Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft
File: gErnaxl1-0qMurIgcYnu0gIy_18.mft (raw, json)
Hash identifier: CyRxsDksNcnKDSUaykmbn0t3iOlSn7afikS8HCoO5SE=
Subject key identifier: C6:3C:FF:68:E6:99:9D:05:E6:09:A3:F6:CB:1C:3B:07:58:DB:1C:4B
Authority key identifier: 80:4A:E7:6B:19:75:FB:4A:8C:BA:B2:20:71:89:EE:D2:02:32:FF:5F
Certificate issuer: /CN=804ae76b1975fb4a8cbab2207189eed20232ff5f
Certificate serial: 019CADC77A595C24598245EA2D53ABDBA7A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft
Manifest number: 0689
Signing time: Mon 02 Mar 2026 09:00:57 +0000
Manifest this update: Mon 02 Mar 2026 09:00:57 +0000
Manifest next update: Tue 03 Mar 2026 09:00:57 +0000
Files and hashes: 1: gErnaxl1-0qMurIgcYnu0gIy_18.crl (hash: 0IJFi4emHbZcod9dPE4Kz8ofoh0qme8ZggepQ2D8MWU=)
2: vyQcVp5C3AlRVA819dd3sJ607Q4.roa (hash: dbP286vqsPZG/vM7gj98tCGBen8qv4/fYnsiL/9MVjw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft
rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:c7:7a:59:5c:24:59:82:45:ea:2d:53:ab:db:a7:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=804ae76b1975fb4a8cbab2207189eed20232ff5f
Validity
Not Before: Mar 2 09:00:57 2026 GMT
Not After : Mar 3 09:00:57 2026 GMT
Subject: CN=c63cff68e6999d05e609a3f6cb1c3b0758db1c4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:c9:8a:dc:ef:c5:f7:64:29:5a:3c:3d:fb:87:
d2:77:5f:41:3f:f9:90:de:d9:ff:c4:8e:bd:35:e7:
ee:5f:23:06:08:e2:f2:07:8a:b8:f0:4a:c8:a7:42:
52:a6:72:f2:e4:86:3b:63:89:02:39:14:14:c4:f0:
48:4a:8f:2c:e4:c1:39:08:d0:a2:c2:6f:18:4d:24:
2b:8c:76:73:0c:9e:27:f1:e4:1d:8e:7e:df:f2:b8:
39:73:3b:78:46:e1:f1:7f:a8:44:cf:11:09:c1:2f:
a2:be:c7:fd:4e:bf:4f:8f:91:12:98:be:37:88:48:
ad:1f:0b:ca:25:64:a6:2a:df:da:0b:d2:6e:d9:b9:
d2:be:93:7c:ba:2d:40:3a:44:97:2b:49:91:b7:a9:
5b:95:ff:e0:2a:73:03:a7:d1:4a:38:35:2f:27:3e:
d3:e7:d3:ec:05:78:16:41:3b:e8:20:26:b8:52:5d:
9c:2c:81:f1:8d:55:15:90:47:8c:45:d1:48:0e:05:
fc:aa:71:36:32:ec:70:d0:6e:ed:33:62:c3:e5:3b:
ba:88:21:87:ee:27:34:07:67:0a:54:88:42:ad:8d:
9d:67:25:b7:02:eb:7e:93:8f:a2:b2:48:e7:68:38:
16:79:ee:22:6d:38:29:72:c7:6f:be:de:82:5d:15:
54:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:3C:FF:68:E6:99:9D:05:E6:09:A3:F6:CB:1C:3B:07:58:DB:1C:4B
X509v3 Authority Key Identifier:
keyid:80:4A:E7:6B:19:75:FB:4A:8C:BA:B2:20:71:89:EE:D2:02:32:FF:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a0:9f:f4:03:5c:b7:90:e3:7e:7c:6d:9c:21:6b:3c:68:87:74:
f1:dc:72:55:9a:07:f3:2f:8c:cd:69:b1:e1:4c:9f:73:cc:c2:
79:19:8f:b4:99:d4:a3:62:24:ee:71:e4:58:c3:c6:05:05:3b:
32:85:71:50:af:27:04:f5:a8:bd:68:48:7b:2e:72:ba:24:db:
f3:c5:75:18:3d:b5:36:6e:33:ac:3a:50:9b:49:ea:d7:11:1f:
03:96:66:15:e2:b4:ee:28:32:7f:41:20:98:ba:9b:e7:8b:ec:
93:2d:34:f1:1c:54:9e:57:c0:1c:bd:82:ae:9b:ff:5d:84:ef:
70:52:a5:69:15:a1:8d:5a:61:74:2b:bb:cd:e0:dc:6a:b1:6a:
38:cb:96:58:8a:2b:e7:e0:c7:6a:38:ab:2b:ba:32:39:44:3c:
8a:51:8e:08:aa:53:72:04:af:1f:7f:43:b3:1a:3a:ae:73:a8:
3c:8e:d7:41:c5:a4:8a:26:52:c8:8e:af:7c:5b:f6:fc:ba:90:
e4:e6:77:a7:d1:c3:3f:3a:d6:66:27:e8:c7:5b:ef:65:58:51:
c7:63:40:33:c2:91:1b:21:e2:a1:f1:1b:39:1a:99:87:ac:05:
4d:49:a7:90:74:78:d2:8f:f5:f2:3e:50:28:a0:d0:23:9f:ed:
91:e1:35:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytx3pZXCRZgkXqLVOr26epMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNGFlNzZiMTk3NWZiNGE4Y2JhYjIyMDcxODllZWQyMDIz
MmZmNWYwHhcNMjYwMzAyMDkwMDU3WhcNMjYwMzAzMDkwMDU3WjAzMTEwLwYDVQQD
EyhjNjNjZmY2OGU2OTk5ZDA1ZTYwOWEzZjZjYjFjM2IwNzU4ZGIxYzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0smK3O/F92QpWjw9+4fSd19BP/mQ
3tn/xI69NefuXyMGCOLyB4q48ErIp0JSpnLy5IY7Y4kCORQUxPBISo8s5ME5CNCi
wm8YTSQrjHZzDJ4n8eQdjn7f8rg5czt4RuHxf6hEzxEJwS+ivsf9Tr9Pj5ESmL43
iEitHwvKJWSmKt/aC9Ju2bnSvpN8ui1AOkSXK0mRt6lblf/gKnMDp9FKODUvJz7T
59PsBXgWQTvoICa4Ul2cLIHxjVUVkEeMRdFIDgX8qnE2Muxw0G7tM2LD5Tu6iCGH
7ic0B2cKVIhCrY2dZyW3Aut+k4+iskjnaDgWee4ibTgpcsdvvt6CXRVUXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMY8/2jmmZ0F5gmj9sscOwdY2xxLMB8GA1UdIwQY
MBaAFIBK52sZdftKjLqyIHGJ7tICMv9fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0VybmF4bDEtMHFNdXJJZ2NZbnUwZ0l5XzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82ODA5OTItMzhkYS00OThmLWEzNDkt
OTQyMjcyOTNjODhlLzEvZ0VybmF4bDEtMHFNdXJJZ2NZbnUwZ0l5XzE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC82ODA5OTItMzhkYS00OThmLWEzNDktOTQyMjcyOTNjODhl
LzEvZ0VybmF4bDEtMHFNdXJJZ2NZbnUwZ0l5XzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoJ/0A1y3
kON+fG2cIWs8aId08dxyVZoH8y+MzWmx4Uyfc8zCeRmPtJnUo2Ik7nHkWMPGBQU7
MoVxUK8nBPWovWhIey5yuiTb88V1GD21Nm4zrDpQm0nq1xEfA5ZmFeK07igyf0Eg
mLqb54vsky008RxUnlfAHL2Crpv/XYTvcFKlaRWhjVphdCu7zeDcarFqOMuWWIor
5+DHajirK7oyOUQ8ilGOCKpTcgSvH39Dsxo6rnOoPI7XQcWkiiZSyI6vfFv2/LqQ
5OZ3p9HDPzrWZifox1vvZVhRx2NAM8KRGyHiofEbORqZh6wFTUmnkHR40o/18j5Q
KKDQI5/tkeE1BA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:37:11 2026 by rpki-client