Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.mft
File: Y_pxXC9LkAjI9LYGVPfzx2NTrmc.mft (raw, json)
Hash identifier: 99o547Z20Me34+4QsgBDQS9RtALsz1BZDzBga9J+qC0=
Subject key identifier: A2:88:4F:BA:02:FA:C6:97:AB:2E:49:B8:0F:49:06:6F:A7:C1:B6:37
Authority key identifier: 63:FA:71:5C:2F:4B:90:08:C8:F4:B6:06:54:F7:F3:C7:63:53:AE:67
Certificate issuer: /CN=63fa715c2f4b9008c8f4b60654f7f3c76353ae67
Certificate serial: 019D37C07F330AA7A6E3379AB4E4E87D9D03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.mft
Manifest number: 0BC4
Signing time: Sun 29 Mar 2026 04:00:55 +0000
Manifest this update: Sun 29 Mar 2026 04:00:55 +0000
Manifest next update: Mon 30 Mar 2026 04:00:55 +0000
Files and hashes: 1: ORD5CVRl8fHNkrGDCcDgKgiB4nA.roa (hash: SAvELpe3u4u8sy1W4tmIPkF/1bK/o7riGyIeb81WOH8=)
2: Y_pxXC9LkAjI9LYGVPfzx2NTrmc.crl (hash: Z0+HRDDz0/LP+6+NiC4j012Nx3EI+5mIc/qIfbVXgiY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:7f:33:0a:a7:a6:e3:37:9a:b4:e4:e8:7d:9d:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63fa715c2f4b9008c8f4b60654f7f3c76353ae67
Validity
Not Before: Mar 29 04:00:55 2026 GMT
Not After : Mar 30 04:00:55 2026 GMT
Subject: CN=a2884fba02fac697ab2e49b80f49066fa7c1b637
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ef:51:b7:09:de:31:da:68:94:ca:28:0a:e2:
a9:29:0d:21:fb:d2:99:bd:27:85:18:cc:e7:a2:3d:
d4:cb:e1:ef:af:25:2f:48:9f:7d:a8:4a:51:30:76:
ca:ae:a8:9c:17:3d:7c:f7:30:2a:6a:f0:e9:c4:e0:
cd:5e:32:0d:b4:16:6d:67:44:23:e1:de:90:bf:cb:
22:54:6e:7b:93:4a:98:30:d3:52:e6:79:ee:6b:49:
55:70:c1:51:2f:e6:a9:67:1e:e4:d3:6f:11:10:a9:
01:fa:f4:73:87:ee:37:8d:9c:56:6c:9a:c5:7a:d3:
3d:06:0e:41:61:f2:4e:ee:7a:1c:be:95:f1:88:85:
9d:5e:c9:54:c0:18:7e:5f:ee:80:72:9f:bc:b4:e3:
a6:3b:66:59:a9:36:b2:bb:fa:4d:54:9f:4a:ec:ae:
9b:05:8f:80:21:ca:24:fb:5a:00:c1:3a:bc:36:e7:
5c:73:e6:4f:28:eb:4c:ca:bf:8a:f6:49:90:db:f9:
02:6d:80:f7:8f:63:dc:a3:08:39:9a:d0:85:95:39:
7c:e0:4c:24:76:35:81:60:fa:a9:13:cf:b5:71:bf:
22:cc:18:db:13:19:92:99:36:85:fc:dc:cb:fe:7e:
d8:88:b1:32:cb:10:34:f7:c3:b8:d3:d9:97:9e:24:
72:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:88:4F:BA:02:FA:C6:97:AB:2E:49:B8:0F:49:06:6F:A7:C1:B6:37
X509v3 Authority Key Identifier:
keyid:63:FA:71:5C:2F:4B:90:08:C8:F4:B6:06:54:F7:F3:C7:63:53:AE:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1e:cc:86:fb:6e:e1:d9:78:01:0b:dc:c7:a8:c9:60:18:04:a3:
