This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft
File:                     Igmk3BOlMEp6okvhwXi6QuF5L4U.mft (raw, json)
Hash identifier:          kMmeL/KMOd8qNuE3t1nmyVZ7IburFI9KfR+vnjSHM6A=
Subject key identifier:   8E:3D:35:B6:00:2C:3C:A6:C3:B5:A1:FD:69:8A:0A:9F:6D:E5:F8:9D
Authority key identifier: 22:09:A4:DC:13:A5:30:4A:7A:A2:4B:E1:C1:78:BA:42:E1:79:2F:85
Certificate issuer:       /CN=2209a4dc13a5304a7aa24be1c178ba42e1792f85
Certificate serial:       019BF619ECA06BD1325A975902B0E8A69E72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft
Manifest number:          03CD
Signing time:             Sun 25 Jan 2026 17:00:52 +0000
Manifest this update:     Sun 25 Jan 2026 17:00:52 +0000
Manifest next update:     Mon 26 Jan 2026 17:00:52 +0000
Files and hashes:         1: Igmk3BOlMEp6okvhwXi6QuF5L4U.crl (hash: qu3V9DipPpB7OaPYSaJwXmnBEJbnBgTEeh4+3iEFR0U=)
                          2: m1FgC_uB4h1eEkeEsgOeeKgc-D8.asa (hash: Lgsi1P76MGixnlSYLkqlowZ1I35F9xwj9pmnAksLG6U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 13:21:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:f6:19:ec:a0:6b:d1:32:5a:97:59:02:b0:e8:a6:9e:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2209a4dc13a5304a7aa24be1c178ba42e1792f85
        Validity
            Not Before: Jan 25 17:00:52 2026 GMT
            Not After : Jan 26 17:00:52 2026 GMT
        Subject: CN=8e3d35b6002c3ca6c3b5a1fd698a0a9f6de5f89d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:03:64:ba:aa:f1:1e:1d:48:73:39:47:c8:e0:
                    5f:26:45:3d:3e:a3:11:1a:0d:a2:5d:a3:f6:e1:bc:
                    ee:8c:71:ec:d0:6d:f4:cf:27:a2:0b:7a:5f:62:49:
                    ae:e3:b6:d5:c8:31:b8:e5:b9:59:ce:11:84:85:98:
                    8a:01:b4:2e:fd:f6:ec:3e:da:8a:2c:33:b2:55:7a:
                    73:af:f1:5a:2f:6b:5b:e8:9f:69:63:3a:43:27:61:
                    85:6a:ec:0b:8c:24:77:61:71:b4:53:4e:d8:ae:f4:
                    f6:0a:5c:e1:45:86:3a:8f:fb:c5:7b:fe:bb:0e:67:
                    63:6a:48:f0:ec:71:1a:ab:f9:7a:65:29:e4:28:af:
                    f4:79:b4:89:83:a8:90:8e:aa:a0:02:85:a5:c2:0b:
                    1d:15:f1:4f:e3:40:f6:b9:8e:f4:4b:1e:cf:b9:dd:
                    df:37:cc:13:2b:e5:f9:81:72:8b:26:f0:48:92:a2:
                    9c:79:45:f1:08:bb:25:cd:4e:de:6d:4a:ce:1b:c4:
                    89:14:46:78:de:41:14:13:13:21:a9:bd:64:e0:70:
                    77:f4:21:f8:b2:71:97:e3:37:3c:a1:19:f0:85:d4:
                    75:4b:9d:7f:ed:70:83:58:17:48:db:42:c4:d5:bd:
                    f6:e5:08:08:c3:5f:0b:6f:99:bf:ad:36:74:c8:cd:
                    32:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:3D:35:B6:00:2C:3C:A6:C3:B5:A1:FD:69:8A:0A:9F:6D:E5:F8:9D
