Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft
File: gErnaxl1-0qMurIgcYnu0gIy_18.mft (raw, json)
Hash identifier: Sgy43dgmTJF4T43INFsrvKs7Fj/gD5cxGhu4Qvt6mt8=
Subject key identifier: FA:A6:FD:87:06:1E:F0:A9:0B:5C:F0:2A:8B:30:20:EB:1B:08:0A:BF
Authority key identifier: 80:4A:E7:6B:19:75:FB:4A:8C:BA:B2:20:71:89:EE:D2:02:32:FF:5F
Certificate issuer: /CN=804ae76b1975fb4a8cbab2207189eed20232ff5f
Certificate serial: 019A5151334EDEE38B60F3787E052BCBF50A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft
Manifest number: 054F
Signing time: Wed 05 Nov 2025 00:01:07 +0000
Manifest this update: Wed 05 Nov 2025 00:01:07 +0000
Manifest next update: Thu 06 Nov 2025 00:01:07 +0000
Files and hashes: 1: gErnaxl1-0qMurIgcYnu0gIy_18.crl (hash: mnLUfC48LwA7qNs2m8DfIFy/kz+KW059hFjXjXnshoQ=)
2: v3oDa-WSUoJp1kuV1a6fLuRGHQ0.roa (hash: Y4h5O4hQh1m1aEWNf7XMnqa6q5Txb+8pJ/1S7VkKt/4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft
rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:51:51:33:4e:de:e3:8b:60:f3:78:7e:05:2b:cb:f5:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=804ae76b1975fb4a8cbab2207189eed20232ff5f
Validity
Not Before: Nov 5 00:01:07 2025 GMT
Not After : Nov 6 00:01:07 2025 GMT
Subject: CN=faa6fd87061ef0a90b5cf02a8b3020eb1b080abf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:14:4b:5f:3e:b3:a6:63:3e:87:fc:80:c0:f8:
f8:7a:60:0e:88:14:06:ff:87:9b:d0:36:a1:5a:99:
6a:56:21:70:1f:46:af:99:cc:62:6b:b3:d0:86:7f:
da:be:a2:29:c2:06:58:88:87:8a:99:51:07:1c:c6:
26:e1:58:27:27:12:9c:ff:d9:3c:5c:b5:c5:24:3d:
04:ed:4c:c6:28:59:e1:1b:49:c1:a5:25:0e:59:c3:
16:89:0a:70:ec:85:3f:30:a9:3d:03:ff:73:4d:86:
44:7f:36:95:cb:db:bf:af:fd:c2:11:f1:44:45:8b:
46:08:31:8f:6f:7b:72:69:78:bb:36:5e:1a:7a:78:
7d:27:b4:25:0a:34:ce:44:cb:fb:47:63:af:a7:ed:
84:ab:fe:b9:32:b3:c4:20:74:76:22:00:5b:b0:89:
62:d3:f3:d7:04:00:22:58:b5:fa:a0:99:03:42:b6:
c6:b3:54:f1:30:17:c4:4c:87:40:f4:7d:84:98:9b:
ad:66:85:77:50:24:c2:c2:ae:b0:7e:bd:1b:7e:47:
9c:c7:8d:be:33:25:5b:33:14:8a:e3:00:06:96:c8:
9b:23:9c:98:2a:e7:5c:57:8d:a0:35:b0:c9:56:96:
47:2a:29:5c:87:1e:1b:02:75:95:aa:f9:f1:71:67:
ff:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:A6:FD:87:06:1E:F0:A9:0B:5C:F0:2A:8B:30:20:EB:1B:08:0A:BF
X509v3 Authority Key Identifier:
keyid:80:4A:E7:6B:19:75:FB:4A:8C:BA:B2:20:71:89:EE:D2:02:32:FF:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8a:6d:35:66:c1:c6:47:e6:8a:41:81:6a:6d:b8:97:ab:11:bf:
