This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.mft
File:                     yIYjh23RrY5iSiPdUossZMgKhSE.mft (raw, json)
Hash identifier:          9CsH2NQ5//8MSUxmJk9i4vxqx0SUKg6Smk01OTWVsHg=
Subject key identifier:   A9:2D:83:9D:FB:CE:19:83:BC:78:FD:84:F5:E7:3F:53:71:13:BF:74
Authority key identifier: C8:86:23:87:6D:D1:AD:8E:62:4A:23:DD:52:8B:2C:64:C8:0A:85:21
Certificate issuer:       /CN=c88623876dd1ad8e624a23dd528b2c64c80a8521
Certificate serial:       019BF83F5539453141C932970217BB1825DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yIYjh23RrY5iSiPdUossZMgKhSE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.mft
Manifest number:          070B
Signing time:             Mon 26 Jan 2026 03:00:58 +0000
Manifest this update:     Mon 26 Jan 2026 03:00:58 +0000
Manifest next update:     Tue 27 Jan 2026 03:00:58 +0000
Files and hashes:         1: h1IcZRGY_rRXRhpZWTLbtpzh9tM.roa (hash: L8O1+G2QnBwVNFEY7LCl7zf6sGt3HNSfVfaE38wa8Uo=)
                          2: yIYjh23RrY5iSiPdUossZMgKhSE.crl (hash: 2ig6EOkJcETdU30M5k6IRwQtYM3vRK5y/eg2WOV7md0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yIYjh23RrY5iSiPdUossZMgKhSE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 22:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:f8:3f:55:39:45:31:41:c9:32:97:02:17:bb:18:25:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c88623876dd1ad8e624a23dd528b2c64c80a8521
        Validity
            Not Before: Jan 26 03:00:58 2026 GMT
            Not After : Jan 27 03:00:58 2026 GMT
        Subject: CN=a92d839dfbce1983bc78fd84f5e73f537113bf74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:4f:33:7a:82:65:d2:4a:b2:9a:84:05:0f:50:
                    cb:89:ad:6a:0e:9a:4b:fa:cd:36:e0:d4:a9:4a:c6:
                    2f:7c:73:20:e6:27:89:1a:fb:9e:99:a1:c6:c8:76:
                    c7:c9:4b:6a:87:bd:15:38:ec:e3:34:75:cc:ac:63:
                    0b:9b:c1:c0:16:22:27:9e:b1:df:f4:82:5d:39:6a:
                    48:e7:46:9e:b1:ad:3a:a9:ba:2f:11:57:32:7b:b7:
                    03:36:67:62:60:aa:96:b0:e9:6b:14:0b:98:d9:5e:
                    26:92:ef:a7:2b:c1:24:91:4b:42:15:bc:86:33:8f:
                    fe:e1:2a:2f:46:08:08:e2:fc:a5:9b:43:4a:9f:c2:
                    aa:bb:74:33:d4:d1:4c:55:80:47:25:c5:f8:60:4e:
                    a9:b3:be:6d:eb:2b:7f:f6:7e:53:06:5a:2c:af:59:
                    ab:fb:0e:a5:1b:ae:70:58:5b:2c:4a:c6:ac:51:ba:
                    4b:85:c2:95:cb:ac:f4:ff:d1:ed:b9:69:8b:49:82:
                    bf:31:a5:36:39:2a:80:5d:32:2a:86:a3:2e:d2:3e:
                    97:30:13:4f:43:30:85:2b:a4:a7:f6:1c:7b:64:98:
                    1f:1e:84:ca:be:c3:21:5f:00:c1:fd:b4:71:7d:da:
                    fd:ae:24:8f:6a:07:9d:4b:4e:e5:c5:67:b2:71:d0:
                    ed:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:2D:83:9D:FB:CE:19:83:BC:78:FD:84:F5:E7:3F:53:71:13:BF:74
