This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft File: GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft (raw, json) Hash identifier: 7SwnuVN0Ba0SkLnWRO4MAHkn1jZl2mPyc4Q1ET2QKIE= Subject key identifier: 7F:F6:93:99:63:82:85:E9:B6:49:CB:F3:F9:80:85:47:F4:29:0F:32 Authority key identifier: 1A:66:81:9E:D6:2A:71:09:0C:F4:37:E4:26:30:12:D4:C0:35:06:7D Certificate issuer: /CN=1a66819ed62a71090cf437e4263012d4c035067d Certificate serial: 019AF19ACD2F984C09483C2540582FD174AB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GmaBntYqcQkM9DfkJjAS1MA1Bn0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft Manifest number: 175E Signing time: Sat 06 Dec 2025 03:00:45 +0000 Manifest this update: Sat 06 Dec 2025 03:00:45 +0000 Manifest next update: Sun 07 Dec 2025 03:00:45 +0000 Files and hashes: 1: GmaBntYqcQkM9DfkJjAS1MA1Bn0.crl (hash: YVp9k7naVYNdcbDC+kUPknHayML6EobpaEJc9G1KZKw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.crl rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft rsync://rpki.ripe.net/repository/DEFAULT/GmaBntYqcQkM9DfkJjAS1MA1Bn0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9a:cd:2f:98:4c:09:48:3c:25:40:58:2f:d1:74:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1a66819ed62a71090cf437e4263012d4c035067d Validity Not Before: Dec 6 03:00:45 2025 GMT Not After : Dec 7 03:00:45 2025 GMT Subject: CN=7ff69399638285e9b649cbf3f9808547f4290f32 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:38:94:9a:6a:71:0f:a5:c9:95:a1:60:88:42: 7d:17:45:4c:f1:44:46:85:95:56:8e:1c:0a:0f:ef: d9:7e:9e:c5:80:af:8c:aa:3e:d7:16:85:70:28:b0: df:a9:e5:66:66:39:4e:4d:fe:9f:fe:aa:6a:29:bf: a9:7b:58:61:bf:a5:04:fb:5a:af:43:40:9a:62:45: 62:5a:c7:72:27:d9:7f:4f:4f:26:01:db:38:28:21: 9a:87:b6:72:c2:64:32:eb:83:ad:87:2d:1c:ff:94: 5e:77:f3:0f:a5:92:54:8c:99:6b:36:04:45:02:19: 56:49:cf:93:14:b1:e8:b6:6b:9b:cb:36:a9:5d:06: c2:99:35:af:71:25:c0:0b:bf:da:a2:fe:fb:7b:98: 2f:c5:bb:fa:4c:4b:b9:21:18:22:a4:07:f4:d3:44: 65:f2:39:a4:72:f5:37:95:60:28:d2:e4:7e:25:ea: 9a:9e:7f:a1:ab:fc:d4:7e:15:71:31:b5:c1:18:e7: 55:fb:12:fd:2d:70:36:30:15:27:62:75:79:eb:b1: 21:88:ba:8b:82:50:54:b0:d6:c5:38:28:f3:33:09: 03:3b:29:46:a8:aa:58:a1:b0:88:84:cd:ca:c3:20: 89:a6:0b:cd:45:63:61:cc:0b:6e:ad:14:e6:0d:4b: 8b:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:F6:93:99:63:82:85:E9:B6:49:CB:F3:F9:80:85:47:F4:29:0F:32 X509v3 Authority Key Identifier: keyid:1A:66:81:9E:D6:2A:71:09:0C:F4:37:E4:26:30:12:D4:C0:35:06:7D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GmaBntYqcQkM9DfkJjAS1MA1Bn0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/693e38-1c7d-4c84-a064-764f822ddc57/1/GmaBntYqcQkM9DfkJjAS1MA1Bn0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 