Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/49f40c-5448-4217-956f-ccf9b0f0e227/1/gmAVLt1HazFwhARFKVhhW2Xdywo.mft
File: gmAVLt1HazFwhARFKVhhW2Xdywo.mft (raw, json)
Hash identifier: GyoHELOlk1ouD13jytetlqdZu3nuQhH4IwfxNTO4lMI=
Subject key identifier: 9D:B0:F6:13:94:EE:85:B1:D0:60:78:18:CB:6E:0A:23:64:1B:2C:F2
Authority key identifier: 82:60:15:2E:DD:47:6B:31:70:84:04:45:29:58:61:5B:65:DD:CB:0A
Certificate issuer: /CN=8260152edd476b31708404452958615b65ddcb0a
Certificate serial: 019D38D2EC05AB9A178130870C0A633A3E45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmAVLt1HazFwhARFKVhhW2Xdywo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/49f40c-5448-4217-956f-ccf9b0f0e227/1/gmAVLt1HazFwhARFKVhhW2Xdywo.mft
Manifest number: 188E
Signing time: Sun 29 Mar 2026 09:00:40 +0000
Manifest this update: Sun 29 Mar 2026 09:00:40 +0000
Manifest next update: Mon 30 Mar 2026 09:00:40 +0000
Files and hashes: 1: 75SRw9aNyewbtPYAMH8et8hfSr4.roa (hash: Ef79opNAcjrl49Rm2x5OxhpX27NyaA68e2jdXKrtpHA=)
2: gmAVLt1HazFwhARFKVhhW2Xdywo.crl (hash: REMY2G2UNT+ozIqRJGNCcfyzXEA9pDhYEoMTJW4aRp8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/49f40c-5448-4217-956f-ccf9b0f0e227/1/gmAVLt1HazFwhARFKVhhW2Xdywo.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/49f40c-5448-4217-956f-ccf9b0f0e227/1/gmAVLt1HazFwhARFKVhhW2Xdywo.mft
rsync://rpki.ripe.net/repository/DEFAULT/gmAVLt1HazFwhARFKVhhW2Xdywo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d2:ec:05:ab:9a:17:81:30:87:0c:0a:63:3a:3e:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8260152edd476b31708404452958615b65ddcb0a
Validity
Not Before: Mar 29 09:00:40 2026 GMT
Not After : Mar 30 09:00:40 2026 GMT
Subject: CN=9db0f61394ee85b1d0607818cb6e0a23641b2cf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:45:51:c8:7b:d5:bb:cd:7f:5a:c4:d0:a1:cf:
ab:12:17:dc:87:a9:b7:68:f4:e3:2a:2c:b0:45:2f:
21:ef:ca:f2:ad:6d:fd:9b:d8:e6:f6:60:86:bf:9d:
2a:0a:8a:ed:58:a2:ac:36:73:5a:8f:53:71:fd:1c:
73:bf:02:73:ef:86:ab:d4:9e:ba:4a:33:c3:6c:42:
6b:a2:74:f1:e1:d7:21:15:0e:b1:6e:3a:fc:3b:34:
69:6e:ae:48:fb:62:a4:8b:cf:67:ec:e8:2b:4b:7e:
18:c3:86:49:fd:75:20:99:76:15:08:c7:0d:07:96:
57:f2:b6:83:8b:b6:ec:ef:d6:b8:e7:28:bd:8b:d8:
86:41:7e:f6:3e:0e:85:28:86:8a:92:63:42:df:a7:
e2:41:8f:64:4f:52:a7:35:3b:51:c3:e3:32:86:24:
09:03:e0:4d:26:65:df:a0:be:2f:5c:6d:90:67:2a:
f9:f3:81:c1:af:f4:ee:a0:e3:01:50:f0:74:89:49:
9a:d6:88:5c:f6:54:4d:56:e8:ba:fd:0a:24:32:05:
6e:34:47:78:d2:1b:d7:7f:a3:a8:0e:b9:5d:16:42:
82:38:04:a9:af:df:6b:77:da:e1:eb:19:d5:16:7f:
17:3e:54:95:7e:2b:3a:0a:91:b5:e9:60:aa:b0:67:
22:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:B0:F6:13:94:EE:85:B1:D0:60:78:18:CB:6E:0A:23:64:1B:2C:F2
X509v3 Authority Key Identifier:
