This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Manifest

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/03fd0b76-7243-4b26-9760-cc07b94bfe23/1/258D1CE0CB76A986E56C7A90A66BA7DC72F5952A.mft
File:                     258D1CE0CB76A986E56C7A90A66BA7DC72F5952A.mft (raw, json)
Hash identifier:          vDAQ4F/IPuEtkNdwS6PfMRPaf8tJB5EsjZnEINx1qQM=
Subject key identifier:   02:1B:A8:3C:68:42:3F:A0:AC:CF:0C:66:A2:FA:88:2A:E1:13:29:FD
Authority key identifier: 25:8D:1C:E0:CB:76:A9:86:E5:6C:7A:90:A6:6B:A7:DC:72:F5:95:2A
Certificate issuer:       /CN=258D1CE0CB76A986E56C7A90A66BA7DC72F5952A
Certificate serial:       6811C121C0533B03A30FA21D6723A1E9E7FC46BC
Authority info access:    rsync://rpki.axivora.net/repo/Axivora-Net/2/258D1CE0CB76A986E56C7A90A66BA7DC72F5952A.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/03fd0b76-7243-4b26-9760-cc07b94bfe23/1/258D1CE0CB76A986E56C7A90A66BA7DC72F5952A.mft
Manifest number:          3B
Signing time:             Sat 06 Dec 2025 05:39:40 +0000
Manifest this update:     Sat 06 Dec 2025 05:34:40 +0000
Manifest next update:     Sun 07 Dec 2025 08:50:40 +0000
Files and hashes:         1: 258D1CE0CB76A986E56C7A90A66BA7DC72F5952A.crl (hash: Ewyr3vpuT0vjR3hwr2acnsDPagiVikSDsdMo/IBqupc=)
                          2: 326131343a373538303a3737353a3a2f34382d3438203d3e203136353039.roa (hash: LbzBckLICgXq7UKYaeP/CXL1PXD0JCr+a84omRC/7VY=)
                          3: 326131343a373538303a3737373a3a2f34382d3438203d3e203136353039.roa (hash: xvnqSl1qLoVMIEzXN9sXRb87iGsN7N/pVeZWynFQufE=)
                          4: 326131343a373538303a3737303a3a2f34342d3438203d3e20323133383931.roa (hash: woLwL0VEJzWnepdsx0zvpMFwwJXef1WYeYkaz1KcaHg=)
                          5: 326131343a373538303a3737353a3a2f34382d3438203d3e203134363138.roa (hash: MfUF2laHihcgibdMapv7JAFGkNEIH6JIdDfIW/lhqFE=)
                          6: 326131343a373538303a3737373a3a2f34382d3438203d3e203134363138.roa (hash: RTK2m9QZnNSKC5ZVcuz7+tdRZKTs7/hzcAu/hXd2ZTc=)
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/03fd0b76-7243-4b26-9760-cc07b94bfe23/1/258D1CE0CB76A986E56C7A90A66BA7DC72F5952A.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/03fd0b76-7243-4b26-9760-cc07b94bfe23/1/258D1CE0CB76A986E56C7A90A66BA7DC72F5952A.mft
                          rsync://rpki.axivora.net/repo/Axivora-Net/2/258D1CE0CB76A986E56C7A90A66BA7DC72F5952A.cer
                          rsync://rpki.axivora.net/repo/Axivora-Net/2/F6DE6FC7AC467F10B5705E60B8FDDA02FFFD7378.crl