            X509v3 Authority Key Identifier:
                keyid:22:09:A4:DC:13:A5:30:4A:7A:A2:4B:E1:C1:78:BA:42:E1:79:2F:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:43:a6:bd:71:c8:97:47:af:18:5b:c0:0c:72:1e:ac:d2:3c:
         68:1a:50:b4:36:ee:b5:4c:90:5d:7d:f7:3e:5e:71:4d:1d:ac:
         ef:d1:6d:46:ae:66:6f:16:38:1d:bf:d4:7c:1b:10:06:95:2d:
         aa:a3:53:d0:c7:bb:8e:3f:bc:f6:8b:a1:4a:43:ac:22:d0:88:
         9a:2b:a8:6a:c5:e5:25:34:13:c9:95:a6:cb:e1:23:a2:39:d5:
         b4:bf:0f:b2:3c:5e:99:64:92:af:85:96:c2:53:7b:32:9f:b7:
         76:28:b9:79:0f:41:9d:ea:67:b8:25:d6:23:3e:50:72:41:b2:
         70:89:9d:c0:27:be:5c:11:a1:1c:3f:83:2e:f6:77:e0:d8:08:
         99:3a:40:f2:3c:d1:99:f2:b4:94:27:1d:69:78:af:9d:84:98:
         3a:16:fe:ce:1e:c3:82:60:7e:b5:e7:63:01:79:2f:9d:85:34:
         3c:ef:c2:7f:22:a9:a6:51:a5:91:a9:7d:94:fe:12:1d:c9:c5:
         d4:3b:19:32:55:da:ae:29:43:5e:c7:2c:d5:59:4b:c3:99:a7:
         26:a9:82:b9:05:db:95:50:d0:14:f1:46:5f:90:6b:19:ec:22:
         26:be:88:d5:65:76:e5:60:40:a6:06:97:8c:c0:98:c4:3c:e0:
         5a:0c:a6:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZv2Geyga9EyWpdZArDopp5yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMDlhNGRjMTNhNTMwNGE3YWEyNGJlMWMxNzhiYTQyZTE3
OTJmODUwHhcNMjYwMTI1MTcwMDUyWhcNMjYwMTI2MTcwMDUyWjAzMTEwLwYDVQQD
Eyg4ZTNkMzViNjAwMmMzY2E2YzNiNWExZmQ2OThhMGE5ZjZkZTVmODlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2wNkuqrxHh1IczlHyOBfJkU9PqMR
Gg2iXaP24bzujHHs0G30zyeiC3pfYkmu47bVyDG45blZzhGEhZiKAbQu/fbsPtqK
LDOyVXpzr/FaL2tb6J9pYzpDJ2GFauwLjCR3YXG0U07YrvT2ClzhRYY6j/vFe/67
Dmdjakjw7HEaq/l6ZSnkKK/0ebSJg6iQjqqgAoWlwgsdFfFP40D2uY70Sx7Pud3f
N8wTK+X5gXKLJvBIkqKceUXxCLslzU7ebUrOG8SJFEZ43kEUExMhqb1k4HB39CH4
snGX4zc8oRnwhdR1S51/7XCDWBdI20LE1b325QgIw18Lb5m/rTZ0yM0yjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI49NbYALDymw7Wh/WmKCp9t5fidMB8GA1UdIwQY
MBaAFCIJpNwTpTBKeqJL4cF4ukLheS+FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9lNDg2MmEtNTExZS00YzBjLTk1MWYt
NjhhZmQ0NzQ1MTQ5LzEvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9lNDg2MmEtNTExZS00YzBjLTk1MWYtNjhhZmQ0NzQ1MTQ5
LzEvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPUOmvXHI
l0evGFvADHIerNI8aBpQtDbutUyQXX33Pl5xTR2s79FtRq5mbxY4Hb/UfBsQBpUt
qqNT0Me7jj+89ouhSkOsItCImiuoasXlJTQTyZWmy+EjojnVtL8PsjxemWSSr4WW
wlN7Mp+3dii5eQ9BnepnuCXWIz5QckGycImdwCe+XBGhHD+DLvZ34NgImTpA8jzR
mfK0lCcdaXivnYSYOhb+zh7DgmB+tedjAXkvnYU0PO/CfyKpplGlkal9lP4SHcnF
1DsZMlXarilDXscs1VlLw5mnJqmCuQXblVDQFPFGX5BrGewiJr6I1WV25WBApgaX
jMCYxDzgWgymIA==
-----END CERTIFICATE-----
Generated at Sun Jan 25 21:10:58 2026 by rpki-client