This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
File:                     CY97o0vGVnvTYW1XT3KF3XVW2_0.mft (raw, json)
Hash identifier:          KayWGYKi/LOcOkDsaE2FcTgSae0b+Ku/jZhHlhgL/64=
Subject key identifier:   DC:C4:37:60:60:97:46:1D:EB:FF:40:42:A9:30:46:F4:CD:DC:78:7D
Authority key identifier: 09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD
Certificate issuer:       /CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
Certificate serial:       019C04E87AE486C10A136317C61CB3D1136B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
Manifest number:          0C10
Signing time:             Wed 28 Jan 2026 14:01:10 +0000
Manifest this update:     Wed 28 Jan 2026 14:01:10 +0000
Manifest next update:     Thu 29 Jan 2026 14:01:10 +0000
Files and hashes:         1: CY97o0vGVnvTYW1XT3KF3XVW2_0.crl (hash: 6g0el003pi6LaIFJPDnO3OtZsDLwJUTDN6yy2PMZZ7w=)
                          2: IP0aVLnaY0te3-WRrsi7DFaXO_4.roa (hash: Xxny1qG2mRhaeS5oj19RU/vhLPgA+jSoozjn6tTTwWo=)
                          3: IcfiGiHhm-UnVbVbGBC_RtFqnfM.roa (hash: FGxn4dZpz1k+FXowXOdQoq7CmlfSlmu0geRbED6pnGQ=)
                          4: MWiV7graQLeuw4AYgJ4ZHIBAuZE.roa (hash: 5UScMx33ea6UI1n+yqJ+oTPgZkvCg216H08oUJCNoCY=)
                          5: d_rxJJRdc6lxglOZm6MPcxsRKVk.roa (hash: 09cxzd1TQUa9YcSDbUPMORsaaMIR6hUWI/wpDIjuvuY=)
                          6: earkCFjIv2or5fVmfCpyFBzbJ_0.roa (hash: dftgCu9tVXj4WgdmgDTiT0Fq8ps61PTLkvPOyslNpyo=)
                          7: h5YHyc0MmzGvq4YgXx8Mpbt82CY.roa (hash: hT18pU7cTeKJ68OyFrQNbEbvLKO/d8ePLsbG9hT8IJE=)
                          8: vv0I_9PClUpsKdM3Ws5mpj_Dbv0.roa (hash: Adx+Z7kMAGiZBllXqmWexxHoAMFVLGtlGl9lUzeKx9M=)
                          9: z5VJJncILn8SiX_0PBUpwSIBZR4.roa (hash: Ob/d4htJ7+Y8sve6AbDZ63e9bI8Fjky35VjD4Z3kSis=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 29 Jan 2026 14:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:04:e8:7a:e4:86:c1:0a:13:63:17:c6:1c:b3:d1:13:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
        Validity
            Not Before: Jan 28 14:01:10 2026 GMT
            Not After : Jan 29 14:01:10 2026 GMT
        Subject: CN=dcc437606097461debff4042a93046f4cddc787d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:30:0f:2c:d8:57:a3:48:8b:05:5c:bc:d9:a7:
                    8d:38:df:4c:0f:8f:1d:a5:0f:aa:4c:89:db:d0:1e:
                    da:35:aa:0a:6d:c4:b4:d8:4c:bd:82:5e:f1:aa:e2:
                    b1:77:f7:af:37:a6:a2:05:58:90:b3:8f:9e:e8:d3:
                    61:fd:79:27:c8:f5:e6:02:e8:69:58:9e:e6:f7:32:
                    89:a5:cb:d1:44:c0:9e:e7:98:bd:96:05:06:74:97:
                    50:06:24:1b:f7:dc:32:a4:4f:12:6f:c3:35:5b:ec:
                    16:12:0b:e6:62:dd:8e:07:9b:c7:dc:dc:41:09:4d:
                    70:a6:92:f6:9a:25:8e:b6:91:d3:88:ef:89:92:5b:
                    2d:c0:b3:7b:d0:b8:1b:c8:5b:be:5d:e1:b4:b0:04:
                    7b:93:ab:11:5d:dd:e9:8b:d6:1c:6b:e6:52:2a:7d:
                    b8:15:83:01:b2:61:13:58:a7:30:52:da:a3:76:92:
                    fa:8f:5a:91:bd:02:5e:9e:bc:cc:1d:04:40:e8:f7:
                    72:7e:c4:79:5f:c0:7f:ee:dd:78:d4:ad:d1:6d:c7:
                    79:51:a2:3f:d4:b5:16:f5:02:e2:53:97:c3:ce:5d:
                    28:ab:9f:85:f5:b3:0f:bd:ad:98:a0:4b:81:03:a6:
                    f6:35:08:f6:37:6c:5b:06:56:46:42:33:e4:48:53:
                    6e:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:C4:37:60:60:97:46:1D:EB:FF:40:42:A9:30:46:F4:CD:DC:78:7D
            X509v3 Authority Key Identifier:
                keyid:09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:94:91:7b:88:76:66:2f:f5:1f:87:d9:9e:15:90:47:b4:96:
         3f:6e:1d:c7:dd:33:41:83:1e:5b:3b:56:11:8d:f9:e0:bc:62:
         6f:41:88:36:1f:7e:c6:2e:e0:11:e3:4a:6d:c9:63:4c:04:e6:
         94:37:53:85:2e:8b:df:92:8b:99:75:f3:29:88:cc:80:d5:61:
         fc:0f:34:57:12:36:53:a3:e8:00:83:ed:7f:d3:89:74:4a:66:
         9f:79:d5:50:d8:43:d9:6e:7e:53:84:53:7d:43:8e:05:90:16:
         2f:32:90:5a:e7:45:b2:e2:0f:65:85:a1:5f:18:ef:27:f8:ad:
         1d:52:d0:46:ba:ec:f8:f5:5d:68:ac:cb:61:d5:20:8a:2f:6d:
         d7:d9:a9:b5:7a:25:f6:e5:8c:69:c1:a6:03:d0:d5:8c:59:06:
         b9:51:8c:d7:85:7c:ee:e4:f0:c5:f7:4e:94:42:42:26:2c:b1:
         88:97:b7:13:8b:49:55:fb:df:b4:1d:9a:96:45:5b:8a:1d:de:
         b5:33:c0:12:36:01:b8:16:0f:c1:72:d1:f4:6f:b0:51:ec:07:
         23:e3:af:86:f9:61:93:d2:cc:a3:62:9e:28:22:9f:73:32:78:
         87:6c:33:23:89:0e:fe:56:bd:a4:e6:7b:11:e0:24:91:1d:03:
         06:a6:ab:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZwE6HrkhsEKE2MXxhyz0RNrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OGY3YmEzNGJjNjU2N2JkMzYxNmQ1NzRmNzI4NWRkNzU1
NmRiZmQwHhcNMjYwMTI4MTQwMTEwWhcNMjYwMTI5MTQwMTEwWjAzMTEwLwYDVQQD
EyhkY2M0Mzc2MDYwOTc0NjFkZWJmZjQwNDJhOTMwNDZmNGNkZGM3ODdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4DAPLNhXo0iLBVy82aeNON9MD48d
pQ+qTInb0B7aNaoKbcS02Ey9gl7xquKxd/evN6aiBViQs4+e6NNh/XknyPXmAuhp
WJ7m9zKJpcvRRMCe55i9lgUGdJdQBiQb99wypE8Sb8M1W+wWEgvmYt2OB5vH3NxB
CU1wppL2miWOtpHTiO+JklstwLN70LgbyFu+XeG0sAR7k6sRXd3pi9Yca+ZSKn24
FYMBsmETWKcwUtqjdpL6j1qRvQJenrzMHQRA6PdyfsR5X8B/7t141K3Rbcd5UaI/
1LUW9QLiU5fDzl0oq5+F9bMPva2YoEuBA6b2NQj2N2xbBlZGQjPkSFNu1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNzEN2Bgl0Yd6/9AQqkwRvTN3Hh9MB8GA1UdIwQY
MBaAFAmPe6NLxlZ702FtV09yhd11Vtv9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMt
ZTIxNjZhZDc0ZTNmLzEvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMtZTIxNjZhZDc0ZTNm
LzEvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH5SRe4h2
Zi/1H4fZnhWQR7SWP24dx90zQYMeWztWEY354Lxib0GINh9+xi7gEeNKbcljTATm
lDdThS6L35KLmXXzKYjMgNVh/A80VxI2U6PoAIPtf9OJdEpmn3nVUNhD2W5+U4RT
fUOOBZAWLzKQWudFsuIPZYWhXxjvJ/itHVLQRrrs+PVdaKzLYdUgii9t19mptXol
9uWMacGmA9DVjFkGuVGM14V87uTwxfdOlEJCJiyxiJe3E4tJVfvftB2alkVbih3e
tTPAEjYBuBYPwXLR9G+wUewHI+Ovhvlhk9LMo2KeKCKfczJ4h2wzI4kO/la9pOZ7
EeAkkR0DBqarFA==
-----END CERTIFICATE-----
Generated at Wed Jan 28 21:26:44 2026 by rpki-client