This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/KZWUToTcN7pqQtaLseK5pEIehKQ.mft
File:                     KZWUToTcN7pqQtaLseK5pEIehKQ.mft (raw, json)
Hash identifier:          tO826aEVbcABUQK3i0zVWgAGxekZfJRre8glsrGpJSc=
Subject key identifier:   81:CA:05:C4:2B:A6:10:94:39:34:6A:CE:65:26:37:AC:48:0B:D3:61
Authority key identifier: 29:95:94:4E:84:DC:37:BA:6A:42:D6:8B:B1:E2:B9:A4:42:1E:84:A4
Certificate issuer:       /CN=2995944e84dc37ba6a42d68bb1e2b9a4421e84a4
Certificate serial:       019BF273CDE679CDDA4D0F17804FB7C8652A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KZWUToTcN7pqQtaLseK5pEIehKQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/KZWUToTcN7pqQtaLseK5pEIehKQ.mft
Manifest number:          17E6
Signing time:             Sun 25 Jan 2026 00:00:33 +0000
Manifest this update:     Sun 25 Jan 2026 00:00:33 +0000
Manifest next update:     Mon 26 Jan 2026 00:00:33 +0000
Files and hashes:         1: KZWUToTcN7pqQtaLseK5pEIehKQ.crl (hash: lu2qowk0mtgS77H8Ie7XDXllMfWv2qfIQAxXmrmcQ9Y=)
                          2: REMIC3qlblupLlRlDy8YWtuHeGs.roa (hash: Jx2qxwn04q0eIKP0O31CsM6H6HSDWevmv7hr0SA1D6o=)
                          3: jqkc2v-EDfDqyX3RgGBk8W5KdEw.roa (hash: J6Uk//qcGJOT6wNTUI4e5Z8Vod7CmZ9RrMaWF9PPJeM=)
                          4: rrH1j10hPF7JqcYJAD3BPexcKzg.roa (hash: +IMZpUPrslETwFxcXPRLWmZpXfSU9RCOH9gP9Q/CH5w=)
                          5: y-cUmsyd1f2Nqa9AjFf-HrgBRvY.roa (hash: K08tIX67yafvJ07B2O/CtxAn2jeh7RiwSsp1rC6qb3c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/KZWUToTcN7pqQtaLseK5pEIehKQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/KZWUToTcN7pqQtaLseK5pEIehKQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KZWUToTcN7pqQtaLseK5pEIehKQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 25 Jan 2026 23:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:f2:73:cd:e6:79:cd:da:4d:0f:17:80:4f:b7:c8:65:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2995944e84dc37ba6a42d68bb1e2b9a4421e84a4
        Validity
            Not Before: Jan 25 00:00:33 2026 GMT
            Not After : Jan 26 00:00:33 2026 GMT
        Subject: CN=81ca05c42ba6109439346ace652637ac480bd361
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:89:32:86:54:24:e0:c7:df:24:73:ac:38:ae:
                    83:38:93:57:b6:aa:82:0c:c3:87:87:5a:fc:7d:73:
                    60:ef:4f:30:01:6d:e9:66:de:b2:75:eb:7a:60:dc:
                    9a:a6:25:77:03:a1:a2:70:76:1b:a4:d8:65:58:cb:
                    27:7e:a1:bb:b3:d4:04:08:30:75:8b:8d:af:7e:11:
                    97:f2:47:5d:94:e4:81:58:ad:4a:f5:cb:3a:aa:98:
                    7c:3a:6c:7f:b5:8b:51:12:ec:98:c4:76:2b:64:9f:
                    47:54:f0:36:54:6f:26:98:0d:f4:9f:e9:e1:15:79:
                    c6:09:63:d2:d1:f3:e6:d8:ec:1d:fc:1a:77:cc:23:
                    7e:c5:54:17:a1:0e:d0:dc:6b:06:e7:2b:f0:97:74:
                    f5:23:4c:03:72:ba:41:7c:29:57:46:a4:c0:36:38:
                    68:c6:43:53:4b:17:07:05:ca:e9:c0:f9:a9:87:37:
                    08:90:22:9a:ff:93:b8:22:c4:ba:a9:ce:5d:c2:8a:
                    4e:c3:49:03:0f:f0:cf:0d:3d:0b:bc:e7:d4:72:71:
                    fb:34:9b:4c:aa:60:92:70:12:04:41:a8:cd:86:a2:
                    f7:53:01:40:84:2a:e9:44:14:e2:5c:32:c8:a9:ef:
                    88:00:1b:cd:a2:e9:c5:43:b5:df:19:4b:2c:e6:92:
                    87:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:CA:05:C4:2B:A6:10:94:39:34:6A:CE:65:26:37:AC:48:0B:D3:61
            X509v3 Authority Key Identifier:
                keyid:29:95:94:4E:84:DC:37:BA:6A:42:D6:8B:B1:E2:B9:A4:42:1E:84:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KZWUToTcN7pqQtaLseK5pEIehKQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/KZWUToTcN7pqQtaLseK5pEIehKQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/KZWUToTcN7pqQtaLseK5pEIehKQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:44:a0:1a:ae:0b:7c:15:64:58:ea:05:ba:74:b9:96:34:4f:
         b1:5d:51:55:f5:05:41:30:a4:79:38:e3:7f:29:b7:85:0f:3a:
         35:de:00:d1:0e:35:00:83:46:41:04:e8:07:24:5c:a1:ee:31:
         90:57:57:5c:14:b0:73:67:9f:18:d1:a9:4a:2a:19:69:2b:89:
         80:b8:bb:bf:32:8d:b8:6f:92:ac:0e:bd:04:f7:89:72:15:b3:
         14:d4:2c:60:12:bc:3c:14:00:9c:ee:49:d0:18:89:58:9e:ee:
         cb:f6:ac:7e:04:9b:12:23:85:d6:7e:a6:f9:66:26:a2:d2:17:
         c8:73:fd:3a:36:7f:0f:bc:10:4c:8c:84:f2:0c:1b:95:97:7e:
         1b:0b:af:d5:33:5e:26:db:0a:25:56:41:4d:d4:6a:0c:0a:8d:
         7a:b7:ec:39:32:c3:c3:4c:ca:06:18:9b:8d:f7:0c:33:56:f0:
         49:dc:79:20:be:05:81:2a:a4:8f:d2:72:29:88:87:b8:7d:b0:
         6a:b8:a7:80:de:9e:0e:45:7d:3d:97:09:d2:a1:9c:9d:5d:ff:
         58:78:98:6c:04:a3:91:e4:12:c4:48:f9:2f:3f:0c:89:21:1c:
         80:e8:57:41:75:ab:0f:25:d7:cf:f3:52:d3:6c:a9:a1:4d:33:
         29:86:85:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZvyc83mec3aTQ8XgE+3yGUqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OTU5NDRlODRkYzM3YmE2YTQyZDY4YmIxZTJiOWE0NDIx
ZTg0YTQwHhcNMjYwMTI1MDAwMDMzWhcNMjYwMTI2MDAwMDMzWjAzMTEwLwYDVQQD
Eyg4MWNhMDVjNDJiYTYxMDk0MzkzNDZhY2U2NTI2MzdhYzQ4MGJkMzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0okyhlQk4MffJHOsOK6DOJNXtqqC
DMOHh1r8fXNg708wAW3pZt6ydet6YNyapiV3A6GicHYbpNhlWMsnfqG7s9QECDB1
i42vfhGX8kddlOSBWK1K9cs6qph8Omx/tYtREuyYxHYrZJ9HVPA2VG8mmA30n+nh
FXnGCWPS0fPm2Owd/Bp3zCN+xVQXoQ7Q3GsG5yvwl3T1I0wDcrpBfClXRqTANjho
xkNTSxcHBcrpwPmphzcIkCKa/5O4IsS6qc5dwopOw0kDD/DPDT0LvOfUcnH7NJtM
qmCScBIEQajNhqL3UwFAhCrpRBTiXDLIqe+IABvNounFQ7XfGUss5pKHYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIHKBcQrphCUOTRqzmUmN6xIC9NhMB8GA1UdIwQY
MBaAFCmVlE6E3De6akLWi7HiuaRCHoSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1pXVVRvVGNON3BxUXRhTHNlSzVwRUllaEtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hMTIwNjktYTA2MS00NDJlLTliZmIt
MzM4YmRkNDM5ZWUxLzEvS1pXVVRvVGNON3BxUXRhTHNlSzVwRUllaEtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hMTIwNjktYTA2MS00NDJlLTliZmItMzM4YmRkNDM5ZWUx
LzEvS1pXVVRvVGNON3BxUXRhTHNlSzVwRUllaEtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV0SgGq4L
fBVkWOoFunS5ljRPsV1RVfUFQTCkeTjjfym3hQ86Nd4A0Q41AINGQQToByRcoe4x
kFdXXBSwc2efGNGpSioZaSuJgLi7vzKNuG+SrA69BPeJchWzFNQsYBK8PBQAnO5J
0BiJWJ7uy/asfgSbEiOF1n6m+WYmotIXyHP9OjZ/D7wQTIyE8gwblZd+Gwuv1TNe
JtsKJVZBTdRqDAqNerfsOTLDw0zKBhibjfcMM1bwSdx5IL4FgSqkj9JyKYiHuH2w
aringN6eDkV9PZcJ0qGcnV3/WHiYbASjkeQSxEj5Lz8MiSEcgOhXQXWrDyXXz/NS
02ypoU0zKYaFOw==
-----END CERTIFICATE-----
Generated at Sun Jan 25 10:47:44 2026 by rpki-client