This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft
File:                     Us2aZRLb8lpfGbgn16LH4iou6N0.mft (raw, json)
Hash identifier:          l9wfczp74Xn8xcrjfQe9v88yRkJXC105mEJ58Gy25KI=
Subject key identifier:   27:1A:B2:DB:D1:AD:EE:89:08:71:02:7C:59:A4:C6:11:AB:69:B5:9F
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Certificate issuer:       /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial:       019BF4999850F595A0568F39DAB93D5FF330
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft
Manifest number:          0AAE
Signing time:             Sun 25 Jan 2026 10:01:05 +0000
Manifest this update:     Sun 25 Jan 2026 10:01:05 +0000
Manifest next update:     Mon 26 Jan 2026 10:01:05 +0000
Files and hashes:         1: 3JNAFPmuRusA7_P1cHUrpNc8ZWQ.roa (hash: zKy+aXsrA8Z978tqaQi0ynXqJW9mllBBtqQYt4mz8gc=)
                          2: 3eP-ZYKR74zQteZxg-jYK68KuKU.roa (hash: rI+Q6O08EYSoWZw7Ks588qVsTWbvSuHUC1dp2GQPsEg=)
                          3: 6ez8s1YBp2TYVVuKcqGU9mGsJLQ.roa (hash: iFltius3SHf/ctu10YpbCgn/dFGwWU60BbGiBMv1N44=)
                          4: Ezt0FRQhgMB0E-9UJr97REAQ55w.roa (hash: Oa9Kwz+GiNskimggPADsaHBSugnVAK5DsSEzBCQ0f0w=)
                          5: P_D_ETEf8fM0qD-n9k3sXI0l4sQ.roa (hash: km1zfTMKVFbL54YLMOaXsziXgfhwGqdhHfk0e2A1ubg=)
                          6: Px4XmExl2QONyqSP6s8-qLoIeoI.roa (hash: reA0XoIHBbZsGAjNzRWT9dW+9757Ms5dgcUGYfnrDi8=)
                          7: SY0oaouPknTSy2MmGqSQOcOco4Q.roa (hash: HRxdYO/Iechw+UCcupxpKvFHOwFwn4JRjC6eMfFT/dQ=)
                          8: Us2aZRLb8lpfGbgn16LH4iou6N0.crl (hash: UkFjdnHtAvTxsDZ2JwebSAisA2fxCmuoHau3PcRfi1g=)
                          9: _6Vs95Jmy7MF2kHG6396ytTGdZ8.roa (hash: EoAlzz1DKspJX2qs3ChwNI4PXJbIIl04jqeAnWG79Vw=)
                          10: b4bnSjrxkGqwlr0zkoxcOijmFkc.roa (hash: fQuLS072q+zjmBm2EgGlUmemoEePNKD15HIZM6Eyfw4=)
                          11: hlAbpQnKYaIDHrjCT-1lNBwSXu0.roa (hash: BILz2oAMGgMF6vZP6W3jaxaaHIODVkHC+m/GaL33QlM=)
                          12: kPZtrooPlOyF8jQupuEU9Gy1bJQ.roa (hash: KtcI+6F6qPHzsOZYQ0EOD+pODuibLz2OAgS4M/a6Aq4=)
                          13: oLlQgePRk9yvcOlL0Fl_a56u9H4.roa (hash: Wqock9cGRbZPQGtCkafIuYZm7FqajUuA17fJ83OGRks=)
                          14: otDdauzK1pDpIELnjnezw5Wgbks.roa (hash: PkYGbseDQrN+XnOme6deJeEpgE/JFmyzszNd7IeDEBs=)
                          15: qPI1ggc-eoyI91LAejwAAyCD3rI.roa (hash: tWlcYblK/ohLjpwsq6RKKOq9sGO2SDlm/NJl1KT1Ji8=)
                          16: xp9MuE3K7E-Sb2HgnwhKc3yErto.roa (hash: 9FJKEkYOHXVi/GiMh+ZQtwPZthuSJbC+u80wUEZ5uBo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 07:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:f4:99:98:50:f5:95:a0:56:8f:39:da:b9:3d:5f:f3:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
        Validity
            Not Before: Jan 25 10:01:05 2026 GMT
            Not After : Jan 26 10:01:05 2026 GMT
        Subject: CN=271ab2dbd1adee890871027c59a4c611ab69b59f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:45:69:f6:e0:e2:d0:f8:e8:eb:6e:3b:a0:59:
                    a2:9a:18:9f:98:b0:6d:e4:0c:0e:4d:99:43:56:d2:
                    98:9e:4e:ce:8e:0e:d1:26:38:cc:9e:b0:9b:74:24:
                    e3:19:a3:b4:30:ed:2b:0a:cd:7a:d4:5d:f1:d1:d2:
                    71:22:37:c1:56:2a:15:48:07:df:90:b2:40:3f:d8:
                    9f:87:13:79:ea:1b:7e:a3:da:f0:42:52:ea:f4:f6:
                    32:c9:ce:bb:a9:17:39:89:d0:0d:d6:1c:16:e1:76:
                    cf:01:93:7a:89:57:8b:92:d0:3e:f0:ff:5b:01:c5:
                    57:24:42:a7:30:f1:59:e1:bd:9b:30:a5:a0:19:d2:
                    7c:4b:d2:4b:aa:3b:50:99:1b:50:7c:0a:ad:85:29:
                    f5:e2:40:7a:8b:35:c9:d2:9d:b5:f1:7d:6d:88:cd:
                    1e:95:db:a2:f4:01:f3:bc:a9:fe:90:ef:78:bd:e4:
                    ad:75:84:af:93:2b:25:a0:74:bb:d1:41:0d:82:51:
                    c2:14:ba:d4:71:bb:30:cc:d5:dc:f3:13:c2:b6:23:
                    38:bd:38:15:59:fa:47:4b:2f:b6:48:c9:61:5f:a9:
                    ea:93:2e:87:a2:96:0b:bc:eb:a0:3d:aa:52:d3:f2:
                    54:6c:b4:60:e0:00:0b:bb:40:89:5b:57:66:84:d9:
                    5a:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:1A:B2:DB:D1:AD:EE:89:08:71:02:7C:59:A4:C6:11:AB:69:B5:9F
            X509v3 Authority Key Identifier:
                keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:75:b3:61:43:63:00:c3:d9:a7:e5:42:7a:cd:16:5b:1f:db:
         c7:85:a2:f1:e1:72:dd:84:00:ff:2d:be:2c:7b:73:93:a0:d7:
         22:81:30:79:ff:0b:d0:be:85:d2:bb:9b:83:17:df:0d:b0:1d:
         cb:02:55:a5:56:2e:37:10:cd:4b:a3:ad:cf:cf:c9:d7:bf:82:
         38:25:1f:c9:f0:88:e8:05:ab:8a:89:87:63:44:ea:68:ae:51:
         ef:df:b0:b4:57:f0:b4:3b:ed:00:40:31:62:1e:4c:a4:ab:ea:
         6b:98:30:6a:3c:02:bd:22:97:95:22:2c:41:7a:18:ab:c5:10:
         b6:74:1e:86:78:a5:b6:9d:18:c5:99:d5:46:ec:5b:f5:bb:9b:
         88:67:4e:f3:73:a2:21:6c:14:3a:9a:ad:58:90:c1:25:eb:da:
         92:59:28:d5:cf:e2:f8:4b:f3:12:24:c4:1f:d1:9e:09:2b:74:
         2a:4b:17:b6:06:40:2d:29:38:c6:ae:2f:9c:9d:41:a1:14:27:
         28:3c:ec:0a:22:4f:46:f0:dd:b9:99:19:d8:29:9b:9a:f8:cd:
         04:a8:71:cb:3c:44:5d:f5:ea:29:85:57:fa:97:b6:e0:19:8f:
         31:da:27:f8:9d:24:9f:ae:9f:cf:5d:12:cb:ee:61:32:15:aa:
         86:02:56:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZv0mZhQ9ZWgVo852rk9X/MwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjYwMTI1MTAwMTA1WhcNMjYwMTI2MTAwMTA1WjAzMTEwLwYDVQQD
EygyNzFhYjJkYmQxYWRlZTg5MDg3MTAyN2M1OWE0YzYxMWFiNjliNTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkVp9uDi0Pjo6247oFmimhifmLBt
5AwOTZlDVtKYnk7Ojg7RJjjMnrCbdCTjGaO0MO0rCs161F3x0dJxIjfBVioVSAff
kLJAP9ifhxN56ht+o9rwQlLq9PYyyc67qRc5idAN1hwW4XbPAZN6iVeLktA+8P9b
AcVXJEKnMPFZ4b2bMKWgGdJ8S9JLqjtQmRtQfAqthSn14kB6izXJ0p218X1tiM0e
ldui9AHzvKn+kO94veStdYSvkysloHS70UENglHCFLrUcbswzNXc8xPCtiM4vTgV
WfpHSy+2SMlhX6nqky6HopYLvOugPapS0/JUbLRg4AALu0CJW1dmhNlaIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCcastvRre6JCHECfFmkxhGrabWfMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOHWzYUNj
AMPZp+VCes0WWx/bx4Wi8eFy3YQA/y2+LHtzk6DXIoEwef8L0L6F0rubgxffDbAd
ywJVpVYuNxDNS6Otz8/J17+COCUfyfCI6AWriomHY0TqaK5R79+wtFfwtDvtAEAx
Yh5MpKvqa5gwajwCvSKXlSIsQXoYq8UQtnQehniltp0YxZnVRuxb9bubiGdO83Oi
IWwUOpqtWJDBJevaklko1c/i+EvzEiTEH9GeCSt0KksXtgZALSk4xq4vnJ1BoRQn
KDzsCiJPRvDduZkZ2CmbmvjNBKhxyzxEXfXqKYVX+pe24BmPMdon+J0kn66fz10S
y+5hMhWqhgJWLg==
-----END CERTIFICATE-----