Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.mft
File: RDTtvhtBAbKKviMvK88qAUiXglo.mft (raw, json)
Hash identifier: U3N+cWRZI9EqK94qC/Kwm++judWe3NAURv9yousZZMA=
Subject key identifier: BA:49:87:E7:23:FD:7A:B7:1B:1C:3A:55:27:A2:FD:50:17:1F:15:88
Authority key identifier: 44:34:ED:BE:1B:41:01:B2:8A:BE:23:2F:2B:CF:2A:01:48:97:82:5A
Certificate issuer: /CN=4434edbe1b4101b28abe232f2bcf2a014897825a
Certificate serial: 019D37C05E76306056330F8E1AFE07F31C7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RDTtvhtBAbKKviMvK88qAUiXglo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.mft
Manifest number: 127A
Signing time: Sun 29 Mar 2026 04:00:47 +0000
Manifest this update: Sun 29 Mar 2026 04:00:47 +0000
Manifest next update: Mon 30 Mar 2026 04:00:47 +0000
Files and hashes: 1: 0RKDNEhHY3U7JF4bDR-bWWyiJjU.roa (hash: 49fHIUMiegzFY7JDd1vv16iA2bhJSfLTshnAhqZJFTQ=)
2: RDTtvhtBAbKKviMvK88qAUiXglo.crl (hash: R/9EdW/q70KgvAFBeCx6NM66/OzTPVtGHjIcRiduLW8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.mft
rsync://rpki.ripe.net/repository/DEFAULT/RDTtvhtBAbKKviMvK88qAUiXglo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:5e:76:30:60:56:33:0f:8e:1a:fe:07:f3:1c:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4434edbe1b4101b28abe232f2bcf2a014897825a
Validity
Not Before: Mar 29 04:00:47 2026 GMT
Not After : Mar 30 04:00:47 2026 GMT
Subject: CN=ba4987e723fd7ab71b1c3a5527a2fd50171f1588
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ae:c1:de:fb:b1:e8:64:e2:04:9c:f4:47:55:
80:1b:fb:7e:74:8f:33:e1:b5:af:16:87:88:ff:fa:
6e:4f:44:73:52:ef:66:aa:18:81:09:02:d0:92:97:
e6:87:d5:4d:cd:dd:d7:86:4b:f8:b6:0b:46:dc:33:
53:48:16:4e:87:3a:23:55:35:d7:bd:94:40:8c:1c:
fc:ff:ba:51:84:46:c7:c4:65:e6:6e:bc:72:07:ce:
f3:f5:41:3a:19:dd:a8:bf:66:a9:4d:03:f5:d6:81:
cc:dd:dc:94:09:63:02:3b:ce:74:45:d1:ea:90:bb:
70:11:4b:12:14:c6:26:ef:d2:53:e9:90:6b:80:d1:
b7:a1:ef:40:bb:5c:e9:a4:d4:16:87:26:33:71:7a:
c2:4a:9a:d8:79:af:db:9f:74:46:9a:68:3c:ae:55:
09:78:be:86:c5:8e:dd:93:d4:40:a5:03:7b:43:0e:
ef:93:5a:d1:e5:95:c6:a2:74:a6:8f:9d:1f:19:13:
79:c9:bc:f7:a1:cc:08:53:e5:07:8b:eb:e9:dd:df:
ab:e1:bd:ab:3d:af:44:a3:f1:c8:ed:70:28:fa:a5:
4a:c2:d0:3d:17:57:c8:8f:b7:99:1f:e0:5c:97:51:
0e:bb:69:ad:df:cb:66:92:7e:0c:3d:c8:c2:b2:15:
ba:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:49:87:E7:23:FD:7A:B7:1B:1C:3A:55:27:A2:FD:50:17:1F:15:88
X509v3 Authority Key Identifier:
keyid:44:34:ED:BE:1B:41:01:B2:8A:BE:23:2F:2B:CF:2A:01:48:97:82:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RDTtvhtBAbKKviMvK88qAUiXglo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
