This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/13da12-e553-4714-9618-4ce506cf7a2c/1/STGaFtGrBlzvNlhRkqfv-H-VFV8.mft File: STGaFtGrBlzvNlhRkqfv-H-VFV8.mft (raw, json) Hash identifier: vmM2jNHo39BjK0zCyF9IT9j9+s5aAaMAlKCyFP0VLzw= Subject key identifier: FE:15:49:11:85:B3:16:63:79:9F:F6:FE:29:D8:A8:F1:A6:E6:1B:C6 Authority key identifier: 49:31:9A:16:D1:AB:06:5C:EF:36:58:51:92:A7:EF:F8:7F:95:15:5F Certificate issuer: /CN=49319a16d1ab065cef36585192a7eff87f95155f Certificate serial: 019BAA9224B9C9DBA0DAD74574277D15F710 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/STGaFtGrBlzvNlhRkqfv-H-VFV8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/13da12-e553-4714-9618-4ce506cf7a2c/1/STGaFtGrBlzvNlhRkqfv-H-VFV8.mft Manifest number: 0683 Signing time: Sun 11 Jan 2026 01:01:02 +0000 Manifest this update: Sun 11 Jan 2026 01:01:02 +0000 Manifest next update: Mon 12 Jan 2026 01:01:02 +0000 Files and hashes: 1: STGaFtGrBlzvNlhRkqfv-H-VFV8.crl (hash: HS3LZe1arV6akIBgDjT71/5DLK93vwpJF0FNo9ES1ao=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/13da12-e553-4714-9618-4ce506cf7a2c/1/STGaFtGrBlzvNlhRkqfv-H-VFV8.crl rsync://rpki.ripe.net/repository/DEFAULT/e4/13da12-e553-4714-9618-4ce506cf7a2c/1/STGaFtGrBlzvNlhRkqfv-H-VFV8.mft rsync://rpki.ripe.net/repository/DEFAULT/STGaFtGrBlzvNlhRkqfv-H-VFV8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 01:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:aa:92:24:b9:c9:db:a0:da:d7:45:74:27:7d:15:f7:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=49319a16d1ab065cef36585192a7eff87f95155f Validity Not Before: Jan 11 01:01:02 2026 GMT Not After : Jan 12 01:01:02 2026 GMT Subject: CN=fe15491185b31663799ff6fe29d8a8f1a6e61bc6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:2f:d9:d9:34:a0:b6:c8:07:d6:c9:d6:06:08: 80:5c:64:77:4d:36:2d:e5:e1:c2:f8:dd:08:7f:ad: 1f:75:64:68:3c:75:76:13:5b:3d:83:8c:d5:ee:ba: 6d:89:08:99:c9:74:e6:66:0e:80:c9:8b:27:41:e2: b2:8a:e2:32:b1:f7:79:4f:bc:63:6c:a6:eb:1e:57: b2:a3:63:69:4a:0a:1e:c3:26:ef:26:93:1e:6f:f9: d4:c0:9d:19:96:6f:ea:de:83:1c:59:bc:16:be:b6: ce:b4:47:87:60:e2:43:98:58:57:41:bf:da:31:05: d3:6b:8f:1f:ad:cd:9d:12:b7:ed:ba:0b:ec:9c:cc: 0e:6d:29:97:7c:da:ad:f4:07:76:af:9b:08:5f:2c: e5:6e:54:38:87:91:66:0e:82:4a:cc:a7:6f:b9:0d: b8:5d:f2:d1:7e:97:16:56:c1:8b:a1:71:17:1b:a5: b4:e6:ae:19:9e:3a:9d:ae:30:33:6c:47:93:3e:51: 83:a6:87:d9:e9:c3:26:68:91:9c:5e:98:ac:8e:77: 17:25:67:9e:2b:e2:3b:85:9a:a8:7d:0a:98:c1:1e: 70:a8:d5:e8:34:8e:58:81:94:c0:3d:08:fb:e5:ae: fe:b3:93:45:48:38:7e:ef:38:ab:ff:93:5b:c9:30: 6d:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:15:49:11:85:B3:16:63:79:9F:F6:FE:29:D8:A8:F1:A6:E6:1B:C6 X509v3 Authority Key Identifier: