This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft
File:                     520NqzR6OOK4e1oiovfJ4hwYybw.mft (raw, json)
Hash identifier:          efmI6Jf96cm5KbypY32i5E64GflwBUraustkFZ42AL8=
Subject key identifier:   BC:A0:29:AD:82:55:2D:3F:3A:84:2C:D1:75:AC:51:E1:39:A3:42:53
Authority key identifier: E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC
Certificate issuer:       /CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc
Certificate serial:       019BF2E27479A3698809A7E34775020E10C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft
Manifest number:          12D4
Signing time:             Sun 25 Jan 2026 02:01:25 +0000
Manifest this update:     Sun 25 Jan 2026 02:01:25 +0000
Manifest next update:     Mon 26 Jan 2026 02:01:25 +0000
Files and hashes:         1: 1dfOhFGT4Rz19mHWVabW0kWxTss.roa (hash: Rjg1gNguWYpEwGKvfk1H+hd0eMsqKT2A4N+C2/8Q+uQ=)
                          2: 520NqzR6OOK4e1oiovfJ4hwYybw.crl (hash: 3/AIdN8i6CFHRptB52JPy00k17Y2Me6cb1o7E6PeVMc=)
                          3: 7EPxlfzuNdNfziGNw3Hj7EoZj1Q.roa (hash: fYUfx118C/cw672kHDWSH3DD1Ik9WuMEeaQ/qAV9tYE=)
                          4: 9EzrkfCb3685-QENXXhTIl2uZz4.roa (hash: 4o0MB77YQKRQiZHQrZxR1nkb/HsRFN1Kq0iR4K53WZA=)
                          5: DVIKLwP8b0UVJE_X0Zz4hLCMFmU.roa (hash: 2ROrixfhF0UtgJihhtThPaEztRX+VVHt8WTM1ZfZQ1o=)
                          6: Fn3txwFOnsHfJqp3dmOvAMcvgHc.roa (hash: 0tFPd6mFP89u9IcgrQmVyEuYoDxe9S4zwwRr4qndNks=)
                          7: RqZv9lI-beWajs98dICrEK2DwUM.roa (hash: z0DWSEDfb+oWc/lkT9R9ehjWWb2y0A0CPcHglnAYRf8=)
                          8: Ud0XI3ub85_CL2l55YZW3cXrctA.roa (hash: 2gMJyy7om8/uY1IqvCz0ubvDeUV63nAu6cUom48+3U0=)
                          9: ao5k8aMHz2Rr-UFohnKN0Vsy0ts.roa (hash: qeXz8tDdKItxGK8qtWsvUAbM0Ooz+MmMiDN8cvBIyTQ=)
                          10: bbXWGNkALy-ajnXnVwsq6VcslC8.roa (hash: lOmBCerqz+GglurufDI5e+15DQVwzjxcTvAfkACkLYE=)
                          11: jTMEUhkl6sKPDlW6gGgXZsH4VwQ.roa (hash: bLe2Zk8IquF+7aI/fXPQxZklmLIeFhH3W5DkdYCydQA=)
                          12: r-NoE_XHTABnwPRM9GdFHoEeHJo.roa (hash: qsD5Rt9CKRxXFQG5JSeN7cqv7sQvsG2HbFGsWmdhdi8=)
                          13: rIIpXZCn7E3HgJjpCaYYUR4k6ZI.roa (hash: Vvylnj2QqF4AFfq4GCTBxANmDk4TfXB5W5GNlTLI/Qw=)
                          14: rp3l1DRMo7bxNlcekPEumkx_Cu4.roa (hash: cvH000yVT30CU4NGwC5k2pFAaWGJcYLG4wfqKOyLWIU=)
                          15: s9E0mrs6RE5G3diI6qJ2dNaQlCY.roa (hash: ALHEFczsxrK3P9zm6czuHQOWsz9Vxib3j6fIwRLXdsA=)
                          16: smuPovOHBHHaIAv32qcc0ZyhNkQ.roa (hash: HcQ/8p3eoCWjnnKfMtVzm8focRBIq46dCnVV7vdjMxQ=)
                          17: v94LL-qGGgahldRNvzQc-ZVS3KI.roa (hash: a3YAXYAGQiNiI/eRCe9RKvTaP1hHvgR2d27wk4bq6Cw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 02:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:f2:e2:74:79:a3:69:88:09:a7:e3:47:75:02:0e:10:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc
        Validity
            Not Before: Jan 25 02:01:25 2026 GMT
            Not After : Jan 26 02:01:25 2026 GMT
        Subject: CN=bca029ad82552d3f3a842cd175ac51e139a34253
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:90:8d:1f:b1:7f:a9:d4:fc:96:24:34:25:87:
                    1a:28:21:a0:b3:36:47:57:56:3b:7e:3b:2b:a1:d3:
                    cd:38:1b:13:1a:4b:b8:8e:53:4b:71:0c:fd:1b:1c:
                    05:a3:ef:1d:33:4d:e1:dd:03:f9:a1:19:27:7f:b2:
                    84:e5:f4:77:b3:b7:45:5f:22:b0:a3:d8:b0:62:8e:
                    69:fa:a2:47:65:2e:3f:24:94:b8:1d:fd:43:63:51:
                    16:51:0f:59:4b:0a:8a:27:d4:89:7b:ad:ba:8d:ec:
                    d8:98:f7:c7:cd:62:dd:ee:a8:3c:27:4b:58:2c:77:
                    87:ea:ef:9f:6d:df:af:ba:f2:c5:0a:9d:d9:d8:d3:
                    83:1f:01:86:b7:f3:2c:70:67:7c:3c:06:1f:6f:7e:
                    dd:47:27:7c:c1:fd:12:d6:a8:66:ec:c4:c6:93:73:
                    00:d4:a7:76:80:48:68:7d:17:b4:80:ba:f0:37:52:
                    93:e5:bc:5c:29:e7:85:3e:0e:94:c7:24:5e:64:dc:
                    ca:4a:ea:a6:43:f8:25:bf:a8:38:9e:4f:d7:bc:73:
                    51:19:b8:e2:3a:30:0a:10:d6:a9:67:85:e3:90:09:
                    3d:02:b8:0e:a6:c8:ae:58:35:6e:68:3f:f8:f7:6b:
                    79:9a:bc:2a:dd:6b:66:b9:56:00:06:00:f8:15:71:
                    f9:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:A0:29:AD:82:55:2D:3F:3A:84:2C:D1:75:AC:51:E1:39:A3:42:53
            X509v3 Authority Key Identifier:
                keyid:E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:25:31:a0:1d:64:f8:9c:27:96:9d:b7:f2:c6:6f:7d:1e:67:
         a2:99:30:ee:3d:fd:4d:c9:2a:f6:64:b3:2a:d3:f4:d3:90:36:
         6d:4d:63:d8:f2:cc:26:23:95:b4:74:b9:bb:d6:d5:5d:a2:3f:
         10:c3:4b:27:2e:61:16:15:e8:b9:f6:0f:b4:46:f8:8b:12:50:
         6b:dc:32:0e:21:e7:6f:1a:0b:dd:76:c9:90:c5:d2:30:51:95:
         36:41:55:b1:78:46:c9:7f:a8:f6:ff:2d:66:55:30:d3:4b:6f:
         5d:00:96:e8:97:f8:1a:1b:d2:61:55:50:af:63:e4:27:08:22:
         96:ca:b5:03:f5:e2:81:47:86:13:ad:58:77:a9:58:d3:0a:e6:
         bb:39:1d:f5:a0:ed:84:a0:20:95:22:54:56:b0:27:b5:4c:e6:
         4e:f1:e7:35:cf:fc:06:fb:d1:60:9f:ff:f5:db:1d:0b:38:a5:
         36:ce:f4:45:3f:d7:e7:d9:7d:20:df:95:e3:95:dc:62:c2:0d:
         2a:60:69:e5:c9:f4:e2:e8:5d:07:04:1c:54:a5:50:a9:a7:72:
         71:20:a2:d3:d4:7a:14:d5:9e:7b:77:c9:f6:a2:9b:2d:29:2d:
         fb:86:00:a3:8d:1f:36:a1:a2:25:1d:a5:c2:42:a0:4f:f4:f5:
         a3:44:40:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZvy4nR5o2mICafjR3UCDhDJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NmQwZGFiMzQ3YTM4ZTJiODdiNWEyMmEyZjdjOWUyMWMx
OGM5YmMwHhcNMjYwMTI1MDIwMTI1WhcNMjYwMTI2MDIwMTI1WjAzMTEwLwYDVQQD
EyhiY2EwMjlhZDgyNTUyZDNmM2E4NDJjZDE3NWFjNTFlMTM5YTM0MjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZCNH7F/qdT8liQ0JYcaKCGgszZH
V1Y7fjsrodPNOBsTGku4jlNLcQz9GxwFo+8dM03h3QP5oRknf7KE5fR3s7dFXyKw
o9iwYo5p+qJHZS4/JJS4Hf1DY1EWUQ9ZSwqKJ9SJe626jezYmPfHzWLd7qg8J0tY
LHeH6u+fbd+vuvLFCp3Z2NODHwGGt/MscGd8PAYfb37dRyd8wf0S1qhm7MTGk3MA
1Kd2gEhofRe0gLrwN1KT5bxcKeeFPg6UxyReZNzKSuqmQ/glv6g4nk/XvHNRGbji
OjAKENapZ4XjkAk9ArgOpsiuWDVuaD/492t5mrwq3WtmuVYABgD4FXH58QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLygKa2CVS0/OoQs0XWsUeE5o0JTMB8GA1UdIwQY
MBaAFOdtDas0ejjiuHtaIqL3yeIcGMm8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDkt
YmQzYmZjOTliZGE5LzEvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDktYmQzYmZjOTliZGE5
LzEvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkCUxoB1k
+Jwnlp238sZvfR5nopkw7j39Tckq9mSzKtP005A2bU1j2PLMJiOVtHS5u9bVXaI/
EMNLJy5hFhXoufYPtEb4ixJQa9wyDiHnbxoL3XbJkMXSMFGVNkFVsXhGyX+o9v8t
ZlUw00tvXQCW6Jf4GhvSYVVQr2PkJwgilsq1A/XigUeGE61Yd6lY0wrmuzkd9aDt
hKAglSJUVrAntUzmTvHnNc/8BvvRYJ//9dsdCzilNs70RT/X59l9IN+V45XcYsIN
KmBp5cn04uhdBwQcVKVQqadycSCi09R6FNWee3fJ9qKbLSkt+4YAo40fNqGiJR2l
wkKgT/T1o0RAVA==
-----END CERTIFICATE-----