77:f5:31:1f:72:79:f3:91:94:4d:2b:8f:e2:ef:4b:5b:2b:e9: fc:ca:88:fd:30:60:61:ba:49:cd:8f:12:42:c9:d6:7d:ba:fb: 1e:bf:76:27:f7:cf:bb:78:b1:eb:e1:f3:e2:d3:df:7d:f9:98: b2:51:73:58:d0:11:ef:1a:59:7f:0d:6f:ab:7f:8a:9e:ca:2b: 81:c4:a7:f6:2f:61:be:87:6d:ad:a5:6a:72:4c:63:a7:ab:9c: c3:e2:88:7a:54:4a:c1:9c:30:9d:30:5c:61:74:57:cd:4d:ad: 9b:15:1d:47:e5:f6:d5:58:85:d1:4e:2e:19:be:af:d1:8e:1a: b2:3e:27:de:79:6a:3d:a2:51:1b:db:47:38:4c:a8:a1:9e:0b: d1:55:12:98:33:ea:7f:8d:9d:14:06:c9:24:03:72:bd:3c:da: 60:d1:f6:38:a4:80:da:c6:3e:8b:8f:d2:6e:9d:ea:7b:e8:a6: 47:1b:61:cc:0c:74:52:74:57:89:e1:35:36:e9:a9:3e:6b:6f: f3:8d:5d:20:11:aa:22:f3:42:6c:ee:44:ed:0b:96:08:b4:5c: f3:d2:43:15:e1:21:49:bf:2f:67:45:c5:49:95:75:5e:71:ab: a6:d0:51:e0:97:fa:3c:8d:f6:3a:15:40:da:58:8c:cf:20:0b: d6:07:db:c4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxms0vmEwJSDwlQFgv0XSrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFhNjY4MTllZDYyYTcxMDkwY2Y0MzdlNDI2MzAxMmQ0YzAz NTA2N2QwHhcNMjUxMjA2MDMwMDQ1WhcNMjUxMjA3MDMwMDQ1WjAzMTEwLwYDVQQD Eyg3ZmY2OTM5OTYzODI4NWU5YjY0OWNiZjNmOTgwODU0N2Y0MjkwZjMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojiUmmpxD6XJlaFgiEJ9F0VM8URG hZVWjhwKD+/Zfp7FgK+Mqj7XFoVwKLDfqeVmZjlOTf6f/qpqKb+pe1hhv6UE+1qv Q0CaYkViWsdyJ9l/T08mAds4KCGah7ZywmQy64Othy0c/5Red/MPpZJUjJlrNgRF AhlWSc+TFLHotmubyzapXQbCmTWvcSXAC7/aov77e5gvxbv6TEu5IRgipAf000Rl 8jmkcvU3lWAo0uR+Jeqann+hq/zUfhVxMbXBGOdV+xL9LXA2MBUnYnV567EhiLqL glBUsNbFOCjzMwkDOylGqKpYobCIhM3KwyCJpgvNRWNhzAturRTmDUuLFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFH/2k5ljgoXptknL8/mAhUf0KQ8yMB8GA1UdIwQY MBaAFBpmgZ7WKnEJDPQ35CYwEtTANQZ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR21hQm50WXFjUWtNOURma0pqQVMxTUExQm4wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC82OTNlMzgtMWM3ZC00Yzg0LWEwNjQt NzY0ZjgyMmRkYzU3LzEvR21hQm50WXFjUWtNOURma0pqQVMxTUExQm4wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNC82OTNlMzgtMWM3ZC00Yzg0LWEwNjQtNzY0ZjgyMmRkYzU3 LzEvR21hQm50WXFjUWtNOURma0pqQVMxTUExQm4wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd/UxH3J5 85GUTSuP4u9LWyvp/MqI/TBgYbpJzY8SQsnWfbr7Hr92J/fPu3ix6+Hz4tPfffmY slFzWNAR7xpZfw1vq3+KnsorgcSn9i9hvodtraVqckxjp6ucw+KIelRKwZwwnTBc YXRXzU2tmxUdR+X21ViF0U4uGb6v0Y4asj4n3nlqPaJRG9tHOEyooZ4L0VUSmDPq f42dFAbJJANyvTzaYNH2OKSA2sY+i4/Sbp3qe+imRxthzAx0UnRXieE1NumpPmtv 841dIBGqIvNCbO5E7QuWCLRc89JDFeEhSb8vZ0XFSZV1XnGrptBR4Jf6PI32OhVA 2liMzyAL1gfbxA== -----END CERTIFICATE-----Generated at Sat Dec 6 09:04:25 2025 by rpki-client