f8:5a:93:ee:db:d0:12:19:04:0f:09:48:d7:5f:f9:3e:d9:61:
4f:f8:9d:45:fd:0e:22:9c:9b:c2:a8:a9:a3:2b:a3:a4:2e:9f:
37:6e:c5:22:32:89:28:2f:6f:b6:37:21:1c:91:53:b0:9a:c1:
6d:27:ce:51:bf:68:1f:d4:0b:86:97:a5:bd:d9:53:28:1e:17:
1d:0d:cb:16:6b:d8:80:5e:4f:e4:fb:1d:66:b1:66:45:bd:c9:
75:51:23:37:98:9d:34:a0:6c:ab:f4:30:f3:fa:d1:fd:0c:24:
f9:6a:d3:f3:95:58:a8:fc:63:82:25:4b:eb:b9:06:20:9e:d5:
c1:76:d6:c8:60:f3:a2:20:75:81:5f:1e:ab:41:47:cb:b8:aa:
d6:b4:93:c3:57:66:37:92:aa:2b:ac:1e:49:83:2c:55:4b:d5:
e2:e7:dc:da:6f:ad:a9:5c:9b:ba:7d:6d:66:25:bd:fd:39:36:
81:52:fe:06:dc:7f:bc:0e:5d:be:d1:b5:61:d4:b8:dc:85:f0:
06:32:44:20:5c:48:74:b8:74:73:09:03:41:00:0e:ec:58:7b:
4e:69:88:b4:68:14:54:c3:07:19:23:07:ea:7f:8b:fd:c7:aa:
fa:c9:ac:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRUTNO3uOLYPN4fgUry/UKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNGFlNzZiMTk3NWZiNGE4Y2JhYjIyMDcxODllZWQyMDIz
MmZmNWYwHhcNMjUxMTA1MDAwMTA3WhcNMjUxMTA2MDAwMTA3WjAzMTEwLwYDVQQD
EyhmYWE2ZmQ4NzA2MWVmMGE5MGI1Y2YwMmE4YjMwMjBlYjFiMDgwYWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1hRLXz6zpmM+h/yAwPj4emAOiBQG
/4eb0DahWplqViFwH0avmcxia7PQhn/avqIpwgZYiIeKmVEHHMYm4VgnJxKc/9k8
XLXFJD0E7UzGKFnhG0nBpSUOWcMWiQpw7IU/MKk9A/9zTYZEfzaVy9u/r/3CEfFE
RYtGCDGPb3tyaXi7Nl4aenh9J7QlCjTORMv7R2Ovp+2Eq/65MrPEIHR2IgBbsIli
0/PXBAAiWLX6oJkDQrbGs1TxMBfETIdA9H2EmJutZoV3UCTCwq6wfr0bfkecx42+
MyVbMxSK4wAGlsibI5yYKudcV42gNbDJVpZHKilchx4bAnWVqvnxcWf/VwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPqm/YcGHvCpC1zwKoswIOsbCAq/MB8GA1UdIwQY
MBaAFIBK52sZdftKjLqyIHGJ7tICMv9fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0VybmF4bDEtMHFNdXJJZ2NZbnUwZ0l5XzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82ODA5OTItMzhkYS00OThmLWEzNDkt
OTQyMjcyOTNjODhlLzEvZ0VybmF4bDEtMHFNdXJJZ2NZbnUwZ0l5XzE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC82ODA5OTItMzhkYS00OThmLWEzNDktOTQyMjcyOTNjODhl
LzEvZ0VybmF4bDEtMHFNdXJJZ2NZbnUwZ0l5XzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAim01ZsHG
R+aKQYFqbbiXqxG/+FqT7tvQEhkEDwlI11/5PtlhT/idRf0OIpybwqipoyujpC6f
N27FIjKJKC9vtjchHJFTsJrBbSfOUb9oH9QLhpelvdlTKB4XHQ3LFmvYgF5P5Psd
ZrFmRb3JdVEjN5idNKBsq/Qw8/rR/Qwk+WrT85VYqPxjgiVL67kGIJ7VwXbWyGDz
oiB1gV8eq0FHy7iq1rSTw1dmN5KqK6weSYMsVUvV4ufc2m+tqVybun1tZiW9/Tk2
gVL+Btx/vA5dvtG1YdS43IXwBjJEIFxIdLh0cwkDQQAO7Fh7TmmItGgUVMMHGSMH
6n+L/ceq+smsMg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:18:08 2025 by rpki-client