                          rsync://rpki.axivora.net/repo/Axivora-Net/2/F6DE6FC7AC467F10B5705E60B8FDDA02FFFD7378.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F6DE6FC7AC467F10B5705E60B8FDDA02FFFD7378.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Dec 2025 19:20:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:11:c1:21:c0:53:3b:03:a3:0f:a2:1d:67:23:a1:e9:e7:fc:46:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=258D1CE0CB76A986E56C7A90A66BA7DC72F5952A
        Validity
            Not Before: Dec  6 05:34:40 2025 GMT
            Not After : Dec  7 08:50:40 2025 GMT
        Subject: CN=021BA83C68423FA0ACCF0C66A2FA882AE11329FD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:41:fa:87:07:4b:62:2b:23:4c:96:20:66:64:
                    d8:11:03:a4:f7:df:57:b8:c3:fe:64:c8:1a:a3:bc:
                    2d:d8:06:c6:6d:33:df:be:f8:95:5f:01:32:c6:38:
                    8f:b3:b1:a7:4a:71:df:60:cf:db:a1:98:ef:a4:86:
                    c8:89:6b:6d:27:cb:55:f5:f1:f0:e9:49:23:af:e0:
                    11:ba:03:61:8d:3f:a2:d6:43:e0:87:12:d6:6e:50:
                    52:1a:ac:8a:47:90:e5:91:86:13:47:d4:ad:d2:71:
                    fa:5d:1d:7f:73:7c:af:33:17:3e:c6:77:5f:e1:77:
                    1a:f3:49:2d:8a:34:fe:29:52:8b:46:ec:4f:e4:a7:
                    87:5b:ee:b0:99:1f:4b:ce:35:d6:33:15:ac:72:ae:
                    ba:74:0d:d6:98:4a:2c:86:dd:fd:e1:c5:3b:5f:99:
                    72:ed:5a:38:45:bc:cf:ff:67:26:d8:9e:16:1a:09:
                    a9:95:28:d2:8a:f1:72:4a:87:4c:0c:8d:3b:da:1e:
                    4b:b4:f3:c5:ff:cd:36:f0:b6:96:17:af:9c:e3:a2:
                    56:68:23:e5:e2:21:40:29:91:60:0e:68:72:10:e3:
                    c4:9f:ee:99:80:f1:bb:6b:78:42:d1:4a:f4:94:52:
                    2f:19:94:b6:b2:1c:9a:63:23:b1:b8:1e:e0:1c:3e:
                    c0:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:1B:A8:3C:68:42:3F:A0:AC:CF:0C:66:A2:FA:88:2A:E1:13:29:FD
            X509v3 Authority Key Identifier:
                keyid:25:8D:1C:E0:CB:76:A9:86:E5:6C:7A:90:A6:6B:A7:DC:72:F5:95:2A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/03fd0b76-7243-4b26-9760-cc07b94bfe23/1/258D1CE0CB76A986E56C7A90A66BA7DC72F5952A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.axivora.net/repo/Axivora-Net/2/258D1CE0CB76A986E56C7A90A66BA7DC72F5952A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/03fd0b76-7243-4b26-9760-cc07b94bfe23/1/258D1CE0CB76A986E56C7A90A66BA7DC72F5952A.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:45:1e:a7:cf:ca:12:50:e9:f7:01:0f:f1:0e:38:ea:ed:e7:
         bb:b4:48:04:51:f3:ef:f6:07:ff:88:f5:7e:e3:ec:11:ce:81:
         53:67:d0:3f:b1:96:18:0a:24:59:cb:44:65:9f:1f:73:c3:61:
