Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/c64bf4-c605-461a-bb74-b18f8f7d90e8/1/g1-7knspUGK30KcgR7a0qhsPmyk.mft
File: g1-7knspUGK30KcgR7a0qhsPmyk.mft (raw, json)
Hash identifier: JSxUhGllTWAyv0uwAm47ZVn2xfnXAV1cliIp/J5tuJI=
Subject key identifier: 0F:D4:3C:B0:3A:8E:DD:13:D2:84:A3:34:2F:D3:74:DE:98:F0:6E:33
Authority key identifier: 83:5F:BB:92:7B:29:50:62:B7:D0:A7:20:47:B6:B4:AA:1B:0F:9B:29
Certificate issuer: /CN=835fbb927b295062b7d0a72047b6b4aa1b0f9b29
Certificate serial: 019D284D317D2C198C7B7A4C4D11E989A5EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g1-7knspUGK30KcgR7a0qhsPmyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/c64bf4-c605-461a-bb74-b18f8f7d90e8/1/g1-7knspUGK30KcgR7a0qhsPmyk.mft
Manifest number: 0DB8
Signing time: Thu 26 Mar 2026 04:00:40 +0000
Manifest this update: Thu 26 Mar 2026 04:00:40 +0000
Manifest next update: Fri 27 Mar 2026 04:00:40 +0000
Files and hashes: 1: YldXwO0wTiST1rJ11Fh6UibkiMs.roa (hash: q1K7/099GzfPKS/Ka5XnTd+hE9CJ03nVzvkRGNHjwkM=)
2: g1-7knspUGK30KcgR7a0qhsPmyk.crl (hash: AlFIvBaz6o0jurav3IilbBBjP9Nxiot32DnQjUgYjpA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/c64bf4-c605-461a-bb74-b18f8f7d90e8/1/g1-7knspUGK30KcgR7a0qhsPmyk.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/c64bf4-c605-461a-bb74-b18f8f7d90e8/1/g1-7knspUGK30KcgR7a0qhsPmyk.mft
rsync://rpki.ripe.net/repository/DEFAULT/g1-7knspUGK30KcgR7a0qhsPmyk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:4d:31:7d:2c:19:8c:7b:7a:4c:4d:11:e9:89:a5:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=835fbb927b295062b7d0a72047b6b4aa1b0f9b29
Validity
Not Before: Mar 26 04:00:40 2026 GMT
Not After : Mar 27 04:00:40 2026 GMT
Subject: CN=0fd43cb03a8edd13d284a3342fd374de98f06e33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:9c:b0:66:c1:0f:75:c9:c4:b1:d2:9c:ef:74:
00:75:53:b8:f6:7b:39:ee:16:2c:b3:9d:71:35:6b:
bd:ab:58:92:9e:9a:98:9c:10:a4:16:b1:74:04:1f:
26:86:c2:16:83:06:29:b7:54:cb:ec:4a:af:bc:c0:
45:fa:dd:71:57:4d:fa:e2:b8:df:0e:ad:92:bc:51:
c9:55:c4:9c:14:b4:59:f1:18:94:91:18:8d:f7:18:
47:81:9f:b8:db:4f:a7:99:62:10:6b:8c:42:45:0d:
8f:42:52:69:32:de:e5:2b:60:0c:c2:02:7f:f2:b7:
0f:7e:d5:a6:ea:a5:29:52:4f:b7:a9:87:f1:cf:d1:
10:6f:9a:c1:75:e7:95:7f:53:ec:b6:e4:a7:76:a1:
f9:7c:2c:3d:91:90:00:18:fe:e5:f6:15:13:61:51:
56:62:5c:b2:d0:bd:df:31:a1:b1:2c:ac:0a:5f:e0:
31:6b:4e:f2:2f:1b:7e:19:03:79:5c:a7:c1:a4:ee:
2d:c1:ad:95:b4:bb:1f:c6:f7:48:5c:e8:3e:8f:fe:
12:d0:d0:0c:21:ce:26:2f:d1:eb:70:86:db:9b:ea:
57:77:16:18:0b:05:63:44:a5:9c:1c:4f:67:87:68:
7b:23:10:3b:04:52:9a:10:d1:c1:d2:b8:00:ae:86:
fb:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:D4:3C:B0:3A:8E:DD:13:D2:84:A3:34:2F:D3:74:DE:98:F0:6E:33
X509v3 Authority Key Identifier:
