This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft File: sgzLpAbArQxb4AB22ZgLNIhWmoo.mft (raw, json) Hash identifier: /9YuTKjDIZXEg7IE38ZAU3dJSa+ztrA52HF8jLR+iAM= Subject key identifier: 46:7C:1E:DC:E1:10:E6:DE:11:82:10:6C:C6:FF:9B:64:0C:36:B7:71 Authority key identifier: B2:0C:CB:A4:06:C0:AD:0C:5B:E0:00:76:D9:98:0B:34:88:56:9A:8A Certificate issuer: /CN=b20ccba406c0ad0c5be00076d9980b3488569a8a Certificate serial: 019AF50A2EE846047F2194C8BE01C566C6D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft Manifest number: 1248 Signing time: Sat 06 Dec 2025 19:01:16 +0000 Manifest this update: Sat 06 Dec 2025 19:01:16 +0000 Manifest next update: Sun 07 Dec 2025 19:01:16 +0000 Files and hashes: 1: sgzLpAbArQxb4AB22ZgLNIhWmoo.crl (hash: kDGiNlgFvEofQ+gCGdyGYIqeLETseIl3KxoXdfrLV+k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 19:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:0a:2e:e8:46:04:7f:21:94:c8:be:01:c5:66:c6:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b20ccba406c0ad0c5be00076d9980b3488569a8a Validity Not Before: Dec 6 19:01:16 2025 GMT Not After : Dec 7 19:01:16 2025 GMT Subject: CN=467c1edce110e6de1182106cc6ff9b640c36b771 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:0a:cf:be:91:4e:5d:34:1f:13:7d:68:94:db: bd:48:46:f7:2c:10:eb:47:a1:02:91:02:88:7d:29: ba:ac:30:f1:0a:27:9e:32:14:ac:f8:96:03:46:ac: ec:74:7f:11:c2:73:50:c4:a8:f6:8a:38:a8:7c:c2: f2:d8:d7:57:e8:ac:78:ae:48:6a:68:40:b1:29:17: ec:74:08:ac:fe:9e:1c:5b:f3:7f:34:3d:57:85:ed: ce:01:cb:60:59:f0:1e:2e:5f:86:da:58:bf:38:7c: c5:64:f2:fa:9d:bc:8f:94:1b:43:d4:17:39:3e:79: 07:76:37:79:b4:61:fd:69:85:18:a3:da:74:63:d4: 20:5d:8f:87:32:a1:da:26:1f:05:eb:28:59:df:57: c2:53:5b:21:8a:cb:1f:f3:82:11:85:4b:c4:fa:00: aa:cf:d4:a5:e4:ec:f2:8f:78:b0:cb:55:70:5b:43: e8:a7:f5:0f:e2:ec:f2:a1:eb:59:a8:05:f5:79:b3: dc:3d:70:2f:0e:85:ef:66:e0:20:47:5f:63:15:f2: 24:28:7e:aa:b0:f2:52:e2:ca:06:c8:8a:28:c1:1c: 39:6b:f5:0d:97:dd:84:7f:00:79:32:f9:28:56:b5: ee:e9:eb:2b:8a:90:37:70:d8:4a:09:d5:7d:b3:ab: 1f:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:7C:1E:DC:E1:10:E6:DE:11:82:10:6C:C6:FF:9B:64:0C:36:B7:71 X509v3 Authority Key Identifier: keyid:B2:0C:CB:A4:06:C0:AD:0C:5B:E0:00:76:D9:98:0B:34:88:56:9A:8A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c6:9b:5f:aa:40:46:38:4d:e5:ac:59:c3:d1:41:3b:7c:7c:f3: 