This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.mft
File:                     71fC2dk6x8-bLxfKp4WbaYWzm50.mft (raw, json)
Hash identifier:          BsIBFAFLb74NljTyk08bsK5vfyZ44j7joZ0qYTlPABk=
Subject key identifier:   FD:AB:10:2E:F6:22:25:2E:D7:21:D4:64:46:D4:46:41:DE:7D:9B:77
Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
Certificate issuer:       /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Certificate serial:       019AF2E43342AE3EB348E2699BFE09F20CB9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.mft
Manifest number:          13A8
Signing time:             Sat 06 Dec 2025 09:00:32 +0000
Manifest this update:     Sat 06 Dec 2025 09:00:32 +0000
Manifest next update:     Sun 07 Dec 2025 09:00:32 +0000
Files and hashes:         1: 0SnEDSu2fch50mXfNCrgepjBXHI.roa (hash: An4Aho4+/IQv1xSA0visBRO6r1aot3IcatgSZ0mIirs=)
                          2: 1-C-0JGDbp3Otc_z0iBBVBpQZuq4.roa (hash: YGNYUtklrL1awHGcBtsuKJFxwbJZ7yDvoZ7r6abN1Jo=)
                          3: 4cYZBaSCfKx4xdTyV36QiAtkYH8.roa (hash: 4TbdTxLmlk8EX546dkAWoaHsA8UX5a3+NdKi5edH1kY=)
                          4: 71fC2dk6x8-bLxfKp4WbaYWzm50.crl (hash: X5g51zsL6zKn1Gc7dPP2+CB4ldfptd4hGOA/WtxdRyE=)
                          5: CFEprGG9zI2SPXEkfveiqcGkxys.roa (hash: zwoMXpp3WPmfn1e+WeBEAccAThpouC8C+SBbtldgA/c=)
                          6: OKnFbF9P91_ZXtKJ3LL2trYGZZA.roa (hash: REsU/w11Yq/eW46cSLfnRZY+9FwY7bx6z/QbRrdcMvw=)
                          7: RLjWAiBDW7OGzF_VcCkKg-SuzTE.roa (hash: DCBINTtLxKJQkC6BRMLb3TMqWlrNb5ZnwJro+/q+QhU=)
                          8: Xd2QaW60upMnqwQIBHXXIoPXPzs.roa (hash: +i6BQOs/QyU2pk+3pSoh+wtk4Cf+VFJXifr7WtqVoY4=)
                          9: aQ3kSZGYrFWGAxsW5cMfgI6PR2k.roa (hash: WV200zuYmYOFQxibHNHmLysdFj/S1kHqxW3IuzyrxUs=)
                          10: d3w3nqB5Kl-FSC0jSCG-gsD4dlY.roa (hash: 33QNQ+kF6mFEetO5Rno9ayPExXyzerB4sZWFH0Ulruk=)
                          11: kaXih0ftxLoxKevElyyNGY3Am90.roa (hash: VV+Kmbg3++xVZSuR6z9QplDGDyuGw9lzxK6+uDRXc2k=)
                          12: mMAwso5PyMiUkBDuP91mCU2ukBI.roa (hash: 8lAOzf9Ul80EHkivmkCJNmV8WShjC87n8hXocC2Jg4o=)
                          13: pWCods6SP1-TwrIaXyXEahg6hSk.roa (hash: U/lqxnFFyY4IfL+Wh8Z1AqEVFTTqD0Mud4Ulygu2dBg=)
                          14: rL6AzulHQOLcRfhqRrPdMX43AzM.roa (hash: /p4sN3vL44k5lwQiWwAvoayVUuPAubPMAhf99ERn0+c=)
                          15: vVFxLsvkYjoi6jLUlY42DeA3xLA.roa (hash: 09k7XEdEjZik9O1l3B30uZBb/57gJQ9H98oYjLTzrsU=)
                          16: xE9QBs_-I-okZvOErWXLkoKDqmk.roa (hash: PCh0aczn6Bj3Hiz+iIpjZK10Xg+FpiTDJMX+WibJh2o=)
                          17: yedI6EpedZ28jyB60XNo0uK6oF8.roa (hash: hWsq9urJIZSeMGg4SgxXz+gEuiBCoRbdm4v/CAFQ2CU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 07 Dec 2025 05:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:f2:e4:33:42:ae:3e:b3:48:e2:69:9b:fe:09:f2:0c:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
        Validity
            Not Before: Dec  6 09:00:32 2025 GMT
            Not After : Dec  7 09:00:32 2025 GMT
        Subject: CN=fdab102ef622252ed721d46446d44641de7d9b77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:82:c8:5c:d5:47:32:b2:75:5e:fb:59:69:04:
                    cb:e1:93:fb:d9:dc:21:b4:23:ed:60:5b:68:49:3a:
                    4d:43:a6:82:d6:7d:68:2f:ba:7e:0b:32:ed:fc:a0:
                    ff:99:3e:27:7e:84:1f:8a:fc:bf:1b:f2:06:56:15:
                    a5:02:ad:0c:72:6d:83:be:57:86:8f:a5:fb:34:b7:
                    9d:09:09:f0:c7:1b:eb:f9:13:c5:f8:88:34:2a:2b:
                    f5:55:e0:54:e3:ad:de:1c:77:ee:9f:b2:24:1f:e0:
                    ee:2f:4a:63:07:e6:5e:dc:7e:f5:1b:99:0b:73:79:
                    c9:dc:13:5a:e9:3a:dd:00:41:de:a7:7f:07:60:4f:
                    d9:61:53:71:35:cd:99:7a:00:e8:2e:e7:32:58:1b:
                    99:9e:68:85:27:47:4d:a2:e1:df:bf:0e:a3:37:77:
                    7a:0e:46:23:94:0a:95:e2:81:69:fa:81:70:f9:8e:
                    2a:20:54:b9:ca:45:37:48:9f:8d:d5:e6:c6:43:fb:
                    17:68:9d:d4:f2:d6:90:8e:66:c7:ec:b1:05:22:ec:
                    9e:3a:8b:a9:91:ea:54:34:13:2f:8a:83:29:00:2f:
                    18:f2:38:57:59:0d:dc:56:e2:7c:9f:a2:f4:37:2a:
                    84:de:b0:fd:18:a4:06:f0:2b:24:d0:5c:ee:3a:50:
                    21:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:AB:10:2E:F6:22:25:2E:D7:21:D4:64:46:D4:46:41:DE:7D:9B:77
            X509v3 Authority Key Identifier:
                keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cf:a2:25:e1:85:74:4c:fa:3f:9e:48:72:18:23:d0:a4:8a:07:
         0d:2b:92:4b:fe:33:b2:c6:11:d7:e7:cb:a9:df:07:5f:08:de:
         30:ab:d6:e0:01:8d:86:f8:ec:4c:35:45:fb:4b:1d:bb:1a:b3:
         c4:6f:39:b6:8d:f5:5a:44:44:1b:86:51:d4:c7:e7:19:ca:4f:
         fb:c2:dc:06:8f:0f:74:97:91:59:02:3f:90:62:98:85:af:1f:
         bb:7d:58:55:1c:29:1c:b2:22:61:2e:7c:35:e0:e3:d6:1a:3b:
         ad:02:ba:60:99:1c:e0:dc:de:63:d3:f7:83:71:7b:9e:53:8b:
         ea:ea:cd:52:09:7e:b1:a0:f0:d7:f3:e6:4a:28:a7:8e:a8:92:
         2c:f5:69:ee:39:ba:51:26:b2:18:a0:60:68:35:51:58:10:97:
         23:b1:e2:fc:c1:22:bb:3a:cc:e0:99:73:a2:ef:dd:80:52:8d:
         57:9e:07:2d:0d:ee:53:53:dd:48:c1:7a:81:41:ad:0a:17:4d:
         ba:a5:f3:38:96:c1:2b:c7:fc:ae:42:da:c5:b5:ad:9d:83:cd:
         11:2a:8b:bc:94:ba:b4:e5:5f:5e:e2:a4:4f:f0:d4:63:98:e2:
         be:18:94:3e:cb:a2:17:c1:a5:60:4b:34:df:8b:a2:07:ac:e6:
         2d:9f:a5:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZry5DNCrj6zSOJpm/4J8gy5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTdjMmQ5ZDkzYWM3Y2Y5YjJmMTdjYWE3ODU5YjY5ODVi
MzliOWQwHhcNMjUxMjA2MDkwMDMyWhcNMjUxMjA3MDkwMDMyWjAzMTEwLwYDVQQD
EyhmZGFiMTAyZWY2MjIyNTJlZDcyMWQ0NjQ0NmQ0NDY0MWRlN2Q5Yjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYLIXNVHMrJ1XvtZaQTL4ZP72dwh
tCPtYFtoSTpNQ6aC1n1oL7p+CzLt/KD/mT4nfoQfivy/G/IGVhWlAq0Mcm2DvleG
j6X7NLedCQnwxxvr+RPF+Ig0Kiv1VeBU463eHHfun7IkH+DuL0pjB+Ze3H71G5kL
c3nJ3BNa6TrdAEHep38HYE/ZYVNxNc2ZegDoLucyWBuZnmiFJ0dNouHfvw6jN3d6
DkYjlAqV4oFp+oFw+Y4qIFS5ykU3SJ+N1ebGQ/sXaJ3U8taQjmbH7LEFIuyeOoup
kepUNBMvioMpAC8Y8jhXWQ3cVuJ8n6L0NyqE3rD9GKQG8Csk0FzuOlAhswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP2rEC72IiUu1yHUZEbURkHefZt3MB8GA1UdIwQY
MBaAFO9XwtnZOsfPmy8XyqeFm2mFs5udMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2Njct
OGU2Zjg3OGRiNWY0LzEvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2NjctOGU2Zjg3OGRiNWY0
LzEvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAz6Il4YV0
TPo/nkhyGCPQpIoHDSuSS/4zssYR1+fLqd8HXwjeMKvW4AGNhvjsTDVF+0sduxqz
xG85to31WkREG4ZR1MfnGcpP+8LcBo8PdJeRWQI/kGKYha8fu31YVRwpHLIiYS58
NeDj1ho7rQK6YJkc4NzeY9P3g3F7nlOL6urNUgl+saDw1/PmSiinjqiSLPVp7jm6
USayGKBgaDVRWBCXI7Hi/MEiuzrM4Jlzou/dgFKNV54HLQ3uU1PdSMF6gUGtChdN
uqXzOJbBK8f8rkLaxbWtnYPNESqLvJS6tOVfXuKkT/DUY5jivhiUPsuiF8GlYEs0
34uiB6zmLZ+lDA==
-----END CERTIFICATE-----