Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft
File: gErnaxl1-0qMurIgcYnu0gIy_18.mft (raw, json)
Hash identifier: fSRNS/Z9WJ6I6gYkGtUiyFpQdWevyN2pvohYvG5GaSI=
Subject key identifier: D4:CD:58:73:DD:B1:A8:E5:1B:B5:1F:69:30:6E:01:71:28:1A:B2:98
Authority key identifier: 80:4A:E7:6B:19:75:FB:4A:8C:BA:B2:20:71:89:EE:D2:02:32:FF:5F
Certificate issuer: /CN=804ae76b1975fb4a8cbab2207189eed20232ff5f
Certificate serial: 019D3307969683B584AB23A89B373CFA9E21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft
Manifest number: 06CE
Signing time: Sat 28 Mar 2026 06:00:28 +0000
Manifest this update: Sat 28 Mar 2026 06:00:28 +0000
Manifest next update: Sun 29 Mar 2026 06:00:28 +0000
Files and hashes: 1: gErnaxl1-0qMurIgcYnu0gIy_18.crl (hash: iEOfQXEgHPyC3wPQHJRGbioQAPqI/Lrsj3a/WxjkNgE=)
2: vyQcVp5C3AlRVA819dd3sJ607Q4.roa (hash: dbP286vqsPZG/vM7gj98tCGBen8qv4/fYnsiL/9MVjw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft
rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 00:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:33:07:96:96:83:b5:84:ab:23:a8:9b:37:3c:fa:9e:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=804ae76b1975fb4a8cbab2207189eed20232ff5f
Validity
Not Before: Mar 28 06:00:28 2026 GMT
Not After : Mar 29 06:00:28 2026 GMT
Subject: CN=d4cd5873ddb1a8e51bb51f69306e0171281ab298
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:81:0f:65:15:f0:31:c8:20:82:42:d6:4f:ec:
5f:46:7f:f4:45:50:22:58:69:95:3d:b5:c7:5b:db:
cb:ad:b7:c4:a7:62:df:64:6d:20:a7:2d:81:01:e6:
2c:3d:09:bd:02:b1:e5:9c:f4:2f:c3:52:3b:b1:90:
87:dd:0e:63:8a:65:c9:4b:d0:9c:be:88:fa:bd:56:
d5:c0:33:1a:fe:33:c7:1e:b2:f8:49:7f:c4:a9:e0:
76:e1:5b:5b:33:3a:56:6b:ef:4b:30:76:59:a6:5e:
0d:87:d1:7a:d3:3c:24:40:84:f0:bf:64:89:22:56:
12:2d:38:4c:31:63:0f:9a:fd:a9:81:12:be:31:35:
b5:93:61:ea:63:6b:7b:c4:3f:97:4a:73:d2:af:a1:
fe:90:c6:8f:51:83:83:32:61:d8:0f:85:11:78:57:
f9:d8:98:01:01:bd:68:f8:9b:f0:4e:11:49:ec:eb:
3e:27:2f:1c:f7:f3:d8:0c:42:d7:7a:7b:b7:27:ad:
3d:a7:61:53:1e:43:e3:02:81:36:93:7e:81:39:7c:
60:4e:13:b3:e2:6c:8e:6e:14:7d:db:68:29:d8:6d:
fe:41:6b:34:2b:33:8c:f7:0b:63:b5:61:58:5d:d8:
18:ea:81:a4:05:0e:6c:25:f2:38:27:db:73:56:1f:
07:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:CD:58:73:DD:B1:A8:E5:1B:B5:1F:69:30:6E:01:71:28:1A:B2:98
X509v3 Authority Key Identifier:
keyid:80:4A:E7:6B:19:75:FB:4A:8C:BA:B2:20:71:89:EE:D2:02:32:FF:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