            X509v3 Authority Key Identifier:
                keyid:C8:86:23:87:6D:D1:AD:8E:62:4A:23:DD:52:8B:2C:64:C8:0A:85:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yIYjh23RrY5iSiPdUossZMgKhSE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:8b:cc:cd:67:cd:e5:5e:37:39:2e:a9:b9:80:9c:75:6e:a0:
         05:5a:d3:bd:37:af:72:63:b8:81:78:fa:c6:c7:95:99:b4:6b:
         22:16:bf:77:81:77:83:76:1e:1c:d9:ce:70:23:e5:4b:67:06:
         4a:f2:78:fa:fe:72:2c:e8:e2:d3:36:0f:21:91:08:50:c9:64:
         ca:e0:55:cf:c8:79:bf:a9:63:32:7b:cf:d4:21:03:c9:2b:b2:
         e3:b8:02:24:6c:a1:4e:1c:0d:01:82:cd:8e:5b:fe:56:6e:77:
         6f:11:0c:bf:0f:1b:a8:47:46:7b:98:31:aa:99:33:09:b8:67:
         0a:a4:36:0b:ca:45:28:4f:40:da:83:ed:95:44:5e:35:a6:69:
         f3:43:92:e9:75:40:0e:8b:bc:74:67:13:21:57:4f:33:6f:34:
         36:c5:ee:73:2e:95:52:c6:cb:3a:17:5f:d7:b8:3c:75:08:f4:
         98:fb:a7:76:fa:30:c2:2c:ba:9f:88:a7:6a:ec:77:57:18:fd:
         d8:30:e1:a8:d2:7d:a7:7c:84:3b:05:c5:92:d7:ec:e7:9b:6e:
         b0:31:5e:c2:77:1a:15:f2:8c:ae:cb:9a:0b:ed:f2:e4:11:66:
         a0:7f:41:b4:94:7c:62:10:16:48:67:cf:ea:9a:77:e3:a9:6d:
         d0:90:fd:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZv4P1U5RTFByTKXAhe7GCXdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ODYyMzg3NmRkMWFkOGU2MjRhMjNkZDUyOGIyYzY0Yzgw
YTg1MjEwHhcNMjYwMTI2MDMwMDU4WhcNMjYwMTI3MDMwMDU4WjAzMTEwLwYDVQQD
EyhhOTJkODM5ZGZiY2UxOTgzYmM3OGZkODRmNWU3M2Y1MzcxMTNiZjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxU8zeoJl0kqymoQFD1DLia1qDppL
+s024NSpSsYvfHMg5ieJGvuemaHGyHbHyUtqh70VOOzjNHXMrGMLm8HAFiInnrHf
9IJdOWpI50aesa06qbovEVcye7cDNmdiYKqWsOlrFAuY2V4mku+nK8EkkUtCFbyG
M4/+4SovRggI4vylm0NKn8Kqu3Qz1NFMVYBHJcX4YE6ps75t6yt/9n5TBlosr1mr
+w6lG65wWFssSsasUbpLhcKVy6z0/9HtuWmLSYK/MaU2OSqAXTIqhqMu0j6XMBNP
QzCFK6Sn9hx7ZJgfHoTKvsMhXwDB/bRxfdr9riSPagedS07lxWeycdDtAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKktg537zhmDvHj9hPXnP1NxE790MB8GA1UdIwQY
MBaAFMiGI4dt0a2OYkoj3VKLLGTICoUhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUlZamgyM1JyWTVpU2lQZFVvc3NaTWdLaFNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8xODI1ZDEtN2MwMS00OTE1LWE0NDQt
MmViNTEyNjFkZGJhLzEveUlZamgyM1JyWTVpU2lQZFVvc3NaTWdLaFNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8xODI1ZDEtN2MwMS00OTE1LWE0NDQtMmViNTEyNjFkZGJh
LzEveUlZamgyM1JyWTVpU2lQZFVvc3NaTWdLaFNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdovMzWfN
5V43OS6puYCcdW6gBVrTvTevcmO4gXj6xseVmbRrIha/d4F3g3YeHNnOcCPlS2cG
SvJ4+v5yLOji0zYPIZEIUMlkyuBVz8h5v6ljMnvP1CEDySuy47gCJGyhThwNAYLN
jlv+Vm53bxEMvw8bqEdGe5gxqpkzCbhnCqQ2C8pFKE9A2oPtlUReNaZp80OS6XVA
Dou8dGcTIVdPM280NsXucy6VUsbLOhdf17g8dQj0mPundvowwiy6n4inaux3Vxj9
2DDhqNJ9p3yEOwXFktfs55tusDFewncaFfKMrsuaC+3y5BFmoH9BtJR8YhAWSGfP
6pp346lt0JD9IA==
-----END CERTIFICATE-----
Generated at Mon Jan 26 05:38:48 2026 by rpki-client