This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Manifest

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
File:                     F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft (raw, json)
Hash identifier:          nM14BbXFnr2o77IeL2xWXV0U0BjmwA4V0ptis4tBf48=
Subject key identifier:   11:B8:40:9B:8F:42:5E:74:62:A2:38:86:3F:1E:B1:CF:35:93:C5:EE
Authority key identifier: F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
Certificate issuer:       /CN=f1d0572fe72991bd32854bac716676ebdad22ace
Certificate serial:       7894DEEB346E31FE0FF1C2647B9DC7AF0856C445
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
Manifest number:          02FE
Signing time:             Wed 28 Jan 2026 15:23:06 +0000
Manifest this update:     Wed 28 Jan 2026 15:18:06 +0000
Manifest next update:     Thu 29 Jan 2026 19:09:06 +0000
Files and hashes:         1: 326131333a393634343a34303a3a2f34342d3438203d3e20323131343331.roa (hash: UQpEpactphMaN3i4tpyR5s9Tmz685dUuNs8hSuG0cJQ=)
                          2: 326131333a393634343a343030303a3a2f34302d3438203d3e203133333335.roa (hash: 3m2Z/mjozERlCSY+vSBpPSC7mc1wNvFz/UzxCrw2jy0=)
                          3: 39312e3230372e31332e302f32342d3234203d3e203532313132.roa (hash: YRttKbBVKmVFJCLqXVNyqXBZwi5ZooomBxSDP4Gl2m4=)
                          4: 326131333a393634343a34303a3a2f34342d3438203d3e20323136333336.roa (hash: lNHaIlVxi/lYCx53I3+MfwePjUfRoiP0WtejKnMjprU=)
                          5: 326131333a393634303a3a2f34342d3434203d3e203532313132.roa (hash: DOR1Pt3ct68s+ey18ZghPrs5rAUoZlIbwxjvP68BE+k=)
                          6: 326131333a393634343a343030303a3a2f34302d3438203d3e20323034323931.roa (hash: OXH7kpuguUKmKnwoouN0IGAOMj3E/W/ffH2kJO7vbOY=)
                          7: 326131333a393634343a31303a3a2f34362d3438203d3e203438313934.roa (hash: WOAaZY65k+/GoeKbXXymPrZVu7CfbDlQvCXqyS0ZjLA=)
                          8: 8BAD307CD4DF11014E40EDDFFFD60F9A09E6E95C.cer (hash: nYcdq/fifitjvFyPoNBEJvUP1WGfqAJvzv/Dj2Iivv0=)
                          9: F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl (hash: PnH87np3X3PJ1yTjDj2OyYszZ5Nz8+Gu89bhWsWranA=)
                          10: 326131333a393634343a333030303a3a2f34302d3438203d3e20323131343331.roa (hash: e3gM8xBShVESXc8MaKIMDq1iDa8wjJWbHPjdOfhPuFQ=)
                          11: 326131333a393634343a323232303a3a2f34342d3438203d3e20323134393932.roa (hash: 894RTKAEh4ciZZOdefpuTBSaNDM2TQpQSdGle6pgy08=)
                          12: 5EB2E5DAD0C6996D0A80A7B90F3A2AA60FB1A7AC.cer (hash: DDBKGLOay0ETlRkkd+ZGuz8/q4wtGaLppxLYYnPMDTM=)
                          13: 326131333a393634313a3a2f34382d3438203d3e203532313132.roa (hash: 5o2ZOradY5DoOPidcJ775vbaNLbxYZsPfZS6MPweSnY=)
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 29 Jan 2026 19:09:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:94:de:eb:34:6e:31:fe:0f:f1:c2:64:7b:9d:c7:af:08:56:c4:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f1d0572fe72991bd32854bac716676ebdad22ace
        Validity
            Not Before: Jan 28 15:18:06 2026 GMT
            Not After : Jan 29 19:09:06 2026 GMT
        Subject: CN=11B8409B8F425E7462A238863F1EB1CF3593C5EE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:b7:e8:34:32:a2:1e:27:2e:64:7a:03:50:fb:
                    e6:28:db:96:f2:6e:b8:8e:f6:1c:e0:5e:f9:4f:a1:
                    37:80:80:d7:93:f6:25:0f:d2:bc:82:2f:6e:ae:ec:
                    5c:18:2d:25:ae:75:af:d5:e9:a5:67:ac:e8:97:bb:
                    5f:3b:29:e2:dd:13:62:ca:38:af:78:ae:35:23:af:
                    9c:7e:4f:4a:b2:86:85:27:c8:ff:54:73:24:e6:58:
                    f1:73:42:9d:a8:ec:a7:75:04:4a:6b:75:50:7d:32:
                    a3:bb:4c:13:ac:af:ef:75:0f:7d:bf:5a:04:f0:9f:
                    38:43:4b:5c:4f:af:99:70:30:e3:6f:71:73:31:dd:
                    6c:48:cf:72:20:cd:4b:1b:b2:1a:40:d8:ed:df:3b:
                    8a:0d:27:57:2d:8c:4a:e6:7a:d8:d0:aa:ad:5f:60:
                    8b:92:42:2c:03:ae:a2:64:5f:30:11:30:16:7a:98:
                    b1:aa:0e:60:8c:46:7f:28:65:73:d6:08:c7:7f:7c:
                    59:33:73:b4:96:e0:06:ab:55:57:e3:55:48:77:aa:
                    aa:a5:17:2c:0c:4c:aa:9b:17:d2:c1:90:83:d6:d5:
                    3e:47:5f:5a:a2:d8:8e:46:c5:05:4a:6b:f6:a7:7a:
                    66:29:33:a2:04:31:f1:ee:cf:22:67:53:23:4e:d9:
                    d9:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:B8:40:9B:8F:42:5E:74:62:A2:38:86:3F:1E:B1:CF:35:93:C5:EE
            X509v3 Authority Key Identifier:
                keyid:F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:12:65:8a:93:19:90:68:96:7d:29:d4:b0:77:5c:f9:02:0f:
         83:d6:4a:8e:c4:5f:3c:02:d9:4c:c8:10:11:0e:2c:ef:53:95:
         1f:31:7f:6a:c4:c5:b8:65:1d:49:75:a7:91:c3:43:8e:27:ba:
         a5:ab:57:3b:7a:4e:33:5f:fb:0d:4c:30:34:db:13:ca:0e:59:
         c8:bc:ca:ff:43:91:27:7d:8a:4c:06:8e:75:7c:1c:dd:fd:0e:
         43:09:0a:50:63:7f:9f:9d:ec:6b:9b:11:de:c7:01:94:2e:7f:
         bb:9f:74:4d:bc:f1:68:8e:84:e4:57:c9:b6:ff:82:55:b8:0d:
         85:5d:9d:76:10:9e:f4:7c:58:6f:54:c6:66:cd:45:57:89:47:
         17:85:39:b8:7f:3c:43:ec:23:c6:17:61:6d:e9:e4:4d:b6:17:
         49:bd:1d:05:b0:b2:53:05:78:f2:9f:c2:d7:f0:13:5b:9e:20:
         e6:fc:bf:9e:ac:15:cc:78:68:00:18:61:73:dd:fc:e5:72:f2:
         ed:fa:de:99:63:b8:68:41:ad:3a:03:61:90:92:d5:b4:d5:b5:
         f7:f0:d5:bc:5b:91:59:b0:ff:0e:e0:41:e2:46:50:ab:d5:84:
         5e:ac:80:0f:3a:53:7a:f6:d6:6c:1d:5a:a1:07:97:0e:3e:7d:
         c0:b3:6b:dd
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUeJTe6zRuMf4P8cJke53HrwhWxEUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjFkMDU3MmZlNzI5OTFiZDMyODU0YmFjNzE2Njc2ZWJk
YWQyMmFjZTAeFw0yNjAxMjgxNTE4MDZaFw0yNjAxMjkxOTA5MDZaMDMxMTAvBgNV
BAMTKDExQjg0MDlCOEY0MjVFNzQ2MkEyMzg4NjNGMUVCMUNGMzU5M0M1RUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCot+g0MqIeJy5kegNQ++Yo25by
briO9hzgXvlPoTeAgNeT9iUP0ryCL26u7FwYLSWuda/V6aVnrOiXu187KeLdE2LK
OK94rjUjr5x+T0qyhoUnyP9UcyTmWPFzQp2o7Kd1BEprdVB9MqO7TBOsr+91D32/
WgTwnzhDS1xPr5lwMONvcXMx3WxIz3IgzUsbshpA2O3fO4oNJ1ctjErmetjQqq1f
YIuSQiwDrqJkXzARMBZ6mLGqDmCMRn8oZXPWCMd/fFkzc7SW4AarVVfjVUh3qqql
FywMTKqbF9LBkIPW1T5HX1qi2I5GxQVKa/anemYpM6IEMfHuzyJnUyNO2dknAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUEbhAm49CXnRiojiGPx6xzzWTxe4wHwYDVR0j
BBgwFoAU8dBXL+cpkb0yhUuscWZ269rSKs4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTMwZGU4NGItNDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1
YjQ5LzAvRjFEMDU3MkZFNzI5OTFCRDMyODU0QkFDNzE2Njc2RUJEQUQyMkFDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhkQlhMLWNwa2IweWhVdXNjV1oyNjly
U0tzNC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9lMzBkZTg0Yi00
MDBhLTRmZDEtYWI4YS1lNzYxNmUyNDViNDkvMC9GMUQwNTcyRkU3Mjk5MUJEMzI4
NTRCQUM3MTY2NzZFQkRBRDIyQUNFLm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARhJlipMZkGiWfSnUsHdc
+QIPg9ZKjsRfPALZTMgQEQ4s71OVHzF/asTFuGUdSXWnkcNDjie6patXO3pOM1/7
DUwwNNsTyg5ZyLzK/0ORJ32KTAaOdXwc3f0OQwkKUGN/n53sa5sR3scBlC5/u590
TbzxaI6E5FfJtv+CVbgNhV2ddhCe9HxYb1TGZs1FV4lHF4U5uH88Q+wjxhdhbenk
TbYXSb0dBbCyUwV48p/C1/ATW54g5vy/nqwVzHhoABhhc9385XLy7fremWO4aEGt
OgNhkJLVtNW19/DVvFuRWbD/DuBB4kZQq9WEXqyADzpTevbWbB1aoQeXDj59wLNr
3Q==
-----END CERTIFICATE-----