This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/sgTq-NsT70M8-YIp0jLTMKX14lY.mft File: sgTq-NsT70M8-YIp0jLTMKX14lY.mft (raw, json) Hash identifier: Yu2yHCGdMdqi5MHhyFv/kVTpKZaGIdlHfHdUYo6RXlA= Subject key identifier: 54:4E:EE:FA:88:68:3D:6E:84:A3:83:AE:BA:AB:34:01:D7:83:40:20 Authority key identifier: B2:04:EA:F8:DB:13:EF:43:3C:F9:82:29:D2:32:D3:30:A5:F5:E2:56 Certificate issuer: /CN=b204eaf8db13ef433cf98229d232d330a5f5e256 Certificate serial: 019B3EA3BABEF4A8B448C60CC5E44E11D745 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sgTq-NsT70M8-YIp0jLTMKX14lY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/sgTq-NsT70M8-YIp0jLTMKX14lY.mft Manifest number: 1789 Signing time: Sun 21 Dec 2025 02:01:15 +0000 Manifest this update: Sun 21 Dec 2025 02:01:15 +0000 Manifest next update: Mon 22 Dec 2025 02:01:15 +0000 Files and hashes: 1: sgTq-NsT70M8-YIp0jLTMKX14lY.crl (hash: toOBCqBWtOpOrVvFDr2Jz5iA7EOn8NMK01IWcmcSQng=) 2: xgKcu0KPsxc8M315Trs0GW1UUwk.roa (hash: ICZ6+2Jz2veLFc1cLdSpid822PA3P/5mVBK8JthGSW0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/sgTq-NsT70M8-YIp0jLTMKX14lY.crl rsync://rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/sgTq-NsT70M8-YIp0jLTMKX14lY.mft rsync://rpki.ripe.net/repository/DEFAULT/sgTq-NsT70M8-YIp0jLTMKX14lY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:a3:ba:be:f4:a8:b4:48:c6:0c:c5:e4:4e:11:d7:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b204eaf8db13ef433cf98229d232d330a5f5e256 Validity Not Before: Dec 21 02:01:15 2025 GMT Not After : Dec 22 02:01:15 2025 GMT Subject: CN=544eeefa88683d6e84a383aebaab3401d7834020 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:bc:87:ea:40:76:62:e1:6c:da:75:19:a4:8b: 92:e5:4f:a1:3a:50:40:d3:0d:a8:37:20:c4:66:67: 8b:fe:55:f4:7b:2f:8f:bd:76:08:c7:89:2b:d6:3b: 4b:b8:2e:1c:89:10:42:59:7a:10:8a:eb:62:9c:9f: 8f:65:1f:ef:f7:09:57:e3:f5:c5:f6:08:ed:d1:b1: 73:c8:66:3a:43:99:64:9b:83:c2:9c:4a:58:cd:c4: 5e:b1:f0:f2:3f:68:04:e5:9b:4b:8c:4c:02:ad:84: 6c:04:f1:5f:21:41:52:96:b0:58:95:44:8d:c5:61: 6d:92:9a:8b:db:df:2d:7d:14:24:9b:06:a7:f3:c5: 26:a2:b0:66:92:1d:e1:0c:dc:42:db:fe:05:f9:ab: 6e:6a:ae:2c:8b:47:2d:ad:19:7d:cc:0f:4d:f1:5d: 40:df:df:1a:9f:2b:be:05:9a:f7:9f:c3:f1:70:cc: 39:8a:8e:09:b4:2d:df:4a:50:4c:70:e8:59:26:7d: b4:a9:50:b3:19:99:96:d1:67:9e:d9:ce:62:37:27: f9:df:8b:60:52:c2:37:08:71:2c:f8:ed:35:5e:f5: 44:10:5b:c2:2a:82:47:d0:bb:a7:b4:36:fc:b1:2a: 91:5a:8a:28:7c:6e:1a:9e:a8:ea:72:90:53:d9:d3: a5:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:4E:EE:FA:88:68:3D:6E:84:A3:83:AE:BA:AB:34:01:D7:83:40:20 X509v3 Authority Key Identifier: keyid:B2:04:EA:F8:DB:13:EF:43:3C:F9:82:29:D2:32:D3:30:A5:F5:E2:56 