Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/1a85a8-e4f8-498b-a5ae-a4be172c76ba/1/4_GcxeONj5wdZUcXdmX4khHeyJk.mft
File: 4_GcxeONj5wdZUcXdmX4khHeyJk.mft (raw, json)
Hash identifier: oONpP0RxbVW4ejUFqKvphvu4MUPdJYvcYMVG90tsaNU=
Subject key identifier: FB:D3:84:87:4D:DB:A6:C5:D0:82:D9:3B:4D:0F:29:F2:92:FC:70:77
Authority key identifier: E3:F1:9C:C5:E3:8D:8F:9C:1D:65:47:17:76:65:F8:92:11:DE:C8:99
Certificate issuer: /CN=e3f19cc5e38d8f9c1d6547177665f89211dec899
Certificate serial: 019D37C05ADEF2D3966821226F1160AC87F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4_GcxeONj5wdZUcXdmX4khHeyJk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/1a85a8-e4f8-498b-a5ae-a4be172c76ba/1/4_GcxeONj5wdZUcXdmX4khHeyJk.mft
Manifest number: 10FD
Signing time: Sun 29 Mar 2026 04:00:46 +0000
Manifest this update: Sun 29 Mar 2026 04:00:46 +0000
Manifest next update: Mon 30 Mar 2026 04:00:46 +0000
Files and hashes: 1: 4_GcxeONj5wdZUcXdmX4khHeyJk.crl (hash: ue3XwXXQbLwC78t0McFJnDifvFBaop3Z/hTraaaMxcE=)
2: 6jWcTCuvnIbvDAxZuWYVZRLhDLU.roa (hash: LkG1rsHegbWJdLC+vukY1wOXCMcnkOUFAcxz3/K326I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/1a85a8-e4f8-498b-a5ae-a4be172c76ba/1/4_GcxeONj5wdZUcXdmX4khHeyJk.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/1a85a8-e4f8-498b-a5ae-a4be172c76ba/1/4_GcxeONj5wdZUcXdmX4khHeyJk.mft
rsync://rpki.ripe.net/repository/DEFAULT/4_GcxeONj5wdZUcXdmX4khHeyJk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:5a:de:f2:d3:96:68:21:22:6f:11:60:ac:87:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3f19cc5e38d8f9c1d6547177665f89211dec899
Validity
Not Before: Mar 29 04:00:46 2026 GMT
Not After : Mar 30 04:00:46 2026 GMT
Subject: CN=fbd384874ddba6c5d082d93b4d0f29f292fc7077
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:93:39:20:e1:a2:17:fa:e0:a2:33:2a:de:9d:
c4:f0:7d:6a:1f:6b:81:7a:5e:60:8e:b4:73:d7:ff:
91:0d:fa:11:b2:4c:5a:a8:69:49:79:40:0d:36:74:
c5:19:1c:30:ad:cf:c6:6d:e8:82:ed:48:d5:f9:d4:
ce:b0:86:a7:6d:c8:f3:a1:ea:1a:94:f5:b0:f8:3c:
1a:14:af:0e:57:5b:c3:35:fd:b5:3f:52:fc:39:e2:
c1:bd:fc:5b:79:e8:e4:c6:8e:93:c1:1e:1a:7d:a5:
3a:ee:5c:98:97:4d:15:89:18:56:bf:db:5e:33:a5:
4b:a4:eb:5d:70:a6:9b:83:e0:33:6e:51:23:5c:14:
40:45:5e:66:9a:6b:ed:ca:d7:86:11:1d:9c:5e:7a:
76:12:d7:e3:03:f2:8e:2b:cb:4e:bb:69:4b:61:8f:
28:22:15:41:d8:b8:bd:27:86:8a:5b:27:c4:6e:71:
53:4f:28:0f:af:7b:7d:52:33:5e:d6:65:e6:32:ae:
84:20:4b:fe:2b:4d:90:5b:64:67:85:76:d9:eb:37:
58:0f:c8:7e:e5:2b:6d:4c:bb:b5:5d:84:69:98:f9:
af:fb:3b:72:bd:86:f9:d2:59:77:98:43:4d:11:31:
1b:35:98:b0:da:55:a4:ed:80:e2:d4:f3:97:78:42:
a5:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:D3:84:87:4D:DB:A6:C5:D0:82:D9:3B:4D:0F:29:F2:92:FC:70:77
X509v3 Authority Key Identifier:
keyid:E3:F1:9C:C5:E3:8D:8F:9C:1D:65:47:17:76:65:F8:92:11:DE:C8:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4_GcxeONj5wdZUcXdmX4khHeyJk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/1a85a8-e4f8-498b-a5ae-a4be172c76ba/1/4_GcxeONj5wdZUcXdmX4khHeyJk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/1a85a8-e4f8-498b-a5ae-a4be172c76ba/1/4_GcxeONj5wdZUcXdmX4khHeyJk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0d:6b:ef:12:cb:1b:12:ce:58:77:13:90:0a:ce:13:b9:0c:a2:
35:5e:ae:1b:8a:70:50:7e:f8:d2:e9:99:5d:78:23:54:53:f2:
d4:ca:53:65:8c:fd:2f:45:f1:c2:9f:a4:9c:9e:11:20:e7:ca:
19:55:41:af:1f:a4:9f:59:51:e3:03:0c:be:13:ac:a1:a6:85:
d8:41:f1:c4:83:93:7e:65:1c:09:b4:93:ea:d7:a2:ab:5f:e5:
97:bf:e0:d5:e2:38:47:04:88:85:4d:23:49:60:75:eb:13:a6:
20:1e:7f:45:ff:f5:be:8a:a3:f3:ed:35:ee:9d:df:14:ed:62:
43:91:13:25:9e:ce:8e:da:65:06:d5:7f:cc:3e:af:0b:26:1b:
db:d5:3c:19:ce:d2:e8:74:63:77:ce:13:c0:9c:2c:44:4d:01:
ff:f6:af:cc:3e:9e:8d:68:d1:88:d2:16:3f:bb:f9:32:b8:64:
0e:9d:03:5e:ae:9f:40:46:c1:0e:89:8f:71:0e:b7:73:5b:90:
f7:6d:31:d2:3a:7b:77:2f:43:07:0c:b1:48:ef:f3:00:fb:05:
a9:78:26:7c:e3:27:28:b7:5e:1a:a2:ac:37:64:08:fe:57:30:
6f:98:d7:35:1c:a0:65:1a:cf:14:e7:92:8c:a3:e1:7b:39:9a:
43:e7:05:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wFre8tOWaCEibxFgrIf3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzZjE5Y2M1ZTM4ZDhmOWMxZDY1NDcxNzc2NjVmODkyMTFk
ZWM4OTkwHhcNMjYwMzI5MDQwMDQ2WhcNMjYwMzMwMDQwMDQ2WjAzMTEwLwYDVQQD
EyhmYmQzODQ4NzRkZGJhNmM1ZDA4MmQ5M2I0ZDBmMjlmMjkyZmM3MDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7JM5IOGiF/rgojMq3p3E8H1qH2uB
el5gjrRz1/+RDfoRskxaqGlJeUANNnTFGRwwrc/GbeiC7UjV+dTOsIanbcjzoeoa
lPWw+DwaFK8OV1vDNf21P1L8OeLBvfxbeejkxo6TwR4afaU67lyYl00ViRhWv9te
M6VLpOtdcKabg+AzblEjXBRARV5mmmvtyteGER2cXnp2EtfjA/KOK8tOu2lLYY8o
IhVB2Li9J4aKWyfEbnFTTygPr3t9UjNe1mXmMq6EIEv+K02QW2RnhXbZ6zdYD8h+
5SttTLu1XYRpmPmv+ztyvYb50ll3mENNETEbNZiw2lWk7YDi1POXeEKl9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPvThIdN26bF0ILZO00PKfKS/HB3MB8GA1UdIwQY
MBaAFOPxnMXjjY+cHWVHF3Zl+JIR3siZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNF9HY3hlT05qNXdkWlVjWGRtWDRraEhleUprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8xYTg1YTgtZTRmOC00OThiLWE1YWUt
YTRiZTE3MmM3NmJhLzEvNF9HY3hlT05qNXdkWlVjWGRtWDRraEhleUprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8xYTg1YTgtZTRmOC00OThiLWE1YWUtYTRiZTE3MmM3NmJh
LzEvNF9HY3hlT05qNXdkWlVjWGRtWDRraEhleUprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADWvvEssb
Es5YdxOQCs4TuQyiNV6uG4pwUH740umZXXgjVFPy1MpTZYz9L0Xxwp+knJ4RIOfK
GVVBrx+kn1lR4wMMvhOsoaaF2EHxxIOTfmUcCbST6teiq1/ll7/g1eI4RwSIhU0j
SWB16xOmIB5/Rf/1voqj8+017p3fFO1iQ5ETJZ7OjtplBtV/zD6vCyYb29U8Gc7S
6HRjd84TwJwsRE0B//avzD6ejWjRiNIWP7v5MrhkDp0DXq6fQEbBDomPcQ63c1uQ
920x0jp7dy9DBwyxSO/zAPsFqXgmfOMnKLdeGqKsN2QI/lcwb5jXNRygZRrPFOeS
jKPhezmaQ+cFKQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:30:38 2026 by rpki-client