This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/sgTq-NsT70M8-YIp0jLTMKX14lY.mft File: sgTq-NsT70M8-YIp0jLTMKX14lY.mft (raw, json) Hash identifier: 2Y6V6ZoPLghnzT1AnJX8fLwPW7sFAX7dsp6jwqSJR7w= Subject key identifier: 63:3A:AE:17:0D:D0:77:46:1D:17:1D:F3:B4:59:9A:E0:94:59:9E:92 Authority key identifier: B2:04:EA:F8:DB:13:EF:43:3C:F9:82:29:D2:32:D3:30:A5:F5:E2:56 Certificate issuer: /CN=b204eaf8db13ef433cf98229d232d330a5f5e256 Certificate serial: 019B3CB558D9320791ABF14504EB6E177FB3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sgTq-NsT70M8-YIp0jLTMKX14lY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/sgTq-NsT70M8-YIp0jLTMKX14lY.mft Manifest number: 1788 Signing time: Sat 20 Dec 2025 17:01:16 +0000 Manifest this update: Sat 20 Dec 2025 17:01:16 +0000 Manifest next update: Sun 21 Dec 2025 17:01:16 +0000 Files and hashes: 1: sgTq-NsT70M8-YIp0jLTMKX14lY.crl (hash: 1+eds2B/HGSJp9tCRFsrmIizeX1Y0UyNj9wS14e35bg=) 2: xgKcu0KPsxc8M315Trs0GW1UUwk.roa (hash: ICZ6+2Jz2veLFc1cLdSpid822PA3P/5mVBK8JthGSW0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/sgTq-NsT70M8-YIp0jLTMKX14lY.crl rsync://rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/sgTq-NsT70M8-YIp0jLTMKX14lY.mft rsync://rpki.ripe.net/repository/DEFAULT/sgTq-NsT70M8-YIp0jLTMKX14lY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:b5:58:d9:32:07:91:ab:f1:45:04:eb:6e:17:7f:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b204eaf8db13ef433cf98229d232d330a5f5e256 Validity Not Before: Dec 20 17:01:16 2025 GMT Not After : Dec 21 17:01:16 2025 GMT Subject: CN=633aae170dd077461d171df3b4599ae094599e92 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:97:31:4b:49:8d:70:58:50:bf:d1:3f:91:05: 8f:4b:9b:89:68:64:bd:a2:ef:b8:ac:65:13:67:88: 19:63:23:3e:44:84:ea:5d:af:e4:b1:e8:7a:dc:79: be:ad:c5:9b:5f:33:5f:5c:df:f5:89:07:3f:83:54: fc:95:06:ba:3e:6d:44:c9:24:5c:c5:ef:01:cb:a6: e1:ac:dc:88:4b:c3:8d:e8:99:f0:dc:05:a0:ba:aa: 25:35:dd:a0:d5:e6:90:05:25:6b:af:6e:7c:43:c5: 6c:bd:46:56:15:e8:2a:1f:e6:79:37:0f:29:9e:ff: a9:9d:9b:d3:60:4f:7b:a3:ad:51:47:68:2c:fe:b5: 70:95:54:2c:11:ef:26:fc:2a:6c:4b:7a:ee:fb:7b: ed:8e:87:f0:04:55:d7:ae:44:12:4c:b5:05:93:08: aa:f0:ee:73:ab:5d:82:f3:6e:80:72:ee:fa:3e:a7: 3d:95:c7:27:78:b7:a4:34:e1:10:14:2d:da:7e:ee: 72:7e:ec:7d:b3:40:1d:78:8b:a5:d7:9b:33:dc:e0: 2d:52:ad:2d:0d:7f:3e:92:30:3a:c0:ba:d3:f5:a9: 1a:7d:fb:8f:0a:5b:ca:9c:e8:ac:52:1c:39:16:03: 33:3d:53:5b:7e:dc:4d:8d:85:41:69:2c:ce:45:dd: 3f:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:3A:AE:17:0D:D0:77:46:1D:17:1D:F3:B4:59:9A:E0:94:59:9E:92 X509v3 Authority Key Identifier: keyid:B2:04:EA:F8:DB:13:EF:43:3C:F9:82:29:D2:32:D3:30:A5:F5:E2:56 