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sgTq-NsT70M8-YIp0jLTMKX14lY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/sgTq-NsT70M8-YIp0jLTMKX14lY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/sgTq-NsT70M8-YIp0jLTMKX14lY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 68:a0:14:d0:e8:35:51:3d:c0:99:91:96:ad:52:c8:a5:2f:66: 56:7a:b2:2a:96:02:9c:f1:8b:86:8c:40:fa:d0:a6:95:23:3e: 0d:e3:55:ca:a1:c5:00:ee:ba:0a:6b:c0:7c:a6:44:33:fc:24: 49:00:3e:54:f1:f0:02:c8:78:84:4f:f8:54:30:f1:5f:ef:06: df:58:07:a9:24:ca:14:9b:ba:9e:82:2e:3d:70:5e:4a:54:8e: 9e:60:cb:8d:b7:3b:08:24:a6:d0:32:1c:35:5e:75:02:76:25: e4:1b:2b:e3:53:e3:3e:a3:58:11:ef:15:1d:b6:9a:29:95:ec: 36:7e:3e:69:a4:79:50:c7:ee:e7:da:cc:c7:47:1a:85:5a:fd: ce:b4:f7:84:9b:e8:cd:f7:03:8c:ac:a7:22:44:7c:0c:fb:10: 08:7c:9c:9f:6c:d0:0f:e0:65:78:02:af:46:79:67:ec:16:59: 7e:b1:87:c5:e3:06:fd:53:9a:fc:12:5d:d9:8e:8b:15:bc:c2: 6f:1c:43:28:9f:4a:26:db:20:7d:4c:bd:98:31:5e:79:1a:5f: 00:f8:3e:ef:62:56:be:84:ea:44:3d:d6:fc:61:ad:33:35:97: 95:f4:cf:70:74:b5:2e:b5:a3:27:83:e0:4e:4d:df:3f:41:69: a9:43:83:26 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+o7q+9Ki0SMYMxeROEddFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIyMDRlYWY4ZGIxM2VmNDMzY2Y5ODIyOWQyMzJkMzMwYTVm NWUyNTYwHhcNMjUxMjIxMDIwMTE1WhcNMjUxMjIyMDIwMTE1WjAzMTEwLwYDVQQD Eyg1NDRlZWVmYTg4NjgzZDZlODRhMzgzYWViYWFiMzQwMWQ3ODM0MDIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnryH6kB2YuFs2nUZpIuS5U+hOlBA 0w2oNyDEZmeL/lX0ey+PvXYIx4kr1jtLuC4ciRBCWXoQiutinJ+PZR/v9wlX4/XF 9gjt0bFzyGY6Q5lkm4PCnEpYzcResfDyP2gE5ZtLjEwCrYRsBPFfIUFSlrBYlUSN xWFtkpqL298tfRQkmwan88UmorBmkh3hDNxC2/4F+atuaq4si0ctrRl9zA9N8V1A 398anyu+BZr3n8PxcMw5io4JtC3fSlBMcOhZJn20qVCzGZmW0Wee2c5iNyf534tg UsI3CHEs+O01XvVEEFvCKoJH0LuntDb8sSqRWooofG4anqjqcpBT2dOlGQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFRO7vqIaD1uhKODrrqrNAHXg0AgMB8GA1UdIwQY MBaAFLIE6vjbE+9DPPmCKdIy0zCl9eJWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc2dUcS1Oc1Q3ME04LVlJcDBqTFRNS1gxNGxZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC81OTc2MzgtNzEzYy00NGI3LTliNzAt MjUwMTdlYzk0MDk1LzEvc2dUcS1Oc1Q3ME04LVlJcDBqTFRNS1gxNGxZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC81OTc2MzgtNzEzYy00NGI3LTliNzAtMjUwMTdlYzk0MDk1 LzEvc2dUcS1Oc1Q3ME04LVlJcDBqTFRNS1gxNGxZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaKAU0Og1 UT3AmZGWrVLIpS9mVnqyKpYCnPGLhoxA+tCmlSM+DeNVyqHFAO66CmvAfKZEM/wk SQA+VPHwAsh4hE/4VDDxX+8G31gHqSTKFJu6noIuPXBeSlSOnmDLjbc7CCSm0DIc NV51AnYl5Bsr41PjPqNYEe8VHbaaKZXsNn4+aaR5UMfu59rMx0cahVr9zrT3hJvo zfcDjKynIkR8DPsQCHycn2zQD+BleAKvRnln7BZZfrGHxeMG/VOa/BJd2Y6LFbzC bxxDKJ9KJtsgfUy9mDFeeRpfAPg+72JWvoTqRD3W/GGtMzWXlfTPcHS1LrWjJ4Pg Tk3fP0FpqUODJg== -----END CERTIFICATE-----Generated at Sun Dec 21 05:21:08 2025 by rpki-client