keyid:49:31:9A:16:D1:AB:06:5C:EF:36:58:51:92:A7:EF:F8:7F:95:15:5F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/STGaFtGrBlzvNlhRkqfv-H-VFV8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/13da12-e553-4714-9618-4ce506cf7a2c/1/STGaFtGrBlzvNlhRkqfv-H-VFV8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/13da12-e553-4714-9618-4ce506cf7a2c/1/STGaFtGrBlzvNlhRkqfv-H-VFV8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 57:85:3f:d8:fd:44:9c:8f:c7:19:01:fb:e6:d3:5e:59:20:5c: ec:c3:ef:02:7c:cd:54:c2:0b:cf:2e:50:f3:b7:af:6e:ec:f4: e7:54:ef:d2:ae:70:95:12:9d:06:06:c0:f4:26:c9:57:27:9e: 6c:91:65:28:6c:aa:6f:72:53:dd:8f:ee:1b:ef:4b:46:f9:2d: ac:44:7d:38:15:fe:56:c2:4a:dc:01:34:89:ff:16:f7:55:b6: c1:61:08:a8:d0:f2:0b:74:68:f8:49:bd:1a:17:29:81:b0:a6: 89:03:ed:56:9e:a2:1d:27:17:cc:91:62:2f:45:d5:bc:64:34: 22:08:17:d0:b6:07:cd:4f:fc:28:37:63:41:71:03:f9:b5:9d: dc:dc:1f:b5:4a:0e:c7:a3:81:cb:41:60:46:a1:17:4b:45:93: 53:a4:a7:66:4a:c1:39:23:52:dd:be:0e:6b:7e:14:10:6b:e0: e6:ba:12:be:d1:6f:7c:c9:8a:bb:37:79:61:b3:7a:ac:d7:97: b6:1b:1f:ad:59:28:e4:56:5d:d2:f9:ce:e5:f3:37:c6:8d:6c: f9:92:07:88:00:e1:9b:41:ce:56:af:e5:01:fd:a0:2f:5b:db: ad:ee:00:b3:63:56:03:93:1f:78:48:19:48:03:58:ba:40:de: 54:4f:58:bc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuqkiS5ydug2tdFdCd9FfcQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ5MzE5YTE2ZDFhYjA2NWNlZjM2NTg1MTkyYTdlZmY4N2Y5 NTE1NWYwHhcNMjYwMTExMDEwMTAyWhcNMjYwMTEyMDEwMTAyWjAzMTEwLwYDVQQD EyhmZTE1NDkxMTg1YjMxNjYzNzk5ZmY2ZmUyOWQ4YThmMWE2ZTYxYmM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0i/Z2TSgtsgH1snWBgiAXGR3TTYt 5eHC+N0If60fdWRoPHV2E1s9g4zV7rptiQiZyXTmZg6AyYsnQeKyiuIysfd5T7xj bKbrHleyo2NpSgoewybvJpMeb/nUwJ0Zlm/q3oMcWbwWvrbOtEeHYOJDmFhXQb/a MQXTa48frc2dErftugvsnMwObSmXfNqt9Ad2r5sIXyzlblQ4h5FmDoJKzKdvuQ24 XfLRfpcWVsGLoXEXG6W05q4ZnjqdrjAzbEeTPlGDpofZ6cMmaJGcXpisjncXJWee K+I7hZqofQqYwR5wqNXoNI5YgZTAPQj75a7+s5NFSDh+7zir/5NbyTBt3wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFP4VSRGFsxZjeZ/2/inYqPGm5hvGMB8GA1UdIwQY MBaAFEkxmhbRqwZc7zZYUZKn7/h/lRVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU1RHYUZ0R3JCbHp2TmxoUmtxZnYtSC1WRlY4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8xM2RhMTItZTU1My00NzE0LTk2MTgt NGNlNTA2Y2Y3YTJjLzEvU1RHYUZ0R3JCbHp2TmxoUmtxZnYtSC1WRlY4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNC8xM2RhMTItZTU1My00NzE0LTk2MTgtNGNlNTA2Y2Y3YTJj LzEvU1RHYUZ0R3JCbHp2TmxoUmtxZnYtSC1WRlY4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV4U/2P1E nI/HGQH75tNeWSBc7MPvAnzNVMILzy5Q87evbuz051Tv0q5wlRKdBgbA9CbJVyee bJFlKGyqb3JT3Y/uG+9LRvktrER9OBX+VsJK3AE0if8W91W2wWEIqNDyC3Ro+Em9 GhcpgbCmiQPtVp6iHScXzJFiL0XVvGQ0IggX0LYHzU/8KDdjQXED+bWd3NwftUoO x6OBy0FgRqEXS0WTU6SnZkrBOSNS3b4Oa34UEGvg5roSvtFvfMmKuzd5YbN6rNeX thsfrVko5FZd0vnO5fM3xo1s+ZIHiADhm0HOVq/lAf2gL1vbre4As2NWA5MfeEgZ SANYukDeVE9YvA== -----END CERTIFICATE-----Generated at Sun Jan 11 11:31:13 2026 by rpki-client