This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft File: sgzLpAbArQxb4AB22ZgLNIhWmoo.mft (raw, json) Hash identifier: ONVQA+/UaLe6rtDKElOzaMG0qyugOGI/mvZr+Uc9jkQ= Subject key identifier: 09:6F:27:91:8D:5C:B1:80:30:F2:0F:29:91:79:00:35:E5:28:EA:0C Authority key identifier: B2:0C:CB:A4:06:C0:AD:0C:5B:E0:00:76:D9:98:0B:34:88:56:9A:8A Certificate issuer: /CN=b20ccba406c0ad0c5be00076d9980b3488569a8a Certificate serial: 019B8F88FABDB3B504A9FCDA626537B96BC1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft Manifest number: 1298 Signing time: Mon 05 Jan 2026 19:01:17 +0000 Manifest this update: Mon 05 Jan 2026 19:01:17 +0000 Manifest next update: Tue 06 Jan 2026 19:01:17 +0000 Files and hashes: 1: sgzLpAbArQxb4AB22ZgLNIhWmoo.crl (hash: jS32AWrGjN05MjEn9VGQkVGemUaqlnkpDTa9i+RcmS0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 06 Jan 2026 17:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:8f:88:fa:bd:b3:b5:04:a9:fc:da:62:65:37:b9:6b:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b20ccba406c0ad0c5be00076d9980b3488569a8a Validity Not Before: Jan 5 19:01:17 2026 GMT Not After : Jan 6 19:01:17 2026 GMT Subject: CN=096f27918d5cb18030f20f2991790035e528ea0c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:07:e1:a9:f8:3c:f0:42:10:95:9b:92:9c:1a: 9f:40:bf:85:2f:61:e3:eb:3f:a5:28:22:65:79:bd: 40:cf:88:94:d7:8a:20:9f:c9:3e:ed:01:dd:68:6a: 18:33:46:64:d3:9e:65:f0:46:ca:93:ef:42:c9:85: e0:54:dc:18:81:08:88:2b:36:3b:7e:54:75:05:35: 7f:ab:4a:f8:8b:f5:86:60:ee:60:da:15:98:0c:09: a1:d3:29:e7:0c:2b:1f:7f:70:dc:e9:a5:16:80:85: 73:6b:bd:5c:46:e2:b5:ca:9b:6d:65:a2:4c:86:0c: dd:d3:d3:28:d5:ed:91:a9:fe:f3:dc:3f:32:8a:95: 95:26:0a:f3:22:4f:47:7f:56:3e:0e:55:dd:a2:81: b2:07:d1:41:99:20:80:76:fc:ce:e8:5a:d1:ea:6d: aa:d4:16:34:45:b4:d6:31:92:a6:24:dc:11:72:21: 28:af:83:43:f8:c5:b6:1c:88:f8:ee:5f:b3:fa:df: 3b:b9:25:10:c8:a2:b5:9e:4a:10:f2:66:43:04:ed: 93:65:e0:b7:46:16:33:4d:35:8f:23:2c:e5:67:4b: 3e:97:1c:17:24:ed:dd:16:85:10:a9:d6:d9:cb:12: 88:05:2d:6f:85:0d:a1:e7:73:58:41:6d:f6:f8:03: 30:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:6F:27:91:8D:5C:B1:80:30:F2:0F:29:91:79:00:35:E5:28:EA:0C X509v3 Authority Key Identifier: keyid:B2:0C:CB:A4:06:C0:AD:0C:5B:E0:00:76:D9:98:0B:34:88:56:9A:8A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 