This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft File: sgzLpAbArQxb4AB22ZgLNIhWmoo.mft (raw, json) Hash identifier: og2D2Tu3CnRTc01fCHsZ3N2PMXEXybv2vR94Lu7KHNg= Subject key identifier: 7C:9A:3F:8B:B7:EB:5C:5F:29:8E:8F:E0:06:B6:5F:DA:F7:C4:69:C8 Authority key identifier: B2:0C:CB:A4:06:C0:AD:0C:5B:E0:00:76:D9:98:0B:34:88:56:9A:8A Certificate issuer: /CN=b20ccba406c0ad0c5be00076d9980b3488569a8a Certificate serial: 019B38A18678BDA0A63D2C931B365F32EC58 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft Manifest number: 126B Signing time: Fri 19 Dec 2025 22:01:08 +0000 Manifest this update: Fri 19 Dec 2025 22:01:08 +0000 Manifest next update: Sat 20 Dec 2025 22:01:08 +0000 Files and hashes: 1: sgzLpAbArQxb4AB22ZgLNIhWmoo.crl (hash: sGW8wxn3NSJ+4aaO2rK+UxaT1s1QBUvK+GAXRc47rxQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 22:01:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:38:a1:86:78:bd:a0:a6:3d:2c:93:1b:36:5f:32:ec:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b20ccba406c0ad0c5be00076d9980b3488569a8a Validity Not Before: Dec 19 22:01:08 2025 GMT Not After : Dec 20 22:01:08 2025 GMT Subject: CN=7c9a3f8bb7eb5c5f298e8fe006b65fdaf7c469c8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:a8:af:d4:c4:71:f8:a4:8a:07:71:c8:a3:8e: 3f:96:a6:43:cf:b3:79:dc:a6:db:dc:c3:6b:01:c3: 5f:c9:75:31:dd:12:ba:c5:b8:b1:ad:54:ae:57:88: 30:63:1e:f5:9b:27:cd:0d:de:23:14:18:ff:43:29: 95:f3:ff:1b:0e:96:56:da:e4:fc:b3:3b:74:23:7c: f0:5d:a3:30:8d:68:3a:80:dc:4c:f2:94:9b:2b:79: 37:d2:5b:2c:59:c4:33:25:1f:43:8f:7e:ea:b2:02: af:21:9d:bf:8e:a6:b0:7b:76:3b:b7:ee:96:4c:f3: 6c:09:6e:a6:92:6c:98:47:12:41:44:20:75:9a:3b: 31:83:47:5d:d6:9e:92:2b:b7:df:fa:a5:04:a2:43: 8f:40:1e:c6:0b:f8:71:49:3a:5c:09:42:42:51:fb: e5:bd:f3:d4:7e:3f:a9:4b:49:b3:31:e3:05:d2:36: 09:8e:bf:5b:3d:81:52:a6:c3:99:37:8d:ee:6e:0d: 09:dc:ee:a4:6c:f5:9e:ae:f5:a8:bb:ed:37:26:82: 53:f7:c6:9e:ca:68:05:cc:49:40:db:71:f8:18:3e: d4:ad:2d:b5:0b:56:33:fd:8b:f7:58:96:ca:0c:9f: 72:64:d4:12:a2:ab:ff:be:a9:6b:8c:67:7e:9a:c9: 76:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:9A:3F:8B:B7:EB:5C:5F:29:8E:8F:E0:06:B6:5F:DA:F7:C4:69:C8 X509v3 Authority Key Identifier: keyid:B2:0C:CB:A4:06:C0:AD:0C:5B:E0:00:76:D9:98:0B:34:88:56:9A:8A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c6:52:1d:3d:6f:67:ca:31:2a:82:a8:fa:79:88:0e:4f:fa:27: 