This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/2191d7-fda0-4b07-8a8f-1789e64d3210/1/GDDmA-nKjAXUwbxisLdue9nRiQk.mft File: GDDmA-nKjAXUwbxisLdue9nRiQk.mft (raw, json) Hash identifier: gJZwRJwUjUZBc02DxyObhzhcLJwjldPHz2oD7eYDJx8= Subject key identifier: 25:A1:04:CC:4E:E1:B6:A6:35:DB:1D:83:96:6B:06:73:3A:0C:B0:AE Authority key identifier: 18:30:E6:03:E9:CA:8C:05:D4:C1:BC:62:B0:B7:6E:7B:D9:D1:89:09 Certificate issuer: /CN=1830e603e9ca8c05d4c1bc62b0b76e7bd9d18909 Certificate serial: 019B5A1AC875C421F7A28ADE77A14AEFEA93 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GDDmA-nKjAXUwbxisLdue9nRiQk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/2191d7-fda0-4b07-8a8f-1789e64d3210/1/GDDmA-nKjAXUwbxisLdue9nRiQk.mft Manifest number: 179C Signing time: Fri 26 Dec 2025 10:01:03 +0000 Manifest this update: Fri 26 Dec 2025 10:01:03 +0000 Manifest next update: Sat 27 Dec 2025 10:01:03 +0000 Files and hashes: 1: GDDmA-nKjAXUwbxisLdue9nRiQk.crl (hash: bGX9NmLOghA/i6CZfV8xYLoVsGpt3QjA6tQiHEvz0gs=) 2: o4yUZzbKz_wfUkXyIRtz_sPdHfw.roa (hash: BiVeXsHTenn/poTYlXrG4Bvxv5uxzXwbjeteQc7yW9U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/2191d7-fda0-4b07-8a8f-1789e64d3210/1/GDDmA-nKjAXUwbxisLdue9nRiQk.crl rsync://rpki.ripe.net/repository/DEFAULT/76/2191d7-fda0-4b07-8a8f-1789e64d3210/1/GDDmA-nKjAXUwbxisLdue9nRiQk.mft rsync://rpki.ripe.net/repository/DEFAULT/GDDmA-nKjAXUwbxisLdue9nRiQk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:1a:c8:75:c4:21:f7:a2:8a:de:77:a1:4a:ef:ea:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1830e603e9ca8c05d4c1bc62b0b76e7bd9d18909 Validity Not Before: Dec 26 10:01:03 2025 GMT Not After : Dec 27 10:01:03 2025 GMT Subject: CN=25a104cc4ee1b6a635db1d83966b06733a0cb0ae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:7a:8a:33:53:eb:2c:d5:f5:31:b2:66:26:84: df:75:ea:0a:fc:63:a6:e5:54:95:9b:1d:69:2e:6a: 0c:a8:fc:b1:d8:9b:ad:3c:33:c8:2a:18:6c:59:2c: 55:d7:d1:af:69:a4:2e:a1:c1:cd:ab:63:d5:2b:05: f7:3e:17:73:ed:90:35:62:5b:14:36:69:29:32:f3: 27:8c:c9:a6:be:9c:b4:a0:2d:12:f6:c3:40:4c:81: f8:ed:55:a3:d6:93:70:e2:b5:96:91:62:3a:a9:46: 4b:a6:d8:dd:7a:bc:ae:a5:f6:59:e0:ad:ad:76:0a: 41:14:e7:53:fe:66:cf:3c:b4:76:7f:0c:2b:81:97: 53:96:00:65:69:32:63:65:1b:2a:74:0f:25:fe:a4: 83:a0:76:01:07:69:df:67:d8:c9:ea:7e:97:43:e3: 50:fa:6c:18:bb:3a:2c:b1:5d:8d:f1:21:27:7c:be: 1f:83:42:f4:56:4a:84:a1:0d:60:8b:2b:d3:d7:e2: e6:41:99:01:91:c3:a1:f0:d4:c3:45:6d:e2:0d:95: 76:f8:92:cc:30:71:a7:d8:12:a2:0f:9f:e5:10:c2: dc:90:a0:83:ff:44:04:14:29:aa:9e:94:d8:d8:7f: b0:ee:46:35:be:9c:f9:8f:2a:f0:7f:c4:35:a4:03: a3:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:A1:04:CC:4E:E1:B6:A6:35:DB:1D:83:96:6B:06:73:3A:0C:B0:AE X509v3 Authority Key Identifier: keyid:18:30:E6:03:E9:CA:8C:05:D4:C1:BC:62:B0:B7:6E:7B:D9:D1:89:09 