This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft
File:                     xDzur3eV-33zSLBLIn5QpJoaG3w.mft (raw, json)
Hash identifier:          3+lgU7ZGk0t4kkt5KW2mBOt50mk5MCwffubun7lFWLo=
Subject key identifier:   D4:EB:9F:1F:BB:5B:35:DE:B0:CD:0E:FC:E8:6F:C5:C1:EA:11:E2:83
Authority key identifier: C4:3C:EE:AF:77:95:FB:7D:F3:48:B0:4B:22:7E:50:A4:9A:1A:1B:7C
Certificate issuer:       /CN=c43ceeaf7795fb7df348b04b227e50a49a1a1b7c
Certificate serial:       019B262D5F095F6B3AC652D7E9E6057D73D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xDzur3eV-33zSLBLIn5QpJoaG3w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft
Manifest number:          14B6
Signing time:             Tue 16 Dec 2025 08:01:06 +0000
Manifest this update:     Tue 16 Dec 2025 08:01:06 +0000
Manifest next update:     Wed 17 Dec 2025 08:01:06 +0000
Files and hashes:         1: xDzur3eV-33zSLBLIn5QpJoaG3w.crl (hash: Z5PFtr3BW3AR/vJhYgnJaUahzpbLmwKOzNLtdFACjgc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xDzur3eV-33zSLBLIn5QpJoaG3w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 17 Dec 2025 08:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:26:2d:5f:09:5f:6b:3a:c6:52:d7:e9:e6:05:7d:73:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c43ceeaf7795fb7df348b04b227e50a49a1a1b7c
        Validity
            Not Before: Dec 16 08:01:06 2025 GMT
            Not After : Dec 17 08:01:06 2025 GMT
        Subject: CN=d4eb9f1fbb5b35deb0cd0efce86fc5c1ea11e283
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:56:43:d5:18:59:1e:dc:5e:d8:a3:d8:83:3e:
                    2d:c1:a8:53:16:36:37:28:d6:89:03:97:49:ef:76:
                    bc:64:38:b4:a5:9d:2a:30:8d:a3:1d:00:39:81:3e:
                    1a:1c:39:0c:41:f1:98:f2:63:d4:3d:99:7d:7e:cd:
                    91:87:7d:26:9a:4f:70:05:d4:c3:20:ab:a7:aa:df:
                    75:dc:5c:20:c0:40:a8:5b:ea:16:63:8a:b2:64:d2:
                    ff:bf:71:2f:7d:c7:9b:17:43:79:da:eb:c8:6d:ab:
                    f7:84:38:b9:0a:cd:eb:c0:2c:1f:70:54:8d:28:ad:
                    4e:3a:11:4e:da:50:db:d0:12:ca:80:48:d2:51:c9:
                    7c:b9:f4:d3:e7:9f:6a:6b:c7:18:7a:6d:c6:cb:ec:
                    4e:70:7a:2d:d1:7b:e7:94:b9:4b:fe:61:c9:16:12:
                    c0:f2:f9:2c:00:6c:2b:4b:53:11:55:3f:cc:cd:67:
                    3b:d3:c2:67:bf:4d:66:bb:71:72:31:ab:82:2f:a8:
                    16:c3:c2:63:a5:56:e3:92:a3:0b:4b:62:88:24:53:
                    56:5d:cb:fe:64:ea:88:91:4c:a1:b8:43:3c:ed:95:
                    e6:a9:ef:76:6f:25:46:d6:39:c8:5e:08:4b:0c:5d:
                    bf:5e:14:e4:e9:28:33:4c:fc:49:d9:fc:13:d5:c7:
                    52:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:EB:9F:1F:BB:5B:35:DE:B0:CD:0E:FC:E8:6F:C5:C1:EA:11:E2:83
            X509v3 Authority Key Identifier:
