Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/1cec02-26e6-400e-8d9a-32924ef47a1a/1/gXRkmx7wDcg8KFOaOdKQs1MO37A.mft
File: gXRkmx7wDcg8KFOaOdKQs1MO37A.mft (raw, json)
Hash identifier: J1omkeDdRIZoaXIguf2H022rcyDg7vE229l5DWpUEb8=
Subject key identifier: 1C:9C:15:76:4A:6F:8E:CE:A9:70:C3:A0:16:92:75:C9:1E:20:C6:68
Authority key identifier: 81:74:64:9B:1E:F0:0D:C8:3C:28:53:9A:39:D2:90:B3:53:0E:DF:B0
Certificate issuer: /CN=8174649b1ef00dc83c28539a39d290b3530edfb0
Certificate serial: 019D2772A9B441011368055C132132313174
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gXRkmx7wDcg8KFOaOdKQs1MO37A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/1cec02-26e6-400e-8d9a-32924ef47a1a/1/gXRkmx7wDcg8KFOaOdKQs1MO37A.mft
Manifest number: 0394
Signing time: Thu 26 Mar 2026 00:01:59 +0000
Manifest this update: Thu 26 Mar 2026 00:01:59 +0000
Manifest next update: Fri 27 Mar 2026 00:01:59 +0000
Files and hashes: 1: fVw1SO1JRoyQpw3vgQ8eixnB_dY.roa (hash: M97j0VWdhaZIClC1TkdlR4RLXTy+vP9OT5Bxj4HCOl4=)
2: gXRkmx7wDcg8KFOaOdKQs1MO37A.crl (hash: s8sX9vqMDLFoIuRHbgzxNUknST5w7cUFzykcJ1m5pSo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/1cec02-26e6-400e-8d9a-32924ef47a1a/1/gXRkmx7wDcg8KFOaOdKQs1MO37A.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/1cec02-26e6-400e-8d9a-32924ef47a1a/1/gXRkmx7wDcg8KFOaOdKQs1MO37A.mft
rsync://rpki.ripe.net/repository/DEFAULT/gXRkmx7wDcg8KFOaOdKQs1MO37A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:72:a9:b4:41:01:13:68:05:5c:13:21:32:31:31:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8174649b1ef00dc83c28539a39d290b3530edfb0
Validity
Not Before: Mar 26 00:01:59 2026 GMT
Not After : Mar 27 00:01:59 2026 GMT
Subject: CN=1c9c15764a6f8ecea970c3a0169275c91e20c668
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:0f:68:fc:7a:65:14:a9:45:8e:59:a2:b2:c9:
b8:df:d3:6d:74:d3:9b:71:3d:9b:d6:04:68:59:bf:
a4:91:80:38:33:de:4c:86:b4:fe:20:a8:8d:16:1b:
58:63:c2:c1:da:57:36:8b:1b:84:9f:ea:75:ac:e3:
98:19:21:fc:77:b9:0b:96:94:a7:a3:fc:ad:a8:c4:
17:1c:15:8c:78:bd:67:a8:8c:72:b8:49:70:aa:61:
c0:9f:a3:09:ca:45:8c:01:98:22:64:bb:d4:1e:a1:
f4:eb:4b:d7:7c:30:15:12:7a:b7:0d:6b:88:3c:33:
09:a9:f5:89:8d:49:54:ec:ca:68:03:a9:c6:31:a6:
52:fc:39:99:b2:2a:cb:6c:ce:11:e3:1f:a6:72:2f:
92:74:e8:5a:54:53:45:32:23:38:47:87:d7:4f:48:
f5:e1:47:96:0b:c2:a9:9b:b2:76:7a:0e:16:b1:94:
c7:b6:c5:15:f6:cd:4c:0f:53:5d:9c:2c:be:a2:75:
d7:f8:0f:2a:a8:9b:30:d3:5b:89:93:d0:10:92:f6:
cd:f3:31:39:e2:3c:26:77:b9:a8:f0:b2:6e:c9:fe:
65:ca:5d:f0:df:06:91:63:c6:0f:0b:0e:ec:4e:1f:
4c:a1:3c:97:90:73:f6:1b:6c:1a:48:05:0e:b0:a1:
43:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:9C:15:76:4A:6F:8E:CE:A9:70:C3:A0:16:92:75:C9:1E:20:C6:68
X509v3 Authority Key Identifier:
keyid:81:74:64:9B:1E:F0:0D:C8:3C:28:53:9A:39:D2:90:B3:53:0E:DF:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gXRkmx7wDcg8KFOaOdKQs1MO37A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/1cec02-26e6-400e-8d9a-32924ef47a1a/1/gXRkmx7wDcg8KFOaOdKQs1MO37A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/1cec02-26e6-400e-8d9a-32924ef47a1a/1/gXRkmx7wDcg8KFOaOdKQs1MO37A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0d:61:14:8e:a3:73:76:d3:42:b0:0f:74:d2:a1:23:b3:66:cb:
14:2e:68:8e:2c:93:82:0c:07:f0:ce:93:c9:f6:41:f2:cc:bb:
52:df:56:9e:ae:3b:91:d4:e5:a6:aa:d2:92:71:a5:bb:27:89:
25:a8:46:bf:c0:2f:66:ca:1a:06:a0:c8:ff:31:a8:4e:53:b8:
68:96:a5:a5:16:76:b1:aa:e1:42:bd:30:e5:75:95:f0:18:3c:
2a:a7:1c:6b:57:b6:b5:c1:74:5a:18:88:f1:2f:65:fb:bb:8a:
a4:8b:85:88:56:c4:4a:56:88:11:ee:11:0e:c5:39:5f:ad:bc:
d6:a5:e5:15:b4:7f:a0:88:88:c4:20:a7:f2:4e:05:5b:56:1a:
95:c3:30:cc:2b:82:89:14:2a:5f:73:a9:ba:79:b5:c2:78:49:
f9:e5:10:8e:57:7d:d1:df:2a:54:87:57:a2:72:4f:aa:1c:be:
56:52:99:fb:a5:8b:e1:ed:3d:bf:ce:91:17:87:a0:33:f5:16:
8f:6b:7c:2f:d4:4b:4d:dc:92:13:1b:4a:43:b3:18:9f:1a:a7:
14:f9:b4:21:81:d1:94:18:2f:cb:46:36:cb:cb:6b:2a:03:be:
66:66:53:d9:d6:60:14:18:4a:37:c8:49:b7:60:e7:7c:70:9f:
f6:0a:14:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncqm0QQETaAVcEyEyMTF0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNzQ2NDliMWVmMDBkYzgzYzI4NTM5YTM5ZDI5MGIzNTMw
ZWRmYjAwHhcNMjYwMzI2MDAwMTU5WhcNMjYwMzI3MDAwMTU5WjAzMTEwLwYDVQQD
EygxYzljMTU3NjRhNmY4ZWNlYTk3MGMzYTAxNjkyNzVjOTFlMjBjNjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtg9o/HplFKlFjlmissm439NtdNOb
cT2b1gRoWb+kkYA4M95MhrT+IKiNFhtYY8LB2lc2ixuEn+p1rOOYGSH8d7kLlpSn
o/ytqMQXHBWMeL1nqIxyuElwqmHAn6MJykWMAZgiZLvUHqH060vXfDAVEnq3DWuI
PDMJqfWJjUlU7MpoA6nGMaZS/DmZsirLbM4R4x+mci+SdOhaVFNFMiM4R4fXT0j1
4UeWC8Kpm7J2eg4WsZTHtsUV9s1MD1NdnCy+onXX+A8qqJsw01uJk9AQkvbN8zE5
4jwmd7mo8LJuyf5lyl3w3waRY8YPCw7sTh9MoTyXkHP2G2waSAUOsKFDLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBycFXZKb47OqXDDoBaSdckeIMZoMB8GA1UdIwQY
MBaAFIF0ZJse8A3IPChTmjnSkLNTDt+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1hSa214N3dEY2c4S0ZPYU9kS1FzMU1PMzdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8xY2VjMDItMjZlNi00MDBlLThkOWEt
MzI5MjRlZjQ3YTFhLzEvZ1hSa214N3dEY2c4S0ZPYU9kS1FzMU1PMzdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8xY2VjMDItMjZlNi00MDBlLThkOWEtMzI5MjRlZjQ3YTFh
LzEvZ1hSa214N3dEY2c4S0ZPYU9kS1FzMU1PMzdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADWEUjqNz
dtNCsA900qEjs2bLFC5ojiyTggwH8M6TyfZB8sy7Ut9Wnq47kdTlpqrSknGluyeJ
JahGv8AvZsoaBqDI/zGoTlO4aJalpRZ2sarhQr0w5XWV8Bg8Kqcca1e2tcF0WhiI
8S9l+7uKpIuFiFbESlaIEe4RDsU5X6281qXlFbR/oIiIxCCn8k4FW1YalcMwzCuC
iRQqX3Opunm1wnhJ+eUQjld90d8qVIdXonJPqhy+VlKZ+6WL4e09v86RF4egM/UW
j2t8L9RLTdySExtKQ7MYnxqnFPm0IYHRlBgvy0Y2y8trKgO+ZmZT2dZgFBhKN8hJ
t2DnfHCf9goUgQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 07:02:16 2026 by rpki-client