         cb:a7:7c:6b:8c:68:d5:b2:72:82:b2:05:e1:44:be:40:3e:67:
         0f:10:7a:ff:aa:6f:35:17:e8:9c:58:47:ab:1f:19:96:5e:97:
         03:37:88:7b:6f:87:89:8a:15:b6:32:e8:19:23:b5:40:b5:9b:
         40:4f:db:76:9b:89:6e:8e:0c:e4:d1:2f:66:04:4e:79:70:94:
         1b:9b:5e:0a:f7:6f:bd:fa:10:21:22:3d:3b:55:2e:34:1b:ef:
         78:f4:5e:b9:33:19:12:3b:1d:a8:32:5b:62:dd:44:96:12:07:
         39:34:bd:ab:8e:c9:33:0a:ed:84:b0:aa:40:ed:42:e2:7c:8d:
         43:89:21:2e:5c:95:18:16:a6:97:c7:06:de:0c:b5:5c:6b:71:
         99:c1:dd:f7:20:84:dd:fc:56:27:25:c7:e0:85:68:8e:b2:1d:
         79:e6:74:80:2f:0c:92:77:68:a3:fe:68:1b:62:d6:bb:cc:c5:
         c8:05:9e:76:14:81:b2:05:87:2b:61:a8:3d:03:03:7a:e4:75:
         25:cf:2b:ec
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgIUaBHBIcBTOwOjD6IdZyOh6ef8RrwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjU4RDFDRTBDQjc2QTk4NkU1NkM3QTkwQTY2QkE3REM3
MkY1OTUyQTAeFw0yNTEyMDYwNTM0NDBaFw0yNTEyMDcwODUwNDBaMDMxMTAvBgNV
BAMTKDAyMUJBODNDNjg0MjNGQTBBQ0NGMEM2NkEyRkE4ODJBRTExMzI5RkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsQfqHB0tiKyNMliBmZNgRA6T3
31e4w/5kyBqjvC3YBsZtM9+++JVfATLGOI+zsadKcd9gz9uhmO+khsiJa20ny1X1
8fDpSSOv4BG6A2GNP6LWQ+CHEtZuUFIarIpHkOWRhhNH1K3ScfpdHX9zfK8zFz7G
d1/hdxrzSS2KNP4pUotG7E/kp4db7rCZH0vONdYzFaxyrrp0DdaYSiyG3f3hxTtf
mXLtWjhFvM//ZybYnhYaCamVKNKK8XJKh0wMjTvaHku088X/zTbwtpYXr5zjolZo
I+XiIUApkWAOaHIQ48Sf7pmA8btreELRSvSUUi8ZlLayHJpjI7G4HuAcPsC3AgMB
AAGjggJXMIICUzAdBgNVHQ4EFgQUAhuoPGhCP6CszwxmovqIKuETKf0wHwYDVR0j
BBgwFoAUJY0c4Mt2qYblbHqQpmun3HL1lSowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDNmZDBiNzYtNzI0My00YjI2LTk3NjAtY2MwN2I5NGJm
ZTIzLzEvMjU4RDFDRTBDQjc2QTk4NkU1NkM3QTkwQTY2QkE3REM3MkY1OTUyQS5j
cmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3luYzovL3Jwa2kuYXhp
dm9yYS5uZXQvcmVwby9BeGl2b3JhLU5ldC8yLzI1OEQxQ0UwQ0I3NkE5ODZFNTZD
N0E5MEE2NkJBN0RDNzJGNTk1MkEuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9z
aXRvcnkvMDNmZDBiNzYtNzI0My00YjI2LTk3NjAtY2MwN2I5NGJmZTIzLzEvMjU4
RDFDRTBDQjc2QTk4NkU1NkM3QTkwQTY2QkE3REM3MkY1OTUyQS5tZnQwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAG
BAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwDQYJKoZIhvcNAQELBQADggEB
AIJFHqfPyhJQ6fcBD/EOOOrt57u0SARR8+/2B/+I9X7j7BHOgVNn0D+xlhgKJFnL
RGWfH3PDYcunfGuMaNWycoKyBeFEvkA+Zw8Qev+qbzUX6JxYR6sfGZZelwM3iHtv
h4mKFbYy6BkjtUC1m0BP23abiW6ODOTRL2YETnlwlBubXgr3b736ECEiPTtVLjQb
73j0XrkzGRI7HagyW2LdRJYSBzk0vauOyTMK7YSwqkDtQuJ8jUOJIS5clRgWppfH
Bt4MtVxrcZnB3fcghN38Viclx+CFaI6yHXnmdIAvDJJ3aKP+aBti1rvMxcgFnnYU
gbIFhythqD0DA3rkdSXPK+w=
-----END CERTIFICATE-----