Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/220cae-8459-4870-a6a2-30a16485f5c4/1/giKx_lqaAWNQKFrAeI08yrPrORk.mft
File: giKx_lqaAWNQKFrAeI08yrPrORk.mft (raw, json)
Hash identifier: Sl1Iq85vP5+InMO4KnNhMIqhaNw/JXOjtnjJOuk4gx8=
Subject key identifier: EF:77:ED:59:5E:F6:43:4C:70:42:C7:A7:A9:3D:F2:4C:8E:6E:F7:7C
Authority key identifier: 82:22:B1:FE:5A:9A:01:63:50:28:5A:C0:78:8D:3C:CA:B3:EB:39:19
Certificate issuer: /CN=8222b1fe5a9a016350285ac0788d3ccab3eb3919
Certificate serial: 019D389BA7DDE981E5C56323147FB99F6B1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/giKx_lqaAWNQKFrAeI08yrPrORk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/220cae-8459-4870-a6a2-30a16485f5c4/1/giKx_lqaAWNQKFrAeI08yrPrORk.mft
Manifest number: 09D7
Signing time: Sun 29 Mar 2026 08:00:18 +0000
Manifest this update: Sun 29 Mar 2026 08:00:18 +0000
Manifest next update: Mon 30 Mar 2026 08:00:18 +0000
Files and hashes: 1: giKx_lqaAWNQKFrAeI08yrPrORk.crl (hash: 5aEnkDx9DFMrKP7qwAmaAVegnkV6DipIYZ4n1g/boyw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/220cae-8459-4870-a6a2-30a16485f5c4/1/giKx_lqaAWNQKFrAeI08yrPrORk.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/220cae-8459-4870-a6a2-30a16485f5c4/1/giKx_lqaAWNQKFrAeI08yrPrORk.mft
rsync://rpki.ripe.net/repository/DEFAULT/giKx_lqaAWNQKFrAeI08yrPrORk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9b:a7:dd:e9:81:e5:c5:63:23:14:7f:b9:9f:6b:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8222b1fe5a9a016350285ac0788d3ccab3eb3919
Validity
Not Before: Mar 29 08:00:18 2026 GMT
Not After : Mar 30 08:00:18 2026 GMT
Subject: CN=ef77ed595ef6434c7042c7a7a93df24c8e6ef77c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a5:b6:e8:3f:1c:2b:90:ea:64:b9:0c:6d:e7:
dc:f2:b7:08:4f:b4:5c:b2:48:78:42:0c:dd:f7:c7:
46:73:0a:35:ce:8a:e2:a5:b9:37:22:a2:d7:3c:20:
ee:34:32:54:3b:ed:91:35:1e:b8:07:45:67:d1:df:
41:6e:5e:0e:ea:60:76:79:dc:03:04:e4:80:b4:cd:
a2:fa:e1:3d:4d:59:5c:07:22:b5:98:b0:61:17:6f:
0d:95:e5:fe:f3:8b:af:7b:02:6a:3c:9a:8e:a8:70:
51:4f:d6:db:a4:33:2e:fe:7c:7f:e0:64:bb:3a:2d:
da:cc:d3:2a:2f:7d:cf:dc:a7:de:84:35:99:4f:e4:
d7:1f:c6:d9:4a:35:3c:f7:bb:2b:57:ab:74:c5:60:
d3:64:fe:c1:ab:f2:99:2b:5f:68:6a:b4:08:bc:ce:
fd:72:bc:2b:20:77:f7:e1:ae:88:00:e7:2a:5e:a7:
0d:9b:bc:8c:7a:11:d4:11:13:e3:45:c2:b5:88:cf:
1b:9a:2f:ed:7c:78:f2:91:38:6c:12:9a:55:8e:e5:
8c:49:62:a9:04:36:36:09:4d:54:73:00:70:b0:a2:
6c:a1:d2:aa:39:dc:7f:77:9a:45:86:dd:57:be:45:
85:ee:c4:02:ef:83:16:81:6a:d4:48:49:9a:27:04:
68:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:77:ED:59:5E:F6:43:4C:70:42:C7:A7:A9:3D:F2:4C:8E:6E:F7:7C
X509v3 Authority Key Identifier:
keyid:82:22:B1:FE:5A:9A:01:63:50:28:5A:C0:78:8D:3C:CA:B3:EB:39:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/giKx_lqaAWNQKFrAeI08yrPrORk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/220cae-8459-4870-a6a2-30a16485f5c4/1/giKx_lqaAWNQKFrAeI08yrPrORk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/220cae-8459-4870-a6a2-30a16485f5c4/1/giKx_lqaAWNQKFrAeI08yrPrORk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9a:7d:c0:9d:c7:f3:26:95:2f:ac:07:1a:7e:b5:08:55:d3:a8:
e7:81:86:f5:27:d5:3b:f7:ef:92:ad:f1:fb:a8:fd:fa:38:b8:
ca:1d:66:3c:3b:63:91:62:37:99:09:b7:a5:e5:5b:ea:84:ed:
0d:01:3f:f9:c6:36:8b:05:8c:25:0a:5c:e7:54:e2:30:a5:a8:
4c:38:99:29:ea:49:95:35:30:85:e3:ec:01:fb:78:88:16:6d:
93:40:76:2b:1a:b1:7f:cd:56:b9:76:de:16:cf:81:10:4e:36:
6c:5f:19:a0:9b:af:dd:8d:32:04:e4:be:66:c7:a5:ad:43:c9:
f6:a7:46:a4:60:48:92:39:4b:57:a6:5f:f8:73:96:00:37:83:
d2:6d:17:3c:8b:8a:11:3a:c6:ae:e8:cf:c6:67:f0:dd:46:d5:
fa:7a:11:d9:65:89:5a:0f:b9:87:05:8d:3f:16:30:00:8f:89:
80:13:43:c2:a8:62:b6:7f:f6:65:9a:69:ef:a7:7d:25:9c:e9:
11:20:65:3c:fd:c1:cf:ac:80:e4:96:e1:04:d9:4e:5f:9d:5f:
10:de:51:22:dc:8e:4c:f3:99:5c:64:2d:85:1e:cc:ff:d4:d3:
20:79:fd:bb:2b:72:ff:29:a2:07:c4:4e:79:df:5a:91:51:76:
a5:9d:75:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m6fd6YHlxWMjFH+5n2sbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMjJiMWZlNWE5YTAxNjM1MDI4NWFjMDc4OGQzY2NhYjNl
YjM5MTkwHhcNMjYwMzI5MDgwMDE4WhcNMjYwMzMwMDgwMDE4WjAzMTEwLwYDVQQD
EyhlZjc3ZWQ1OTVlZjY0MzRjNzA0MmM3YTdhOTNkZjI0YzhlNmVmNzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvaW26D8cK5DqZLkMbefc8rcIT7Rc
skh4Qgzd98dGcwo1zoripbk3IqLXPCDuNDJUO+2RNR64B0Vn0d9Bbl4O6mB2edwD
BOSAtM2i+uE9TVlcByK1mLBhF28NleX+84uvewJqPJqOqHBRT9bbpDMu/nx/4GS7
Oi3azNMqL33P3KfehDWZT+TXH8bZSjU897srV6t0xWDTZP7Bq/KZK19oarQIvM79
crwrIHf34a6IAOcqXqcNm7yMehHUERPjRcK1iM8bmi/tfHjykThsEppVjuWMSWKp
BDY2CU1UcwBwsKJsodKqOdx/d5pFht1XvkWF7sQC74MWgWrUSEmaJwRotQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO937Vle9kNMcELHp6k98kyObvd8MB8GA1UdIwQY
MBaAFIIisf5amgFjUChawHiNPMqz6zkZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2lLeF9scWFBV05RS0ZyQWVJMDh5clByT1JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yMjBjYWUtODQ1OS00ODcwLWE2YTIt
MzBhMTY0ODVmNWM0LzEvZ2lLeF9scWFBV05RS0ZyQWVJMDh5clByT1JrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8yMjBjYWUtODQ1OS00ODcwLWE2YTItMzBhMTY0ODVmNWM0
LzEvZ2lLeF9scWFBV05RS0ZyQWVJMDh5clByT1JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmn3Ancfz
JpUvrAcafrUIVdOo54GG9SfVO/fvkq3x+6j9+ji4yh1mPDtjkWI3mQm3peVb6oTt
DQE/+cY2iwWMJQpc51TiMKWoTDiZKepJlTUwhePsAft4iBZtk0B2Kxqxf81WuXbe
Fs+BEE42bF8ZoJuv3Y0yBOS+ZselrUPJ9qdGpGBIkjlLV6Zf+HOWADeD0m0XPIuK
ETrGrujPxmfw3UbV+noR2WWJWg+5hwWNPxYwAI+JgBNDwqhitn/2ZZpp76d9JZzp
ESBlPP3Bz6yA5JbhBNlOX51fEN5RItyOTPOZXGQthR7M/9TTIHn9uyty/ymiB8RO
ed9akVF2pZ11nA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:16:51 2026 by rpki-client