This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft
File:                     Igmk3BOlMEp6okvhwXi6QuF5L4U.mft (raw, json)
Hash identifier:          ECRpojRxtLYDtwTkvYOxKplNRkWjoDEOMT1IvjzQKHU=
Subject key identifier:   CB:D2:0B:45:B9:3F:FC:1B:4C:E9:EE:56:13:9A:CB:79:C9:C3:74:CC
Authority key identifier: 22:09:A4:DC:13:A5:30:4A:7A:A2:4B:E1:C1:78:BA:42:E1:79:2F:85
Certificate issuer:       /CN=2209a4dc13a5304a7aa24be1c178ba42e1792f85
Certificate serial:       019BF42BC7F279954768E15CF0438396B0A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft
Manifest number:          03CC
Signing time:             Sun 25 Jan 2026 08:01:08 +0000
Manifest this update:     Sun 25 Jan 2026 08:01:08 +0000
Manifest next update:     Mon 26 Jan 2026 08:01:08 +0000
Files and hashes:         1: Igmk3BOlMEp6okvhwXi6QuF5L4U.crl (hash: iEHomdojOY8nHXg1J+yOiL2Yyv1csJoJV3vPs7qR2Pc=)
                          2: m1FgC_uB4h1eEkeEsgOeeKgc-D8.asa (hash: Lgsi1P76MGixnlSYLkqlowZ1I35F9xwj9pmnAksLG6U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:f4:2b:c7:f2:79:95:47:68:e1:5c:f0:43:83:96:b0:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2209a4dc13a5304a7aa24be1c178ba42e1792f85
        Validity
            Not Before: Jan 25 08:01:08 2026 GMT
            Not After : Jan 26 08:01:08 2026 GMT
        Subject: CN=cbd20b45b93ffc1b4ce9ee56139acb79c9c374cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:5a:a4:21:cf:28:72:4f:d4:2a:1e:64:10:63:
                    b2:9d:64:de:b1:39:dc:5e:cc:9f:5f:49:46:74:77:
                    33:10:9f:95:57:e2:8f:19:a7:ad:b9:7c:10:f2:3d:
                    11:4f:29:84:c3:cf:4a:33:cb:e3:8f:9d:b7:9a:59:
                    0f:f9:01:ff:82:46:4e:07:be:35:2f:17:03:c7:89:
                    11:dc:79:02:75:b7:98:ba:3e:8d:02:8e:0a:06:00:
                    92:74:ad:68:38:75:10:ca:ab:9f:a7:c4:77:a4:f7:
                    15:43:4c:85:aa:c9:2d:f4:73:b2:3c:40:f1:3e:93:
                    20:c1:62:07:28:9b:37:55:f6:35:0d:00:d3:6e:e5:
                    76:f0:ee:dc:cb:8e:23:fb:3a:8e:7c:19:b5:0c:97:
                    93:6c:93:91:9e:3c:9f:13:2b:af:89:90:5f:30:35:
                    bc:68:c0:db:6a:6d:a9:75:e8:d7:65:e9:4a:be:07:
                    f9:40:bd:76:4e:12:d8:e5:d8:d7:f7:79:d7:60:59:
                    21:ca:34:2a:e3:fd:d7:4b:e1:8a:a7:c4:54:6c:6e:
                    fa:72:93:5f:81:0b:f0:d3:e2:fa:46:07:04:92:33:
                    08:98:16:55:85:8f:7e:8f:1a:f0:39:fb:67:d6:bd:
                    09:53:b6:8f:39:ff:75:9a:20:a4:c1:bf:09:98:5d:
                    9b:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:D2:0B:45:B9:3F:FC:1B:4C:E9:EE:56:13:9A:CB:79:C9:C3:74:CC
