This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.mft
File:                     MkdKx8qF4JwtSLM-e_Zvjtdk3g8.mft (raw, json)
Hash identifier:          swVlDgM9dUrFAQf/Ovc8HkDWCGy/4rR0odRlxsNrMLY=
Subject key identifier:   2D:06:4A:E6:4E:14:27:A6:11:6B:ED:46:86:89:A1:3B:D6:64:89:3C
Authority key identifier: 32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
Certificate issuer:       /CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Certificate serial:       019B2FD55F6F740A1C5E0384C2A084AF6D88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.mft
Manifest number:          17AB
Signing time:             Thu 18 Dec 2025 05:01:11 +0000
Manifest this update:     Thu 18 Dec 2025 05:01:11 +0000
Manifest next update:     Fri 19 Dec 2025 05:01:11 +0000
Files and hashes:         1: 08x65D62xajmjuWxGOGX--5GFZ4.roa (hash: ku01TCluM3ObD1DEPpsLr/8jGhA1O5espf/zteTKSkk=)
                          2: 0UoizghhK2t_Hs9ANXwnp2V3H9g.roa (hash: j4VZblrlmGvi/zncbh9YoYNVMyrFMgKvx6DiuKh68sw=)
                          3: 1-fxNLZQMykWE3SLBLsEKwibzn3o.roa (hash: U9t8UfOKITE6D0gBLc/Dtn9zr6EfXzJkxHJL0LBQvTo=)
                          4: FDmDvOACHulfshItBSDCX5mBYSQ.roa (hash: aexzHKGvD/WM+wZ6/qx7vyWxEHAqx7gswtzEcmCk74k=)
                          5: FzyJ-A4chBzu8lQqhpLh4dfVe9s.roa (hash: kikBFtCVFZZA5yK1FlsJJ2Y15ol/mIm/K3+f2pwmt3Q=)
                          6: JRfXlKgZScSlnAP9_s4mWUCHMzI.roa (hash: Yofq9QzaUqxyhMLfnSLcXXtmS3vz0xWVOjl3kItQ1gM=)
                          7: MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl (hash: 91UP5rIwnMCV1FqVpVkEK4xeDZzAWb7MN0afF0nHAFU=)
                          8: RV1rjCwSnXKPzqWOYcizuue6Tmw.roa (hash: ZJyuiQwoYun/WqH4NVoy2nm760NToV5F7bd+tbvhpZI=)
                          9: UI2cnhatNs5ZeysmslxEpLBSTew.roa (hash: axZPCQgEFKrONNIyjteNC+Y0RYmX6khaCS5yj1K7lFE=)
                          10: XIqtTjvuJ5glY39EaIP6KmILhoo.roa (hash: oyK+JoJZ3ZJXn7BAWGpujgyfoF5xI3Ds91YiwWdI2PE=)
                          11: XwhTClSP1UI8joFe2laQDXk_PGU.roa (hash: Vu9nNK134kjM8iGZdGpKi0T5ZrLtuDBr7FKT4joBB3w=)
                          12: b_MAVuI29oBciIh7vGGq0NJVEzc.roa (hash: hDxp3S5bhbbLqI6OACypq5MMFaQlI+7lCsYe3tJ2F9c=)
                          13: dOfaSe3fIYIhGR1xcwXjfUk3OeI.roa (hash: uz8UfxMH6M1zEnn7EFrd8TVCQANQpajV/Ux4YkN59Jk=)
                          14: ivBw7pb2lERE4O4pT70f-IjK-H8.roa (hash: 9+du4uvg6+sqYU99LVsbimMbdhpdO5ppSVPQO3/HDIY=)
                          15: vaL0J_r43BzBTm5r8Bo75j0pTF8.roa (hash: 75FzmVXUE4MjGcr9LiSgeGxgqkVwVmsZ6mF1xXYO59Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 19 Dec 2025 04:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:2f:d5:5f:6f:74:0a:1c:5e:03:84:c2:a0:84:af:6d:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
        Validity
            Not Before: Dec 18 05:01:11 2025 GMT
            Not After : Dec 19 05:01:11 2025 GMT
        Subject: CN=2d064ae64e1427a6116bed468689a13bd664893c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:34:bd:af:6d:4e:1c:07:73:99:14:8f:42:54:
                    d4:71:b5:f4:48:e7:33:91:94:60:a5:94:c8:67:b2:
                    2f:22:7e:8a:4e:2d:51:d0:e6:4a:3f:79:07:19:f2:
                    56:4f:fb:77:28:f1:3f:78:6c:d9:e0:73:c3:14:9f:
                    17:be:f3:86:cb:e8:cb:c9:57:43:20:f1:a7:3d:36:
                    d8:c4:d7:4c:f8:a5:05:ed:c7:f2:06:84:fc:83:5e:
