This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.mft
File:                     Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.mft (raw, json)
Hash identifier:          WHJq24N/W3tNfoE9LmL8VgU9XGBGeCxQAPlSTKjA2rg=
Subject key identifier:   44:36:59:5D:A4:E2:B9:80:76:E5:15:AB:8C:DA:59:7C:89:57:88:FA
Authority key identifier: 66:8D:2F:64:C3:37:46:5E:D3:8D:A5:F7:CC:45:84:DF:87:D4:A7:44
Certificate issuer:       /CN=668d2f64c337465ed38da5f7cc4584df87d4a744
Certificate serial:       019B2AAF04A98F1AFBB2C4854240333334CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.mft
Manifest number:          1488
Signing time:             Wed 17 Dec 2025 05:01:11 +0000
Manifest this update:     Wed 17 Dec 2025 05:01:11 +0000
Manifest next update:     Thu 18 Dec 2025 05:01:11 +0000
Files and hashes:         1: DK0Us3bVPvYwAyxNA0q9MJojynQ.roa (hash: zFzB2iAPAkpqv4wiU4d7/9a55ppm9DZ9vElT5rhcYD0=)
                          2: L4h95g97hPav_sLi8oU5ekfgF0c.roa (hash: gzwtuotOybzEB9lulxkeHjwR8xKOZWJlJKeZJPHVfuA=)
                          3: PoOOtUJXWSIrEDf1Xj5Z3VDMHSE.roa (hash: xLcUbAcJyMHzQNbU8ncdTmCAmnGI9JLzaYaEQOKQswQ=)
                          4: YUnFkerPf_tC9lIXfmeJMH6YBzU.roa (hash: /JxLnX44gj+6WYgNCgzFGwP4v1yZUybgTY/uSoStij0=)
                          5: Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.crl (hash: 6mEFNYoF28spIGnmbJzxUCjfWxt1TSvqRo81mKv8rCw=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:2a:af:04:a9:8f:1a:fb:b2:c4:85:42:40:33:33:34:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=668d2f64c337465ed38da5f7cc4584df87d4a744
        Validity
            Not Before: Dec 17 05:01:11 2025 GMT
            Not After : Dec 18 05:01:11 2025 GMT
        Subject: CN=4436595da4e2b98076e515ab8cda597c895788fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:73:fd:af:b9:ba:90:cb:3a:78:2d:74:3b:1e:
                    72:53:69:35:17:be:0d:47:ca:0a:82:e8:10:0c:1f:
                    e9:9c:07:d1:57:a6:fe:a6:1f:fc:f5:14:2e:56:84:
                    9a:34:03:5f:39:df:e8:53:83:14:08:ab:8e:cd:0f:
                    d0:2d:8b:41:4d:9b:a1:0d:c6:30:73:25:f4:c0:b0:
                    19:71:a6:84:d2:88:ed:e3:31:d2:a1:20:d3:60:90:
                    d1:24:4b:fb:4b:d9:b9:dd:76:27:aa:0d:d6:0e:fe:
                    44:4c:1f:25:9e:9f:39:91:96:9e:5b:6a:b6:4f:a6:
                    91:3c:73:48:48:dc:3a:fa:90:8b:6f:6e:8d:8f:cf:
                    45:99:23:09:bc:e5:c6:20:d3:16:de:17:b3:2b:e6:
                    7f:1e:28:d8:4d:4a:80:1b:57:59:f2:cf:f3:bb:c4:
                    2e:a6:e6:61:ae:65:7e:e0:13:aa:e3:43:d8:ae:c1:
                    2b:6a:e2:1b:32:bd:ca:51:ad:42:13:f7:14:b3:01:
                    a9:1c:3e:8d:ac:6a:ee:80:d6:fb:6d:9b:68:42:67:
                    5e:25:99:e1:0d:82:47:d5:06:e8:9c:51:61:c0:34:
                    0f:28:2b:e4:6a:0a:a0:4a:70:5f:bd:71:47:5e:e7:
                    b5:09:d2:26:0a:f1:cd:a4:85:99:ad:ae:c4:d9:74:
                    6d:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:36:59:5D:A4:E2:B9:80:76:E5:15:AB:8C:DA:59:7C:89:57:88:FA
            X509v3 Authority Key Identifier:
                keyid:66:8D:2F:64:C3:37:46:5E:D3:8D:A5:F7:CC:45:84:DF:87:D4:A7:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:2f:8c:fc:b1:3f:a1:46:be:70:4e:5d:73:16:d0:9f:19:14:
         86:8a:dc:11:18:c1:5a:86:1c:98:48:8d:ff:2d:17:5b:19:75:
         7a:6e:79:fc:d8:a3:fe:cd:d4:51:a3:64:ed:a7:3d:13:59:05:
         ae:3b:24:36:83:ad:37:5b:b4:42:65:9e:41:d8:d9:bf:73:a8:
         7b:84:ba:0b:20:81:91:69:ab:ec:71:ac:07:62:ce:2b:eb:58:
         df:c7:3f:8b:41:0c:4b:2d:89:5c:a1:27:66:03:b8:73:7a:09:
         e3:27:44:12:23:38:c6:4c:af:5c:b4:2e:66:41:11:60:f3:00:
         55:84:7a:1a:03:30:d4:54:e7:b3:3f:44:7c:98:aa:d8:e8:e5:
         ce:51:c4:60:5c:df:31:f1:07:3c:05:9f:d9:62:3a:89:a6:4c:
         a0:54:e3:1f:4f:9d:c1:5f:c2:54:04:1c:47:20:51:3d:db:c4:
         98:1f:3d:3f:1a:cf:4d:c7:01:ce:10:b2:52:bc:3d:7e:30:a7:
         35:06:84:5a:14:ab:a8:58:d2:a2:45:cb:19:2d:0d:6c:da:76:
         39:5a:0b:2f:be:82:b6:a3:1e:f0:a2:20:2f:51:f1:6a:d5:cb:
         c4:e1:3f:3b:e7:e3:b2:6c:46:a0:73:f1:39:11:2d:b7:e8:6e:
         04:d9:1e:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZsqrwSpjxr7ssSFQkAzMzTNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OGQyZjY0YzMzNzQ2NWVkMzhkYTVmN2NjNDU4NGRmODdk
NGE3NDQwHhcNMjUxMjE3MDUwMTExWhcNMjUxMjE4MDUwMTExWjAzMTEwLwYDVQQD
Eyg0NDM2NTk1ZGE0ZTJiOTgwNzZlNTE1YWI4Y2RhNTk3Yzg5NTc4OGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3P9r7m6kMs6eC10Ox5yU2k1F74N
R8oKgugQDB/pnAfRV6b+ph/89RQuVoSaNANfOd/oU4MUCKuOzQ/QLYtBTZuhDcYw
cyX0wLAZcaaE0ojt4zHSoSDTYJDRJEv7S9m53XYnqg3WDv5ETB8lnp85kZaeW2q2
T6aRPHNISNw6+pCLb26Nj89FmSMJvOXGINMW3hezK+Z/HijYTUqAG1dZ8s/zu8Qu
puZhrmV+4BOq40PYrsErauIbMr3KUa1CE/cUswGpHD6NrGrugNb7bZtoQmdeJZnh
DYJH1QbonFFhwDQPKCvkagqgSnBfvXFHXue1CdImCvHNpIWZra7E2XRtrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEQ2WV2k4rmAduUVq4zaWXyJV4j6MB8GA1UdIwQY
MBaAFGaNL2TDN0Ze042l98xFhN+H1KdEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm8wdlpNTTNSbDdUamFYM3pFV0UzNGZVcDBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS84MjhiMGYtODBlOC00MjdiLTk3MWQt
MzhiYmNmYWVlNmNlLzEvWm8wdlpNTTNSbDdUamFYM3pFV0UzNGZVcDBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS84MjhiMGYtODBlOC00MjdiLTk3MWQtMzhiYmNmYWVlNmNl
LzEvWm8wdlpNTTNSbDdUamFYM3pFV0UzNGZVcDBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAii+M/LE/
oUa+cE5dcxbQnxkUhorcERjBWoYcmEiN/y0XWxl1em55/Nij/s3UUaNk7ac9E1kF
rjskNoOtN1u0QmWeQdjZv3Ooe4S6CyCBkWmr7HGsB2LOK+tY38c/i0EMSy2JXKEn
ZgO4c3oJ4ydEEiM4xkyvXLQuZkERYPMAVYR6GgMw1FTnsz9EfJiq2OjlzlHEYFzf
MfEHPAWf2WI6iaZMoFTjH0+dwV/CVAQcRyBRPdvEmB89PxrPTccBzhCyUrw9fjCn
NQaEWhSrqFjSokXLGS0NbNp2OVoLL76CtqMe8KIgL1HxatXLxOE/O+fjsmxGoHPx
OREtt+huBNke1w==
-----END CERTIFICATE-----