Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/1fa426-40d6-4eea-bbac-9133225c9425/1/gkjHU9Rs3J6YAJ7k24EHIywC6vQ.mft
File: gkjHU9Rs3J6YAJ7k24EHIywC6vQ.mft (raw, json)
Hash identifier: 7Ed6n+u3q+zbWSmUTOVKod5Fm1IbUbluLyBkebuJjec=
Subject key identifier: FA:47:D5:0F:A1:C4:F2:A7:C3:84:90:5E:D7:F5:D6:9B:EA:FA:65:43
Authority key identifier: 82:48:C7:53:D4:6C:DC:9E:98:00:9E:E4:DB:81:07:23:2C:02:EA:F4
Certificate issuer: /CN=8248c753d46cdc9e98009ee4db8107232c02eaf4
Certificate serial: 019D33E38229D578AEA0B80FD7F1001F1C6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gkjHU9Rs3J6YAJ7k24EHIywC6vQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/1fa426-40d6-4eea-bbac-9133225c9425/1/gkjHU9Rs3J6YAJ7k24EHIywC6vQ.mft
Manifest number: 1314
Signing time: Sat 28 Mar 2026 10:00:41 +0000
Manifest this update: Sat 28 Mar 2026 10:00:41 +0000
Manifest next update: Sun 29 Mar 2026 10:00:41 +0000
Files and hashes: 1: gkjHU9Rs3J6YAJ7k24EHIywC6vQ.crl (hash: NkD+z63sPTNQ6Y56UoWaXS9jidlk1V14vBfTnzRem2U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/1fa426-40d6-4eea-bbac-9133225c9425/1/gkjHU9Rs3J6YAJ7k24EHIywC6vQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/1fa426-40d6-4eea-bbac-9133225c9425/1/gkjHU9Rs3J6YAJ7k24EHIywC6vQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/gkjHU9Rs3J6YAJ7k24EHIywC6vQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:33:e3:82:29:d5:78:ae:a0:b8:0f:d7:f1:00:1f:1c:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8248c753d46cdc9e98009ee4db8107232c02eaf4
Validity
Not Before: Mar 28 10:00:41 2026 GMT
Not After : Mar 29 10:00:41 2026 GMT
Subject: CN=fa47d50fa1c4f2a7c384905ed7f5d69beafa6543
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:7d:f1:ad:4b:29:c2:fb:c3:ca:16:2a:a8:a0:
64:b5:c9:cc:0d:45:93:24:7f:1f:77:87:79:fc:f4:
53:4c:58:c1:2d:5b:3d:45:d6:d6:c9:9a:b4:86:f4:
68:c9:a7:1f:14:8a:b4:e1:19:bf:de:2e:3f:e5:ac:
a6:5c:bd:dc:21:f9:80:97:98:aa:74:6d:6f:8d:8c:
77:be:3f:a8:6b:c9:aa:2f:75:92:96:16:94:6e:5f:
19:1e:e4:b4:5a:83:6b:ea:77:88:7a:b5:cc:94:47:
85:88:35:34:05:53:3d:d2:77:0d:5e:47:dc:ea:28:
21:48:fc:3f:7e:ec:ad:93:96:26:9e:f5:92:b8:c1:
d9:49:a8:b7:ed:59:fc:53:3e:6d:11:df:48:e8:ea:
39:00:55:bb:67:08:bd:4c:c7:42:f8:27:31:cc:8a:
59:05:d4:8b:db:78:13:a1:c8:3d:4e:cf:4f:db:55:
d4:19:31:03:49:cb:82:ac:90:82:7e:aa:8c:e9:8c:
86:d1:ff:c8:d1:60:6c:1d:b0:86:44:d4:93:8b:f6:
29:0b:6a:8a:e7:d3:2a:3f:57:65:7e:c9:d2:03:7d:
27:4e:f7:13:40:b2:e5:04:d3:6d:c7:a4:ca:ee:78:
c9:d3:e7:5a:9a:97:94:b9:c2:0f:72:15:3d:cf:4c:
01:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:47:D5:0F:A1:C4:F2:A7:C3:84:90:5E:D7:F5:D6:9B:EA:FA:65:43
X509v3 Authority Key Identifier:
keyid:82:48:C7:53:D4:6C:DC:9E:98:00:9E:E4:DB:81:07:23:2C:02:EA:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gkjHU9Rs3J6YAJ7k24EHIywC6vQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/1fa426-40d6-4eea-bbac-9133225c9425/1/gkjHU9Rs3J6YAJ7k24EHIywC6vQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/1fa426-40d6-4eea-bbac-9133225c9425/1/gkjHU9Rs3J6YAJ7k24EHIywC6vQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3d:a1:57:78:c2:22:a8:34:0e:d4:1f:4a:35:67:a8:4d:73:1a:
21:5c:19:89:c9:27:ec:27:48:53:5c:bd:c5:76:f4:65:d2:8a:
f5:2e:4a:7f:ec:c8:28:0d:e3:52:06:b5:c0:cf:ec:b9:cb:e1:
d2:82:d7:57:28:cf:a4:44:89:d7:b8:2c:25:ac:82:f2:67:fb:
e4:e3:96:80:79:23:52:0a:30:19:28:4a:56:44:a5:54:bf:d3:
5f:22:87:b7:3e:b7:f8:cd:92:14:a7:9f:dd:f8:8e:6b:a5:42:
66:5f:fe:4f:3e:73:b2:07:c0:5d:48:e0:da:e2:e9:da:2c:5c:
b1:b9:aa:67:32:9e:4a:1a:4d:8f:19:57:a0:7d:5d:b4:6a:7d:
45:b2:55:0c:87:d9:cf:37:de:6a:09:36:7e:23:b1:18:cc:a9:
f8:7f:b3:78:ca:7a:90:7b:06:71:54:10:78:53:9b:52:2d:12:
b1:65:56:93:c9:40:aa:a7:b3:89:bd:4a:fb:e2:a3:6e:17:76:
e0:5c:16:ca:39:de:d7:ee:42:a2:ae:69:c4:bd:b5:a3:49:cb:
03:8b:a2:76:37:32:5e:c6:da:64:a0:56:54:a8:a9:b4:09:0a:
86:95:3d:cf:3f:9d:a4:c0:3e:9b:60:f8:cf:0c:64:1a:28:42:
64:08:84:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0z44Ip1XiuoLgP1/EAHxxsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNDhjNzUzZDQ2Y2RjOWU5ODAwOWVlNGRiODEwNzIzMmMw
MmVhZjQwHhcNMjYwMzI4MTAwMDQxWhcNMjYwMzI5MTAwMDQxWjAzMTEwLwYDVQQD
EyhmYTQ3ZDUwZmExYzRmMmE3YzM4NDkwNWVkN2Y1ZDY5YmVhZmE2NTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApH3xrUspwvvDyhYqqKBktcnMDUWT
JH8fd4d5/PRTTFjBLVs9RdbWyZq0hvRoyacfFIq04Rm/3i4/5aymXL3cIfmAl5iq
dG1vjYx3vj+oa8mqL3WSlhaUbl8ZHuS0WoNr6neIerXMlEeFiDU0BVM90ncNXkfc
6ighSPw/fuytk5YmnvWSuMHZSai37Vn8Uz5tEd9I6Oo5AFW7Zwi9TMdC+CcxzIpZ
BdSL23gTocg9Ts9P21XUGTEDScuCrJCCfqqM6YyG0f/I0WBsHbCGRNSTi/YpC2qK
59MqP1dlfsnSA30nTvcTQLLlBNNtx6TK7njJ0+dampeUucIPchU9z0wB+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPpH1Q+hxPKnw4SQXtf11pvq+mVDMB8GA1UdIwQY
MBaAFIJIx1PUbNyemACe5NuBByMsAur0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2tqSFU5UnMzSjZZQUo3azI0RUhJeXdDNnZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8xZmE0MjYtNDBkNi00ZWVhLWJiYWMt
OTEzMzIyNWM5NDI1LzEvZ2tqSFU5UnMzSjZZQUo3azI0RUhJeXdDNnZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8xZmE0MjYtNDBkNi00ZWVhLWJiYWMtOTEzMzIyNWM5NDI1
LzEvZ2tqSFU5UnMzSjZZQUo3azI0RUhJeXdDNnZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPaFXeMIi
qDQO1B9KNWeoTXMaIVwZickn7CdIU1y9xXb0ZdKK9S5Kf+zIKA3jUga1wM/sucvh
0oLXVyjPpESJ17gsJayC8mf75OOWgHkjUgowGShKVkSlVL/TXyKHtz63+M2SFKef
3fiOa6VCZl/+Tz5zsgfAXUjg2uLp2ixcsbmqZzKeShpNjxlXoH1dtGp9RbJVDIfZ
zzfeagk2fiOxGMyp+H+zeMp6kHsGcVQQeFObUi0SsWVWk8lAqqezib1K++Kjbhd2
4FwWyjne1+5Coq5pxL21o0nLA4uidjcyXsbaZKBWVKiptAkKhpU9zz+dpMA+m2D4
zwxkGihCZAiEcQ==
-----END CERTIFICATE-----
Generated at Sat Mar 28 12:02:25 2026 by rpki-client