This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/97ccab-d0c8-42e8-8725-a586b07add72/1/Yltc-eKZEkSMu7yG0gVhiZzbEE0.mft
File:                     Yltc-eKZEkSMu7yG0gVhiZzbEE0.mft (raw, json)
Hash identifier:          6m50U65MYGFpXQ979jrKqD2nImyzeDtxYV/6CI9z3Ho=
Subject key identifier:   4A:4B:49:9E:DA:09:B0:17:8C:43:24:6D:D8:1D:1B:77:2F:77:86:AD
Authority key identifier: 62:5B:5C:F9:E2:99:12:44:8C:BB:BC:86:D2:05:61:89:9C:DB:10:4D
Certificate issuer:       /CN=625b5cf9e29912448cbbbc86d20561899cdb104d
Certificate serial:       019AF49BA2CEAAA9F53E8303B435E6F1F29C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yltc-eKZEkSMu7yG0gVhiZzbEE0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/97ccab-d0c8-42e8-8725-a586b07add72/1/Yltc-eKZEkSMu7yG0gVhiZzbEE0.mft
Manifest number:          131F
Signing time:             Sat 06 Dec 2025 17:00:31 +0000
Manifest this update:     Sat 06 Dec 2025 17:00:31 +0000
Manifest next update:     Sun 07 Dec 2025 17:00:31 +0000
Files and hashes:         1: 3ir5WkvJIRxtwZei2sctSN0sCz0.roa (hash: kbUd9aHqn6kQ8QUhYDDaCsn+6zI4AKFQfFGDo83vd6o=)
                          2: Yltc-eKZEkSMu7yG0gVhiZzbEE0.crl (hash: 6dHx0fLoAsxhzzG/lwtzB50VSjxLt3RlfAzqipsXgfg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/97ccab-d0c8-42e8-8725-a586b07add72/1/Yltc-eKZEkSMu7yG0gVhiZzbEE0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/97ccab-d0c8-42e8-8725-a586b07add72/1/Yltc-eKZEkSMu7yG0gVhiZzbEE0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Yltc-eKZEkSMu7yG0gVhiZzbEE0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 07 Dec 2025 13:09:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:f4:9b:a2:ce:aa:a9:f5:3e:83:03:b4:35:e6:f1:f2:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=625b5cf9e29912448cbbbc86d20561899cdb104d
        Validity
            Not Before: Dec  6 17:00:31 2025 GMT
            Not After : Dec  7 17:00:31 2025 GMT
        Subject: CN=4a4b499eda09b0178c43246dd81d1b772f7786ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:ac:d4:5b:cb:20:9c:26:b5:36:71:46:28:00:
                    99:1e:26:fc:75:db:b2:ae:14:9e:1f:b5:83:55:5d:
                    bc:92:1b:fc:3b:3b:bb:cf:c4:1a:85:36:ba:fa:60:
                    ec:01:b6:09:f9:39:07:e9:dd:77:b8:9c:13:b5:d8:
                    f7:06:fb:18:81:90:b3:fd:fc:2e:8a:e5:c5:e2:74:
                    d3:e1:cc:7f:74:65:62:6d:fe:ae:0d:6a:51:f5:61:
                    a7:18:97:95:c4:26:53:53:60:fc:17:09:4f:60:a2:
                    75:9e:72:b2:94:ba:5e:31:12:5f:04:6c:1d:64:56:
                    75:87:65:7c:e7:cc:fa:91:35:f7:6e:07:cc:b9:a3:
                    23:7d:64:69:29:00:3e:a3:b7:c9:0a:13:09:f4:94:
                    6d:54:51:4c:85:64:a6:55:f6:64:94:41:a2:73:c0:
                    8d:43:b2:36:e4:a9:a7:d7:df:96:91:32:02:a5:e7:
                    96:c1:49:35:52:2b:6f:f2:34:f0:0f:a0:6d:72:a6:
                    17:d8:ae:9a:f9:75:23:c0:b1:97:03:f6:e3:72:72:
                    1d:b3:e3:01:ae:79:a1:7f:52:6a:51:6f:ac:67:9b:
                    c2:79:eb:e2:45:10:99:fa:68:18:29:b5:d6:9d:1c:
                    97:8e:f7:36:00:07:76:70:b1:37:ef:7e:af:3c:37:
                    14:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:4B:49:9E:DA:09:B0:17:8C:43:24:6D:D8:1D:1B:77:2F:77:86:AD
            X509v3 Authority Key Identifier:
                keyid:62:5B:5C:F9:E2:99:12:44:8C:BB:BC:86:D2:05:61:89:9C:DB:10:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yltc-eKZEkSMu7yG0gVhiZzbEE0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/97ccab-d0c8-42e8-8725-a586b07add72/1/Yltc-eKZEkSMu7yG0gVhiZzbEE0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/97ccab-d0c8-42e8-8725-a586b07add72/1/Yltc-eKZEkSMu7yG0gVhiZzbEE0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:4f:ba:a7:d2:45:df:62:7c:e8:ab:61:6b:98:0f:f9:66:ff:
         21:31:ea:b2:33:85:83:81:40:6a:aa:73:18:f2:ad:d6:ab:d4:
         17:21:93:08:f6:49:07:c3:61:73:46:3c:ce:1e:44:4e:46:9c:
         6a:03:c7:48:d3:c2:ac:1c:21:aa:eb:b7:40:0b:cd:82:00:d3:
         57:2c:77:aa:28:2d:36:89:48:d7:15:aa:28:79:a8:c6:b3:e1:
         22:03:9b:9f:90:e5:9a:61:c1:fd:04:79:cf:7c:41:ba:74:14:
         94:e4:31:bd:20:64:a1:5e:48:13:72:a8:73:35:7c:c1:94:b0:
         44:ea:5e:9a:22:3d:f5:5f:fe:de:b2:bf:de:5b:3d:f3:86:bb:
         4c:33:3b:45:74:25:74:fb:78:90:22:aa:f0:b3:37:93:b3:d5:
         79:e8:8b:d1:63:be:fc:cd:7c:d3:1b:ea:ec:c7:0c:0e:61:56:
         13:12:03:96:c0:cf:2a:fb:66:77:5e:d9:70:2c:d7:7a:0f:9c:
         17:6b:dc:7c:d5:60:9f:f9:75:68:17:ef:f9:3c:0d:43:84:94:
         62:2e:d4:f9:5b:43:82:e5:a6:9e:c6:37:59:41:da:e4:c5:ea:
         ac:46:db:4f:9f:9b:e0:6a:c4:9b:90:0a:87:f0:3e:d0:85:69:
         62:3b:c0:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZr0m6LOqqn1PoMDtDXm8fKcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNWI1Y2Y5ZTI5OTEyNDQ4Y2JiYmM4NmQyMDU2MTg5OWNk
YjEwNGQwHhcNMjUxMjA2MTcwMDMxWhcNMjUxMjA3MTcwMDMxWjAzMTEwLwYDVQQD
Eyg0YTRiNDk5ZWRhMDliMDE3OGM0MzI0NmRkODFkMWI3NzJmNzc4NmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6zUW8sgnCa1NnFGKACZHib8dduy
rhSeH7WDVV28khv8Ozu7z8QahTa6+mDsAbYJ+TkH6d13uJwTtdj3BvsYgZCz/fwu
iuXF4nTT4cx/dGVibf6uDWpR9WGnGJeVxCZTU2D8FwlPYKJ1nnKylLpeMRJfBGwd
ZFZ1h2V858z6kTX3bgfMuaMjfWRpKQA+o7fJChMJ9JRtVFFMhWSmVfZklEGic8CN
Q7I25Kmn19+WkTICpeeWwUk1Uitv8jTwD6BtcqYX2K6a+XUjwLGXA/bjcnIds+MB
rnmhf1JqUW+sZ5vCeeviRRCZ+mgYKbXWnRyXjvc2AAd2cLE3736vPDcUKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEpLSZ7aCbAXjEMkbdgdG3cvd4atMB8GA1UdIwQY
MBaAFGJbXPnimRJEjLu8htIFYYmc2xBNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWx0Yy1lS1pFa1NNdTd5RzBnVmhpWnpiRUUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy85N2NjYWItZDBjOC00MmU4LTg3MjUt
YTU4NmIwN2FkZDcyLzEvWWx0Yy1lS1pFa1NNdTd5RzBnVmhpWnpiRUUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy85N2NjYWItZDBjOC00MmU4LTg3MjUtYTU4NmIwN2FkZDcy
LzEvWWx0Yy1lS1pFa1NNdTd5RzBnVmhpWnpiRUUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj0+6p9JF
32J86Ktha5gP+Wb/ITHqsjOFg4FAaqpzGPKt1qvUFyGTCPZJB8Nhc0Y8zh5ETkac
agPHSNPCrBwhquu3QAvNggDTVyx3qigtNolI1xWqKHmoxrPhIgObn5DlmmHB/QR5
z3xBunQUlOQxvSBkoV5IE3KoczV8wZSwROpemiI99V/+3rK/3ls984a7TDM7RXQl
dPt4kCKq8LM3k7PVeeiL0WO+/M180xvq7McMDmFWExIDlsDPKvtmd17ZcCzXeg+c
F2vcfNVgn/l1aBfv+TwNQ4SUYi7U+VtDguWmnsY3WUHa5MXqrEbbT5+b4GrEm5AK
h/A+0IVpYjvAQA==
-----END CERTIFICATE-----
Generated at Sat Dec 6 18:51:21 2025 by rpki-client