Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft
File: gErnaxl1-0qMurIgcYnu0gIy_18.mft (raw, json)
Hash identifier: ucO+RF65JAZl8kkNxtmXbkySszLPa0/fK08M1UJhMr0=
Subject key identifier: 24:A8:BB:BF:7F:B8:1F:93:37:7E:40:86:D3:FE:1E:D9:F4:C7:08:4C
Authority key identifier: 80:4A:E7:6B:19:75:FB:4A:8C:BA:B2:20:71:89:EE:D2:02:32:FF:5F
Certificate issuer: /CN=804ae76b1975fb4a8cbab2207189eed20232ff5f
Certificate serial: 019D38D2AF8A197FA667494DF02E5F5C83DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft
Manifest number: 06D1
Signing time: Sun 29 Mar 2026 09:00:24 +0000
Manifest this update: Sun 29 Mar 2026 09:00:24 +0000
Manifest next update: Mon 30 Mar 2026 09:00:24 +0000
Files and hashes: 1: gErnaxl1-0qMurIgcYnu0gIy_18.crl (hash: nXN5DKjseRQFlxeYkqOFhtpgqbX+NikceLPEFhHL+cU=)
2: vyQcVp5C3AlRVA819dd3sJ607Q4.roa (hash: dbP286vqsPZG/vM7gj98tCGBen8qv4/fYnsiL/9MVjw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft
rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d2:af:8a:19:7f:a6:67:49:4d:f0:2e:5f:5c:83:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=804ae76b1975fb4a8cbab2207189eed20232ff5f
Validity
Not Before: Mar 29 09:00:24 2026 GMT
Not After : Mar 30 09:00:24 2026 GMT
Subject: CN=24a8bbbf7fb81f93377e4086d3fe1ed9f4c7084c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:16:d6:30:06:12:93:cd:ae:79:9a:75:89:91:
72:0c:81:48:d9:9d:bf:35:44:77:fe:be:63:4d:30:
26:5d:6e:c5:cb:8a:48:63:7c:01:17:3b:e4:e5:b5:
05:fb:35:af:7b:19:3e:75:f3:fd:21:b6:db:fa:66:
9a:a5:06:8e:bc:61:23:07:41:2f:43:22:61:53:75:
4f:6d:b5:50:e3:8a:5c:12:78:3a:ad:9b:7f:e1:5d:
56:0b:47:05:2c:f2:b0:69:8f:5f:00:60:6c:cc:2c:
1d:a6:04:4a:a8:c3:71:d0:0a:e1:ca:c3:a7:21:88:
dd:fa:bf:12:ea:f8:d6:36:e8:7c:35:20:10:6e:18:
25:91:55:a5:d9:b9:0e:ec:0d:3d:7f:d8:80:f7:d2:
f5:4e:48:a7:2a:e9:b7:93:15:03:b8:74:9d:cb:35:
ef:cd:67:e4:dc:e9:68:1f:e8:f0:85:42:61:57:f3:
0e:15:0a:b5:51:dc:6e:03:42:74:e5:dc:76:f6:39:
38:c8:46:12:8e:25:ad:0e:c5:bd:53:33:49:6c:37:
8f:b5:53:63:3c:55:71:3a:bd:68:5f:28:a6:19:7f:
e3:48:a9:c9:46:19:27:ea:24:43:80:ae:5e:90:d2:
89:1c:0c:47:09:27:42:0e:43:bb:e6:13:f8:3f:15:
b4:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:A8:BB:BF:7F:B8:1F:93:37:7E:40:86:D3:FE:1E:D9:F4:C7:08:4C
X509v3 Authority Key Identifier:
keyid:80:4A:E7:6B:19:75:FB:4A:8C:BA:B2:20:71:89:EE:D2:02:32:FF:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
be:96:81:af:fc:b1:be:df:3e:c0:2e:78:96:01:05:61:b0:de:
