This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/ef6f1a-6dfc-494e-b85d-d18773e7bc47/1/sgZjWDqBicvqrIjUOHZ5l7ESVUk.mft File: sgZjWDqBicvqrIjUOHZ5l7ESVUk.mft (raw, json) Hash identifier: FKgAX6z4jrCCirUQs6t4730AKrlmqkiM2Qvdr9SLPwI= Subject key identifier: DD:53:C1:43:16:84:14:70:49:55:E8:22:B7:EF:9E:9D:DA:4C:2F:9C Authority key identifier: B2:06:63:58:3A:81:89:CB:EA:AC:88:D4:38:76:79:97:B1:12:55:49 Certificate issuer: /CN=b20663583a8189cbeaac88d438767997b1125549 Certificate serial: 019B6655DEC000878070B5E27680C51A7DAE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sgZjWDqBicvqrIjUOHZ5l7ESVUk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/ef6f1a-6dfc-494e-b85d-d18773e7bc47/1/sgZjWDqBicvqrIjUOHZ5l7ESVUk.mft Manifest number: 16FB Signing time: Sun 28 Dec 2025 19:01:02 +0000 Manifest this update: Sun 28 Dec 2025 19:01:02 +0000 Manifest next update: Mon 29 Dec 2025 19:01:02 +0000 Files and hashes: 1: fW2b4Mi4-jlU6WyOHwej57Bj7xc.roa (hash: gkYhGIaUuP9pIbVaUa+O+pFYYvku1Vu69Icl89ypkjo=) 2: sgZjWDqBicvqrIjUOHZ5l7ESVUk.crl (hash: B8crgxXCHKtZJmhoMiuuAgNulFstCBfjuHHHp054GA4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/ef6f1a-6dfc-494e-b85d-d18773e7bc47/1/sgZjWDqBicvqrIjUOHZ5l7ESVUk.crl rsync://rpki.ripe.net/repository/DEFAULT/65/ef6f1a-6dfc-494e-b85d-d18773e7bc47/1/sgZjWDqBicvqrIjUOHZ5l7ESVUk.mft rsync://rpki.ripe.net/repository/DEFAULT/sgZjWDqBicvqrIjUOHZ5l7ESVUk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 19:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:66:55:de:c0:00:87:80:70:b5:e2:76:80:c5:1a:7d:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b20663583a8189cbeaac88d438767997b1125549 Validity Not Before: Dec 28 19:01:02 2025 GMT Not After : Dec 29 19:01:02 2025 GMT Subject: CN=dd53c143168414704955e822b7ef9e9dda4c2f9c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:1c:32:e9:39:2c:fc:09:e9:07:07:25:81:67: a5:4a:5e:79:f5:06:08:f8:3a:6e:d4:e2:30:37:f2: 95:9f:80:1a:3c:ca:89:ec:12:c9:9d:46:04:84:72: ed:1b:4d:58:8e:c6:ce:16:3a:cc:4b:14:39:82:7c: 42:cf:1e:e0:af:c5:e6:21:ee:42:d7:84:0f:06:e8: 69:02:86:73:19:a7:09:a3:07:cf:9d:c4:70:f2:d8: e3:b0:38:88:a9:76:30:aa:ec:2e:7d:d0:5f:a9:7a: 53:8e:48:43:9f:17:ce:19:77:a8:a7:5a:50:1e:a5: 60:cf:03:87:08:5e:f1:41:8e:e5:5e:6b:ba:de:56: 64:2f:7b:7f:1b:6b:28:29:d1:34:48:cd:19:a8:62: f5:a6:b3:bd:03:78:ec:a7:31:db:8a:8d:ea:18:c3: a4:bc:01:b3:f7:08:e2:df:ff:91:bd:10:25:b2:a0: f9:82:af:32:de:e9:76:17:5c:16:35:5d:e8:e4:e3: 3a:e3:48:b6:ab:10:8f:be:06:d9:14:69:64:c8:23: e4:68:d4:f9:4c:a5:1c:f2:61:03:40:03:60:64:fc: 74:68:a3:1c:c3:86:2d:3f:a3:10:80:1d:86:c1:66: 55:2f:f4:3c:87:ac:24:28:4e:2d:ea:12:f4:28:8e: e3:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:53:C1:43:16:84:14:70:49:55:E8:22:B7:EF:9E:9D:DA:4C:2F:9C X509v3 Authority Key Identifier: keyid:B2:06:63:58:3A:81:89:CB:EA:AC:88:D4:38:76:79:97:B1:12:55:49 