                keyid:C4:3C:EE:AF:77:95:FB:7D:F3:48:B0:4B:22:7E:50:A4:9A:1A:1B:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDzur3eV-33zSLBLIn5QpJoaG3w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:d8:7e:57:6a:e1:c9:22:6f:68:d5:4f:58:39:48:c7:81:d5:
         6a:59:2a:08:9e:24:e4:53:ee:70:fd:02:00:f1:62:38:10:4b:
         d4:45:d1:01:11:da:57:6a:ea:09:1c:5e:9c:df:59:9c:be:d7:
         82:97:25:ac:1b:05:0d:c1:a6:bb:85:fa:10:82:85:ad:b9:5b:
         d6:a8:19:26:6d:fa:eb:bc:22:22:12:8a:68:86:29:85:54:69:
         27:60:0a:25:07:52:07:f1:d7:17:00:f7:4f:07:87:63:1c:61:
         ee:c3:82:30:9e:aa:fb:05:81:25:7f:e3:bc:a0:4e:91:62:1f:
         a6:76:f9:f6:eb:99:4e:18:4e:a0:ca:b8:88:9d:43:57:97:a1:
         c7:f1:a2:73:eb:61:58:4d:9f:f0:d9:ed:8f:de:00:0d:ce:fa:
         8f:b1:87:0f:af:52:92:db:ee:9c:bf:ed:2c:d3:c0:9e:3e:ef:
         c7:fc:e7:60:21:81:3e:3e:4d:2d:b9:da:3f:6f:02:5c:d0:2e:
         b4:be:29:78:ee:c7:94:67:e8:38:f4:41:8f:9d:e3:dc:6a:f2:
         8b:f2:c8:a3:71:7c:a5:85:14:94:b3:cd:2f:17:e7:0c:d6:b0:
         91:35:6b:ac:28:8c:7c:30:ae:49:bd:7f:b7:58:b0:a2:23:3b:
         93:70:33:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZsmLV8JX2s6xlLX6eYFfXPQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0M2NlZWFmNzc5NWZiN2RmMzQ4YjA0YjIyN2U1MGE0OWEx
YTFiN2MwHhcNMjUxMjE2MDgwMTA2WhcNMjUxMjE3MDgwMTA2WjAzMTEwLwYDVQQD
EyhkNGViOWYxZmJiNWIzNWRlYjBjZDBlZmNlODZmYzVjMWVhMTFlMjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1ZD1RhZHtxe2KPYgz4twahTFjY3
KNaJA5dJ73a8ZDi0pZ0qMI2jHQA5gT4aHDkMQfGY8mPUPZl9fs2Rh30mmk9wBdTD
IKunqt913FwgwECoW+oWY4qyZNL/v3EvfcebF0N52uvIbav3hDi5Cs3rwCwfcFSN
KK1OOhFO2lDb0BLKgEjSUcl8ufTT559qa8cYem3Gy+xOcHot0XvnlLlL/mHJFhLA
8vksAGwrS1MRVT/MzWc708Jnv01mu3FyMauCL6gWw8JjpVbjkqMLS2KIJFNWXcv+
ZOqIkUyhuEM87ZXmqe92byVG1jnIXghLDF2/XhTk6SgzTPxJ2fwT1cdScwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNTrnx+7WzXesM0O/OhvxcHqEeKDMB8GA1UdIwQY
MBaAFMQ87q93lft980iwSyJ+UKSaGht8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveER6dXIzZVYtMzN6U0xCTEluNVFwSm9hRzN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS84YThkM2EtMDgwNC00NGQ3LTg2NTUt
MDhiYWUzYTU0ZmY2LzEveER6dXIzZVYtMzN6U0xCTEluNVFwSm9hRzN3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS84YThkM2EtMDgwNC00NGQ3LTg2NTUtMDhiYWUzYTU0ZmY2
LzEveER6dXIzZVYtMzN6U0xCTEluNVFwSm9hRzN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArth+V2rh
ySJvaNVPWDlIx4HValkqCJ4k5FPucP0CAPFiOBBL1EXRARHaV2rqCRxenN9ZnL7X
gpclrBsFDcGmu4X6EIKFrblb1qgZJm3667wiIhKKaIYphVRpJ2AKJQdSB/HXFwD3
TweHYxxh7sOCMJ6q+wWBJX/jvKBOkWIfpnb59uuZThhOoMq4iJ1DV5ehx/Gic+th
WE2f8Nntj94ADc76j7GHD69SktvunL/tLNPAnj7vx/znYCGBPj5NLbnaP28CXNAu
tL4peO7HlGfoOPRBj53j3Gryi/LIo3F8pYUUlLPNLxfnDNawkTVrrCiMfDCuSb1/
t1iwoiM7k3AzUA==
-----END CERTIFICATE-----
Generated at Tue Dec 16 17:58:44 2025 by rpki-client