5e:96:5a:85:04:15:6b:c3:ba:59:5c:98:a3:f1:4a:8f:9f:90: e2:49:f5:92:4b:85:0f:ee:bd:f3:1f:94:13:a9:ee:98:ca:be: d7:32:41:9c:1d:b4:73:42:16:90:d2:e0:e9:85:07:13:26:e6: cc:f4:1e:f9:52:c5:0c:37:5d:79:8c:4a:8a:3b:97:6a:99:b7: aa:b2:1e:76:5e:60:6a:56:40:e2:51:92:85:6b:3a:fd:69:9f: 8a:87:de:6e:5a:45:f7:f0:84:c2:69:30:35:39:31:d5:60:4a: da:2e:a7:ef:c6:c6:30:4b:34:a5:79:20:b1:89:3e:88:57:b7: 6c:49:f6:f5:da:7f:63:1e:81:78:c0:91:d1:ae:cd:93:99:6d: 2a:d3:14:b8:4a:4e:19:dd:60:e5:ba:75:b2:24:76:e8:25:64: ff:31:82:65:e1:cf:60:32:ad:20:1d:d5:be:4b:8f:d6:e7:14: 98:6b:28:ae:70:50:c2:3b:7c:bd:8e:36:39:a4:b8:e0:e4:49: 20:3b:a7:14:f5:e2:b4:53:ff:71:79:43:69:7e:f6:6d:93:e7: 86:2a:30:c5:b4:2f:50:38:16:78:58:5c:9c:27:d6:d1:2b:96: e7:64:e3:28 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1Ci7oRgR/IZTIvgHFZsbQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIyMGNjYmE0MDZjMGFkMGM1YmUwMDA3NmQ5OTgwYjM0ODg1 NjlhOGEwHhcNMjUxMjA2MTkwMTE2WhcNMjUxMjA3MTkwMTE2WjAzMTEwLwYDVQQD Eyg0NjdjMWVkY2UxMTBlNmRlMTE4MjEwNmNjNmZmOWI2NDBjMzZiNzcxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzArPvpFOXTQfE31olNu9SEb3LBDr R6ECkQKIfSm6rDDxCieeMhSs+JYDRqzsdH8RwnNQxKj2ijiofMLy2NdX6Kx4rkhq aECxKRfsdAis/p4cW/N/ND1Xhe3OActgWfAeLl+G2li/OHzFZPL6nbyPlBtD1Bc5 PnkHdjd5tGH9aYUYo9p0Y9QgXY+HMqHaJh8F6yhZ31fCU1shissf84IRhUvE+gCq z9Sl5Ozyj3iwy1VwW0Pop/UP4uzyoetZqAX1ebPcPXAvDoXvZuAgR19jFfIkKH6q sPJS4soGyIoowRw5a/UNl92EfwB5MvkoVrXu6esripA3cNhKCdV9s6sfJwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEZ8HtzhEObeEYIQbMb/m2QMNrdxMB8GA1UdIwQY MBaAFLIMy6QGwK0MW+AAdtmYCzSIVpqKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83NDNhNTAtZDdmNC00MmQxLWEwOWQt N2NhOTNlY2IyMjM0LzEvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS83NDNhNTAtZDdmNC00MmQxLWEwOWQtN2NhOTNlY2IyMjM0 LzEvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxptfqkBG OE3lrFnD0UE7fHzzXpZahQQVa8O6WVyYo/FKj5+Q4kn1kkuFD+698x+UE6numMq+ 1zJBnB20c0IWkNLg6YUHEybmzPQe+VLFDDddeYxKijuXapm3qrIedl5galZA4lGS hWs6/WmfiofeblpF9/CEwmkwNTkx1WBK2i6n78bGMEs0pXkgsYk+iFe3bEn29dp/ Yx6BeMCR0a7Nk5ltKtMUuEpOGd1g5bp1siR26CVk/zGCZeHPYDKtIB3VvkuP1ucU mGsornBQwjt8vY42OaS44ORJIDunFPXitFP/cXlDaX72bZPnhiowxbQvUDgWeFhc nCfW0SuW52TjKA== -----END CERTIFICATE-----Generated at Sun Dec 7 02:51:35 2025 by rpki-client