Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/5d728a-93da-480b-a735-416c28798fe2/1/G2kwH6jXiOAvfrL6iAIQkHQgbP4.mft
File: G2kwH6jXiOAvfrL6iAIQkHQgbP4.mft (raw, json)
Hash identifier: eXgyt9G7UxeLHyMGipd1KkGz2J7MIoCVpzyDQnVIUgM=
Subject key identifier: ED:F6:71:F4:09:C2:E2:6E:12:35:2D:0C:D8:E4:D9:EA:CE:74:BA:12
Authority key identifier: 1B:69:30:1F:A8:D7:88:E0:2F:7E:B2:FA:88:02:10:90:74:20:6C:FE
Certificate issuer: /CN=1b69301fa8d788e02f7eb2fa8802109074206cfe
Certificate serial: 019D34896241B34F33BBA30D5DB2D1A184DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G2kwH6jXiOAvfrL6iAIQkHQgbP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/5d728a-93da-480b-a735-416c28798fe2/1/G2kwH6jXiOAvfrL6iAIQkHQgbP4.mft
Manifest number: 0433
Signing time: Sat 28 Mar 2026 13:01:51 +0000
Manifest this update: Sat 28 Mar 2026 13:01:51 +0000
Manifest next update: Sun 29 Mar 2026 13:01:51 +0000
Files and hashes: 1: G2kwH6jXiOAvfrL6iAIQkHQgbP4.crl (hash: H7kPx4MvmCquB8Ffl5FE5bMHZwL1NTaM1+N/W9BAXFM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/5d728a-93da-480b-a735-416c28798fe2/1/G2kwH6jXiOAvfrL6iAIQkHQgbP4.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/5d728a-93da-480b-a735-416c28798fe2/1/G2kwH6jXiOAvfrL6iAIQkHQgbP4.mft
rsync://rpki.ripe.net/repository/DEFAULT/G2kwH6jXiOAvfrL6iAIQkHQgbP4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 13:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:34:89:62:41:b3:4f:33:bb:a3:0d:5d:b2:d1:a1:84:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b69301fa8d788e02f7eb2fa8802109074206cfe
Validity
Not Before: Mar 28 13:01:51 2026 GMT
Not After : Mar 29 13:01:51 2026 GMT
Subject: CN=edf671f409c2e26e12352d0cd8e4d9eace74ba12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:2a:f3:f1:76:05:8a:16:54:66:1a:8b:1d:22:
5c:b8:dd:f8:74:1c:0c:77:5a:1d:aa:70:57:76:a4:
1a:7c:13:1a:63:3c:82:9a:68:3d:71:35:c1:e6:7d:
36:bf:89:6d:7f:9e:65:d6:f4:90:be:a1:94:16:37:
3c:48:cb:d7:d2:59:60:64:64:25:c4:98:be:61:6a:
4a:e8:4a:df:38:c9:73:47:4e:d2:fc:7c:fb:15:15:
f4:b3:31:89:62:1b:86:e6:04:09:3c:5f:fc:8e:97:
c6:82:c5:5d:b5:7c:b3:a1:e5:a2:61:6a:c8:4d:50:
37:60:2e:8c:22:49:10:fe:e8:62:e0:17:45:ed:44:
c5:d7:68:52:6a:6a:3d:b3:28:4e:5d:2d:bc:f6:c0:
55:40:11:03:bb:a1:e7:fd:a9:19:b8:58:94:4d:44:
5c:8d:21:8a:e1:13:aa:49:69:58:fa:ac:ec:ba:62:
b2:c8:b8:80:5c:e4:b3:60:42:8a:00:86:42:0c:06:
11:64:86:5c:23:d6:d6:08:50:30:08:1d:79:df:29:
95:8b:6a:b9:a7:8e:d2:f1:52:af:20:e1:15:96:50:
9d:22:c0:35:2e:cd:c7:ed:81:39:af:c0:fc:69:2c:
34:60:b5:58:69:56:42:4c:4a:6f:f2:07:04:25:8f:
01:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:F6:71:F4:09:C2:E2:6E:12:35:2D:0C:D8:E4:D9:EA:CE:74:BA:12
X509v3 Authority Key Identifier:
keyid:1B:69:30:1F:A8:D7:88:E0:2F:7E:B2:FA:88:02:10:90:74:20:6C:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G2kwH6jXiOAvfrL6iAIQkHQgbP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/5d728a-93da-480b-a735-416c28798fe2/1/G2kwH6jXiOAvfrL6iAIQkHQgbP4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/5d728a-93da-480b-a735-416c28798fe2/1/G2kwH6jXiOAvfrL6iAIQkHQgbP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ae:67:04:ab:b2:0f:49:a0:e5:0c:53:d3:51:0e:b7:bd:83:0c:
db:a6:35:d3:df:da:11:d5:d1:ee:30:1a:f5:d0:98:a8:dd:98:
f8:52:45:b1:24:c8:60:49:51:a7:98:a1:60:e3:bd:13:1f:eb:
14:2e:f6:a5:00:aa:6f:72:ce:2f:eb:d3:dc:6a:70:15:e9:95:
50:f8:65:43:c6:ef:6c:8b:20:61:80:74:74:b0:1b:23:85:e5:
4f:56:d5:80:5e:be:7f:81:24:8d:0f:1a:08:b6:af:ae:d1:7d:
7a:7e:a9:3c:93:4d:38:cc:61:5d:07:67:bc:87:82:7f:bb:df:
b3:86:eb:40:3c:b7:99:0f:57:02:eb:04:2e:7b:d5:ac:a7:d4:
fb:a4:9f:8e:7e:74:50:92:ec:d1:32:4d:bb:e2:7b:f1:aa:0b:
cd:29:8c:37:e2:6f:3f:58:4b:df:15:21:f2:0f:36:ff:d1:0c:
73:7c:af:d3:0c:56:ea:05:62:fa:98:41:7c:99:54:5a:db:10:
80:a8:4c:cc:d8:2f:51:9f:4c:8f:9f:ca:29:59:60:ec:f3:61:
24:ea:d3:e5:f7:bc:90:c5:ca:9e:5a:3b:84:c8:df:45:ad:f1:
c9:35:11:00:fc:b3:90:23:92:e8:14:02:b6:1f:64:f3:c3:17:
ab:d3:30:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ00iWJBs08zu6MNXbLRoYTeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiNjkzMDFmYThkNzg4ZTAyZjdlYjJmYTg4MDIxMDkwNzQy
MDZjZmUwHhcNMjYwMzI4MTMwMTUxWhcNMjYwMzI5MTMwMTUxWjAzMTEwLwYDVQQD
EyhlZGY2NzFmNDA5YzJlMjZlMTIzNTJkMGNkOGU0ZDllYWNlNzRiYTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyyrz8XYFihZUZhqLHSJcuN34dBwM
d1odqnBXdqQafBMaYzyCmmg9cTXB5n02v4ltf55l1vSQvqGUFjc8SMvX0llgZGQl
xJi+YWpK6ErfOMlzR07S/Hz7FRX0szGJYhuG5gQJPF/8jpfGgsVdtXyzoeWiYWrI
TVA3YC6MIkkQ/uhi4BdF7UTF12hSamo9syhOXS289sBVQBEDu6Hn/akZuFiUTURc
jSGK4ROqSWlY+qzsumKyyLiAXOSzYEKKAIZCDAYRZIZcI9bWCFAwCB153ymVi2q5
p47S8VKvIOEVllCdIsA1Ls3H7YE5r8D8aSw0YLVYaVZCTEpv8gcEJY8B8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO32cfQJwuJuEjUtDNjk2erOdLoSMB8GA1UdIwQY
MBaAFBtpMB+o14jgL36y+ogCEJB0IGz+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzJrd0g2alhpT0F2ZnJMNmlBSVFrSFFnYlA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS81ZDcyOGEtOTNkYS00ODBiLWE3MzUt
NDE2YzI4Nzk4ZmUyLzEvRzJrd0g2alhpT0F2ZnJMNmlBSVFrSFFnYlA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS81ZDcyOGEtOTNkYS00ODBiLWE3MzUtNDE2YzI4Nzk4ZmUy
LzEvRzJrd0g2alhpT0F2ZnJMNmlBSVFrSFFnYlA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArmcEq7IP
SaDlDFPTUQ63vYMM26Y109/aEdXR7jAa9dCYqN2Y+FJFsSTIYElRp5ihYOO9Ex/r
FC72pQCqb3LOL+vT3GpwFemVUPhlQ8bvbIsgYYB0dLAbI4XlT1bVgF6+f4EkjQ8a
CLavrtF9en6pPJNNOMxhXQdnvIeCf7vfs4brQDy3mQ9XAusELnvVrKfU+6Sfjn50
UJLs0TJNu+J78aoLzSmMN+JvP1hL3xUh8g82/9EMc3yv0wxW6gVi+phBfJlUWtsQ
gKhMzNgvUZ9Mj5/KKVlg7PNhJOrT5fe8kMXKnlo7hMjfRa3xyTURAPyzkCOS6BQC
th9k88MXq9MwJw==
-----END CERTIFICATE-----
Generated at Sat Mar 28 17:36:28 2026 by rpki-client