Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.mft
File: G2t-l-0j1mqR-4qRv9nGdxEpsas.mft (raw, json)
Hash identifier: rIllYB07W9RNIcaBf/MSRWXcsmYqh3vufV3AivxmXHU=
Subject key identifier: 68:DF:7A:A9:AA:17:60:D8:BC:DF:9C:D1:82:62:1D:43:AC:08:A9:57
Authority key identifier: 1B:6B:7E:97:ED:23:D6:6A:91:FB:8A:91:BF:D9:C6:77:11:29:B1:AB
Certificate issuer: /CN=1b6b7e97ed23d66a91fb8a91bfd9c6771129b1ab
Certificate serial: 019D38D2D4532E98DB03EF34730127C96B71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G2t-l-0j1mqR-4qRv9nGdxEpsas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.mft
Manifest number: 1188
Signing time: Sun 29 Mar 2026 09:00:33 +0000
Manifest this update: Sun 29 Mar 2026 09:00:33 +0000
Manifest next update: Mon 30 Mar 2026 09:00:33 +0000
Files and hashes: 1: G2t-l-0j1mqR-4qRv9nGdxEpsas.crl (hash: qncTPrML4jNLze8oc8ktF/8kCbHULTqU7262POiaAGI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.mft
rsync://rpki.ripe.net/repository/DEFAULT/G2t-l-0j1mqR-4qRv9nGdxEpsas.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d2:d4:53:2e:98:db:03:ef:34:73:01:27:c9:6b:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b6b7e97ed23d66a91fb8a91bfd9c6771129b1ab
Validity
Not Before: Mar 29 09:00:33 2026 GMT
Not After : Mar 30 09:00:33 2026 GMT
Subject: CN=68df7aa9aa1760d8bcdf9cd182621d43ac08a957
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:0a:c3:a7:56:d1:7c:b5:34:79:4d:95:c4:a6:
fe:4f:11:59:a6:5a:44:3a:cf:f7:58:38:70:54:3c:
3d:17:35:62:3a:83:58:39:97:4d:21:81:a8:48:a1:
76:c3:63:9f:69:b6:fe:cb:cd:37:37:d4:ec:3b:e9:
da:dd:d8:52:5b:72:dd:e2:f9:4d:10:fe:f9:6b:37:
6e:00:be:f7:6e:2c:16:04:09:6a:bc:1e:39:b3:1c:
0d:fd:2e:59:78:7c:62:d3:8a:c7:98:7a:a2:24:47:
c5:10:a5:04:0f:be:d0:b4:fa:10:65:4c:9c:0d:4b:
b3:f4:25:e9:55:e7:b0:47:06:a7:4d:46:95:8b:17:
0e:8f:3a:f5:72:05:05:a8:ab:b3:32:f9:9c:f6:a7:
ab:3f:db:08:6a:32:11:ce:4d:19:3a:62:1f:a9:a7:
b2:74:27:20:a2:9e:8e:84:7e:16:0d:71:d4:30:e8:
0d:17:0b:04:4f:f2:9c:bf:49:e5:04:04:45:34:ed:
86:42:59:f7:e3:b6:bc:36:3b:b2:6f:4f:f1:f4:27:
2d:35:e5:d5:5c:f6:bc:72:35:fe:c3:0d:df:82:f0:
5c:41:c8:c3:36:5b:ac:15:cb:2f:09:16:e9:48:a6:
82:bd:27:c6:27:39:87:a1:81:f4:e0:03:d0:78:37:
a0:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:DF:7A:A9:AA:17:60:D8:BC:DF:9C:D1:82:62:1D:43:AC:08:A9:57
X509v3 Authority Key Identifier:
keyid:1B:6B:7E:97:ED:23:D6:6A:91:FB:8A:91:BF:D9:C6:77:11:29:B1:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G2t-l-0j1mqR-4qRv9nGdxEpsas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:b8:e5:d7:e3:df:c2:24:c0:83:99:fa:de:7b:66:01:96:96:
a4:6a:12:14:85:36:84:45:2c:05:81:ce:2c:0d:d8:fc:5b:08:
4e:34:8a:e7:99:52:75:c5:e5:df:bb:9d:83:df:fd:22:4e:53:
84:5f:11:f1:17:b5:12:42:05:04:e1:c8:3d:2a:5c:ab:a1:e7:
f5:24:c5:64:bb:48:a2:af:5a:4e:d2:f4:bf:de:8e:e2:a4:2e:
23:9c:82:b5:e2:a2:47:c6:4f:55:76:63:0c:a0:03:d9:2b:2e:
6b:20:19:22:4a:b9:43:db:9e:cf:8c:e6:7a:1e:b1:30:c9:44:
1a:5e:94:dc:db:6c:3a:2d:4a:c3:53:e8:f7:bd:0b:31:ac:c1:
77:7d:53:d6:54:d4:9b:d6:69:85:fb:a2:92:ef:a5:69:9c:9e:
b3:df:64:9c:6d:27:c7:31:92:a5:d9:c0:2f:0e:70:45:2c:42:
fd:16:2e:01:ea:56:ad:71:7c:eb:30:82:a6:19:57:af:fe:32:
96:85:d7:b9:0c:e9:b0:5e:e8:c2:1d:7d:60:67:74:dc:40:5a:
25:65:44:a0:5f:ce:2b:c6:11:c5:4a:b9:9c:8f:e3:cc:59:91:
ff:96:f1:66:aa:05:be:47:45:f1:78:eb:66:b4:80:25:b2:5a:
f7:22:66:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040tRTLpjbA+80cwEnyWtxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiNmI3ZTk3ZWQyM2Q2NmE5MWZiOGE5MWJmZDljNjc3MTEy
OWIxYWIwHhcNMjYwMzI5MDkwMDMzWhcNMjYwMzMwMDkwMDMzWjAzMTEwLwYDVQQD
Eyg2OGRmN2FhOWFhMTc2MGQ4YmNkZjljZDE4MjYyMWQ0M2FjMDhhOTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQrDp1bRfLU0eU2VxKb+TxFZplpE
Os/3WDhwVDw9FzViOoNYOZdNIYGoSKF2w2Ofabb+y803N9TsO+na3dhSW3Ld4vlN
EP75azduAL73biwWBAlqvB45sxwN/S5ZeHxi04rHmHqiJEfFEKUED77QtPoQZUyc
DUuz9CXpVeewRwanTUaVixcOjzr1cgUFqKuzMvmc9qerP9sIajIRzk0ZOmIfqaey
dCcgop6OhH4WDXHUMOgNFwsET/Kcv0nlBARFNO2GQln347a8Njuyb0/x9CctNeXV
XPa8cjX+ww3fgvBcQcjDNlusFcsvCRbpSKaCvSfGJzmHoYH04APQeDegYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGjfeqmqF2DYvN+c0YJiHUOsCKlXMB8GA1UdIwQY
MBaAFBtrfpftI9ZqkfuKkb/ZxncRKbGrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzJ0LWwtMGoxbXFSLTRxUnY5bkdkeEVwc2FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9iYjBlMDAtYTI0ZC00OTM1LThjMDct
MTM2MTU1MGNiM2Q1LzEvRzJ0LWwtMGoxbXFSLTRxUnY5bkdkeEVwc2FzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9iYjBlMDAtYTI0ZC00OTM1LThjMDctMTM2MTU1MGNiM2Q1
LzEvRzJ0LWwtMGoxbXFSLTRxUnY5bkdkeEVwc2FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZLjl1+Pf
wiTAg5n63ntmAZaWpGoSFIU2hEUsBYHOLA3Y/FsITjSK55lSdcXl37udg9/9Ik5T
hF8R8Re1EkIFBOHIPSpcq6Hn9STFZLtIoq9aTtL0v96O4qQuI5yCteKiR8ZPVXZj
DKAD2SsuayAZIkq5Q9uez4zmeh6xMMlEGl6U3NtsOi1Kw1Po970LMazBd31T1lTU
m9Zphfuiku+laZyes99knG0nxzGSpdnALw5wRSxC/RYuAepWrXF86zCCphlXr/4y
loXXuQzpsF7owh19YGd03EBaJWVEoF/OK8YRxUq5nI/jzFmR/5bxZqoFvkdF8Xjr
ZrSAJbJa9yJmew==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:28:00 2026 by rpki-client