This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
File:                     CY97o0vGVnvTYW1XT3KF3XVW2_0.mft (raw, json)
Hash identifier:          l9B8QyJxkjQRmVMZZKlmZMwSHjDy5/7euPl2WGhHPsQ=
Subject key identifier:   21:C8:D0:26:71:18:61:FC:9C:27:A1:C4:21:C6:88:29:BF:73:50:12
Authority key identifier: 09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD
Certificate issuer:       /CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
Certificate serial:       019AD390C18F06F4E9A976672B706DE1B70E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
Manifest number:          0B6C
Signing time:             Sun 30 Nov 2025 07:01:10 +0000
Manifest this update:     Sun 30 Nov 2025 07:01:10 +0000
Manifest next update:     Mon 01 Dec 2025 07:01:10 +0000
Files and hashes:         1: BVbo9uh3-UvDvwSZi6BfXSBGPHU.roa (hash: Z8qyhH6viB+EEzaDtRv3WrjvxrAR7rKFv4csNYovB+g=)
                          2: CY97o0vGVnvTYW1XT3KF3XVW2_0.crl (hash: KatD1wGfjOU86Gx/Dyy75iu54Bg1G5XZkeXDEEYtrQk=)
                          3: DN7cb2WxNWOTpycH6YaG66edbbs.roa (hash: xHRCbbCrWIHuruRPkilEuXWa24rKkDGqIeFboryKMwQ=)
                          4: Fiaoyzt87itbMDPQcRW3KUFZRqE.roa (hash: msw75zbRd9jVXLoPptdxNvS4cyBll5nFN6qdq2TWWOE=)
                          5: HHx5PgT40c8odAvxk1P-fxWePlA.roa (hash: zPsSrq/ptkyDcwkMCUxFQsAp1K70phIRO2z3d5q6bK8=)
                          6: OEhLMwhGsj88kZ4FqVMVTfpqz-8.roa (hash: /KQ43a3fdsH0+xJZbYiIUJZNQ9G0ar1u4ierKXmEsMM=)
                          7: m87-CXNBm5VwmmEvQBAI-p_8l98.roa (hash: vGGq9E7IPOkRddkapcYuXImJsPgw9f+HEWKjnAHtMCI=)
                          8: nMhyX7boXa--DjLfLdE1CijBszU.roa (hash: s95e1FJb6EuRsUkazwo7HJhOqZW3W1mabgyeLhjUIIo=)
                          9: o0CQ-6MywHICo_xO6JVYrovLnaI.roa (hash: z9rRzR4IXOVwVGTGGEfUd7SIN6ihlxFiSh4at67AG5g=)
                          10: wWtKIfnyuy5Pwsg7v1x01k_AkAs.roa (hash: 9+2f6OaYEE6gwGcro5Uy8iHzJQ0Asb4j3ndklknXQsA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 01 Dec 2025 07:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:d3:90:c1:8f:06:f4:e9:a9:76:67:2b:70:6d:e1:b7:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
        Validity
            Not Before: Nov 30 07:01:10 2025 GMT
            Not After : Dec  1 07:01:10 2025 GMT
        Subject: CN=21c8d026711861fc9c27a1c421c68829bf735012
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:65:6b:33:ed:9c:dc:48:c1:da:35:77:be:62:
                    1b:f7:7a:cb:b6:37:c1:8f:c3:0a:76:6f:21:20:08:
                    4c:54:a7:ad:8d:45:74:20:67:27:6d:6c:87:ca:68:
                    5c:95:ed:86:80:bd:d6:f6:c1:a2:cf:51:2c:2a:a8:
                    6d:6d:e3:92:85:04:20:47:7d:5f:55:23:d9:d5:a5:
                    b7:d3:7d:cc:77:ab:d4:0d:55:6d:82:74:4f:b3:3b:
                    ff:01:5b:85:2b:ac:0c:24:97:48:8f:46:7c:40:cb:
                    9c:48:77:52:be:c2:d1:b9:4d:df:d6:3e:f0:46:a5:
                    cf:87:ab:d6:86:7b:3d:9c:f2:5e:bb:a3:ec:cd:95:
                    d9:f7:b9:aa:60:1e:e8:2d:57:be:48:4a:7d:87:ae:
                    ea:8b:a9:ad:f5:f5:22:b8:ca:34:f8:a2:2e:83:95:
                    05:35:e5:f6:cf:9a:2a:3e:1e:5b:97:38:7d:46:2b:
                    70:a4:da:a3:31:bc:e9:cf:2a:3e:d1:ff:5f:1c:6e:
                    7e:04:2d:f6:f2:0f:17:fc:9d:a4:88:7d:2c:cf:17:
                    b8:a9:ca:76:62:a7:68:61:87:13:d3:bb:28:d5:3a:
                    8a:4f:1b:c7:aa:ec:44:54:8c:6d:28:8e:75:05:ca:
                    04:88:61:e9:d6:f0:3b:ee:4b:36:4f:68:6b:a4:a6:
                    c7:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:C8:D0:26:71:18:61:FC:9C:27:A1:C4:21:C6:88:29:BF:73:50:12
            X509v3 Authority Key Identifier:
                keyid:09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:5b:1f:b0:d4:2c:33:ea:22:10:b9:58:af:9f:c1:87:b6:c0:
         fd:67:54:b1:71:f0:4b:1c:8f:31:9b:13:d8:b0:6b:cd:d9:f9:
         a5:e3:2d:d3:3c:b7:cb:f2:a4:24:02:9c:f0:ae:09:d6:4f:48:
         9c:bc:18:44:d2:de:f2:cb:5a:e7:4d:f8:2b:b6:58:78:25:b4:
         15:e5:2c:cc:f4:21:de:4b:01:93:e3:28:aa:ba:d0:2b:cf:c5:
         ea:9e:1d:47:3c:71:58:db:2e:15:11:5c:0f:8f:90:9c:4b:ba:
         e4:74:f4:24:df:ee:45:69:0b:42:77:37:7a:1a:e4:16:89:11:
         d7:0f:ed:c9:c3:17:5d:d6:21:c0:91:1c:f8:c9:c6:ad:a9:f5:
         12:f3:93:42:ae:62:a0:d9:50:07:db:1d:4d:5e:a1:fd:3b:0b:
         9b:d4:42:35:cc:e3:84:4c:d7:f6:2e:1a:b6:f0:d7:b6:34:21:
         10:b8:f3:ed:e1:43:62:0d:73:fe:df:84:b1:c0:af:af:93:07:
         da:73:e8:68:15:b8:c2:54:c8:64:26:9c:4a:06:37:98:bd:d7:
         91:b3:41:58:f0:01:2e:b5:60:23:df:d9:e8:74:25:c8:c7:d6:
         2b:29:1e:b6:b4:52:a6:51:03:10:42:4f:6a:23:e6:0f:56:88:
         e3:20:d8:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZrTkMGPBvTpqXZnK3Bt4bcOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OGY3YmEzNGJjNjU2N2JkMzYxNmQ1NzRmNzI4NWRkNzU1
NmRiZmQwHhcNMjUxMTMwMDcwMTEwWhcNMjUxMjAxMDcwMTEwWjAzMTEwLwYDVQQD
EygyMWM4ZDAyNjcxMTg2MWZjOWMyN2ExYzQyMWM2ODgyOWJmNzM1MDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5WVrM+2c3EjB2jV3vmIb93rLtjfB
j8MKdm8hIAhMVKetjUV0IGcnbWyHymhcle2GgL3W9sGiz1EsKqhtbeOShQQgR31f
VSPZ1aW3033Md6vUDVVtgnRPszv/AVuFK6wMJJdIj0Z8QMucSHdSvsLRuU3f1j7w
RqXPh6vWhns9nPJeu6PszZXZ97mqYB7oLVe+SEp9h67qi6mt9fUiuMo0+KIug5UF
NeX2z5oqPh5blzh9RitwpNqjMbzpzyo+0f9fHG5+BC328g8X/J2kiH0szxe4qcp2
YqdoYYcT07so1TqKTxvHquxEVIxtKI51BcoEiGHp1vA77ks2T2hrpKbHgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCHI0CZxGGH8nCehxCHGiCm/c1ASMB8GA1UdIwQY
MBaAFAmPe6NLxlZ702FtV09yhd11Vtv9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMt
ZTIxNjZhZDc0ZTNmLzEvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMtZTIxNjZhZDc0ZTNm
LzEvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYlsfsNQs
M+oiELlYr5/Bh7bA/WdUsXHwSxyPMZsT2LBrzdn5peMt0zy3y/KkJAKc8K4J1k9I
nLwYRNLe8sta5034K7ZYeCW0FeUszPQh3ksBk+MoqrrQK8/F6p4dRzxxWNsuFRFc
D4+QnEu65HT0JN/uRWkLQnc3ehrkFokR1w/tycMXXdYhwJEc+MnGran1EvOTQq5i
oNlQB9sdTV6h/TsLm9RCNczjhEzX9i4atvDXtjQhELjz7eFDYg1z/t+EscCvr5MH
2nPoaBW4wlTIZCacSgY3mL3XkbNBWPABLrVgI9/Z6HQlyMfWKyketrRSplEDEEJP
aiPmD1aI4yDYQA==
-----END CERTIFICATE-----
Generated at Sun Nov 30 14:52:56 2025 by rpki-client