keyid:83:5F:BB:92:7B:29:50:62:B7:D0:A7:20:47:B6:B4:AA:1B:0F:9B:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1-7knspUGK30KcgR7a0qhsPmyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/c64bf4-c605-461a-bb74-b18f8f7d90e8/1/g1-7knspUGK30KcgR7a0qhsPmyk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/c64bf4-c605-461a-bb74-b18f8f7d90e8/1/g1-7knspUGK30KcgR7a0qhsPmyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1c:09:da:3d:28:8c:d0:fb:d1:f9:66:a3:8c:1d:29:34:bc:f3:
44:a3:4f:fa:b4:e5:5c:36:a4:53:e6:e1:50:4b:a6:08:3b:5e:
3f:87:e9:8e:ae:d0:9d:f8:a9:37:d5:c4:fe:f4:ed:13:63:ab:
38:bb:7a:92:1b:f0:d4:bc:84:be:1c:78:ee:16:74:32:32:16:
49:44:2e:96:90:92:9f:0b:0b:93:1c:fd:41:49:f4:17:1c:d8:
3c:9a:25:95:dc:6a:8f:b7:7b:0a:c3:5a:28:df:a0:86:42:d2:
21:c9:8a:40:22:82:2c:db:2a:4f:ea:a2:75:2f:1d:29:d0:19:
6f:45:4a:f3:93:e0:03:b5:92:d8:fd:33:6f:8a:8a:e0:d9:0b:
6c:3d:1e:b6:78:c4:6f:cc:0d:a2:32:e2:45:12:18:22:ef:75:
9e:02:d8:e7:a9:1f:27:46:4b:e9:5f:99:da:78:11:dd:19:55:
ce:a5:9f:3c:39:4b:92:72:b5:81:06:3e:c7:37:2a:76:dd:50:
2f:a2:82:8e:58:94:cf:62:ae:ff:ba:c9:30:06:df:e7:2d:1d:
e6:bd:ee:26:c4:62:b9:37:d6:2c:4b:b5:e8:74:cd:bc:f7:25:
4c:37:e2:41:d0:bd:b5:5d:16:c2:b1:5b:84:21:0d:b6:6a:94:
51:e9:7d:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTTF9LBmMe3pMTRHpiaXuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNWZiYjkyN2IyOTUwNjJiN2QwYTcyMDQ3YjZiNGFhMWIw
ZjliMjkwHhcNMjYwMzI2MDQwMDQwWhcNMjYwMzI3MDQwMDQwWjAzMTEwLwYDVQQD
EygwZmQ0M2NiMDNhOGVkZDEzZDI4NGEzMzQyZmQzNzRkZTk4ZjA2ZTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZywZsEPdcnEsdKc73QAdVO49ns5
7hYss51xNWu9q1iSnpqYnBCkFrF0BB8mhsIWgwYpt1TL7EqvvMBF+t1xV0364rjf
Dq2SvFHJVcScFLRZ8RiUkRiN9xhHgZ+420+nmWIQa4xCRQ2PQlJpMt7lK2AMwgJ/
8rcPftWm6qUpUk+3qYfxz9EQb5rBdeeVf1PstuSndqH5fCw9kZAAGP7l9hUTYVFW
Ylyy0L3fMaGxLKwKX+Axa07yLxt+GQN5XKfBpO4twa2VtLsfxvdIXOg+j/4S0NAM
Ic4mL9HrcIbbm+pXdxYYCwVjRKWcHE9nh2h7IxA7BFKaENHB0rgArob7twIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA/UPLA6jt0T0oSjNC/TdN6Y8G4zMB8GA1UdIwQY
MBaAFINfu5J7KVBit9CnIEe2tKobD5spMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzEtN2tuc3BVR0szMEtjZ1I3YTBxaHNQbXlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9jNjRiZjQtYzYwNS00NjFhLWJiNzQt
YjE4ZjhmN2Q5MGU4LzEvZzEtN2tuc3BVR0szMEtjZ1I3YTBxaHNQbXlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9jNjRiZjQtYzYwNS00NjFhLWJiNzQtYjE4ZjhmN2Q5MGU4
LzEvZzEtN2tuc3BVR0szMEtjZ1I3YTBxaHNQbXlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHAnaPSiM
0PvR+WajjB0pNLzzRKNP+rTlXDakU+bhUEumCDteP4fpjq7QnfipN9XE/vTtE2Or
OLt6khvw1LyEvhx47hZ0MjIWSUQulpCSnwsLkxz9QUn0FxzYPJolldxqj7d7CsNa
KN+ghkLSIcmKQCKCLNsqT+qidS8dKdAZb0VK85PgA7WS2P0zb4qK4NkLbD0etnjE
b8wNojLiRRIYIu91ngLY56kfJ0ZL6V+Z2ngR3RlVzqWfPDlLknK1gQY+xzcqdt1Q
L6KCjliUz2Ku/7rJMAbf5y0d5r3uJsRiuTfWLEu16HTNvPclTDfiQdC9tV0WwrFb
hCENtmqUUel9UQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:29:04 2026 by rpki-client