This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft File: GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft (raw, json) Hash identifier: jl+ILBwce+pc99yRPX1Td3r0jkYN97Kv2iudSZYfLzI= Subject key identifier: 97:C4:48:62:C7:C8:E6:78:AB:07:2C:0D:6D:85:64:6C:6F:20:95:BC Authority key identifier: 1A:66:81:9E:D6:2A:71:09:0C:F4:37:E4:26:30:12:D4:C0:35:06:7D Certificate issuer: /CN=1a66819ed62a71090cf437e4263012d4c035067d Certificate serial: 019B44A546A31455FD2CEC848F3BF2E12A20 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GmaBntYqcQkM9DfkJjAS1MA1Bn0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft Manifest number: 1789 Signing time: Mon 22 Dec 2025 06:00:40 +0000 Manifest this update: Mon 22 Dec 2025 06:00:40 +0000 Manifest next update: Tue 23 Dec 2025 06:00:40 +0000 Files and hashes: 1: GmaBntYqcQkM9DfkJjAS1MA1Bn0.crl (hash: YvSrrRwgtw/bQNDed69UnmB1eWdVsSPtRisCGZpcjMg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.crl rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft rsync://rpki.ripe.net/repository/DEFAULT/GmaBntYqcQkM9DfkJjAS1MA1Bn0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 06:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:a5:46:a3:14:55:fd:2c:ec:84:8f:3b:f2:e1:2a:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1a66819ed62a71090cf437e4263012d4c035067d Validity Not Before: Dec 22 06:00:40 2025 GMT Not After : Dec 23 06:00:40 2025 GMT Subject: CN=97c44862c7c8e678ab072c0d6d85646c6f2095bc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:c4:57:df:f4:80:a6:ef:8a:1c:bb:b6:59:20: b8:9a:26:65:84:42:a8:b2:a3:2f:6c:55:45:df:64: 03:f2:6b:62:4f:55:e1:7d:63:a1:57:71:80:f8:d3: 83:c1:92:60:70:57:85:8e:1f:27:f8:6a:07:93:42: 62:44:0d:7b:40:74:15:7d:26:fd:99:b2:7f:99:78: 54:16:49:42:42:44:04:e6:41:da:32:40:4d:29:a4: 35:8b:ef:84:d3:f0:b5:01:3b:2d:7a:0f:c9:b4:13: 3e:41:de:21:13:34:41:4c:8a:02:db:27:49:da:aa: 3b:a5:0b:42:14:54:f8:51:10:f6:69:ec:b5:af:43: a3:3a:e2:6f:73:e5:a9:d9:98:80:34:8e:0a:59:32: c1:76:df:7a:13:15:1f:3b:e4:d1:a9:80:44:0a:ee: 27:fb:ad:c5:f4:03:64:ce:45:45:93:9c:40:f8:72: 0a:2f:49:86:ec:26:0d:1e:43:af:dc:4c:9d:2e:58: 98:1a:41:f1:e4:5c:b0:b5:ed:08:6a:64:80:f8:cd: 39:70:25:d2:9c:32:a3:7c:74:30:28:fd:e6:08:af: cd:6f:cf:6b:ff:38:f2:ba:f8:42:07:8d:1a:9f:5d: 71:1c:2a:55:ba:99:2a:91:32:f8:1f:09:52:81:84: e9:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:C4:48:62:C7:C8:E6:78:AB:07:2C:0D:6D:85:64:6C:6F:20:95:BC X509v3 Authority Key Identifier: keyid:1A:66:81:9E:D6:2A:71:09:0C:F4:37:E4:26:30:12:D4:C0:35:06:7D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GmaBntYqcQkM9DfkJjAS1MA1Bn0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1f:51:b4:31:b2:c3:96:f4:41:a4:f6:c9:10:35:9c:d9:75:8d: 2d:b7:7f:4e:d0:24:47:f9:7e:4e:66:5a:73:bc:c6:f0:e4:54: 69:ce:43:14:06:79:49:e3:6e:c7:40:3e:7f:42:12:8c:8f:37: c9:b1:91:3f:fe:ff:99:6d:02:94:ad:5f:61:7f:cb:53:d0:6e: 87:b8:62:d0:f0:b2:5e:35:28:3f:1b:ed:0e:c3:b2:b7:b6:2b: e6:a6:9c:db:74:d2:89:45:82:64:5b:11:36:b4:69:54:65:a4: 03:14:c0:34:9d:4e:f0:4a:fa:2c:d5:7a:a9:1c:ac:e4:d2:d5: 54:d1:96:3d:b9:64:3c:62:cc:33:f2:91:93:44:21:a9:ce:de: 45:d3:24:0a:00:6f:69:7c:f9:65:e4:a2:72:c2:f4:7b:78:58: e4:48:9b:11:ea:f4:4c:8b:50:6f:24:ae:b7:08:98:7e:c7:a3: 18:74:3e:48:64:91:82:c5:e3:67:10:e1:f7:ea:13:87:21:36: 65:36:1a:5a:df:9b:65:e8:1b:d1:96:01:74:ed:1e:d9:48:6e: d1:25:58:b3:b9:31:14:3b:42:c1:93:47:7f:4d:65:19:52:d0: 27:3d:fe:69:98:cb:2f:6f:e1:af:d1:5e:24:36:38:46:97:6e: ed:bb:46:06 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtEpUajFFX9LOyEjzvy4SogMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFhNjY4MTllZDYyYTcxMDkwY2Y0MzdlNDI2MzAxMmQ0YzAz NTA2N2QwHhcNMjUxMjIyMDYwMDQwWhcNMjUxMjIzMDYwMDQwWjAzMTEwLwYDVQQD Eyg5N2M0NDg2MmM3YzhlNjc4YWIwNzJjMGQ2ZDg1NjQ2YzZmMjA5NWJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8RX3/SApu+KHLu2WSC4miZlhEKo sqMvbFVF32QD8mtiT1XhfWOhV3GA+NODwZJgcFeFjh8n+GoHk0JiRA17QHQVfSb9 mbJ/mXhUFklCQkQE5kHaMkBNKaQ1i++E0/C1ATsteg/JtBM+Qd4hEzRBTIoC2ydJ 2qo7pQtCFFT4URD2aey1r0OjOuJvc+Wp2ZiANI4KWTLBdt96ExUfO+TRqYBECu4n +63F9ANkzkVFk5xA+HIKL0mG7CYNHkOv3EydLliYGkHx5Fywte0IamSA+M05cCXS nDKjfHQwKP3mCK/Nb89r/zjyuvhCB40an11xHCpVupkqkTL4HwlSgYTpqwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJfESGLHyOZ4qwcsDW2FZGxvIJW8MB8GA1UdIwQY MBaAFBpmgZ7WKnEJDPQ35CYwEtTANQZ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR21hQm50WXFjUWtNOURma0pqQVMxTUExQm4wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC82OTNlMzgtMWM3ZC00Yzg0LWEwNjQt NzY0ZjgyMmRkYzU3LzEvR21hQm50WXFjUWtNOURma0pqQVMxTUExQm4wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNC82OTNlMzgtMWM3ZC00Yzg0LWEwNjQtNzY0ZjgyMmRkYzU3 LzEvR21hQm50WXFjUWtNOURma0pqQVMxTUExQm4wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH1G0MbLD lvRBpPbJEDWc2XWNLbd/TtAkR/l+TmZac7zG8ORUac5DFAZ5SeNux0A+f0ISjI83 ybGRP/7/mW0ClK1fYX/LU9Buh7hi0PCyXjUoPxvtDsOyt7Yr5qac23TSiUWCZFsR NrRpVGWkAxTANJ1O8Er6LNV6qRys5NLVVNGWPblkPGLMM/KRk0Qhqc7eRdMkCgBv aXz5ZeSicsL0e3hY5EibEer0TItQbySutwiYfsejGHQ+SGSRgsXjZxDh9+oThyE2 ZTYaWt+bZegb0ZYBdO0e2Uhu0SVYs7kxFDtCwZNHf01lGVLQJz3+aZjLL2/hr9Fe JDY4Rpdu7btGBg== -----END CERTIFICATE-----Generated at Mon Dec 22 09:33:10 2025 by rpki-client