Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft
File: gErnaxl1-0qMurIgcYnu0gIy_18.mft (raw, json)
Hash identifier: acmBqpvapZCFjNoEjEifal8HNZRH8mHQa+DVTnAs0V4=
Subject key identifier: BF:04:E9:C6:6E:48:E6:FB:97:B9:E8:EA:D0:29:68:BB:22:04:24:73
Authority key identifier: 80:4A:E7:6B:19:75:FB:4A:8C:BA:B2:20:71:89:EE:D2:02:32:FF:5F
Certificate issuer: /CN=804ae76b1975fb4a8cbab2207189eed20232ff5f
Certificate serial: 019A722652041833D0E1ADFDBAC9B5FE4AC7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft
Manifest number: 0560
Signing time: Tue 11 Nov 2025 09:01:45 +0000
Manifest this update: Tue 11 Nov 2025 09:01:45 +0000
Manifest next update: Wed 12 Nov 2025 09:01:45 +0000
Files and hashes: 1: gErnaxl1-0qMurIgcYnu0gIy_18.crl (hash: N6eW7ZWlWS0IxjQVKsds63Bu5uYwLM01AlKW8PtTT2w=)
2: v3oDa-WSUoJp1kuV1a6fLuRGHQ0.roa (hash: Y4h5O4hQh1m1aEWNf7XMnqa6q5Txb+8pJ/1S7VkKt/4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft
rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:52:04:18:33:d0:e1:ad:fd:ba:c9:b5:fe:4a:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=804ae76b1975fb4a8cbab2207189eed20232ff5f
Validity
Not Before: Nov 11 09:01:45 2025 GMT
Not After : Nov 12 09:01:45 2025 GMT
Subject: CN=bf04e9c66e48e6fb97b9e8ead02968bb22042473
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:50:d8:45:68:bb:5c:49:b2:a6:7d:db:4e:41:
34:5f:e0:2b:69:0b:6e:41:bd:4a:53:c0:51:cb:77:
1e:52:31:b0:6a:91:16:2a:8b:e6:85:90:3b:cd:f6:
00:3b:15:e4:6b:eb:bf:e2:23:7f:60:e8:76:8e:09:
bc:64:d9:35:5d:9a:7e:ef:ac:78:ed:37:26:66:df:
69:f1:73:1c:f7:b4:ea:1c:76:65:64:a9:cd:cd:ea:
18:8c:60:da:dd:56:2c:12:96:89:6a:c9:7c:3b:f3:
73:b5:bc:15:9d:9f:71:dc:2b:6c:4b:0c:99:ad:8d:
86:c7:7d:21:a5:bd:18:36:cc:62:ff:44:3a:80:fb:
1b:c9:d7:16:65:4e:32:6f:22:5e:e7:be:c5:00:0f:
84:6d:53:7d:bf:94:bf:0b:2a:ba:f8:9b:26:e7:fe:
26:f4:23:e8:f7:90:a3:36:10:94:76:84:17:05:c5:
b4:ae:38:ea:d8:96:e6:fc:1f:5b:e8:6a:59:9f:b7:
4d:98:0d:31:12:30:37:8c:b1:bb:ce:db:df:fc:a2:
92:17:72:ba:7b:47:dd:ea:1c:fe:ba:c2:31:c3:93:
fb:d8:01:f5:13:15:31:fb:d8:82:8b:43:df:a0:eb:
3b:64:32:e3:c8:71:a2:0e:f8:c7:2b:6a:fe:8e:a2:
33:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:04:E9:C6:6E:48:E6:FB:97:B9:E8:EA:D0:29:68:BB:22:04:24:73
X509v3 Authority Key Identifier:
keyid:80:4A:E7:6B:19:75:FB:4A:8C:BA:B2:20:71:89:EE:D2:02:32:FF:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
44:91:ef:21:6f:98:8d:bf:74:45:7c:88:7b:36:10:e2:b6:5e:
