Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/bf4793-0c84-422c-9b8e-260de6cbf456/1/1GRmfDSn27AvBTC85ILRGtQkh70.mft
File: 1GRmfDSn27AvBTC85ILRGtQkh70.mft (raw, json)
Hash identifier: TJqyy27aMi/LqaeSzc/iO4PAUE6EpD21/BO5diRLM24=
Subject key identifier: 3D:99:54:38:21:08:FD:BD:BE:77:F4:BB:E0:C0:D8:77:1A:1F:98:76
Authority key identifier: D4:64:66:7C:34:A7:DB:B0:2F:05:30:BC:E4:82:D1:1A:D4:24:87:BD
Certificate issuer: /CN=d464667c34a7dbb02f0530bce482d11ad42487bd
Certificate serial: 019D3752DCDECF05D7BC5ACAA9AEB893428A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1GRmfDSn27AvBTC85ILRGtQkh70.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/bf4793-0c84-422c-9b8e-260de6cbf456/1/1GRmfDSn27AvBTC85ILRGtQkh70.mft
Manifest number: 0B7A
Signing time: Sun 29 Mar 2026 02:01:10 +0000
Manifest this update: Sun 29 Mar 2026 02:01:10 +0000
Manifest next update: Mon 30 Mar 2026 02:01:10 +0000
Files and hashes: 1: 1GRmfDSn27AvBTC85ILRGtQkh70.crl (hash: i0VXLrD6xk1kWDTeTXX+dQbjG2D2JFtoLf4WsY+8B0c=)
2: dligzRRVoWtfjy4qlRdbw7o42uM.roa (hash: 2ujZTExymeWh5nps9OWeUYEciPPWZb859+jQp6T2I7s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/bf4793-0c84-422c-9b8e-260de6cbf456/1/1GRmfDSn27AvBTC85ILRGtQkh70.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/bf4793-0c84-422c-9b8e-260de6cbf456/1/1GRmfDSn27AvBTC85ILRGtQkh70.mft
rsync://rpki.ripe.net/repository/DEFAULT/1GRmfDSn27AvBTC85ILRGtQkh70.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 02:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:52:dc:de:cf:05:d7:bc:5a:ca:a9:ae:b8:93:42:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d464667c34a7dbb02f0530bce482d11ad42487bd
Validity
Not Before: Mar 29 02:01:10 2026 GMT
Not After : Mar 30 02:01:10 2026 GMT
Subject: CN=3d9954382108fdbdbe77f4bbe0c0d8771a1f9876
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:f2:e3:97:56:42:37:29:bd:a4:b8:b1:8e:ff:
0f:22:d7:44:e7:e0:29:e7:9e:3f:7a:5f:e5:0e:4a:
68:fc:85:5d:d9:d0:6d:d3:14:0e:b2:4c:83:96:a9:
b3:57:24:68:be:46:9e:36:4f:75:67:52:1c:a9:d3:
39:81:48:a6:62:8a:94:aa:3d:51:f9:43:89:f7:d2:
29:e0:10:f8:36:96:35:d5:33:43:0a:34:8d:2c:0e:
ae:08:5a:4c:10:c3:88:f5:25:2d:79:e2:cd:8b:dd:
59:c9:6f:74:9f:95:2f:23:82:bd:5e:8d:7a:f8:11:
bf:99:d4:47:ab:1d:7b:65:69:07:2a:dd:ca:e0:d4:
d7:fa:7b:ac:fd:b8:ce:05:eb:ae:6f:c9:23:86:a2:
1b:e2:77:ec:17:16:f4:90:b0:b6:3e:b4:33:1c:97:
fd:d3:51:94:b5:c2:59:2b:ad:b5:3c:ce:56:01:0a:
96:ff:4f:c1:b4:d7:7e:f2:50:11:1a:43:11:2d:82:
f1:2b:48:16:85:21:55:bd:a5:58:b9:40:00:ac:8e:
4c:f8:b4:3b:50:8d:d4:c6:10:2c:3a:a1:eb:09:f1:
19:ed:8e:1f:a5:c3:ae:9c:a5:c1:0d:bc:27:f3:cc:
2c:86:d3:4c:f4:53:93:f6:7c:65:14:79:4b:00:2d:
27:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:99:54:38:21:08:FD:BD:BE:77:F4:BB:E0:C0:D8:77:1A:1F:98:76
X509v3 Authority Key Identifier:
keyid:D4:64:66:7C:34:A7:DB:B0:2F:05:30:BC:E4:82:D1:1A:D4:24:87:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1GRmfDSn27AvBTC85ILRGtQkh70.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/bf4793-0c84-422c-9b8e-260de6cbf456/1/1GRmfDSn27AvBTC85ILRGtQkh70.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/bf4793-0c84-422c-9b8e-260de6cbf456/1/1GRmfDSn27AvBTC85ILRGtQkh70.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5e:5d:b5:08:c9:d4:3f:c7:5c:e9:5a:68:cf:f8:ef:a5:c6:0b:
f6:ae:7a:d4:5d:76:9c:68:02:02:ad:29:5c:52:96:91:b8:8f:
67:80:c2:e3:8a:16:10:79:5d:1d:3b:5c:0b:bf:62:61:b1:ad:
d6:6a:25:ca:65:14:20:03:3d:5a:9d:6f:8a:96:e0:39:09:94:
29:ef:ac:2e:7c:52:7d:a3:93:62:3e:a5:cb:89:c7:32:38:a9:
8c:24:31:03:93:e2:d8:a9:e3:79:a8:d6:04:eb:63:3d:8d:b4:
9f:43:e5:39:f9:e6:1c:8b:3f:f9:8c:1d:ed:e0:56:47:5c:53:
61:13:2b:46:b9:0b:33:95:44:7a:fd:bc:16:9d:b1:8e:c3:e3:
a1:91:39:16:08:8d:d4:a4:26:54:2d:be:95:ba:e7:1f:1c:1b:
5e:b3:2b:d0:19:10:7a:fb:a2:ae:47:66:a7:e4:2c:40:a5:9a:
32:96:45:d8:49:76:2e:d5:bb:da:ab:a4:46:22:3e:dd:92:fb:
7f:bc:64:67:c9:a9:ca:2e:cd:78:37:2f:ef:cb:25:b5:b3:d4:
09:3d:0d:51:92:9e:7b:33:6f:54:c1:95:83:1f:7c:e5:2c:fe:
e1:af:f5:40:0c:67:34:f7:40:90:30:a5:7e:a3:d7:82:df:3f:
a8:42:19:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UtzezwXXvFrKqa64k0KKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NjQ2NjdjMzRhN2RiYjAyZjA1MzBiY2U0ODJkMTFhZDQy
NDg3YmQwHhcNMjYwMzI5MDIwMTEwWhcNMjYwMzMwMDIwMTEwWjAzMTEwLwYDVQQD
EygzZDk5NTQzODIxMDhmZGJkYmU3N2Y0YmJlMGMwZDg3NzFhMWY5ODc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6fLjl1ZCNym9pLixjv8PItdE5+Ap
554/el/lDkpo/IVd2dBt0xQOskyDlqmzVyRovkaeNk91Z1IcqdM5gUimYoqUqj1R
+UOJ99Ip4BD4NpY11TNDCjSNLA6uCFpMEMOI9SUteeLNi91ZyW90n5UvI4K9Xo16
+BG/mdRHqx17ZWkHKt3K4NTX+nus/bjOBeuub8kjhqIb4nfsFxb0kLC2PrQzHJf9
01GUtcJZK621PM5WAQqW/0/BtNd+8lARGkMRLYLxK0gWhSFVvaVYuUAArI5M+LQ7
UI3UxhAsOqHrCfEZ7Y4fpcOunKXBDbwn88wshtNM9FOT9nxlFHlLAC0nDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD2ZVDghCP29vnf0u+DA2HcaH5h2MB8GA1UdIwQY
MBaAFNRkZnw0p9uwLwUwvOSC0RrUJIe9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUdSbWZEU24yN0F2QlRDODVJTFJHdFFraDcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iZjQ3OTMtMGM4NC00MjJjLTliOGUt
MjYwZGU2Y2JmNDU2LzEvMUdSbWZEU24yN0F2QlRDODVJTFJHdFFraDcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9iZjQ3OTMtMGM4NC00MjJjLTliOGUtMjYwZGU2Y2JmNDU2
LzEvMUdSbWZEU24yN0F2QlRDODVJTFJHdFFraDcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXl21CMnU
P8dc6Vpoz/jvpcYL9q561F12nGgCAq0pXFKWkbiPZ4DC44oWEHldHTtcC79iYbGt
1molymUUIAM9Wp1vipbgOQmUKe+sLnxSfaOTYj6ly4nHMjipjCQxA5Pi2KnjeajW
BOtjPY20n0PlOfnmHIs/+Ywd7eBWR1xTYRMrRrkLM5VEev28Fp2xjsPjoZE5FgiN
1KQmVC2+lbrnHxwbXrMr0BkQevuirkdmp+QsQKWaMpZF2El2LtW72qukRiI+3ZL7
f7xkZ8mpyi7NeDcv78sltbPUCT0NUZKeezNvVMGVgx985Sz+4a/1QAxnNPdAkDCl
fqPXgt8/qEIZhw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:31:30 2026 by rpki-client