This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.mft
File:                     Kfp91j8uLYe194UAk8dDu_vhTkQ.mft (raw, json)
Hash identifier:          /LEXK0MDkWHF7D5nwzQYmbnb73KT8+QGdiQSAwFLMSA=
Subject key identifier:   7D:DB:23:B9:CF:F7:CE:23:E4:33:22:F9:66:69:33:45:2C:10:5F:E5
Authority key identifier: 29:FA:7D:D6:3F:2E:2D:87:B5:F7:85:00:93:C7:43:BB:FB:E1:4E:44
Certificate issuer:       /CN=29fa7dd63f2e2d87b5f7850093c743bbfbe14e44
Certificate serial:       019BF50796F58A6CC18352339DB29DD8C156
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kfp91j8uLYe194UAk8dDu_vhTkQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.mft
Manifest number:          0699
Signing time:             Sun 25 Jan 2026 12:01:13 +0000
Manifest this update:     Sun 25 Jan 2026 12:01:13 +0000
Manifest next update:     Mon 26 Jan 2026 12:01:13 +0000
Files and hashes:         1: 1FTeokhUADkYbgvOTwGp40m_BPE.roa (hash: PPoy3S4bKc1j/djL6NTv+eGLXSL7GZ17YwI5tAXRtDM=)
                          2: 59s8eNqYwVH5ydf7xyV2eJR3_TU.roa (hash: xFhHztukLroKSICySsgp6ifCMDIbrBfwaaKjTAvv1Gw=)
                          3: 9c4kttevmySnfkQUW_qfNzaHphg.roa (hash: /cAqDalO1CeZ8c8IzYLpRoSc0JDQhBthLLFNZ86hRlw=)
                          4: FZeGgU2IawBK8YA4BwTM_e6x5Mo.roa (hash: 4nQMnYqmNvBAGhwCS2lyqUc1bPr2XdXqGh923cUp0bQ=)
                          5: FhQiMY_Y2B9WuZvyCd_uaF0M5dI.roa (hash: fZfKiY8vxqzWF+WGF85vLsOO0yrQwq1azfxlL3m6ht4=)
                          6: GrgWTPWfiMj8FwdKYhn8zJ6Z7e8.roa (hash: IO94toPK6/Wits1irHXbrZl6wNHfS6p+U483COk6R2Y=)
                          7: KNWwGCklL3zKbMsgIOCdcNGo2tI.roa (hash: 5rF454gnBcOMqEez62ErUsCgENLRW0isAHz0go80+Fs=)
                          8: Kfp91j8uLYe194UAk8dDu_vhTkQ.crl (hash: 1+1SDJxOjLdU6beRNgJCTzy7pGRi/uiBVlnQxEj/j5Q=)
                          9: Pjq2usg2Ddr0jCim-rnljjUP2xg.roa (hash: 5RL0lX+XVqmkdynoA/ZI5Ffknvw/dGR/1FpAcrG1JiE=)
                          10: WrWpDNw0abEoNedClZIQXtxLaNM.roa (hash: gCZS2khmjJiGzLXjdqtdk6eKzbLBYpiu89Bi9tphMq4=)
                          11: aSoz0nTSHVKxl1w-_tXDaUBfI_U.roa (hash: 3H/725peI0ylJlXSnX6sTF3RBFyOHCBWf0zA//LWaS4=)
                          12: aqUiuM7FSwO0jQrVAdkkACyulNU.roa (hash: QJoSdYm5s8mfEJjbCj5VhQz2H0KAbaPDRRmLmgZWht0=)
                          13: hTJEftSpqDKpAn62ncVILyiUIA4.roa (hash: CgeSiN+wMYpnSUEh7oWmMa8OtknjA6ZGJ6sq3RGzTFw=)
                          14: nBxToIyQbLD03aHgRpkeeNieOPw.roa (hash: +npXv56cRJNf6jJA2m2/8FRk/EXL/cvT8hUJka5s2Lk=)