8a:90:f6:b7:97:eb:ed:81:39:02:13:14:27:67:54:22:af:7d:
15:92:95:22:a3:3b:ee:fd:6e:27:b3:e7:6a:24:09:33:94:1c:
82:5c:b4:ce:c2:14:ef:b1:24:92:4d:8f:3d:a1:9e:1f:5c:78:
5d:42:3a:56:56:c0:a1:d6:f1:fa:97:56:a0:d1:84:e2:6e:1a:
87:66:1a:8e:c0:a4:65:d6:d1:61:3e:e6:4d:57:64:ae:e9:4b:
99:cb:34:10:be:58:db:f7:d8:07:81:a4:51:b3:5d:60:7e:85:
6f:54:0f:da:7c:44:b8:79:5e:1e:2a:a8:cd:fe:9b:d7:6d:06:
cb:22:f6:ae:e9:d1:ad:47:b7:ed:a9:2f:1d:c6:8b:da:2b:d7:
4e:fb:0f:77:33:8f:e5:b2:ef:21:15:c8:bf:d1:ed:e3:e3:2a:
ca:47:71:97:8d:94:08:27:1d:0f:79:40:d6:ab:71:82:7c:0d:
19:d7:ee:fb:a5:d2:28:bd:7d:ce:5d:c1:89:31:e4:8a:40:40:
65:3d:72:d7:ae:7c:18:bc:7a:d7:17:ea:20:e4:67:ce:b2:0a:
37:01:fd:fe:f7:22:47:0e:d0:91:2e:cd:ee:6a:9f:d4:13:27:
58:49:23:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJlIEGDPQ4a39usm1/krHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNGFlNzZiMTk3NWZiNGE4Y2JhYjIyMDcxODllZWQyMDIz
MmZmNWYwHhcNMjUxMTExMDkwMTQ1WhcNMjUxMTEyMDkwMTQ1WjAzMTEwLwYDVQQD
EyhiZjA0ZTljNjZlNDhlNmZiOTdiOWU4ZWFkMDI5NjhiYjIyMDQyNDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4VDYRWi7XEmypn3bTkE0X+AraQtu
Qb1KU8BRy3ceUjGwapEWKovmhZA7zfYAOxXka+u/4iN/YOh2jgm8ZNk1XZp+76x4
7TcmZt9p8XMc97TqHHZlZKnNzeoYjGDa3VYsEpaJasl8O/NztbwVnZ9x3CtsSwyZ
rY2Gx30hpb0YNsxi/0Q6gPsbydcWZU4ybyJe577FAA+EbVN9v5S/Cyq6+Jsm5/4m
9CPo95CjNhCUdoQXBcW0rjjq2Jbm/B9b6GpZn7dNmA0xEjA3jLG7ztvf/KKSF3K6
e0fd6hz+usIxw5P72AH1ExUx+9iCi0PfoOs7ZDLjyHGiDvjHK2r+jqIz8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL8E6cZuSOb7l7no6tApaLsiBCRzMB8GA1UdIwQY
MBaAFIBK52sZdftKjLqyIHGJ7tICMv9fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0VybmF4bDEtMHFNdXJJZ2NZbnUwZ0l5XzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82ODA5OTItMzhkYS00OThmLWEzNDkt
OTQyMjcyOTNjODhlLzEvZ0VybmF4bDEtMHFNdXJJZ2NZbnUwZ0l5XzE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC82ODA5OTItMzhkYS00OThmLWEzNDktOTQyMjcyOTNjODhl
LzEvZ0VybmF4bDEtMHFNdXJJZ2NZbnUwZ0l5XzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARJHvIW+Y
jb90RXyIezYQ4rZeipD2t5fr7YE5AhMUJ2dUIq99FZKVIqM77v1uJ7PnaiQJM5Qc
gly0zsIU77Ekkk2PPaGeH1x4XUI6VlbAodbx+pdWoNGE4m4ah2YajsCkZdbRYT7m
TVdkrulLmcs0EL5Y2/fYB4GkUbNdYH6Fb1QP2nxEuHleHiqozf6b120GyyL2runR
rUe37akvHcaL2ivXTvsPdzOP5bLvIRXIv9Ht4+Mqykdxl42UCCcdD3lA1qtxgnwN
Gdfu+6XSKL19zl3BiTHkikBAZT1y1658GLx61xfqIORnzrIKNwH9/vciRw7QkS7N
7mqf1BMnWEkjsQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:19:09 2025 by rpki-client