This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Manifest

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
File:                     F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft (raw, json)
Hash identifier:          5G/Vyd6A4AaMUx0oup7aN0iPffAARG0u+VZQ6/YRQdU=
Subject key identifier:   E3:3D:A7:70:B1:4F:84:FC:C0:05:44:CF:6F:F4:55:61:AA:54:F3:15
Authority key identifier: F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
Certificate issuer:       /CN=f1d0572fe72991bd32854bac716676ebdad22ace
Certificate serial:       181400F12B6F8CC4E57007C60603BD00679F7481
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
Manifest number:          02F9
Signing time:             Sat 24 Jan 2026 22:08:45 +0000
Manifest this update:     Sat 24 Jan 2026 22:03:45 +0000
Manifest next update:     Mon 26 Jan 2026 00:02:45 +0000
Files and hashes:         1: 326131333a393634343a343030303a3a2f34302d3438203d3e203133333335.roa (hash: 3m2Z/mjozERlCSY+vSBpPSC7mc1wNvFz/UzxCrw2jy0=)
                          2: 326131333a393634343a343030303a3a2f34302d3438203d3e20323034323931.roa (hash: OXH7kpuguUKmKnwoouN0IGAOMj3E/W/ffH2kJO7vbOY=)
                          3: 8BAD307CD4DF11014E40EDDFFFD60F9A09E6E95C.cer (hash: nYcdq/fifitjvFyPoNBEJvUP1WGfqAJvzv/Dj2Iivv0=)
                          4: F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl (hash: cY+Rn6z9Nv5qApycMVZo9UWl5D/e9EhMis93nBjZ5+g=)
                          5: 39312e3230372e31332e302f32342d3234203d3e203532313132.roa (hash: YRttKbBVKmVFJCLqXVNyqXBZwi5ZooomBxSDP4Gl2m4=)
                          6: 326131333a393634343a333030303a3a2f34302d3438203d3e20323131343331.roa (hash: e3gM8xBShVESXc8MaKIMDq1iDa8wjJWbHPjdOfhPuFQ=)
                          7: 5EB2E5DAD0C6996D0A80A7B90F3A2AA60FB1A7AC.cer (hash: DDBKGLOay0ETlRkkd+ZGuz8/q4wtGaLppxLYYnPMDTM=)
                          8: 326131333a393634343a31303a3a2f34362d3438203d3e203438313934.roa (hash: WOAaZY65k+/GoeKbXXymPrZVu7CfbDlQvCXqyS0ZjLA=)
                          9: 326131333a393634343a34303a3a2f34342d3438203d3e20323136333336.roa (hash: lNHaIlVxi/lYCx53I3+MfwePjUfRoiP0WtejKnMjprU=)
                          10: 326131333a393634313a3a2f34382d3438203d3e203532313132.roa (hash: 5o2ZOradY5DoOPidcJ775vbaNLbxYZsPfZS6MPweSnY=)
                          11: 326131333a393634303a3a2f34342d3434203d3e203532313132.roa (hash: DOR1Pt3ct68s+ey18ZghPrs5rAUoZlIbwxjvP68BE+k=)
                          12: 326131333a393634343a34303a3a2f34342d3438203d3e20323131343331.roa (hash: UQpEpactphMaN3i4tpyR5s9Tmz685dUuNs8hSuG0cJQ=)
                          13: 326131333a393634343a323232303a3a2f34342d3438203d3e20323134393932.roa (hash: 894RTKAEh4ciZZOdefpuTBSaNDM2TQpQSdGle6pgy08=)
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 25 Jan 2026 22:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:14:00:f1:2b:6f:8c:c4:e5:70:07:c6:06:03:bd:00:67:9f:74:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f1d0572fe72991bd32854bac716676ebdad22ace
        Validity
            Not Before: Jan 24 22:03:45 2026 GMT
            Not After : Jan 26 00:02:45 2026 GMT
        Subject: CN=E33DA770B14F84FCC00544CF6FF45561AA54F315
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:05:ba:ba:07:b7:db:5a:07:bd:23:6d:2d:f3:
                    14:7c:78:a9:9e:5c:14:d2:2c:03:b6:59:c1:f0:d1:
                    2b:f3:8d:90:02:9f:cd:83:d2:b9:a6:5d:a9:30:8a:
                    8e:8a:7b:c6:3f:7f:e1:0e:62:1d:c9:6a:5d:49:a0:
                    c3:b2:de:3e:48:c5:a9:b2:9c:01:67:06:76:85:ab:
                    e8:31:5f:34:91:62:ae:dc:7b:5f:af:df:46:48:87:
                    5a:c6:46:75:87:b6:dd:75:06:c0:e5:ec:a8:27:1d:
                    f3:31:66:18:35:27:16:e5:f2:cd:11:fd:68:f4:16:
                    f5:4f:a0:3b:09:9d:d1:a3:fa:1e:6d:d5:f9:f8:31:
                    7b:ef:11:37:a0:7c:99:33:5e:8d:63:4e:8b:e6:a1:
                    52:81:8a:dd:6b:80:5e:9a:d7:c4:0a:6f:6c:67:e0:
                    72:ba:a6:96:5d:15:1c:ca:9b:dc:76:a6:09:f4:d7:
                    59:a0:33:5f:5a:62:10:09:f4:37:eb:8e:b3:04:1a:
                    a2:59:4b:ad:ce:e6:f5:f4:b1:1e:be:63:66:5c:d1:
                    34:06:a0:8e:49:df:6b:d4:a2:65:36:e6:f8:9e:65:
                    8f:82:53:b1:74:dd:d9:19:8e:de:5b:31:58:83:f4:
                    fc:11:e3:16:d2:5a:3d:2c:19:48:8a:3a:fb:f7:d5:
                    2c:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:3D:A7:70:B1:4F:84:FC:C0:05:44:CF:6F:F4:55:61:AA:54:F3:15
            X509v3 Authority Key Identifier:
                keyid:F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:57:11:60:65:cf:30:cf:f5:08:cc:1c:7a:64:c4:e8:cd:42:
         59:45:43:e2:9e:09:ae:df:e7:ca:1d:b6:cf:16:62:eb:a6:e0:
         0d:4d:05:89:94:d9:9d:85:be:db:b5:70:c2:e8:61:e7:2f:d0:
         41:e9:56:27:4a:05:f0:72:87:ab:9b:e0:41:b0:f4:6d:67:79:
         fa:60:f2:86:04:c1:b3:5e:0e:37:20:12:bd:ce:1f:a0:1f:dd:
         75:f9:6b:95:73:45:a5:67:29:c5:5c:7f:68:0d:1b:81:ca:b7:
         c0:b2:ea:87:e9:41:f4:92:68:a6:a2:27:4c:c2:f8:ce:89:60:
         90:bc:af:61:4a:aa:db:9b:b1:28:78:8a:51:e8:ca:47:45:f6:
         68:85:7c:85:ac:9c:a6:16:98:08:75:b9:b4:f3:44:31:e8:5c:
         77:19:6f:c5:17:3a:1d:32:2c:d9:1a:09:44:37:da:54:eb:e3:
         71:03:b6:4b:5f:94:1f:2b:d7:f0:64:4a:00:e3:ff:80:95:6a:
         5f:55:b6:63:07:1e:a3:3e:b6:a9:02:90:4d:d7:9d:dc:7e:99:
         dc:e7:11:13:3e:0e:11:e1:d8:ab:39:35:86:ee:96:e6:4c:08:
         3d:bd:7d:6a:54:c0:b8:78:d7:8c:88:2d:a8:5e:4b:11:df:ea:
         dd:86:18:d1
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUGBQA8StvjMTlcAfGBgO9AGefdIEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjFkMDU3MmZlNzI5OTFiZDMyODU0YmFjNzE2Njc2ZWJk
YWQyMmFjZTAeFw0yNjAxMjQyMjAzNDVaFw0yNjAxMjYwMDAyNDVaMDMxMTAvBgNV
BAMTKEUzM0RBNzcwQjE0Rjg0RkNDMDA1NDRDRjZGRjQ1NTYxQUE1NEYzMTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Bbq6B7fbWge9I20t8xR8eKme
XBTSLAO2WcHw0SvzjZACn82D0rmmXakwio6Ke8Y/f+EOYh3Jal1JoMOy3j5Ixamy
nAFnBnaFq+gxXzSRYq7ce1+v30ZIh1rGRnWHtt11BsDl7KgnHfMxZhg1Jxbl8s0R
/Wj0FvVPoDsJndGj+h5t1fn4MXvvETegfJkzXo1jTovmoVKBit1rgF6a18QKb2xn
4HK6ppZdFRzKm9x2pgn011mgM19aYhAJ9DfrjrMEGqJZS63O5vX0sR6+Y2Zc0TQG
oI5J32vUomU25vieZY+CU7F03dkZjt5bMViD9PwR4xbSWj0sGUiKOvv31SzdAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQU4z2ncLFPhPzABUTPb/RVYapU8xUwHwYDVR0j
BBgwFoAU8dBXL+cpkb0yhUuscWZ269rSKs4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTMwZGU4NGItNDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1
YjQ5LzAvRjFEMDU3MkZFNzI5OTFCRDMyODU0QkFDNzE2Njc2RUJEQUQyMkFDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhkQlhMLWNwa2IweWhVdXNjV1oyNjly
U0tzNC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9lMzBkZTg0Yi00
MDBhLTRmZDEtYWI4YS1lNzYxNmUyNDViNDkvMC9GMUQwNTcyRkU3Mjk5MUJEMzI4
NTRCQUM3MTY2NzZFQkRBRDIyQUNFLm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsVcRYGXPMM/1CMwcemTE
6M1CWUVD4p4Jrt/nyh22zxZi66bgDU0FiZTZnYW+27Vwwuhh5y/QQelWJ0oF8HKH
q5vgQbD0bWd5+mDyhgTBs14ONyASvc4foB/ddflrlXNFpWcpxVx/aA0bgcq3wLLq
h+lB9JJopqInTML4zolgkLyvYUqq25uxKHiKUejKR0X2aIV8haycphaYCHW5tPNE
MehcdxlvxRc6HTIs2RoJRDfaVOvjcQO2S1+UHyvX8GRKAOP/gJVqX1W2Ywceoz62
qQKQTded3H6Z3OcREz4OEeHYqzk1hu6W5kwIPb19alTAuHjXjIgtqF5LEd/q3YYY
0Q==
-----END CERTIFICATE-----