08:2e:c9:41:8d:b4:4f:38:83:94:08:23:c5:a7:
         29:e3:7e:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZsNEqzbzXVuT11wFbdzcjqZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNDc0YWM3Y2E4NWUwOWMyZDQ4YjMzZTdiZjY2ZjhlZDc2
NGRlMGYwHhcNMjUxMjExMTEwMTI2WhcNMjUxMjEyMTEwMTI2WjAzMTEwLwYDVQQD
Eyg2OTJiMTEwZTc2MGJjOGVhMzQyZjcyMjMzODUyMjQ5ZDlkMzQ1Y2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9sOC0JXu6WhVl5AE10j+oey41eb
LA8ZY7hFj+vR/pVR1QDXTeLRhapyDBUmMlAZ1fsrJ2sR1vxlqJnu2LxMOsOkO9PY
w0qKUc1+nWO6wcfKlajtUPHIFLVxZq4iM6vpNhN32xXlZOwHBMPj6geb0bxdu5Rw
Dwnj5n26uJdMJzxcCKRNYKUsNDFz69WK/cnIfynq41+mw1XyLwLfKOud4ShfOXGa
SRBGKmRGnuXS59psdPgRvdP+QKjYz4R8VZuPWk0ifOlXMDOoCqSSThCXk9X/3NYR
JJA/h1xyCkYBvz1ZMxZBwxaFXdwO2KiCgYisC4CroILtjp5DeiEvDM29hwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGkrEQ52C8jqNC9yIzhSJJ2dNFzqMB8GA1UdIwQY
MBaAFDJHSsfKheCcLUizPnv2b47XZN4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzkt
MTJlYzIyYzljNWEyLzEvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzktMTJlYzIyYzljNWEy
LzEvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA3Z8rREjh
8y2ZB/OtKdyH6h3pC9NRmtA6C+bnBMSmimwZ19Y7pMM9CoxBAMh7S1W+EB9YbhUF
YbnQYCZOHD9xRUiYSJMeiaR7yRB7VAV2hngK1Cwv3JitnXCQKYKOd/QcBuPdI0bR
pn7IrJPIO4lIjfO4LiC/JMDVLaE+pg7DimjPNxABI1b2sY79ah1tsrwsQu01ev49
tSaibYd1kbfsKZysN3jKhX4xKmKUVc8cBNt6lRbiMx5hCzpCstr5c2G2FvX4BDeS
FjxDBXNUV869c607l/T7UBZD9uJiuXEv9LIrZLzrF69Yb6F559ZYawguyUGNtE84
g5QII8WnKeN+tg==
-----END CERTIFICATE-----