20:5a:f0:e2:ed:42:ce:aa:70:08:e4:c5:78:1a:bf:38:ce:de: e3:ae:51:6e:a0:37:c1:51:56:94:f6:ed:36:04:c2:09:e6:0f: d6:a4:3d:66:53:ee:12:3f:2d:23:7b:e4:22:59:39:d2:e2:aa: e4:9f:5a:5d:42:56:b5:2b:1f:33:b4:f4:ef:05:ae:49:da:6d: 59:1e:ba:96:43:47:e5:87:87:b4:81:c1:25:8b:7e:86:e6:1c: 0a:18:9d:34:29:52:70:31:37:0c:e7:0f:ed:b0:1d:63:c7:df: 3e:55:25:2d:01:fa:57:5f:82:6e:26:64:9f:2c:33:ce:57:be: f7:fa:4c:7a:e3:14:06:90:4c:9d:71:ee:47:9e:b0:df:09:bb: 28:28:0e:8d:43:05:71:9c:31:08:c8:a2:25:e5:c2:94:e6:0e: 2a:1f:2f:8a:46:68:ca:9f:3d:1c:56:ec:04:92:72:18:99:e5: 76:02:0d:c8:92:8d:4f:df:a9:d9:b2:a9:8a:58:9e:1a:6f:ba: cd:36:68:52:2d:30:b9:25:32:19:2f:74:4b:a7:4d:13:5f:9e: a5:dd:fd:b4:72:fe:fa:c3:c1:fa:0e:4b:a4:27:62:fd:9e:a6: 2f:2b:33:cd:a3:c7:13:5c:c4:3e:05:29:c4:db:1e:f0:7f:d0: 3a:64:b8:f6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuPiPq9s7UEqfzaYmU3uWvBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIyMGNjYmE0MDZjMGFkMGM1YmUwMDA3NmQ5OTgwYjM0ODg1 NjlhOGEwHhcNMjYwMTA1MTkwMTE3WhcNMjYwMTA2MTkwMTE3WjAzMTEwLwYDVQQD EygwOTZmMjc5MThkNWNiMTgwMzBmMjBmMjk5MTc5MDAzNWU1MjhlYTBjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Qfhqfg88EIQlZuSnBqfQL+FL2Hj 6z+lKCJleb1Az4iU14ogn8k+7QHdaGoYM0Zk055l8EbKk+9CyYXgVNwYgQiIKzY7 flR1BTV/q0r4i/WGYO5g2hWYDAmh0ynnDCsff3Dc6aUWgIVza71cRuK1ypttZaJM hgzd09Mo1e2Rqf7z3D8yipWVJgrzIk9Hf1Y+DlXdooGyB9FBmSCAdvzO6FrR6m2q 1BY0RbTWMZKmJNwRciEor4ND+MW2HIj47l+z+t87uSUQyKK1nkoQ8mZDBO2TZeC3 RhYzTTWPIyzlZ0s+lxwXJO3dFoUQqdbZyxKIBS1vhQ2h53NYQW32+AMwlwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAlvJ5GNXLGAMPIPKZF5ADXlKOoMMB8GA1UdIwQY MBaAFLIMy6QGwK0MW+AAdtmYCzSIVpqKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83NDNhNTAtZDdmNC00MmQxLWEwOWQt N2NhOTNlY2IyMjM0LzEvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS83NDNhNTAtZDdmNC00MmQxLWEwOWQtN2NhOTNlY2IyMjM0 LzEvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIFrw4u1C zqpwCOTFeBq/OM7e465RbqA3wVFWlPbtNgTCCeYP1qQ9ZlPuEj8tI3vkIlk50uKq 5J9aXUJWtSsfM7T07wWuSdptWR66lkNH5YeHtIHBJYt+huYcChidNClScDE3DOcP 7bAdY8ffPlUlLQH6V1+CbiZknywzzle+9/pMeuMUBpBMnXHuR56w3wm7KCgOjUMF cZwxCMiiJeXClOYOKh8vikZoyp89HFbsBJJyGJnldgINyJKNT9+p2bKpilieGm+6 zTZoUi0wuSUyGS90S6dNE1+epd39tHL++sPB+g5LpCdi/Z6mLyszzaPHE1zEPgUp xNse8H/QOmS49g== -----END CERTIFICATE-----Generated at Tue Jan 6 01:47:46 2026 by rpki-client