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sgTq-NsT70M8-YIp0jLTMKX14lY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/sgTq-NsT70M8-YIp0jLTMKX14lY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/sgTq-NsT70M8-YIp0jLTMKX14lY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9b:36:e7:72:91:bf:6f:a4:dd:61:4a:09:82:bc:f5:18:74:db: da:5f:27:66:67:f8:e8:c6:bc:cc:df:01:df:fc:65:bd:98:b5: 07:1f:fe:a2:cb:8b:a5:98:59:66:73:21:bd:58:65:a7:ab:c9: 87:df:35:2f:9b:ba:8f:0f:e1:eb:a4:88:7d:e9:b6:87:86:7d: 75:1b:0a:fb:53:93:d9:8e:43:02:99:f6:cf:02:76:73:0d:5f: 87:59:3c:6d:98:6f:b4:0b:e5:12:36:eb:55:69:74:c2:12:7f: 94:d2:aa:7e:41:a4:4a:38:90:e4:ee:e2:86:22:06:16:00:a7: 26:d4:c5:e4:7e:87:f6:a6:a8:ad:d4:bd:1a:be:1c:de:74:a7: 93:86:83:94:2f:12:76:26:9e:bd:90:63:49:2a:da:c3:b7:1c: 3e:83:36:e3:1e:53:31:cb:27:7f:44:d6:74:84:79:db:e1:70: b6:54:00:3e:93:71:0a:ef:1e:c5:16:31:3f:16:8e:4a:ef:b9: cc:07:21:9a:38:68:aa:9c:0d:0e:5e:08:82:71:97:bd:3d:66: e9:e3:07:1d:84:89:61:1d:cf:d9:fc:b6:73:bc:39:5e:35:3b: d4:fd:e6:8e:2a:50:1c:0d:ef:6e:40:12:b5:47:72:1d:45:9a: 17:40:66:d4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8tVjZMgeRq/FFBOtuF3+zMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIyMDRlYWY4ZGIxM2VmNDMzY2Y5ODIyOWQyMzJkMzMwYTVm NWUyNTYwHhcNMjUxMjIwMTcwMTE2WhcNMjUxMjIxMTcwMTE2WjAzMTEwLwYDVQQD Eyg2MzNhYWUxNzBkZDA3NzQ2MWQxNzFkZjNiNDU5OWFlMDk0NTk5ZTkyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpcxS0mNcFhQv9E/kQWPS5uJaGS9 ou+4rGUTZ4gZYyM+RITqXa/kseh63Hm+rcWbXzNfXN/1iQc/g1T8lQa6Pm1EySRc xe8By6bhrNyIS8ON6Jnw3AWguqolNd2g1eaQBSVrr258Q8VsvUZWFegqH+Z5Nw8p nv+pnZvTYE97o61RR2gs/rVwlVQsEe8m/CpsS3ru+3vtjofwBFXXrkQSTLUFkwiq 8O5zq12C826Acu76Pqc9lccneLekNOEQFC3afu5yfux9s0AdeIul15sz3OAtUq0t DX8+kjA6wLrT9akaffuPClvKnOisUhw5FgMzPVNbftxNjYVBaSzORd0/LQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGM6rhcN0HdGHRcd87RZmuCUWZ6SMB8GA1UdIwQY MBaAFLIE6vjbE+9DPPmCKdIy0zCl9eJWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc2dUcS1Oc1Q3ME04LVlJcDBqTFRNS1gxNGxZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC81OTc2MzgtNzEzYy00NGI3LTliNzAt MjUwMTdlYzk0MDk1LzEvc2dUcS1Oc1Q3ME04LVlJcDBqTFRNS1gxNGxZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC81OTc2MzgtNzEzYy00NGI3LTliNzAtMjUwMTdlYzk0MDk1 LzEvc2dUcS1Oc1Q3ME04LVlJcDBqTFRNS1gxNGxZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmzbncpG/ b6TdYUoJgrz1GHTb2l8nZmf46Ma8zN8B3/xlvZi1Bx/+osuLpZhZZnMhvVhlp6vJ h981L5u6jw/h66SIfem2h4Z9dRsK+1OT2Y5DApn2zwJ2cw1fh1k8bZhvtAvlEjbr VWl0whJ/lNKqfkGkSjiQ5O7ihiIGFgCnJtTF5H6H9qaordS9Gr4c3nSnk4aDlC8S diaevZBjSSraw7ccPoM24x5TMcsnf0TWdIR52+FwtlQAPpNxCu8exRYxPxaOSu+5 zAchmjhoqpwNDl4IgnGXvT1m6eMHHYSJYR3P2fy2c7w5XjU71P3mjipQHA3vbkAS tUdyHUWaF0Bm1A== -----END CERTIFICATE-----Generated at Sat Dec 20 23:10:16 2025 by rpki-client