This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Manifest

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
File:                     F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft (raw, json)
Hash identifier:          HKFP99/8RbOSq7e/r5H/n57Ud0etff9f5whlmQnUcuk=
Subject key identifier:   25:F7:B8:AD:4D:7C:56:2A:57:17:AA:20:20:1F:A3:61:34:6B:30:36
Authority key identifier: F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
Certificate issuer:       /CN=f1d0572fe72991bd32854bac716676ebdad22ace
Certificate serial:       6B5573B6E4FA3C079B09124C60EE134111DC1E31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
Manifest number:          02BC
Signing time:             Sun 14 Dec 2025 12:14:46 +0000
Manifest this update:     Sun 14 Dec 2025 12:09:46 +0000
Manifest next update:     Mon 15 Dec 2025 13:12:46 +0000
Files and hashes:         1: F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl (hash: WGOfNWf2HENzKXsJBkjkjsnYeZEH5Ahvx5y8fx3Y6EE=)
                          2: 326131333a393634343a343030303a3a2f34302d3438203d3e203133333335.roa (hash: 3m2Z/mjozERlCSY+vSBpPSC7mc1wNvFz/UzxCrw2jy0=)
                          3: 326131333a393634303a3a2f34342d3434203d3e203532313132.roa (hash: DOR1Pt3ct68s+ey18ZghPrs5rAUoZlIbwxjvP68BE+k=)
                          4: 326131333a393634343a333030303a3a2f34302d3438203d3e20323131343331.roa (hash: e3gM8xBShVESXc8MaKIMDq1iDa8wjJWbHPjdOfhPuFQ=)
                          5: 326131333a393634343a31303a3a2f34362d3438203d3e203438313934.roa (hash: WOAaZY65k+/GoeKbXXymPrZVu7CfbDlQvCXqyS0ZjLA=)
                          6: 326131333a393634343a343030303a3a2f34302d3438203d3e20323034323931.roa (hash: OXH7kpuguUKmKnwoouN0IGAOMj3E/W/ffH2kJO7vbOY=)
                          7: 39312e3230372e31332e302f32342d3234203d3e203532313132.roa (hash: +JU+ydXmMjIBHlt1kVXfkJBGqdmH1ATfk8PRfe8t4Rc=)
                          8: 5EB2E5DAD0C6996D0A80A7B90F3A2AA60FB1A7AC.cer (hash: Nz2k0o2IS41o55idTp4HvK3uNxIMYgMNKvrr57G+kIE=)
                          9: 326131333a393634313a3a2f34382d3438203d3e203532313132.roa (hash: 5o2ZOradY5DoOPidcJ775vbaNLbxYZsPfZS6MPweSnY=)
                          10: 8BAD307CD4DF11014E40EDDFFFD60F9A09E6E95C.cer (hash: nYcdq/fifitjvFyPoNBEJvUP1WGfqAJvzv/Dj2Iivv0=)
                          11: 326131333a393634343a323232303a3a2f34342d3438203d3e20323134393932.roa (hash: 894RTKAEh4ciZZOdefpuTBSaNDM2TQpQSdGle6pgy08=)
                          12: 326131333a393634343a34303a3a2f34342d3438203d3e20323136333336.roa (hash: lNHaIlVxi/lYCx53I3+MfwePjUfRoiP0WtejKnMjprU=)
                          13: 326131333a393634343a34303a3a2f34342d3438203d3e20323131343331.roa (hash: UQpEpactphMaN3i4tpyR5s9Tmz685dUuNs8hSuG0cJQ=)
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 15 Dec 2025 05:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:55:73:b6:e4:fa:3c:07:9b:09:12:4c:60:ee:13:41:11:dc:1e:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f1d0572fe72991bd32854bac716676ebdad22ace
        Validity
            Not Before: Dec 14 12:09:46 2025 GMT
            Not After : Dec 15 13:12:46 2025 GMT
        Subject: CN=25F7B8AD4D7C562A5717AA20201FA361346B3036
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:b3:32:36:f4:a7:9f:88:03:8b:4c:b5:e6:db:
                    3b:e4:24:82:3c:87:1e:ff:7e:9b:76:ba:6b:b7:0c:
                    76:18:34:ea:51:54:52:0d:9b:78:cb:73:7e:c3:04:
                    01:cc:26:86:eb:f7:06:68:07:8d:4d:44:e7:f9:dc:
                    94:6f:a5:48:b1:3d:d8:18:01:1e:22:5e:54:58:8f:
                    fb:29:ac:6c:5f:d1:7f:29:b1:ad:5e:14:79:7e:c4:
                    2a:64:2e:9f:89:73:83:9a:da:8c:13:68:0a:27:41:
                    de:d1:f6:d7:c5:76:3e:46:ab:9a:47:b4:4a:e7:f4:
                    56:66:d6:43:cb:ca:7b:94:af:7c:cc:0d:52:db:45:
                    5e:63:56:d0:9c:27:d9:64:56:3a:b5:01:d2:f4:af:
                    4b:0f:6c:db:8c:dd:23:2d:cd:f7:9e:ff:37:16:f7:
                    1d:7a:81:39:74:40:9a:f8:ed:0e:b2:67:7e:8c:b3:
                    54:77:21:b1:3d:95:d8:b3:a8:61:e8:e8:6d:f0:0a:
                    37:1a:75:f5:15:3a:12:61:fa:d1:88:de:4a:69:0b:
                    10:90:5f:1c:8a:dc:00:3b:60:4d:f5:cd:03:a6:0f:
                    92:e8:44:2d:26:29:2a:1a:eb:22:75:9a:a4:d6:32:
                    34:78:26:cf:15:76:79:8c:7d:5e:78:42:bd:ac:7d:
                    a9:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:F7:B8:AD:4D:7C:56:2A:57:17:AA:20:20:1F:A3:61:34:6B:30:36
            X509v3 Authority Key Identifier:
                keyid:F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:b0:a6:55:83:44:36:c6:4f:db:73:dd:03:87:c1:9e:28:f3:
         34:56:fa:92:d2:0a:16:4a:91:9f:a6:a9:3c:46:2f:33:cf:8d:
         75:07:00:42:15:f1:1e:c0:b0:43:dd:4b:c8:be:a9:69:93:47:
         46:be:3b:4b:5d:13:84:bc:14:8a:41:df:5e:2b:ed:55:bf:05:
         83:7f:b4:53:fd:38:19:92:80:d2:78:c9:5e:4b:b7:c5:4a:20:
         c1:97:a9:85:d5:3c:f3:71:f1:af:fa:53:ad:5b:3a:fd:ad:72:
         a5:02:07:d5:37:e0:c2:90:d4:5c:45:12:a5:cd:bb:aa:f8:80:
         bf:e8:f1:f0:4d:78:8a:cd:c5:fe:3b:af:2f:14:e2:a6:bf:a6:
         02:d3:99:cb:93:12:35:57:b1:92:15:8e:8f:8d:fe:1a:80:47:
         a6:c8:17:5b:fa:34:e0:6f:ec:ae:ab:35:bd:62:58:77:28:5e:
         a4:6d:2b:51:95:52:6b:6a:7b:83:7e:c0:bb:d2:97:13:d6:eb:
         6f:fc:95:cc:6d:ed:f0:a7:6c:54:1c:f4:bd:85:30:bb:6b:cf:
         18:fc:05:f9:20:ee:6b:32:be:82:ce:7e:17:c9:b3:bc:c0:0f:
         4a:60:ea:4a:de:02:41:f9:31:ab:80:a9:ed:00:4d:8e:a6:ff:
         0e:58:e2:08
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUa1VztuT6PAebCRJMYO4TQRHcHjEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjFkMDU3MmZlNzI5OTFiZDMyODU0YmFjNzE2Njc2ZWJk
YWQyMmFjZTAeFw0yNTEyMTQxMjA5NDZaFw0yNTEyMTUxMzEyNDZaMDMxMTAvBgNV
BAMTKDI1RjdCOEFENEQ3QzU2MkE1NzE3QUEyMDIwMUZBMzYxMzQ2QjMwMzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzszI29KefiAOLTLXm2zvkJII8
hx7/fpt2umu3DHYYNOpRVFINm3jLc37DBAHMJobr9wZoB41NROf53JRvpUixPdgY
AR4iXlRYj/sprGxf0X8psa1eFHl+xCpkLp+Jc4Oa2owTaAonQd7R9tfFdj5Gq5pH
tErn9FZm1kPLynuUr3zMDVLbRV5jVtCcJ9lkVjq1AdL0r0sPbNuM3SMtzfee/zcW
9x16gTl0QJr47Q6yZ36Ms1R3IbE9ldizqGHo6G3wCjcadfUVOhJh+tGI3kppCxCQ
XxyK3AA7YE31zQOmD5LoRC0mKSoa6yJ1mqTWMjR4Js8VdnmMfV54Qr2sfanZAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUJfe4rU18VipXF6ogIB+jYTRrMDYwHwYDVR0j
BBgwFoAU8dBXL+cpkb0yhUuscWZ269rSKs4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTMwZGU4NGItNDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1
YjQ5LzAvRjFEMDU3MkZFNzI5OTFCRDMyODU0QkFDNzE2Njc2RUJEQUQyMkFDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhkQlhMLWNwa2IweWhVdXNjV1oyNjly
U0tzNC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9lMzBkZTg0Yi00
MDBhLTRmZDEtYWI4YS1lNzYxNmUyNDViNDkvMC9GMUQwNTcyRkU3Mjk5MUJEMzI4
NTRCQUM3MTY2NzZFQkRBRDIyQUNFLm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaLCmVYNENsZP23PdA4fB
nijzNFb6ktIKFkqRn6apPEYvM8+NdQcAQhXxHsCwQ91LyL6paZNHRr47S10ThLwU
ikHfXivtVb8Fg3+0U/04GZKA0njJXku3xUogwZephdU883Hxr/pTrVs6/a1ypQIH
1TfgwpDUXEUSpc27qviAv+jx8E14is3F/juvLxTipr+mAtOZy5MSNVexkhWOj43+
GoBHpsgXW/o04G/srqs1vWJYdyhepG0rUZVSa2p7g37Au9KXE9brb/yVzG3t8Kds
VBz0vYUwu2vPGPwF+SDuazK+gs5+F8mzvMAPSmDqSt4CQfkxq4Cp7QBNjqb/Dlji
CA==
-----END CERTIFICATE-----