46:ce:fc:ec:88:46:a1:6d:00:c2:8c:35:ab:b9:55:0e:09:89:
78:e5:ff:ae:5f:9c:d0:b6:17:d2:60:1b:b9:51:47:cd:97:3f:
4f:7b:54:1a:92:62:de:13:f6:10:bd:61:3b:af:1d:64:97:09:
5d:13:5d:e7:d4:02:b7:15:66:e4:74:5d:9b:ac:ff:90:08:f1:
1e:34:d4:5b:8e:20:f8:9a:a7:3c:b3:20:2f:0b:53:a3:23:00:
82:4d:95:35:7c:dc:e4:f5:bd:4c:0c:41:77:92:7d:59:42:df:
60:a5:24:e6:58:b1:c5:2c:0f:66:94:7e:a5:78:45:94:7f:5f:
d6:b7:47:11:35:e1:0a:a3:f2:d3:59:da:3d:ea:af:a2:51:8d:
24:82:43:0a:9a:28:8a:c7:82:a2:43:07:aa:47:f5:7a:9c:b1:
da:14:03:76:26:b4:96:1f:ec:9c:3e:20:fd:58:b6:cd:38:ca:
d9:c2:ba:5d:e2:a7:03:fa:2f:c6:44:7f:5f:9e:65:29:20:88:
c0:ec:18:a0:4a:fb:23:54:3f:de:ea:f8:8d:e4:ed:36:a1:ac:
55:61:7e:a5:b4:a3:e0:b4:49:f8:47:e9:a4:2f:78:09:fb:ca:
c7:a8:cf:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040q+KGX+mZ0lN8C5fXIPbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNGFlNzZiMTk3NWZiNGE4Y2JhYjIyMDcxODllZWQyMDIz
MmZmNWYwHhcNMjYwMzI5MDkwMDI0WhcNMjYwMzMwMDkwMDI0WjAzMTEwLwYDVQQD
EygyNGE4YmJiZjdmYjgxZjkzMzc3ZTQwODZkM2ZlMWVkOWY0YzcwODRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxbWMAYSk82ueZp1iZFyDIFI2Z2/
NUR3/r5jTTAmXW7Fy4pIY3wBFzvk5bUF+zWvexk+dfP9Ibbb+maapQaOvGEjB0Ev
QyJhU3VPbbVQ44pcEng6rZt/4V1WC0cFLPKwaY9fAGBszCwdpgRKqMNx0ArhysOn
IYjd+r8S6vjWNuh8NSAQbhglkVWl2bkO7A09f9iA99L1TkinKum3kxUDuHSdyzXv
zWfk3OloH+jwhUJhV/MOFQq1UdxuA0J05dx29jk4yEYSjiWtDsW9UzNJbDePtVNj
PFVxOr1oXyimGX/jSKnJRhkn6iRDgK5ekNKJHAxHCSdCDkO75hP4PxW0ZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCSou79/uB+TN35AhtP+Htn0xwhMMB8GA1UdIwQY
MBaAFIBK52sZdftKjLqyIHGJ7tICMv9fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0VybmF4bDEtMHFNdXJJZ2NZbnUwZ0l5XzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82ODA5OTItMzhkYS00OThmLWEzNDkt
OTQyMjcyOTNjODhlLzEvZ0VybmF4bDEtMHFNdXJJZ2NZbnUwZ0l5XzE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC82ODA5OTItMzhkYS00OThmLWEzNDktOTQyMjcyOTNjODhl
LzEvZ0VybmF4bDEtMHFNdXJJZ2NZbnUwZ0l5XzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvpaBr/yx
vt8+wC54lgEFYbDeRs787IhGoW0Awow1q7lVDgmJeOX/rl+c0LYX0mAbuVFHzZc/
T3tUGpJi3hP2EL1hO68dZJcJXRNd59QCtxVm5HRdm6z/kAjxHjTUW44g+JqnPLMg
LwtToyMAgk2VNXzc5PW9TAxBd5J9WULfYKUk5lixxSwPZpR+pXhFlH9f1rdHETXh
CqPy01naPeqvolGNJIJDCpooiseCokMHqkf1epyx2hQDdia0lh/snD4g/Vi2zTjK
2cK6XeKnA/ovxkR/X55lKSCIwOwYoEr7I1Q/3ur4jeTtNqGsVWF+pbSj4LRJ+Efp
pC94CfvKx6jPzg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:27:56 2026 by rpki-client