8c:2e:d4:0f:a9:4a:e3:f2:3f:11:86:73:a7:0d:ad:3b:36:75:
3c:53:49:91:2a:27:32:4e:00:76:dc:fc:01:c5:f8:0d:2f:67:
1e:fd:e3:21:a4:e1:3c:82:42:b9:69:e2:96:ed:f5:2f:73:3d:
6c:e7:ea:8d:7b:da:22:02:32:dd:6d:9d:48:cb:47:c7:30:6b:
88:bb:56:33:6d:a4:b6:6f:96:cf:8a:5f:35:03:63:15:b4:7a:
43:0c:55:e8:a6:4a:bb:9b:55:8e:c9:c4:74:3c:db:83:6d:43:
4f:b5:fc:3c:ca:4f:e9:9f:fc:93:b7:49:ec:d0:d0:df:c3:f9:
17:e3:90:28:b9:01:67:1a:39:fe:8f:dd:99:75:0d:5e:65:d1:
1a:d1:2f:2b:be:aa:54:e3:5c:e8:34:31:77:42:3a:d8:1f:e5:
4a:8c:ef:ab:41:ba:ab:36:34:83:42:69:78:31:25:82:8d:34:
45:1c:64:1d:17:53:90:f8:0b:3a:e7:be:92:6e:54:e0:d1:bb:
45:57:87:36:fb:a7:f1:4b:02:c6:b0:bc:94:da:98:59:40:50:
de:fa:3a:2e:da:fb:e9:26:fe:ae:89:9a:25:90:81:a2:f9:33:
ea:52:b4:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wH8zCqem4zeatOTofZ0DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZmE3MTVjMmY0YjkwMDhjOGY0YjYwNjU0ZjdmM2M3NjM1
M2FlNjcwHhcNMjYwMzI5MDQwMDU1WhcNMjYwMzMwMDQwMDU1WjAzMTEwLwYDVQQD
EyhhMjg4NGZiYTAyZmFjNjk3YWIyZTQ5YjgwZjQ5MDY2ZmE3YzFiNjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+9RtwneMdpolMooCuKpKQ0h+9KZ
vSeFGMznoj3Uy+HvryUvSJ99qEpRMHbKrqicFz189zAqavDpxODNXjINtBZtZ0Qj
4d6Qv8siVG57k0qYMNNS5nnua0lVcMFRL+apZx7k028REKkB+vRzh+43jZxWbJrF
etM9Bg5BYfJO7nocvpXxiIWdXslUwBh+X+6Acp+8tOOmO2ZZqTayu/pNVJ9K7K6b
BY+AIcok+1oAwTq8Nudcc+ZPKOtMyr+K9kmQ2/kCbYD3j2Pcowg5mtCFlTl84Ewk
djWBYPqpE8+1cb8izBjbExmSmTaF/NzL/n7YiLEyyxA098O409mXniRyQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKKIT7oC+saXqy5JuA9JBm+nwbY3MB8GA1UdIwQY
MBaAFGP6cVwvS5AIyPS2BlT388djU65nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWV9weFhDOUxrQWpJOUxZR1ZQZnp4Mk5Ucm1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9iZjljZGItNmU4Ny00NzlmLTkzYTEt
NjVhNWVmMGFmMGI0LzEvWV9weFhDOUxrQWpJOUxZR1ZQZnp4Mk5Ucm1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9iZjljZGItNmU4Ny00NzlmLTkzYTEtNjVhNWVmMGFmMGI0
LzEvWV9weFhDOUxrQWpJOUxZR1ZQZnp4Mk5Ucm1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHsyG+27h
2XgBC9zHqMlgGASjjC7UD6lK4/I/EYZzpw2tOzZ1PFNJkSonMk4Adtz8AcX4DS9n
Hv3jIaThPIJCuWnilu31L3M9bOfqjXvaIgIy3W2dSMtHxzBriLtWM22ktm+Wz4pf
NQNjFbR6QwxV6KZKu5tVjsnEdDzbg21DT7X8PMpP6Z/8k7dJ7NDQ38P5F+OQKLkB
Zxo5/o/dmXUNXmXRGtEvK76qVONc6DQxd0I62B/lSozvq0G6qzY0g0JpeDElgo00
RRxkHRdTkPgLOue+km5U4NG7RVeHNvun8UsCxrC8lNqYWUBQ3vo6Ltr76Sb+roma
JZCBovkz6lK0yw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:26:18 2026 by rpki-client