                          15: yBrC20joWzPYJC2p3ASrdCZ0wzk.roa (hash: xZei5bNpfbVHrnCyo7DX6ea+rnn9Va9LPl3q+efKuDg=)
                          16: yINiCi-fcEAzzbT8ry3F24_HnBw.roa (hash: DTnC3s+dTYZX9VNSoLxZjlybV3sMyllGW6D2HGEmUQ8=)
                          17: y_Cp0Ost5PqmlG4Hk_lC2iR2YZ8.roa (hash: x+U/bdDPmhe7n+Wg1yqeuhWGZvsQ5Fcm1ldpfk9dBgs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Kfp91j8uLYe194UAk8dDu_vhTkQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:f5:07:96:f5:8a:6c:c1:83:52:33:9d:b2:9d:d8:c1:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29fa7dd63f2e2d87b5f7850093c743bbfbe14e44
        Validity
            Not Before: Jan 25 12:01:13 2026 GMT
            Not After : Jan 26 12:01:13 2026 GMT
        Subject: CN=7ddb23b9cff7ce23e43322f9666933452c105fe5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:8f:0d:b0:8e:dc:9d:50:fe:1a:cc:ec:d8:b5:
                    59:8d:16:31:9a:61:90:09:a8:d6:de:47:57:c0:00:
                    f8:56:1a:c7:66:d1:96:c4:9c:b5:22:76:d9:4c:d1:
                    82:dc:e6:f5:4d:a7:d6:3e:43:98:59:07:c2:e0:3c:
                    fb:e0:4e:38:f3:9d:07:8d:5d:61:6b:af:78:8f:dd:
                    b8:e0:75:21:24:47:52:32:53:30:52:3c:72:8e:9a:
                    6f:86:d1:34:b8:4c:5f:a4:3c:15:3b:97:18:a1:b5:
                    0d:0d:8f:1f:53:6e:24:39:ca:30:60:86:c2:21:30:
                    d1:23:f1:ed:f5:6b:67:91:be:2d:37:ec:31:91:d5:
                    38:28:ab:8f:7b:14:2c:ed:ef:b9:55:00:73:d7:ed:
                    66:fe:95:7d:3b:d1:b7:93:1e:74:da:a9:d2:30:82:
                    f3:37:a1:eb:6d:3b:af:2d:02:1e:08:e6:a6:df:fa:
                    38:9e:c3:b0:60:4b:0e:29:c8:a9:37:c4:d9:96:e8:
                    f8:3a:05:39:ac:7f:07:98:d2:5d:af:45:4f:3c:75:
                    57:1a:fd:a2:d0:5d:e4:87:5c:9d:88:5e:6d:bc:c5:
                    2c:f3:35:70:e2:44:15:49:ff:67:13:09:a0:fa:5c:
                    2d:fa:5c:23:a1:59:d2:fd:8e:12:c8:52:11:70:9c:
                    bc:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:DB:23:B9:CF:F7:CE:23:E4:33:22:F9:66:69:33:45:2C:10:5F:E5
            X509v3 Authority Key Identifier:
                keyid:29:FA:7D:D6:3F:2E:2D:87:B5:F7:85:00:93:C7:43:BB:FB:E1:4E:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kfp91j8uLYe194UAk8dDu_vhTkQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:1a:65:4f:18:43:03:2b:15:f4:2a:83:47:1b:6b:37:a7:6e:
         51:d0:79:e3:d3:4f:db:73:6d:25:cc:25:c1:12:87:ab:ba:35:
         c1:aa:99:b4:de:10:22:71:28:af:1e:67:bb:d3:0c:db:2c:b3:
         80:d6:d1:44:b1:22:c6:d9:0d:d0:39:91:16:d9:8f:c4:16:25:
         5a:06:6f:cc:e4:7a:97:fc:77:c6:56:6e:46:81:b5:46:81:96:
         f1:73:ac:b4:a0:c9:99:07:94:71:af:57:05:c1:2c:dc:74:18:
         2e:0e:2c:fe:35:a2:80:fd:74:0f:3d:18:13:d9:88:68:b5:95:
         76:f5:5b:9e:2e:0c:1f:7f:1c:4b:a2:2d:68:25:d4:a7:24:63:
         6d:03:41:50:1a:7d:22:36:43:ef:a0:82:e6:f6:39:84:a8:5c:
         ed:0d:ec:66:5d:59:13:b6:da:9c:55:24:ab:cc:0e:43:72:43:
         40:15:a2:96:7c:de:6c:e6:48:56:c0:f3:f2:5c:8a:18:57:63:
         79:73:94:d6:5f:28:0a:ca:a8:09:37:d9:a9:be:a9:75:34:13:
         68:a9:25:c5:b8:ae:76:6e:ff:68:44:29:32:26:4a:67:7e:b6:
         45:b4:34:f1:f2:91:11:66:6a:aa:3a:7a:52:2a:c5:02:c4:89:
         62:a6:d4:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZv1B5b1imzBg1IznbKd2MFWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZmE3ZGQ2M2YyZTJkODdiNWY3ODUwMDkzYzc0M2JiZmJl
MTRlNDQwHhcNMjYwMTI1MTIwMTEzWhcNMjYwMTI2MTIwMTEzWjAzMTEwLwYDVQQD
Eyg3ZGRiMjNiOWNmZjdjZTIzZTQzMzIyZjk2NjY5MzM0NTJjMTA1ZmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq48NsI7cnVD+Gszs2LVZjRYxmmGQ
CajW3kdXwAD4VhrHZtGWxJy1InbZTNGC3Ob1TafWPkOYWQfC4Dz74E44850HjV1h
a694j9244HUhJEdSMlMwUjxyjppvhtE0uExfpDwVO5cYobUNDY8fU24kOcowYIbC
ITDRI/Ht9Wtnkb4tN+wxkdU4KKuPexQs7e+5VQBz1+1m/pV9O9G3kx502qnSMILz
N6HrbTuvLQIeCOam3/o4nsOwYEsOKcipN8TZluj4OgU5rH8HmNJdr0VPPHVXGv2i
0F3kh1ydiF5tvMUs8zVw4kQVSf9nEwmg+lwt+lwjoVnS/Y4SyFIRcJy8KQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH3bI7nP984j5DMi+WZpM0UsEF/lMB8GA1UdIwQY
MBaAFCn6fdY/Li2HtfeFAJPHQ7v74U5EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZwOTFqOHVMWWUxOTRVQWs4ZER1X3ZoVGtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8yYzBjYmYtMTFmNy00YjZkLWI4OGUt
NzlmN2I2ZWE3YzE0LzEvS2ZwOTFqOHVMWWUxOTRVQWs4ZER1X3ZoVGtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8yYzBjYmYtMTFmNy00YjZkLWI4OGUtNzlmN2I2ZWE3YzE0
LzEvS2ZwOTFqOHVMWWUxOTRVQWs4ZER1X3ZoVGtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfhplTxhD
AysV9CqDRxtrN6duUdB549NP23NtJcwlwRKHq7o1waqZtN4QInEorx5nu9MM2yyz
gNbRRLEixtkN0DmRFtmPxBYlWgZvzOR6l/x3xlZuRoG1RoGW8XOstKDJmQeUca9X
BcEs3HQYLg4s/jWigP10Dz0YE9mIaLWVdvVbni4MH38cS6ItaCXUpyRjbQNBUBp9
IjZD76CC5vY5hKhc7Q3sZl1ZE7banFUkq8wOQ3JDQBWilnzebOZIVsDz8lyKGFdj
eXOU1l8oCsqoCTfZqb6pdTQTaKklxbiudm7/aEQpMiZKZ362RbQ08fKREWZqqjp6
UirFAsSJYqbUjw==
-----END CERTIFICATE-----