            X509v3 Authority Key Identifier:
                keyid:22:09:A4:DC:13:A5:30:4A:7A:A2:4B:E1:C1:78:BA:42:E1:79:2F:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:c9:ce:21:1c:60:e7:d5:7f:60:27:d2:70:53:f8:5e:4b:9f:
         5c:73:a7:a1:04:a0:70:9b:57:28:eb:38:0d:da:ee:08:61:d7:
         89:42:76:48:37:f2:7c:81:d7:b9:09:39:6e:4e:b3:f6:ec:b4:
         c4:07:25:03:e0:84:54:bf:96:d2:d7:97:f7:48:99:fb:2c:07:
         32:a0:9d:ad:e6:11:78:c7:ce:cb:eb:b2:0f:8f:00:78:43:f7:
         08:af:7e:f2:2d:c8:9d:64:f4:8f:56:06:7f:24:f9:3d:6b:62:
         5d:d9:2d:7b:c9:4b:87:96:c1:9f:f1:4a:49:21:7e:4b:5d:83:
         61:e9:76:a2:7a:73:ea:e7:39:d4:7e:b1:e7:ae:96:1f:c8:36:
         be:d2:33:7c:c7:16:90:f7:1c:bb:7e:12:99:59:79:ab:d0:ed:
         80:73:ea:ae:ff:9d:31:40:62:e4:ba:6c:de:8a:39:67:85:4f:
         50:50:7d:eb:e8:51:76:e0:3e:c5:97:bc:71:92:5e:80:19:1d:
         b5:cc:85:4e:89:05:f1:14:19:25:92:5c:bc:0f:5b:de:97:ca:
         5f:d0:67:e4:02:17:a5:ab:41:81:53:64:36:17:55:77:53:9e:
         7a:cc:1e:90:4e:2c:67:d4:e7:35:d6:96:40:35:1a:54:0e:07:
         b3:0e:83:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZv0K8fyeZVHaOFc8EODlrCnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMDlhNGRjMTNhNTMwNGE3YWEyNGJlMWMxNzhiYTQyZTE3
OTJmODUwHhcNMjYwMTI1MDgwMTA4WhcNMjYwMTI2MDgwMTA4WjAzMTEwLwYDVQQD
EyhjYmQyMGI0NWI5M2ZmYzFiNGNlOWVlNTYxMzlhY2I3OWM5YzM3NGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1lqkIc8ock/UKh5kEGOynWTesTnc
XsyfX0lGdHczEJ+VV+KPGaetuXwQ8j0RTymEw89KM8vjj523mlkP+QH/gkZOB741
LxcDx4kR3HkCdbeYuj6NAo4KBgCSdK1oOHUQyqufp8R3pPcVQ0yFqskt9HOyPEDx
PpMgwWIHKJs3VfY1DQDTbuV28O7cy44j+zqOfBm1DJeTbJORnjyfEyuviZBfMDW8
aMDbam2pdejXZelKvgf5QL12ThLY5djX93nXYFkhyjQq4/3XS+GKp8RUbG76cpNf
gQvw0+L6RgcEkjMImBZVhY9+jxrwOftn1r0JU7aPOf91miCkwb8JmF2brwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMvSC0W5P/wbTOnuVhOay3nJw3TMMB8GA1UdIwQY
MBaAFCIJpNwTpTBKeqJL4cF4ukLheS+FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9lNDg2MmEtNTExZS00YzBjLTk1MWYt
NjhhZmQ0NzQ1MTQ5LzEvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9lNDg2MmEtNTExZS00YzBjLTk1MWYtNjhhZmQ0NzQ1MTQ5
LzEvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP8nOIRxg
59V/YCfScFP4XkufXHOnoQSgcJtXKOs4DdruCGHXiUJ2SDfyfIHXuQk5bk6z9uy0
xAclA+CEVL+W0teX90iZ+ywHMqCdreYReMfOy+uyD48AeEP3CK9+8i3InWT0j1YG
fyT5PWtiXdkte8lLh5bBn/FKSSF+S12DYel2onpz6uc51H6x566WH8g2vtIzfMcW
kPccu34SmVl5q9DtgHPqrv+dMUBi5Lps3oo5Z4VPUFB96+hRduA+xZe8cZJegBkd
tcyFTokF8RQZJZJcvA9b3pfKX9Bn5AIXpatBgVNkNhdVd1OeeswekE4sZ9TnNdaW
QDUaVA4Hsw6DbQ==
-----END CERTIFICATE-----
Generated at Sun Jan 25 16:46:10 2026 by rpki-client