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sgZjWDqBicvqrIjUOHZ5l7ESVUk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/ef6f1a-6dfc-494e-b85d-d18773e7bc47/1/sgZjWDqBicvqrIjUOHZ5l7ESVUk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/ef6f1a-6dfc-494e-b85d-d18773e7bc47/1/sgZjWDqBicvqrIjUOHZ5l7ESVUk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 19:da:a3:fe:23:d6:b0:7d:34:ac:e7:c4:60:5b:21:25:fb:53: 75:4e:13:90:86:67:d2:cf:b4:dd:8c:ef:7c:fe:85:8c:b8:8a: 3c:a0:58:3c:e1:73:77:af:a4:18:2c:3f:ba:ce:66:16:b9:b9: 77:ed:b0:f3:1b:fc:79:89:3b:5d:42:ca:f0:2e:09:7b:e6:3c: c5:b1:0f:ba:61:55:39:60:f3:fc:bf:42:e7:3d:c0:d4:38:b8: 05:e6:c5:da:3f:da:fb:45:78:88:eb:cb:a0:b1:ed:22:37:88: 7d:63:26:01:a2:28:c0:d8:dc:fb:bc:e4:23:b7:77:a2:aa:ff: aa:6f:0f:7c:d5:43:31:a6:1a:e1:ac:89:1b:ea:c3:08:fb:4d: e6:1d:4e:56:59:fe:0f:b0:4d:0c:8b:2c:00:ce:6d:44:6b:95: 6a:c5:22:6d:64:8f:ea:18:c6:09:ae:78:ef:44:db:3c:cf:e7: fa:c8:c4:4b:01:12:b6:44:4c:35:1f:de:07:2c:f1:56:82:09: f1:48:30:2c:04:5a:a1:61:20:88:78:d4:3f:04:2f:f7:e9:05: 34:2d:94:2e:f9:46:d6:f0:23:86:df:cf:33:2f:ac:7b:ea:9b: 22:82:50:8d:08:2a:ae:34:1e:9e:08:71:4a:92:09:1c:7f:19: a4:06:43:a9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtmVd7AAIeAcLXidoDFGn2uMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIyMDY2MzU4M2E4MTg5Y2JlYWFjODhkNDM4NzY3OTk3YjEx MjU1NDkwHhcNMjUxMjI4MTkwMTAyWhcNMjUxMjI5MTkwMTAyWjAzMTEwLwYDVQQD EyhkZDUzYzE0MzE2ODQxNDcwNDk1NWU4MjJiN2VmOWU5ZGRhNGMyZjljMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBwy6Tks/AnpBwclgWelSl559QYI +Dpu1OIwN/KVn4AaPMqJ7BLJnUYEhHLtG01YjsbOFjrMSxQ5gnxCzx7gr8XmIe5C 14QPBuhpAoZzGacJowfPncRw8tjjsDiIqXYwquwufdBfqXpTjkhDnxfOGXeop1pQ HqVgzwOHCF7xQY7lXmu63lZkL3t/G2soKdE0SM0ZqGL1prO9A3jspzHbio3qGMOk vAGz9wji3/+RvRAlsqD5gq8y3ul2F1wWNV3o5OM640i2qxCPvgbZFGlkyCPkaNT5 TKUc8mEDQANgZPx0aKMcw4YtP6MQgB2GwWZVL/Q8h6wkKE4t6hL0KI7jHQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN1TwUMWhBRwSVXoIrfvnp3aTC+cMB8GA1UdIwQY MBaAFLIGY1g6gYnL6qyI1Dh2eZexElVJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc2daaldEcUJpY3ZxcklqVU9IWjVsN0VTVlVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9lZjZmMWEtNmRmYy00OTRlLWI4NWQt ZDE4NzczZTdiYzQ3LzEvc2daaldEcUJpY3ZxcklqVU9IWjVsN0VTVlVrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS9lZjZmMWEtNmRmYy00OTRlLWI4NWQtZDE4NzczZTdiYzQ3 LzEvc2daaldEcUJpY3ZxcklqVU9IWjVsN0VTVlVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGdqj/iPW sH00rOfEYFshJftTdU4TkIZn0s+03YzvfP6FjLiKPKBYPOFzd6+kGCw/us5mFrm5 d+2w8xv8eYk7XULK8C4Je+Y8xbEPumFVOWDz/L9C5z3A1Di4BebF2j/a+0V4iOvL oLHtIjeIfWMmAaIowNjc+7zkI7d3oqr/qm8PfNVDMaYa4ayJG+rDCPtN5h1OVln+ D7BNDIssAM5tRGuVasUibWSP6hjGCa5470TbPM/n+sjESwEStkRMNR/eByzxVoIJ 8UgwLARaoWEgiHjUPwQv9+kFNC2ULvlG1vAjht/PMy+se+qbIoJQjQgqrjQenghx SpIJHH8ZpAZDqQ== -----END CERTIFICATE-----Generated at Mon Dec 29 02:25:36 2025 by rpki-client