9d:bb:c0:0e:ec:e6:c9:2b:c6:ba:ac:a8:e5:e4:5a:62:02:0a: bf:e3:9f:44:cd:e8:d8:f0:b1:21:3b:da:92:d1:d5:93:48:9d: 6e:db:4b:cc:92:60:0e:eb:e2:d8:a4:a2:81:cd:2b:58:6c:bd: cc:22:94:d0:14:6f:40:0a:d4:d2:e8:ee:95:f0:47:b1:ae:e3: 36:d6:d4:20:cb:89:a9:7d:97:a8:38:42:52:3e:1c:ec:b2:b5: dd:8d:06:9e:04:cc:03:de:1d:d8:65:79:a6:89:7f:78:40:74: b5:61:d8:a3:bc:f2:99:04:4e:2e:6a:9d:6e:d8:66:7d:7f:f2: 6b:52:7d:2f:05:1a:b5:91:f1:35:4c:d3:33:f2:66:cc:6b:42: 13:c5:09:b4:11:f4:ea:07:91:d1:71:f2:71:c7:61:76:34:9f: a4:53:a7:59:d2:d3:3a:20:70:e5:f6:36:eb:06:00:3e:d7:87: 6f:32:10:15:d5:7b:83:53:9b:95:0e:73:27:42:06:1c:e7:bb: f9:24:16:13:92:6d:b0:bb:a5:58:c1:d8:a2:14:89:8c:78:90: 84:e3:a8:88:b4:bb:bf:88:13:4b:bc:ce:7d:b1:3d:2f:56:5d: 19:8c:31:fa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs4oYZ4vaCmPSyTGzZfMuxYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIyMGNjYmE0MDZjMGFkMGM1YmUwMDA3NmQ5OTgwYjM0ODg1 NjlhOGEwHhcNMjUxMjE5MjIwMTA4WhcNMjUxMjIwMjIwMTA4WjAzMTEwLwYDVQQD Eyg3YzlhM2Y4YmI3ZWI1YzVmMjk4ZThmZTAwNmI2NWZkYWY3YzQ2OWM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaiv1MRx+KSKB3HIo44/lqZDz7N5 3Kbb3MNrAcNfyXUx3RK6xbixrVSuV4gwYx71myfNDd4jFBj/QymV8/8bDpZW2uT8 szt0I3zwXaMwjWg6gNxM8pSbK3k30lssWcQzJR9Dj37qsgKvIZ2/jqawe3Y7t+6W TPNsCW6mkmyYRxJBRCB1mjsxg0dd1p6SK7ff+qUEokOPQB7GC/hxSTpcCUJCUfvl vfPUfj+pS0mzMeMF0jYJjr9bPYFSpsOZN43ubg0J3O6kbPWervWou+03JoJT98ae ymgFzElA23H4GD7UrS21C1Yz/Yv3WJbKDJ9yZNQSoqv/vqlrjGd+msl2ewIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHyaP4u361xfKY6P4Aa2X9r3xGnIMB8GA1UdIwQY MBaAFLIMy6QGwK0MW+AAdtmYCzSIVpqKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83NDNhNTAtZDdmNC00MmQxLWEwOWQt N2NhOTNlY2IyMjM0LzEvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS83NDNhNTAtZDdmNC00MmQxLWEwOWQtN2NhOTNlY2IyMjM0 LzEvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxlIdPW9n yjEqgqj6eYgOT/onnbvADuzmySvGuqyo5eRaYgIKv+OfRM3o2PCxITvaktHVk0id bttLzJJgDuvi2KSigc0rWGy9zCKU0BRvQArU0ujulfBHsa7jNtbUIMuJqX2XqDhC Uj4c7LK13Y0GngTMA94d2GV5pol/eEB0tWHYo7zymQROLmqdbthmfX/ya1J9LwUa tZHxNUzTM/JmzGtCE8UJtBH06geR0XHyccdhdjSfpFOnWdLTOiBw5fY26wYAPteH bzIQFdV7g1OblQ5zJ0IGHOe7+SQWE5JtsLulWMHYohSJjHiQhOOoiLS7v4gTS7zO fbE9L1ZdGYwx+g== -----END CERTIFICATE-----Generated at Sat Dec 20 08:20:12 2025 by rpki-client