                    84:8f:0c:06:b1:2b:3e:5d:03:83:78:ff:56:9a:77:
                    93:23:5b:53:05:a3:f9:67:46:83:24:db:f3:e0:93:
                    3f:33:bf:21:30:e5:0f:f9:d3:d5:59:6e:a9:8b:ce:
                    73:24:36:e1:fe:2c:59:64:ca:62:64:d1:52:91:61:
                    cd:41:3e:25:60:d4:28:96:62:0b:21:f5:f0:a0:65:
                    6e:b9:6c:c1:12:cc:ab:01:10:e7:dd:6e:80:1d:eb:
                    36:1b:28:e2:67:b8:f3:6a:28:d9:6b:26:0b:da:47:
                    e5:bf:3f:91:64:7d:e0:51:55:17:73:ad:0a:07:05:
                    41:3c:a9:da:50:c4:04:c6:93:04:1f:c6:3f:76:68:
                    cf:a6:81:d3:cf:df:ba:cf:1d:77:3b:52:1f:41:80:
                    80:57:c4:24:eb:ed:13:9b:3d:e2:0b:9c:ce:e8:8c:
                    da:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:06:4A:E6:4E:14:27:A6:11:6B:ED:46:86:89:A1:3B:D6:64:89:3C
            X509v3 Authority Key Identifier:
                keyid:32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:d6:c6:88:d4:e7:79:4a:d5:a5:78:70:33:0a:7c:3d:5b:68:
         14:a4:ca:26:29:99:e8:b1:47:a6:4a:65:ca:99:e4:de:e3:8d:
         4c:83:f9:ed:06:56:6c:4b:41:13:ed:76:f6:31:ba:b0:15:c6:
         dd:28:61:6f:a2:b4:c0:0b:39:ea:57:82:24:de:01:40:35:aa:
         db:74:9e:df:3e:c0:3b:63:fb:d8:3c:23:12:d0:d6:33:9d:29:
         0b:bf:f8:ea:09:85:7e:f9:cd:c1:fb:84:15:a0:ae:c4:0a:cc:
         8b:ed:2d:4b:90:9d:79:22:db:42:a9:a4:00:23:04:0b:f4:0c:
         36:f9:7c:21:e6:10:0c:6c:47:8a:de:ae:83:2b:07:cc:33:68:
         ac:30:8a:79:c9:d9:a3:b7:5d:c7:01:80:c3:99:03:84:cd:88:
         dd:f9:4a:e7:15:ed:1e:f2:4b:7b:ba:5e:7c:48:37:60:b1:a6:
         01:77:5c:60:e0:47:ef:54:9f:7f:5a:29:2a:2c:ba:c5:8a:e4:
         0a:8f:d0:25:93:bb:4c:da:3f:74:b3:10:be:b9:c7:bd:c7:f6:
         66:c1:c3:0b:99:22:8b:04:c5:58:01:19:37:c2:c1:ad:10:66:
         cf:0b:65:a7:9c:0f:20:06:4b:dd:ee:09:f1:d0:ae:16:ad:20:
         b8:7a:be:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZsv1V9vdAocXgOEwqCEr22IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNDc0YWM3Y2E4NWUwOWMyZDQ4YjMzZTdiZjY2ZjhlZDc2
NGRlMGYwHhcNMjUxMjE4MDUwMTExWhcNMjUxMjE5MDUwMTExWjAzMTEwLwYDVQQD
EygyZDA2NGFlNjRlMTQyN2E2MTE2YmVkNDY4Njg5YTEzYmQ2NjQ4OTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTS9r21OHAdzmRSPQlTUcbX0SOcz
kZRgpZTIZ7IvIn6KTi1R0OZKP3kHGfJWT/t3KPE/eGzZ4HPDFJ8XvvOGy+jLyVdD
IPGnPTbYxNdM+KUF7cfyBoT8g16EjwwGsSs+XQODeP9WmneTI1tTBaP5Z0aDJNvz
4JM/M78hMOUP+dPVWW6pi85zJDbh/ixZZMpiZNFSkWHNQT4lYNQolmILIfXwoGVu
uWzBEsyrARDn3W6AHes2GyjiZ7jzaijZayYL2kflvz+RZH3gUVUXc60KBwVBPKna
UMQExpMEH8Y/dmjPpoHTz9+6zx13O1IfQYCAV8Qk6+0Tmz3iC5zO6IzawwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC0GSuZOFCemEWvtRoaJoTvWZIk8MB8GA1UdIwQY
MBaAFDJHSsfKheCcLUizPnv2b47XZN4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzkt
MTJlYzIyYzljNWEyLzEvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzktMTJlYzIyYzljNWEy
LzEvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAedbGiNTn
eUrVpXhwMwp8PVtoFKTKJimZ6LFHpkplypnk3uONTIP57QZWbEtBE+129jG6sBXG
3Shhb6K0wAs56leCJN4BQDWq23Se3z7AO2P72DwjEtDWM50pC7/46gmFfvnNwfuE
FaCuxArMi+0tS5CdeSLbQqmkACMEC/QMNvl8IeYQDGxHit6ugysHzDNorDCKecnZ
o7ddxwGAw5kDhM2I3flK5xXtHvJLe7pefEg3YLGmAXdcYOBH71Sff1opKiy6xYrk
Co/QJZO7TNo/dLMQvrnHvcf2ZsHDC5kiiwTFWAEZN8LBrRBmzwtlp5wPIAZL3e4J
8dCuFq0guHq+vQ==
-----END CERTIFICATE-----