01:41:b1:dd:bd:d8:31:ff:83:aa:98:7d:56:f3:7f:85:d6:1d:
be:c6:d9:a6:68:99:52:73:42:82:f6:8b:20:1a:8d:16:b8:a5:
9a:87:70:b9:20:cc:9e:17:bf:43:87:ca:7b:1c:9e:90:ed:54:
c7:e7:5f:58:93:94:a6:3b:4a:b5:3f:21:3e:1b:cb:92:00:0d:
23:76:3e:6e:34:a6:3a:15:20:9b:3d:52:a6:92:b1:63:d7:f9:
58:8a:ed:f3:6b:c8:1c:06:99:5b:a3:59:44:69:a5:21:92:ec:
63:1a:1b:ea:11:49:11:bd:ec:ea:3e:0c:40:6c:a6:34:26:ef:
4b:f3:cf:c4:1d:6c:1b:68:c4:1e:c1:82:0a:37:f8:37:2c:38:
77:3a:d9:ac:ae:be:5b:4c:67:a7:3e:5b:ea:8e:c9:21:31:47:
7f:cd:94:ba:f0:87:ee:aa:52:88:7d:58:a3:d3:00:35:2e:64:
05:2b:c7:3f:ac:80:5e:e3:f6:47:91:fd:1e:36:9f:66:66:91:
a8:30:a7:12:2f:97:8c:f9:b0:1f:da:fb:b4:22:c0:2d:8c:b3:
9a:f4:e2:f8:e0:cc:bc:04:ef:6e:c8:09:a3:84:5b:71:33:bd:
12:19:4d:fb:a2:e6:34:03:0a:5a:4f:9b:9d:d1:0b:6e:e2:9b:
ba:fe:69:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0zB5aWg7WEqyOomzc8+p4hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNGFlNzZiMTk3NWZiNGE4Y2JhYjIyMDcxODllZWQyMDIz
MmZmNWYwHhcNMjYwMzI4MDYwMDI4WhcNMjYwMzI5MDYwMDI4WjAzMTEwLwYDVQQD
EyhkNGNkNTg3M2RkYjFhOGU1MWJiNTFmNjkzMDZlMDE3MTI4MWFiMjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIEPZRXwMcgggkLWT+xfRn/0RVAi
WGmVPbXHW9vLrbfEp2LfZG0gpy2BAeYsPQm9ArHlnPQvw1I7sZCH3Q5jimXJS9Cc
voj6vVbVwDMa/jPHHrL4SX/EqeB24VtbMzpWa+9LMHZZpl4Nh9F60zwkQITwv2SJ
IlYSLThMMWMPmv2pgRK+MTW1k2HqY2t7xD+XSnPSr6H+kMaPUYODMmHYD4UReFf5
2JgBAb1o+JvwThFJ7Os+Jy8c9/PYDELXenu3J609p2FTHkPjAoE2k36BOXxgThOz
4myObhR922gp2G3+QWs0KzOM9wtjtWFYXdgY6oGkBQ5sJfI4J9tzVh8HgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNTNWHPdsajlG7UfaTBuAXEoGrKYMB8GA1UdIwQY
MBaAFIBK52sZdftKjLqyIHGJ7tICMv9fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0VybmF4bDEtMHFNdXJJZ2NZbnUwZ0l5XzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82ODA5OTItMzhkYS00OThmLWEzNDkt
OTQyMjcyOTNjODhlLzEvZ0VybmF4bDEtMHFNdXJJZ2NZbnUwZ0l5XzE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC82ODA5OTItMzhkYS00OThmLWEzNDktOTQyMjcyOTNjODhl
LzEvZ0VybmF4bDEtMHFNdXJJZ2NZbnUwZ0l5XzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAUGx3b3Y
Mf+Dqph9VvN/hdYdvsbZpmiZUnNCgvaLIBqNFrilmodwuSDMnhe/Q4fKexyekO1U
x+dfWJOUpjtKtT8hPhvLkgANI3Y+bjSmOhUgmz1SppKxY9f5WIrt82vIHAaZW6NZ
RGmlIZLsYxob6hFJEb3s6j4MQGymNCbvS/PPxB1sG2jEHsGCCjf4Nyw4dzrZrK6+
W0xnpz5b6o7JITFHf82UuvCH7qpSiH1Yo9MANS5kBSvHP6yAXuP2R5H9HjafZmaR
qDCnEi+XjPmwH9r7tCLALYyzmvTi+ODMvATvbsgJo4RbcTO9EhlN+6LmNAMKWk+b
ndELbuKbuv5pdQ==
-----END CERTIFICATE-----
Generated at Sat Mar 28 11:04:21 2026 by rpki-client