Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/3564e7-11d4-4d7a-8bcc-a953768fde2f/1/Gk0JI-wQZndgrYguavmhVpnAXvg.mft
File: Gk0JI-wQZndgrYguavmhVpnAXvg.mft (raw, json)
Hash identifier: Bz3gwLqxKCcPryQsuy7NJ4gMyGwqRR6WQF6VbNLnvjQ=
Subject key identifier: D1:7F:F9:FD:21:5C:3A:B4:D3:F2:AF:06:5E:2C:71:E8:43:36:94:25
Authority key identifier: 1A:4D:09:23:EC:10:66:77:60:AD:88:2E:6A:F9:A1:56:99:C0:5E:F8
Certificate issuer: /CN=1a4d0923ec10667760ad882e6af9a15699c05ef8
Certificate serial: 019CAA21B755668C81E6EB41B140312291D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gk0JI-wQZndgrYguavmhVpnAXvg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/3564e7-11d4-4d7a-8bcc-a953768fde2f/1/Gk0JI-wQZndgrYguavmhVpnAXvg.mft
Manifest number: 10DC
Signing time: Sun 01 Mar 2026 16:01:02 +0000
Manifest this update: Sun 01 Mar 2026 16:01:02 +0000
Manifest next update: Mon 02 Mar 2026 16:01:02 +0000
Files and hashes: 1: ENz0VTcEnPSXBE5Znpjw7lUaAwA.roa (hash: DP27/a5o1Ym+vesDLFqV0Tua4ny+ds0/pH34jhmErS8=)
2: Gk0JI-wQZndgrYguavmhVpnAXvg.crl (hash: Vl3eunB6gt2Gfpz8u9XPNXOxvuVSwQzy5YqRnS98wbM=)
3: Y-eJmA6TDVKIS1tuOw2dm1_Jqdc.roa (hash: KqQ8TKxBYl3JumzrSj+0qt5zeDJPsxKpAnGsc38qwpE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/3564e7-11d4-4d7a-8bcc-a953768fde2f/1/Gk0JI-wQZndgrYguavmhVpnAXvg.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/3564e7-11d4-4d7a-8bcc-a953768fde2f/1/Gk0JI-wQZndgrYguavmhVpnAXvg.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gk0JI-wQZndgrYguavmhVpnAXvg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:21:b7:55:66:8c:81:e6:eb:41:b1:40:31:22:91:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a4d0923ec10667760ad882e6af9a15699c05ef8
Validity
Not Before: Mar 1 16:01:02 2026 GMT
Not After : Mar 2 16:01:02 2026 GMT
Subject: CN=d17ff9fd215c3ab4d3f2af065e2c71e843369425
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:04:ea:55:3c:f1:8f:0c:5a:cb:82:4a:29:5f:
38:f6:2b:11:62:a5:92:68:ee:fc:90:cb:c3:f7:9b:
bd:12:ce:e2:38:89:1e:16:f0:cd:f4:86:57:ff:2b:
3e:dc:1c:a2:13:4e:f6:ef:da:e9:11:bd:03:eb:f1:
64:65:0e:71:2c:2d:77:e1:bd:2e:a8:5a:b1:33:00:
67:9d:c0:a9:4b:94:d3:39:3c:45:d9:9a:95:73:1f:
10:37:04:a4:ad:29:be:f0:6e:55:46:7b:8d:2f:c7:
ce:f7:4a:23:61:ca:91:64:c9:bf:89:0f:a3:7e:fd:
50:fb:86:58:24:2b:e1:fb:5f:54:15:11:db:47:17:
37:f4:6e:be:2b:0d:b8:57:ae:f2:91:20:4d:88:85:
5d:6b:1e:b5:1b:97:50:75:30:98:36:8c:c8:f5:0c:
d5:4c:0d:b2:8c:4a:37:59:2c:61:4c:1f:62:3d:14:
d4:8f:da:ec:92:e9:d8:eb:e5:1a:ad:85:19:31:78:
ca:13:8e:bb:7e:b9:4d:30:b3:da:1d:47:8b:a1:24:
eb:fa:7e:00:d2:ad:d5:6d:87:f9:09:7d:d8:2f:d4:
8d:28:e7:4e:f4:d8:67:1a:09:0b:a1:35:ba:9f:9d:
06:7d:81:4b:a4:d0:aa:5b:a0:ec:44:4c:4d:a1:93:
42:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:7F:F9:FD:21:5C:3A:B4:D3:F2:AF:06:5E:2C:71:E8:43:36:94:25
X509v3 Authority Key Identifier:
keyid:1A:4D:09:23:EC:10:66:77:60:AD:88:2E:6A:F9:A1:56:99:C0:5E:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gk0JI-wQZndgrYguavmhVpnAXvg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/3564e7-11d4-4d7a-8bcc-a953768fde2f/1/Gk0JI-wQZndgrYguavmhVpnAXvg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/3564e7-11d4-4d7a-8bcc-a953768fde2f/1/Gk0JI-wQZndgrYguavmhVpnAXvg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
41:ba:20:0f:79:a7:38:43:9f:3f:f3:79:28:f3:90:35:2f:31:
1a:5f:63:86:fc:6b:9a:b7:f4:e5:4f:6f:7f:79:7e:84:f7:6c:
1f:bb:a9:61:ea:69:58:2c:18:67:cc:3f:a6:4b:f9:15:49:33:
13:32:76:11:56:36:3d:7d:9c:1b:c8:b9:7d:0d:b9:b6:df:80:
f6:5f:a1:91:b3:aa:90:b9:8d:3c:64:73:e8:b8:94:fd:4f:a9:
99:aa:0d:ad:73:a7:f0:ab:8a:29:61:b5:3d:85:53:b1:1c:6d:
76:b9:50:a9:a2:b6:65:31:39:12:a1:9e:35:a3:ed:cb:39:8a:
a5:99:9e:27:42:b3:83:c4:57:e4:09:51:b5:48:c1:ab:ad:31:
15:1d:96:21:b4:54:f0:23:8d:72:c5:17:ac:56:b3:e3:47:45:
a7:e9:7d:a2:47:ce:af:c0:32:e5:62:30:cb:af:00:db:71:30:
e2:d9:e0:04:93:ad:99:3f:86:b9:10:a5:06:f4:56:20:7f:2c:
7d:f6:e8:d1:ef:a7:16:70:67:09:2f:6f:a5:96:b3:4c:de:df:
5b:55:99:b3:3a:41:e2:6f:43:fa:fe:04:4d:94:7c:77:63:4c:
0f:3d:d9:5f:c6:4b:98:39:72:59:d7:a5:e3:35:33:73:b8:14:
e5:86:38:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqIbdVZoyB5utBsUAxIpHUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNGQwOTIzZWMxMDY2Nzc2MGFkODgyZTZhZjlhMTU2OTlj
MDVlZjgwHhcNMjYwMzAxMTYwMTAyWhcNMjYwMzAyMTYwMTAyWjAzMTEwLwYDVQQD
EyhkMTdmZjlmZDIxNWMzYWI0ZDNmMmFmMDY1ZTJjNzFlODQzMzY5NDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoATqVTzxjwxay4JKKV849isRYqWS
aO78kMvD95u9Es7iOIkeFvDN9IZX/ys+3ByiE07279rpEb0D6/FkZQ5xLC134b0u
qFqxMwBnncCpS5TTOTxF2ZqVcx8QNwSkrSm+8G5VRnuNL8fO90ojYcqRZMm/iQ+j
fv1Q+4ZYJCvh+19UFRHbRxc39G6+Kw24V67ykSBNiIVdax61G5dQdTCYNozI9QzV
TA2yjEo3WSxhTB9iPRTUj9rskunY6+UarYUZMXjKE467frlNMLPaHUeLoSTr+n4A
0q3VbYf5CX3YL9SNKOdO9NhnGgkLoTW6n50GfYFLpNCqW6DsRExNoZNCTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNF/+f0hXDq00/KvBl4scehDNpQlMB8GA1UdIwQY
MBaAFBpNCSPsEGZ3YK2ILmr5oVaZwF74MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2swSkktd1FabmRncllndWF2bWhWcG5BWHZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8zNTY0ZTctMTFkNC00ZDdhLThiY2Mt
YTk1Mzc2OGZkZTJmLzEvR2swSkktd1FabmRncllndWF2bWhWcG5BWHZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8zNTY0ZTctMTFkNC00ZDdhLThiY2MtYTk1Mzc2OGZkZTJm
LzEvR2swSkktd1FabmRncllndWF2bWhWcG5BWHZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQbogD3mn
OEOfP/N5KPOQNS8xGl9jhvxrmrf05U9vf3l+hPdsH7upYeppWCwYZ8w/pkv5FUkz
EzJ2EVY2PX2cG8i5fQ25tt+A9l+hkbOqkLmNPGRz6LiU/U+pmaoNrXOn8KuKKWG1
PYVTsRxtdrlQqaK2ZTE5EqGeNaPtyzmKpZmeJ0Kzg8RX5AlRtUjBq60xFR2WIbRU
8CONcsUXrFaz40dFp+l9okfOr8Ay5WIwy68A23Ew4tngBJOtmT+GuRClBvRWIH8s
ffbo0e+nFnBnCS9vpZazTN7fW1WZszpB4m9D+v4ETZR8d2NMDz3ZX8ZLmDlyWdel
4zUzc7gU5YY4Uw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:44:26 2026 by rpki-client