Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/bf4793-0c84-422c-9b8e-260de6cbf456/1/1GRmfDSn27AvBTC85ILRGtQkh70.mft
File: 1GRmfDSn27AvBTC85ILRGtQkh70.mft (raw, json)
Hash identifier: 3R+XowFGQF5wd5qvr49bdkMPRadjTHUoqnfLHDAPCbI=
Subject key identifier: 4C:21:46:C7:1D:38:79:FE:87:6B:D8:04:C9:2B:35:38:4B:3D:8D:40
Authority key identifier: D4:64:66:7C:34:A7:DB:B0:2F:05:30:BC:E4:82:D1:1A:D4:24:87:BD
Certificate issuer: /CN=d464667c34a7dbb02f0530bce482d11ad42487bd
Certificate serial: 019F12657E65609CA1E4771440255A86C0CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1GRmfDSn27AvBTC85ILRGtQkh70.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/bf4793-0c84-422c-9b8e-260de6cbf456/1/1GRmfDSn27AvBTC85ILRGtQkh70.mft
Manifest number: 0C70
Signing time: Mon 29 Jun 2026 08:01:09 +0000
Manifest this update: Mon 29 Jun 2026 08:01:09 +0000
Manifest next update: Tue 30 Jun 2026 08:01:09 +0000
Files and hashes: 1: 1GRmfDSn27AvBTC85ILRGtQkh70.crl (hash: k69mkIBClV310jlccis+u23YfcSA5i1+gVXLI8CXjSE=)
2: dligzRRVoWtfjy4qlRdbw7o42uM.roa (hash: 2ujZTExymeWh5nps9OWeUYEciPPWZb859+jQp6T2I7s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/bf4793-0c84-422c-9b8e-260de6cbf456/1/1GRmfDSn27AvBTC85ILRGtQkh70.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/bf4793-0c84-422c-9b8e-260de6cbf456/1/1GRmfDSn27AvBTC85ILRGtQkh70.mft
rsync://rpki.ripe.net/repository/DEFAULT/1GRmfDSn27AvBTC85ILRGtQkh70.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:12:65:7e:65:60:9c:a1:e4:77:14:40:25:5a:86:c0:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d464667c34a7dbb02f0530bce482d11ad42487bd
Validity
Not Before: Jun 29 08:01:09 2026 GMT
Not After : Jun 30 08:01:09 2026 GMT
Subject: CN=4c2146c71d3879fe876bd804c92b35384b3d8d40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6b:85:ee:00:d6:4b:d0:ec:6d:9a:32:45:ec:
bf:cd:d4:22:fe:17:71:18:d2:5b:a9:6e:38:36:fc:
a1:7d:70:59:80:c9:f0:81:96:62:25:b4:89:38:4c:
e5:16:e4:fa:28:6e:c1:3e:3b:eb:ff:f3:c9:1f:8f:
91:39:94:b9:4b:bc:0b:0e:32:4e:89:4f:ed:98:e1:
eb:f9:d0:25:98:41:e8:e5:5a:44:75:87:a5:72:bd:
06:04:4b:34:64:50:76:80:24:f8:6a:e7:d7:95:56:
bf:b9:3e:56:eb:4f:40:67:2d:ac:3e:36:b3:fa:2f:
a4:b1:1b:06:16:79:87:3b:43:ad:0e:ca:00:3e:38:
47:aa:ea:9b:bb:d3:70:70:9a:88:85:8f:cc:50:4d:
d8:2a:73:c8:0f:2d:d9:40:b3:e9:fb:f1:7e:b3:16:
44:0d:96:50:a5:c0:e0:70:52:d9:c3:62:17:74:4e:
b0:6d:b4:1b:d6:2a:66:64:a0:61:2d:0c:2b:83:19:
8f:a9:b4:3a:4b:8a:aa:0e:dd:b5:1f:14:e6:6d:44:
49:47:7f:82:1b:a3:47:70:63:5f:7e:b1:b6:08:22:
bd:88:8a:8d:cb:f7:49:72:a8:7e:e3:5a:49:a8:3a:
b4:12:cc:f2:4f:90:ba:39:7f:82:48:30:59:cf:df:
37:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:21:46:C7:1D:38:79:FE:87:6B:D8:04:C9:2B:35:38:4B:3D:8D:40
X509v3 Authority Key Identifier:
keyid:D4:64:66:7C:34:A7:DB:B0:2F:05:30:BC:E4:82:D1:1A:D4:24:87:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1GRmfDSn27AvBTC85ILRGtQkh70.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/bf4793-0c84-422c-9b8e-260de6cbf456/1/1GRmfDSn27AvBTC85ILRGtQkh70.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/bf4793-0c84-422c-9b8e-260de6cbf456/1/1GRmfDSn27AvBTC85ILRGtQkh70.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3f:4e:16:7d:58:98:02:16:68:7d:b9:2d:06:b9:07:2e:c2:54:
06:a6:5f:4f:5d:e4:ea:4b:3d:82:90:52:10:fa:9e:03:26:c6:
97:b3:c7:82:22:0f:6a:0d:8a:58:53:84:26:fe:de:6a:53:81:
3a:6e:22:f6:b3:ee:3c:f1:46:98:aa:b3:1d:9b:1f:3f:19:0e:
ec:4d:e3:a5:bb:fd:71:81:72:c3:89:91:8a:9c:55:bf:fb:32:
01:a6:9c:ff:a0:39:28:6f:e4:d7:b8:dc:03:bf:e5:14:4c:4d:
f6:95:76:22:2b:3a:64:cc:7c:c9:67:83:d7:9c:aa:cd:75:eb:
39:fa:df:88:54:00:8e:1c:30:7f:ab:10:05:3e:bc:0b:9e:ad:
f4:99:07:4b:53:cc:0e:8c:6c:e6:18:3e:80:a9:6f:38:f8:f1:
c1:8e:76:46:63:fb:26:d3:87:d4:32:09:7e:34:18:e2:1d:dd:
49:52:d8:9d:2c:fe:a7:97:17:53:b4:32:04:ab:b7:ce:86:c8:
51:8a:9f:fe:81:05:a5:a3:e8:0a:82:98:37:72:a3:f0:3f:6c:
4f:9c:30:f1:f6:60:f6:d5:40:11:5b:44:b1:7f:8d:d7:93:e6:
34:ba:d0:30:ef:97:85:f3:1b:34:16:c4:1c:df:bb:b4:d9:fd:
ed:a9:ff:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8SZX5lYJyh5HcUQCVahsDKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NjQ2NjdjMzRhN2RiYjAyZjA1MzBiY2U0ODJkMTFhZDQy
NDg3YmQwHhcNMjYwNjI5MDgwMTA5WhcNMjYwNjMwMDgwMTA5WjAzMTEwLwYDVQQD
Eyg0YzIxNDZjNzFkMzg3OWZlODc2YmQ4MDRjOTJiMzUzODRiM2Q4ZDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmuF7gDWS9DsbZoyRey/zdQi/hdx
GNJbqW44NvyhfXBZgMnwgZZiJbSJOEzlFuT6KG7BPjvr//PJH4+ROZS5S7wLDjJO
iU/tmOHr+dAlmEHo5VpEdYelcr0GBEs0ZFB2gCT4aufXlVa/uT5W609AZy2sPjaz
+i+ksRsGFnmHO0OtDsoAPjhHquqbu9NwcJqIhY/MUE3YKnPIDy3ZQLPp+/F+sxZE
DZZQpcDgcFLZw2IXdE6wbbQb1ipmZKBhLQwrgxmPqbQ6S4qqDt21HxTmbURJR3+C
G6NHcGNffrG2CCK9iIqNy/dJcqh+41pJqDq0EszyT5C6OX+CSDBZz983RwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEwhRscdOHn+h2vYBMkrNThLPY1AMB8GA1UdIwQY
MBaAFNRkZnw0p9uwLwUwvOSC0RrUJIe9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUdSbWZEU24yN0F2QlRDODVJTFJHdFFraDcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iZjQ3OTMtMGM4NC00MjJjLTliOGUt
MjYwZGU2Y2JmNDU2LzEvMUdSbWZEU24yN0F2QlRDODVJTFJHdFFraDcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9iZjQ3OTMtMGM4NC00MjJjLTliOGUtMjYwZGU2Y2JmNDU2
LzEvMUdSbWZEU24yN0F2QlRDODVJTFJHdFFraDcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP04WfViY
AhZofbktBrkHLsJUBqZfT13k6ks9gpBSEPqeAybGl7PHgiIPag2KWFOEJv7ealOB
Om4i9rPuPPFGmKqzHZsfPxkO7E3jpbv9cYFyw4mRipxVv/syAaac/6A5KG/k17jc
A7/lFExN9pV2Iis6ZMx8yWeD15yqzXXrOfrfiFQAjhwwf6sQBT68C56t9JkHS1PM
Doxs5hg+gKlvOPjxwY52RmP7JtOH1DIJfjQY4h3dSVLYnSz+p5cXU7QyBKu3zobI
UYqf/oEFpaPoCoKYN3Kj8D9sT5ww8fZg9tVAEVtEsX+N15PmNLrQMO+XhfMbNBbE
HN+7tNn97an/eA==
-----END CERTIFICATE-----
Generated at Mon Jun 29 09:39:02 2026 by rpki-client