Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft
File: gErnaxl1-0qMurIgcYnu0gIy_18.mft (raw, json)
Hash identifier: DxWxCYXDawtty8cNqfxiTKW2/6x3AUBl4cGfjfKBojI=
Subject key identifier: FD:72:70:12:E7:6C:D0:C4:56:D8:32:AB:5F:9F:1B:9F:78:48:E1:AC
Authority key identifier: 80:4A:E7:6B:19:75:FB:4A:8C:BA:B2:20:71:89:EE:D2:02:32:FF:5F
Certificate issuer: /CN=804ae76b1975fb4a8cbab2207189eed20232ff5f
Certificate serial: 019D9D3EF7FBB37D9971A3628DB60E7048CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft
Manifest number: 0705
Signing time: Fri 17 Apr 2026 21:00:42 +0000
Manifest this update: Fri 17 Apr 2026 21:00:42 +0000
Manifest next update: Sat 18 Apr 2026 21:00:42 +0000
Files and hashes: 1: gErnaxl1-0qMurIgcYnu0gIy_18.crl (hash: gKtMqv36XR1ABNRuhtoELeDZSsC18WSxM2HHHI/YjII=)
2: vyQcVp5C3AlRVA819dd3sJ607Q4.roa (hash: dbP286vqsPZG/vM7gj98tCGBen8qv4/fYnsiL/9MVjw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft
rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9d:3e:f7:fb:b3:7d:99:71:a3:62:8d:b6:0e:70:48:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=804ae76b1975fb4a8cbab2207189eed20232ff5f
Validity
Not Before: Apr 17 21:00:42 2026 GMT
Not After : Apr 18 21:00:42 2026 GMT
Subject: CN=fd727012e76cd0c456d832ab5f9f1b9f7848e1ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a1:64:99:8d:79:0c:76:1e:b0:39:2d:d8:d5:
f2:2c:46:f9:f2:7e:1e:31:83:04:26:bf:a2:b1:4b:
b9:ff:45:d3:9b:30:82:43:21:ec:24:56:ea:76:5f:
d4:f6:9e:12:51:ba:ea:4c:f8:6d:b7:1d:c5:db:6b:
67:1d:eb:bd:25:7a:d6:28:14:65:36:59:3c:6e:c5:
f1:04:c4:44:25:25:aa:f0:58:23:f9:f2:d3:59:c0:
d0:a4:ac:01:7e:f5:3f:9f:5f:ad:a0:1f:81:c9:d0:
30:2a:71:f3:4d:c2:02:ee:6e:1d:36:9c:bc:a2:c4:
d6:c7:bf:ff:eb:71:c9:02:e2:ff:78:98:ee:8c:8e:
0c:21:4a:6a:1a:e6:79:a3:ff:26:9c:29:2f:db:01:
b5:b5:6d:f1:8c:eb:e0:84:dc:90:b4:37:c0:80:c8:
93:4c:26:3e:90:f4:49:36:66:d5:48:43:b0:58:a9:
ab:5a:59:05:d4:cc:f5:48:5e:3d:d1:df:61:81:99:
28:d9:8a:2a:11:a3:8f:ad:c4:3b:8d:97:81:50:f9:
25:d7:c5:c3:7b:e9:09:b4:db:8a:22:5a:d6:7c:a4:
24:32:58:c6:46:8d:fc:49:30:58:17:0e:5e:90:f9:
29:b0:eb:12:5d:ef:61:a2:cc:b5:20:ac:4f:75:d4:
22:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:72:70:12:E7:6C:D0:C4:56:D8:32:AB:5F:9F:1B:9F:78:48:E1:AC
X509v3 Authority Key Identifier:
keyid:80:4A:E7:6B:19:75:FB:4A:8C:BA:B2:20:71:89:EE:D2:02:32:FF:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ac:d5:ae:3a:71:14:5f:7b:5e:8a:41:bb:8f:e3:fe:3d:19:00:
8f:82:ca:f7:64:5c:d9:a4:02:7f:10:1c:db:0c:62:b3:58:77:
a5:6f:5d:65:70:79:c9:10:18:52:36:f2:6b:5f:f6:51:76:1b:
d6:cc:44:c7:dd:27:af:de:df:28:fa:82:4b:08:20:ba:6f:0a:
d6:8e:82:9d:ac:ed:23:8c:63:ad:64:2a:9d:4d:4f:00:4e:1d:
8e:59:46:16:a0:52:92:cd:53:ea:00:1d:a6:b0:b5:7a:d8:e3:
1b:dd:f3:cf:76:47:57:4a:35:ac:3f:4d:d7:fb:9c:ae:71:98:
4c:88:c6:82:13:10:2b:28:ae:e8:50:9f:ae:a1:20:3d:98:38:
19:5a:df:6a:56:7d:f8:c4:e3:ec:ef:4d:ab:64:9a:36:64:64:
4f:89:6f:f8:85:55:44:77:ca:05:f6:bb:af:19:f4:d2:7e:9c:
91:d6:b4:27:92:12:be:b7:4e:09:52:b2:77:f5:bc:1a:b1:e3:
74:65:29:81:93:93:bd:e6:08:dc:57:78:6f:51:27:7d:ca:2c:
32:18:46:fd:4c:3d:2f:94:b3:23:40:a8:bb:41:66:33:27:ac:
74:4c:a6:0e:f6:ba:35:23:21:d0:f7:5b:4d:25:0a:cb:7c:17:
c2:d3:df:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2dPvf7s32ZcaNijbYOcEjPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNGFlNzZiMTk3NWZiNGE4Y2JhYjIyMDcxODllZWQyMDIz
MmZmNWYwHhcNMjYwNDE3MjEwMDQyWhcNMjYwNDE4MjEwMDQyWjAzMTEwLwYDVQQD
EyhmZDcyNzAxMmU3NmNkMGM0NTZkODMyYWI1ZjlmMWI5Zjc4NDhlMWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1aFkmY15DHYesDkt2NXyLEb58n4e
MYMEJr+isUu5/0XTmzCCQyHsJFbqdl/U9p4SUbrqTPhttx3F22tnHeu9JXrWKBRl
Nlk8bsXxBMREJSWq8Fgj+fLTWcDQpKwBfvU/n1+toB+BydAwKnHzTcIC7m4dNpy8
osTWx7//63HJAuL/eJjujI4MIUpqGuZ5o/8mnCkv2wG1tW3xjOvghNyQtDfAgMiT
TCY+kPRJNmbVSEOwWKmrWlkF1Mz1SF490d9hgZko2YoqEaOPrcQ7jZeBUPkl18XD
e+kJtNuKIlrWfKQkMljGRo38STBYFw5ekPkpsOsSXe9hosy1IKxPddQixwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP1ycBLnbNDEVtgyq1+fG594SOGsMB8GA1UdIwQY
MBaAFIBK52sZdftKjLqyIHGJ7tICMv9fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0VybmF4bDEtMHFNdXJJZ2NZbnUwZ0l5XzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82ODA5OTItMzhkYS00OThmLWEzNDkt
OTQyMjcyOTNjODhlLzEvZ0VybmF4bDEtMHFNdXJJZ2NZbnUwZ0l5XzE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC82ODA5OTItMzhkYS00OThmLWEzNDktOTQyMjcyOTNjODhl
LzEvZ0VybmF4bDEtMHFNdXJJZ2NZbnUwZ0l5XzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArNWuOnEU
X3teikG7j+P+PRkAj4LK92Rc2aQCfxAc2wxis1h3pW9dZXB5yRAYUjbya1/2UXYb
1sxEx90nr97fKPqCSwggum8K1o6CnaztI4xjrWQqnU1PAE4djllGFqBSks1T6gAd
prC1etjjG93zz3ZHV0o1rD9N1/ucrnGYTIjGghMQKyiu6FCfrqEgPZg4GVrfalZ9
+MTj7O9Nq2SaNmRkT4lv+IVVRHfKBfa7rxn00n6ckda0J5ISvrdOCVKyd/W8GrHj
dGUpgZOTveYI3Fd4b1EnfcosMhhG/Uw9L5SzI0Cou0FmMyesdEymDva6NSMh0Pdb
TSUKy3wXwtPftQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:04:27 2026 by rpki-client