This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.mft
File:                     OKhVBlm7aOdw2LASa3Jh-4fYJAs.mft (raw, json)
Hash identifier:          AKkGYulGssUAEDYDQmM6XWItkg94VI/hS6cKZA9Ll8Y=
Subject key identifier:   F9:42:6E:7C:89:DA:71:36:95:A4:CA:6C:8A:0D:65:57:F0:8C:04:FD
Authority key identifier: 38:A8:55:06:59:BB:68:E7:70:D8:B0:12:6B:72:61:FB:87:D8:24:0B
Certificate issuer:       /CN=38a8550659bb68e770d8b0126b7261fb87d8240b
Certificate serial:       019BF6BF65B810695B26D1BE7BE9AB65326C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.mft
Manifest number:          17ED
Signing time:             Sun 25 Jan 2026 20:01:37 +0000
Manifest this update:     Sun 25 Jan 2026 20:01:37 +0000
Manifest next update:     Mon 26 Jan 2026 20:01:37 +0000
Files and hashes:         1: GS12T19X33XYAhf098NVhyXx3j4.roa (hash: 2sPtA3M8U954wEjtNrs6ONRJ78QRH5zWAILMakv6ILg=)
                          2: OKhVBlm7aOdw2LASa3Jh-4fYJAs.crl (hash: EL5HesQ1NCFi9OH85Nl7awrhZCzokXwz7RLgNJV7+bQ=)
                          3: Ys4PogIAyq6Z-1e6V87HwtKW-Jw.roa (hash: 9OEorLPT8PEnhbBuzCTUI3Vb5lQD/nIA0b2dhSxkYk4=)
                          4: ckGyseiXClHPKvZc0nmqY19ttos.roa (hash: Yi/gbRZzD3hzlnLpg0sfEHwVq1nYLL7ZQtIyu02d0kc=)
                          5: flQssGcGnPHhqNGkKwTNsJejaeQ.roa (hash: 7MK/e6VIAjwZyf2enbWUdzme5SKLDGdFufR5UtJ+Iyo=)
                          6: tI1eWKq17tDG9hQWcAP-FozruWU.roa (hash: yszzGKzH2Y3utLHy31Xungt79IkdPWx2rbVckLVltxM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 26 Jan 2026 20:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:f6:bf:65:b8:10:69:5b:26:d1:be:7b:e9:ab:65:32:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38a8550659bb68e770d8b0126b7261fb87d8240b
        Validity
            Not Before: Jan 25 20:01:37 2026 GMT
            Not After : Jan 26 20:01:37 2026 GMT
        Subject: CN=f9426e7c89da713695a4ca6c8a0d6557f08c04fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:bb:45:9d:b0:60:0f:c7:1e:4c:59:3e:e2:46:
                    65:96:9c:23:41:88:56:08:0b:56:53:bd:bd:39:aa:
                    4a:c4:f1:a5:16:20:98:50:f8:5c:56:94:14:f8:fa:
                    e8:6c:3c:74:4b:a2:92:34:26:a4:9f:c5:93:cb:52:
                    86:b2:be:e1:db:e6:8a:78:83:51:8b:3a:1e:58:d3:
                    5f:fd:37:c1:0b:43:0b:4b:83:92:ce:a1:a6:22:19:
                    cc:76:13:74:92:9c:cb:1c:df:0b:c7:3d:d8:9e:23:
                    53:3c:1c:39:40:b2:4b:31:dc:02:d4:df:5e:1e:11:
                    9d:39:c6:a3:4f:1b:99:b4:2b:33:03:54:96:04:93:
                    7d:20:46:39:4e:cb:87:9e:38:f5:03:94:05:32:db:
                    0e:b6:cb:82:80:47:a7:de:23:88:27:58:8b:54:9e:
                    f3:c0:c8:7e:b7:e7:da:5b:19:1f:b7:66:be:fc:f3:
                    78:79:19:da:76:3f:38:53:da:0d:60:0d:be:a7:37:
                    55:2a:a7:d3:26:04:b2:55:b3:f2:6d:b8:e9:bd:b1:
                    f1:80:ff:e4:81:a3:a2:05:c3:f6:df:5a:b8:7c:df:
                    77:21:aa:28:00:9c:ca:c3:9a:c1:01:c9:7c:4e:bf:
                    df:ac:4c:4a:24:39:d9:f2:cb:31:0f:1a:19:80:4d:
                    84:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:42:6E:7C:89:DA:71:36:95:A4:CA:6C:8A:0D:65:57:F0:8C:04:FD
            X509v3 Authority Key Identifier:
                keyid:38:A8:55:06:59:BB:68:E7:70:D8:B0:12:6B:72:61:FB:87:D8:24:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:0b:60:34:fb:5b:86:0a:0e:be:b4:e3:18:eb:dd:a9:f4:91:
         18:30:81:4b:f1:99:c8:f6:57:22:f6:07:dc:84:bc:99:ab:64:
         d0:34:8f:31:70:17:0d:06:d1:5f:07:a0:87:e2:fc:70:f1:ab:
         1c:bb:3e:a1:e3:c3:f3:a2:45:cc:18:d7:eb:5d:fd:26:18:5e:
         63:56:c7:22:08:66:01:66:c3:73:75:0b:dd:18:e7:e5:bc:07:
         0e:62:a3:c6:52:56:81:91:3b:e5:d4:ef:26:60:59:71:ce:0b:
         07:d1:ab:ee:f1:97:da:6f:d9:39:cf:74:77:9e:3a:f1:16:76:
         b3:3d:4a:1f:17:83:71:db:61:79:28:13:cc:a8:6c:1f:3b:3c:
         d5:50:0a:7e:fe:f0:26:ec:e9:3f:1e:aa:86:67:6c:5d:d1:35:
         89:97:05:43:8e:13:cc:64:aa:92:61:7c:05:3d:62:0d:36:e3:
         5e:d3:f0:d5:37:df:86:b7:1f:e4:3a:fb:bf:9f:72:01:c5:14:
         e5:e4:86:9d:be:8f:b8:8a:b9:e0:20:53:49:88:e3:01:8b:0e:
         51:c3:3b:e8:c3:7d:33:85:67:da:f4:ca:ca:48:a6:b0:69:27:
         8a:b9:ae:b7:3b:e6:ab:3f:1f:c0:f4:04:c4:27:7f:74:fe:2c:
         13:81:51:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZv2v2W4EGlbJtG+e+mrZTJsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTg1NTA2NTliYjY4ZTc3MGQ4YjAxMjZiNzI2MWZiODdk
ODI0MGIwHhcNMjYwMTI1MjAwMTM3WhcNMjYwMTI2MjAwMTM3WjAzMTEwLwYDVQQD
EyhmOTQyNmU3Yzg5ZGE3MTM2OTVhNGNhNmM4YTBkNjU1N2YwOGMwNGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLtFnbBgD8ceTFk+4kZllpwjQYhW
CAtWU729OapKxPGlFiCYUPhcVpQU+ProbDx0S6KSNCakn8WTy1KGsr7h2+aKeINR
izoeWNNf/TfBC0MLS4OSzqGmIhnMdhN0kpzLHN8Lxz3YniNTPBw5QLJLMdwC1N9e
HhGdOcajTxuZtCszA1SWBJN9IEY5TsuHnjj1A5QFMtsOtsuCgEen3iOIJ1iLVJ7z
wMh+t+faWxkft2a+/PN4eRnadj84U9oNYA2+pzdVKqfTJgSyVbPybbjpvbHxgP/k
gaOiBcP231q4fN93IaooAJzKw5rBAcl8Tr/frExKJDnZ8ssxDxoZgE2ETQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPlCbnyJ2nE2laTKbIoNZVfwjAT9MB8GA1UdIwQY
MBaAFDioVQZZu2jncNiwEmtyYfuH2CQLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0toVkJsbTdhT2R3MkxBU2EzSmgtNGZZSkFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi83ZGNlNzMtYzRkZi00MzMzLThlODEt
MWQ3MDNiNDk2NjM0LzEvT0toVkJsbTdhT2R3MkxBU2EzSmgtNGZZSkFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi83ZGNlNzMtYzRkZi00MzMzLThlODEtMWQ3MDNiNDk2NjM0
LzEvT0toVkJsbTdhT2R3MkxBU2EzSmgtNGZZSkFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHgtgNPtb
hgoOvrTjGOvdqfSRGDCBS/GZyPZXIvYH3IS8matk0DSPMXAXDQbRXwegh+L8cPGr
HLs+oePD86JFzBjX6139JhheY1bHIghmAWbDc3UL3Rjn5bwHDmKjxlJWgZE75dTv
JmBZcc4LB9Gr7vGX2m/ZOc90d5468RZ2sz1KHxeDcdtheSgTzKhsHzs81VAKfv7w
JuzpPx6qhmdsXdE1iZcFQ44TzGSqkmF8BT1iDTbjXtPw1Tffhrcf5Dr7v59yAcUU
5eSGnb6PuIq54CBTSYjjAYsOUcM76MN9M4Vn2vTKykimsGknirmutzvmqz8fwPQE
xCd/dP4sE4FRzQ==
-----END CERTIFICATE-----
Generated at Mon Jan 26 03:32:52 2026 by rpki-client