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GDDmA-nKjAXUwbxisLdue9nRiQk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/2191d7-fda0-4b07-8a8f-1789e64d3210/1/GDDmA-nKjAXUwbxisLdue9nRiQk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/76/2191d7-fda0-4b07-8a8f-1789e64d3210/1/GDDmA-nKjAXUwbxisLdue9nRiQk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 20:82:75:71:8f:8b:de:a1:64:0e:ad:88:21:bd:7d:b8:14:43: 69:9a:97:9f:b2:92:cc:2b:ee:3c:80:9b:58:70:3a:1c:d5:05: 52:88:ad:6f:b9:3b:c5:ee:08:55:bf:fa:c1:ba:38:80:72:b3: eb:5b:4f:88:28:8c:b8:03:d6:78:e7:e6:19:cd:e8:4b:49:47: 0f:2b:5c:9f:95:a8:3e:15:b1:ba:81:fb:d9:8e:9c:f8:cc:c1: 78:fc:9c:d5:3a:13:ec:64:da:8d:7a:32:ba:28:20:78:35:c2: 8b:16:56:a1:bb:89:81:c5:56:f7:21:2d:64:f4:5b:33:6e:ad: 87:55:36:4f:c3:9f:15:7a:4e:c7:da:db:83:92:a8:7e:3d:3f: 0c:38:c2:45:bf:06:de:1d:e3:5b:c0:7b:a1:1f:0e:62:14:cb: 8e:0a:ed:69:c5:51:46:12:2e:64:f1:3b:6b:cc:e2:8b:98:a7: f1:16:fe:c3:00:96:66:4a:11:47:26:82:a7:e4:ba:3d:c0:85: 17:b9:59:cf:77:4b:de:95:ac:e4:cb:68:f0:38:8a:46:29:b6: b3:23:62:e5:15:c4:7a:07:b6:07:17:7d:a9:c8:ba:6a:5c:61: 98:17:08:53:1b:fa:90:d4:ba:e8:b8:6f:92:09:0f:6b:5e:2a: 66:3f:1f:09 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaGsh1xCH3oored6FK7+qTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE4MzBlNjAzZTljYThjMDVkNGMxYmM2MmIwYjc2ZTdiZDlk MTg5MDkwHhcNMjUxMjI2MTAwMTAzWhcNMjUxMjI3MTAwMTAzWjAzMTEwLwYDVQQD EygyNWExMDRjYzRlZTFiNmE2MzVkYjFkODM5NjZiMDY3MzNhMGNiMGFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnqKM1PrLNX1MbJmJoTfdeoK/GOm 5VSVmx1pLmoMqPyx2JutPDPIKhhsWSxV19GvaaQuocHNq2PVKwX3Phdz7ZA1YlsU NmkpMvMnjMmmvpy0oC0S9sNATIH47VWj1pNw4rWWkWI6qUZLptjderyupfZZ4K2t dgpBFOdT/mbPPLR2fwwrgZdTlgBlaTJjZRsqdA8l/qSDoHYBB2nfZ9jJ6n6XQ+NQ +mwYuzossV2N8SEnfL4fg0L0VkqEoQ1giyvT1+LmQZkBkcOh8NTDRW3iDZV2+JLM MHGn2BKiD5/lEMLckKCD/0QEFCmqnpTY2H+w7kY1vpz5jyrwf8Q1pAOjBwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCWhBMxO4bamNdsdg5ZrBnM6DLCuMB8GA1UdIwQY MBaAFBgw5gPpyowF1MG8YrC3bnvZ0YkJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR0REbUEtbktqQVhVd2J4aXNMZHVlOW5SaVFrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8yMTkxZDctZmRhMC00YjA3LThhOGYt MTc4OWU2NGQzMjEwLzEvR0REbUEtbktqQVhVd2J4aXNMZHVlOW5SaVFrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Ni8yMTkxZDctZmRhMC00YjA3LThhOGYtMTc4OWU2NGQzMjEw LzEvR0REbUEtbktqQVhVd2J4aXNMZHVlOW5SaVFrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIIJ1cY+L 3qFkDq2IIb19uBRDaZqXn7KSzCvuPICbWHA6HNUFUoitb7k7xe4IVb/6wbo4gHKz 61tPiCiMuAPWeOfmGc3oS0lHDytcn5WoPhWxuoH72Y6c+MzBePyc1ToT7GTajXoy uiggeDXCixZWobuJgcVW9yEtZPRbM26th1U2T8OfFXpOx9rbg5Kofj0/DDjCRb8G 3h3jW8B7oR8OYhTLjgrtacVRRhIuZPE7a8zii5in8Rb+wwCWZkoRRyaCp+S6PcCF F7lZz3dL3pWs5Mto8DiKRim2syNi5RXEege2Bxd9qci6alxhmBcIUxv6kNS66Lhv kgkPa14qZj8fCQ== -----END CERTIFICATE-----Generated at Fri Dec 26 16:01:55 2025 by rpki-client