This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Manifest

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d697160c-acc5-4b51-bf55-10c7a6e66980/3/D642975F535F45FD9F6D8FEA626BC6D24BC9D8D8.mft
File:                     D642975F535F45FD9F6D8FEA626BC6D24BC9D8D8.mft (raw, json)
Hash identifier:          r+YOheSYCljxHU+NtH9yvfMpBdRvI8FAJxv9eZjrA8E=
Subject key identifier:   B2:5C:2B:C7:16:7E:C9:38:B4:18:1F:67:33:A6:32:6E:02:BD:6E:0D
Authority key identifier: D6:42:97:5F:53:5F:45:FD:9F:6D:8F:EA:62:6B:C6:D2:4B:C9:D8:D8
Certificate issuer:       /CN=d642975f535f45fd9f6d8fea626bc6d24bc9d8d8
Certificate serial:       20D4748BF7A7B32DFDC253582CC153AC62AC3FFF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1kKXX1NfRf2fbY_qYmvG0kvJ2Ng.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/d697160c-acc5-4b51-bf55-10c7a6e66980/3/D642975F535F45FD9F6D8FEA626BC6D24BC9D8D8.mft
Manifest number:          042E
Signing time:             Thu 18 Dec 2025 16:55:12 +0000
Manifest this update:     Thu 18 Dec 2025 16:50:12 +0000
Manifest next update:     Fri 19 Dec 2025 18:07:12 +0000
Files and hashes:         1: 323030313a3637633a326265383a3a2f34382d3438203d3e20323035333239.roa (hash: 3ZFhB/5ygf5t4lpptEoHt4tGKQVifxYsEJPws7ZipKw=)
                          2: AS202881.asa (hash: XHj3wS//oUB0bBxH4kvJ0ulJ7YLDJlbJqdRBWQiQMqk=)
                          3: D642975F535F45FD9F6D8FEA626BC6D24BC9D8D8.crl (hash: 8q7xcFsttdoiJEwWYjkBlgJjpmlyPGV1A0bqXdP47As=)
                          4: 323030313a3637633a326265383a3a2f34382d3438203d3e20323032383831.roa (hash: SVc+06+kSTZLFSZYHt+18ILRTqVegdlc2kojDgxmDjY=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:d4:74:8b:f7:a7:b3:2d:fd:c2:53:58:2c:c1:53:ac:62:ac:3f:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d642975f535f45fd9f6d8fea626bc6d24bc9d8d8
        Validity
            Not Before: Dec 18 16:50:12 2025 GMT
            Not After : Dec 19 18:07:12 2025 GMT
        Subject: CN=B25C2BC7167EC938B4181F6733A6326E02BD6E0D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:ec:b9:12:88:a4:6b:54:b4:ac:29:08:b1:48:
                    d8:ba:1f:c6:82:45:17:03:96:9f:ea:60:f0:9e:7c:
                    5e:b8:ca:58:64:46:e2:4d:31:69:0f:7e:f1:cb:dc:
                    cc:a0:f2:02:fe:8e:e3:b6:9e:19:20:b6:aa:55:d4:
                    37:13:d8:f1:fa:50:f3:a3:55:7d:0e:39:f0:62:29:
                    0c:e1:c5:06:3c:7f:53:98:15:d4:c3:7d:be:55:5f:
                    8d:12:7f:dd:48:c4:fa:9c:48:0d:fe:e2:52:b3:5e:
                    fb:2d:47:d5:20:a9:2a:2d:9d:24:3c:e8:7f:e5:99:
                    ed:47:b8:40:c4:de:8d:3d:62:6b:84:4c:c3:df:93:
                    db:b2:98:30:9b:07:75:54:5a:f8:c9:20:fd:b4:35:
                    12:5a:a4:9c:c6:16:8b:a1:6c:7d:b0:ca:64:91:c7:
                    ee:6f:da:e7:10:8d:d6:d8:e2:ec:bb:6c:1a:8d:8c:
                    11:4a:cf:12:8d:ed:c8:31:43:d6:f6:dd:e4:8b:00:
                    ed:84:98:f7:da:ee:94:fb:95:f8:3c:1d:39:d3:09:
                    b1:dd:87:67:d8:65:99:1a:cd:ac:01:67:18:9c:0a:
                    c6:19:1c:d7:1b:66:a4:2b:94:bb:45:8a:80:57:83:
                    57:0c:37:65:7a:7f:56:cc:67:85:c3:c4:cd:11:9f:
                    b1:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:5C:2B:C7:16:7E:C9:38:B4:18:1F:67:33:A6:32:6E:02:BD:6E:0D
            X509v3 Authority Key Identifier:
                keyid:D6:42:97:5F:53:5F:45:FD:9F:6D:8F:EA:62:6B:C6:D2:4B:C9:D8:D8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/d697160c-acc5-4b51-bf55-10c7a6e66980/3/D642975F535F45FD9F6D8FEA626BC6D24BC9D8D8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1kKXX1NfRf2fbY_qYmvG0kvJ2Ng.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d697160c-acc5-4b51-bf55-10c7a6e66980/3/D642975F535F45FD9F6D8FEA626BC6D24BC9D8D8.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:a9:2d:8f:6b:12:4e:fc:1f:fb:8b:4f:41:c4:97:be:b7:cd:
         c0:3f:de:d5:25:de:6e:ee:59:86:4a:33:f6:d2:4e:05:83:40:
         0b:db:c0:d2:eb:5d:48:d2:6f:71:3d:89:21:07:00:e7:3c:31:
         da:8b:7e:90:45:55:4c:9d:69:ba:42:10:53:cc:f7:6e:f8:0e:
         84:8b:26:c0:20:d6:a6:ca:a0:48:ec:f9:84:f5:eb:a0:d3:26:
         00:0a:8a:2e:26:85:b8:45:5e:3f:d1:55:1b:8e:e8:76:c2:28:
         30:01:25:ac:74:53:93:42:cc:ab:ed:23:6c:d2:d9:b7:0c:3f:
         70:0c:32:38:0f:7e:8c:dc:e3:eb:ee:72:db:8e:0b:ad:04:7e:
         82:dc:eb:d7:33:e3:64:e4:48:d6:c8:93:30:8d:03:fb:57:9d:
         83:18:54:2b:56:d6:56:77:12:6e:e3:40:b4:f8:5b:89:44:e6:
         d2:09:f7:7f:2b:ad:0e:6b:5b:7c:eb:be:87:dc:3f:b0:dc:da:
         af:16:42:d9:d2:ab:a5:07:99:7c:f9:c1:5d:4b:d6:45:57:5b:
         6f:e9:ba:8a:13:72:c3:c9:58:23:f9:86:7f:8e:49:88:f4:6c:
         cb:12:d0:fc:61:6e:4f:a4:e7:07:82:66:52:ed:e6:e7:e4:41:
         2f:a5:1e:92
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUINR0i/ensy39wlNYLMFTrGKsP/8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDY0Mjk3NWY1MzVmNDVmZDlmNmQ4ZmVhNjI2YmM2ZDI0
YmM5ZDhkODAeFw0yNTEyMTgxNjUwMTJaFw0yNTEyMTkxODA3MTJaMDMxMTAvBgNV
BAMTKEIyNUMyQkM3MTY3RUM5MzhCNDE4MUY2NzMzQTYzMjZFMDJCRDZFMEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD7LkSiKRrVLSsKQixSNi6H8aC
RRcDlp/qYPCefF64ylhkRuJNMWkPfvHL3Myg8gL+juO2nhkgtqpV1DcT2PH6UPOj
VX0OOfBiKQzhxQY8f1OYFdTDfb5VX40Sf91IxPqcSA3+4lKzXvstR9UgqSotnSQ8
6H/lme1HuEDE3o09YmuETMPfk9uymDCbB3VUWvjJIP20NRJapJzGFouhbH2wymSR
x+5v2ucQjdbY4uy7bBqNjBFKzxKN7cgxQ9b23eSLAO2EmPfa7pT7lfg8HTnTCbHd
h2fYZZkazawBZxicCsYZHNcbZqQrlLtFioBXg1cMN2V6f1bMZ4XDxM0Rn7EdAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUslwrxxZ+yTi0GB9nM6YybgK9bg0wHwYDVR0j
BBgwFoAU1kKXX1NfRf2fbY/qYmvG0kvJ2NgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDY5NzE2MGMtYWNjNS00YjUxLWJmNTUtMTBjN2E2ZTY2
OTgwLzMvRDY0Mjk3NUY1MzVGNDVGRDlGNkQ4RkVBNjI2QkM2RDI0QkM5RDhEOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFrS1hYMU5mUmYyZmJZX3FZbXZHMGt2
SjJOZy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9kNjk3MTYwYy1h
Y2M1LTRiNTEtYmY1NS0xMGM3YTZlNjY5ODAvMy9ENjQyOTc1RjUzNUY0NUZEOUY2
RDhGRUE2MjZCQzZEMjRCQzlEOEQ4Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMaktj2sSTvwf+4tPQcSX
vrfNwD/e1SXebu5Zhkoz9tJOBYNAC9vA0utdSNJvcT2JIQcA5zwx2ot+kEVVTJ1p
ukIQU8z3bvgOhIsmwCDWpsqgSOz5hPXroNMmAAqKLiaFuEVeP9FVG47odsIoMAEl
rHRTk0LMq+0jbNLZtww/cAwyOA9+jNzj6+5y244LrQR+gtzr1zPjZORI1siTMI0D
+1edgxhUK1bWVncSbuNAtPhbiUTm0gn3fyutDmtbfOu+h9w/sNzarxZC2dKrpQeZ
fPnBXUvWRVdbb+m6ihNyw8lYI/mGf45JiPRsyxLQ/GFuT6TnB4JmUu3m5+RBL6Ue
kg==
-----END CERTIFICATE-----