keyid:82:60:15:2E:DD:47:6B:31:70:84:04:45:29:58:61:5B:65:DD:CB:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmAVLt1HazFwhARFKVhhW2Xdywo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/49f40c-5448-4217-956f-ccf9b0f0e227/1/gmAVLt1HazFwhARFKVhhW2Xdywo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/49f40c-5448-4217-956f-ccf9b0f0e227/1/gmAVLt1HazFwhARFKVhhW2Xdywo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:75:c1:fb:97:b3:08:62:ec:a3:29:74:36:4e:8c:5a:28:c9:
8d:07:ed:96:67:1d:15:6b:19:37:39:b4:7e:2d:61:1f:4b:94:
c0:98:e6:07:3a:23:e5:63:f2:ca:aa:28:26:61:16:58:5e:93:
ac:2a:22:4f:04:87:18:cf:41:e0:5f:56:63:6d:c8:01:42:bb:
71:24:02:71:03:e8:3a:e9:d7:53:8b:f6:54:50:63:95:07:24:
e8:c4:e3:ef:f1:42:45:28:9f:f3:e5:d5:55:1a:f6:4a:33:e9:
8c:cc:0f:2a:be:0f:4a:6e:64:a6:2c:37:0e:22:3f:91:f5:0d:
4d:f7:30:7d:a5:c3:42:5f:af:33:63:d7:43:75:4b:01:56:ce:
9c:7d:0c:cd:00:b4:a7:a0:78:42:36:13:86:6d:38:9f:31:2e:
ec:44:36:93:53:bf:cb:24:bb:72:1b:d3:0a:ac:60:87:95:a7:
ad:53:9d:8b:2b:3b:99:d5:7a:b1:da:a0:38:0d:0b:a7:2a:9c:
76:ae:ac:68:6c:97:3a:06:9d:d2:5d:54:43:79:9a:39:49:17:
aa:3b:70:b1:ae:a9:d5:ac:67:00:ca:cf:95:66:18:b1:44:74:
da:8d:9d:ed:e4:b5:fd:bd:ce:90:3a:b1:a3:79:36:df:72:0b:
df:98:dd:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040uwFq5oXgTCHDApjOj5FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjAxNTJlZGQ0NzZiMzE3MDg0MDQ0NTI5NTg2MTViNjVk
ZGNiMGEwHhcNMjYwMzI5MDkwMDQwWhcNMjYwMzMwMDkwMDQwWjAzMTEwLwYDVQQD
Eyg5ZGIwZjYxMzk0ZWU4NWIxZDA2MDc4MThjYjZlMGEyMzY0MWIyY2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikVRyHvVu81/WsTQoc+rEhfch6m3
aPTjKiywRS8h78ryrW39m9jm9mCGv50qCortWKKsNnNaj1Nx/RxzvwJz74ar1J66
SjPDbEJronTx4dchFQ6xbjr8OzRpbq5I+2Kki89n7OgrS34Yw4ZJ/XUgmXYVCMcN
B5ZX8raDi7bs79a45yi9i9iGQX72Pg6FKIaKkmNC36fiQY9kT1KnNTtRw+MyhiQJ
A+BNJmXfoL4vXG2QZyr584HBr/TuoOMBUPB0iUma1ohc9lRNVui6/QokMgVuNEd4
0hvXf6OoDrldFkKCOASpr99rd9rh6xnVFn8XPlSVfis6CpG16WCqsGciNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ2w9hOU7oWx0GB4GMtuCiNkGyzyMB8GA1UdIwQY
MBaAFIJgFS7dR2sxcIQERSlYYVtl3csKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21BVkx0MUhhekZ3aEFSRktWaGhXMlhkeXdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS80OWY0MGMtNTQ0OC00MjE3LTk1NmYt
Y2NmOWIwZjBlMjI3LzEvZ21BVkx0MUhhekZ3aEFSRktWaGhXMlhkeXdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS80OWY0MGMtNTQ0OC00MjE3LTk1NmYtY2NmOWIwZjBlMjI3
LzEvZ21BVkx0MUhhekZ3aEFSRktWaGhXMlhkeXdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIXXB+5ez
CGLsoyl0Nk6MWijJjQftlmcdFWsZNzm0fi1hH0uUwJjmBzoj5WPyyqooJmEWWF6T
rCoiTwSHGM9B4F9WY23IAUK7cSQCcQPoOunXU4v2VFBjlQck6MTj7/FCRSif8+XV
VRr2SjPpjMwPKr4PSm5kpiw3DiI/kfUNTfcwfaXDQl+vM2PXQ3VLAVbOnH0MzQC0
p6B4QjYThm04nzEu7EQ2k1O/yyS7chvTCqxgh5WnrVOdiys7mdV6sdqgOA0Lpyqc
dq6saGyXOgad0l1UQ3maOUkXqjtwsa6p1axnAMrPlWYYsUR02o2d7eS1/b3OkDqx
o3k233IL35jdcA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:29:16 2026 by rpki-client