23:b9:b9:f6:45:2e:54:4e:a8:f0:79:a3:1c:f0:fd:71:7a:fa:
b9:8a:23:ec:87:7a:67:25:af:fa:4a:78:a1:a0:2e:b5:34:49:
4c:82:b0:6b:09:4b:03:e0:21:ba:df:ac:19:76:52:76:68:30:
73:95:97:0c:66:e7:81:c2:3b:6e:21:d9:30:dc:30:05:af:73:
e3:2b:c0:df:5c:05:79:40:d9:f9:02:8f:29:92:15:aa:f2:73:
25:d0:ae:d4:25:d2:fc:61:1a:1c:b4:03:8a:85:dc:ee:6b:15:
b6:b7:29:13:7d:1b:78:64:9c:92:76:3c:d4:e5:4f:7e:dc:26:
26:66:7e:b7:2f:ae:a8:bc:50:1e:5d:db:10:02:a8:85:f6:50:
20:a2:a0:3d:48:bb:0d:ba:5d:8e:f4:2e:b2:a4:ed:1f:74:34:
26:80:36:f3:d5:ec:43:f9:5e:83:ec:b1:89:da:e9:e7:7e:20:
a9:bd:34:7f:80:78:c8:47:12:b6:ff:ec:9a:60:16:26:0c:bd:
8f:3e:ad:c0:b3:0a:21:15:49:89:80:2f:f1:72:e8:b6:bf:6e:
0c:4b:54:9e:aa:33:4b:42:b3:29:54:83:43:ad:db:30:2f:7c:
6d:dd:9a:55:c4:be:ae:aa:0b:ff:a9:a4:fa:f3:74:d6:6d:70:
5b:75:80:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wF52MGBWMw+OGv4H8xx9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MzRlZGJlMWI0MTAxYjI4YWJlMjMyZjJiY2YyYTAxNDg5
NzgyNWEwHhcNMjYwMzI5MDQwMDQ3WhcNMjYwMzMwMDQwMDQ3WjAzMTEwLwYDVQQD
EyhiYTQ5ODdlNzIzZmQ3YWI3MWIxYzNhNTUyN2EyZmQ1MDE3MWYxNTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqK7B3vux6GTiBJz0R1WAG/t+dI8z
4bWvFoeI//puT0RzUu9mqhiBCQLQkpfmh9VNzd3Xhkv4tgtG3DNTSBZOhzojVTXX
vZRAjBz8/7pRhEbHxGXmbrxyB87z9UE6Gd2ov2apTQP11oHM3dyUCWMCO850RdHq
kLtwEUsSFMYm79JT6ZBrgNG3oe9Au1zppNQWhyYzcXrCSprYea/bn3RGmmg8rlUJ
eL6GxY7dk9RApQN7Qw7vk1rR5ZXGonSmj50fGRN5ybz3ocwIU+UHi+vp3d+r4b2r
Pa9Eo/HI7XAo+qVKwtA9F1fIj7eZH+Bcl1EOu2mt38tmkn4MPcjCshW64QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLpJh+cj/Xq3Gxw6VSei/VAXHxWIMB8GA1UdIwQY
MBaAFEQ07b4bQQGyir4jLyvPKgFIl4JaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkRUdHZodEJBYktLdmlNdks4OHFBVWlYZ2xvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC82MzlmNjQtMWRmMS00NmQ1LWFkZDkt
MTBjYWY1NDk4NmZmLzEvUkRUdHZodEJBYktLdmlNdks4OHFBVWlYZ2xvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC82MzlmNjQtMWRmMS00NmQ1LWFkZDktMTBjYWY1NDk4NmZm
LzEvUkRUdHZodEJBYktLdmlNdks4OHFBVWlYZ2xvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI7m59kUu
VE6o8HmjHPD9cXr6uYoj7Id6ZyWv+kp4oaAutTRJTIKwawlLA+Ahut+sGXZSdmgw
c5WXDGbngcI7biHZMNwwBa9z4yvA31wFeUDZ+QKPKZIVqvJzJdCu1CXS/GEaHLQD
ioXc7msVtrcpE30beGScknY81OVPftwmJmZ+ty+uqLxQHl3bEAKohfZQIKKgPUi7
DbpdjvQusqTtH3Q0JoA289XsQ/leg+yxidrp534gqb00f4B4yEcStv/smmAWJgy9
jz6twLMKIRVJiYAv8XLotr9uDEtUnqozS0KzKVSDQ63bMC98bd2aVcS+rqoL/6mk
+vN01m1wW3WA9A==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:27:57 2026 by rpki-client