Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/ec4c25-e552-4d0c-95ee-3bbc661b4cc5/1/BD0sjag_XDyUrpQKDv0qdxT_kOI.mft
File: BD0sjag_XDyUrpQKDv0qdxT_kOI.mft (raw, json)
Hash identifier: yXqej4MRFyuZJRok4OEh+VDojxBUW5np52oGPN3zJQw=
Subject key identifier: AF:D3:1C:D3:A1:97:EA:4F:B6:AE:39:4F:66:91:8E:08:53:13:18:F8
Authority key identifier: 04:3D:2C:8D:A8:3F:5C:3C:94:AE:94:0A:0E:FD:2A:77:14:FF:90:E2
Certificate issuer: /CN=043d2c8da83f5c3c94ae940a0efd2a7714ff90e2
Certificate serial: 019D33ACE6E22A9502D1CA5A329EFC6E65FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BD0sjag_XDyUrpQKDv0qdxT_kOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/ec4c25-e552-4d0c-95ee-3bbc661b4cc5/1/BD0sjag_XDyUrpQKDv0qdxT_kOI.mft
Manifest number: 024D
Signing time: Sat 28 Mar 2026 09:01:02 +0000
Manifest this update: Sat 28 Mar 2026 09:01:02 +0000
Manifest next update: Sun 29 Mar 2026 09:01:02 +0000
Files and hashes: 1: BD0sjag_XDyUrpQKDv0qdxT_kOI.crl (hash: CEnq4rPP/JbpUqGizf/4xoE9i3lavS+PJGGuIaCusqs=)
2: Q_Zn7NI6lsZly6zYVx5ISjrPChQ.roa (hash: gWG2uNDqwP4RF3btrRpyjXejBso2oQJiOb7vaAvc7tA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/ec4c25-e552-4d0c-95ee-3bbc661b4cc5/1/BD0sjag_XDyUrpQKDv0qdxT_kOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/ec4c25-e552-4d0c-95ee-3bbc661b4cc5/1/BD0sjag_XDyUrpQKDv0qdxT_kOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/BD0sjag_XDyUrpQKDv0qdxT_kOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:33:ac:e6:e2:2a:95:02:d1:ca:5a:32:9e:fc:6e:65:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=043d2c8da83f5c3c94ae940a0efd2a7714ff90e2
Validity
Not Before: Mar 28 09:01:02 2026 GMT
Not After : Mar 29 09:01:02 2026 GMT
Subject: CN=afd31cd3a197ea4fb6ae394f66918e08531318f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:12:e1:bf:4d:a8:35:80:1e:8f:5d:fa:b3:ee:
6e:40:1e:c2:a9:3f:84:6f:01:97:31:b7:80:3c:cc:
3a:69:b4:85:7a:e8:16:bc:1c:50:3d:3c:48:e0:78:
ef:12:be:fa:0f:b5:31:cc:a2:41:0a:8f:19:4f:4f:
11:98:16:aa:41:32:c9:9f:df:31:71:44:ea:ad:47:
ea:63:d0:a2:cc:ac:c9:c3:b4:7e:b3:3c:f7:26:17:
d0:4f:52:dd:3a:69:6a:99:d5:2a:78:35:98:bd:09:
66:d4:e6:94:31:3f:00:e8:60:e3:49:52:36:ee:fd:
62:1d:e0:cb:a9:d7:36:39:b3:66:76:31:6c:fb:98:
7e:52:c8:e3:6f:95:77:32:f8:3e:13:0f:0b:8b:f7:
af:22:d9:ad:5d:6e:f3:35:d0:44:14:ff:16:74:a5:
ea:cd:a3:f1:0e:f2:4a:f9:dd:ef:3c:2f:c0:65:1c:
09:05:52:13:b5:48:df:1e:df:26:d1:03:dd:91:85:
2d:4d:ad:96:8d:ad:7e:0d:6d:33:f4:16:94:ee:ed:
05:2d:4b:26:b4:87:c8:fa:7b:6d:a3:8c:dd:79:b0:
2a:b8:02:25:b5:57:05:01:72:74:ff:13:f0:1d:42:
7f:21:ea:6e:2c:14:96:75:b7:11:57:88:b0:9a:f1:
33:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:D3:1C:D3:A1:97:EA:4F:B6:AE:39:4F:66:91:8E:08:53:13:18:F8
X509v3 Authority Key Identifier:
keyid:04:3D:2C:8D:A8:3F:5C:3C:94:AE:94:0A:0E:FD:2A:77:14:FF:90:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BD0sjag_XDyUrpQKDv0qdxT_kOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ec4c25-e552-4d0c-95ee-3bbc661b4cc5/1/BD0sjag_XDyUrpQKDv0qdxT_kOI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ec4c25-e552-4d0c-95ee-3bbc661b4cc5/1/BD0sjag_XDyUrpQKDv0qdxT_kOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:ea:86:6c:d5:c5:79:27:7f:67:63:19:d1:b3:d6:3a:58:8a:
d9:05:df:21:07:e0:81:11:3f:29:b9:0a:35:0b:8e:47:ab:e5:
d4:b7:cb:e6:8b:6c:fa:01:c9:57:ca:42:f8:7c:29:13:39:7c:
eb:63:1d:27:55:20:7a:79:c5:59:f8:c4:d1:8a:71:5c:b8:09:
cc:28:92:3d:ce:b0:99:a8:df:24:10:37:1a:77:c4:93:86:55:
92:83:49:44:ec:5b:4b:de:0f:c4:b6:21:8b:1f:e5:f6:2f:a9:
d6:89:c3:15:6b:46:aa:91:67:9d:7b:c5:fc:8b:01:98:29:29:
dd:4a:46:69:f0:ff:11:6a:8b:3e:3f:a0:a8:8a:86:ad:3c:2c:
dd:e3:91:02:97:a5:fe:2c:c8:d7:b1:f8:ef:79:55:9b:1e:9a:
0d:43:11:77:34:d5:78:0b:d0:39:8f:cd:14:a1:6d:18:32:ed:
95:f5:14:4b:8e:65:2b:b1:79:7b:e3:fc:19:30:42:6c:2d:28:
84:f3:03:ed:1d:3f:f5:4a:a6:69:c3:ee:29:4f:05:d7:49:30:
58:15:2a:b5:c0:94:5c:a0:4a:68:96:9f:95:bf:f6:d8:7f:e8:
ab:1a:59:d9:9c:76:a0:22:1b:87:75:be:e0:ab:5a:44:9b:16:
9a:fb:3e:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0zrObiKpUC0cpaMp78bmX+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0M2QyYzhkYTgzZjVjM2M5NGFlOTQwYTBlZmQyYTc3MTRm
ZjkwZTIwHhcNMjYwMzI4MDkwMTAyWhcNMjYwMzI5MDkwMTAyWjAzMTEwLwYDVQQD
EyhhZmQzMWNkM2ExOTdlYTRmYjZhZTM5NGY2NjkxOGUwODUzMTMxOGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxLhv02oNYAej136s+5uQB7CqT+E
bwGXMbeAPMw6abSFeugWvBxQPTxI4HjvEr76D7UxzKJBCo8ZT08RmBaqQTLJn98x
cUTqrUfqY9CizKzJw7R+szz3JhfQT1LdOmlqmdUqeDWYvQlm1OaUMT8A6GDjSVI2
7v1iHeDLqdc2ObNmdjFs+5h+Usjjb5V3Mvg+Ew8Li/evItmtXW7zNdBEFP8WdKXq
zaPxDvJK+d3vPC/AZRwJBVITtUjfHt8m0QPdkYUtTa2Wja1+DW0z9BaU7u0FLUsm
tIfI+ntto4zdebAquAIltVcFAXJ0/xPwHUJ/IepuLBSWdbcRV4iwmvEzDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK/THNOhl+pPtq45T2aRjghTExj4MB8GA1UdIwQY
MBaAFAQ9LI2oP1w8lK6UCg79KncU/5DiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkQwc2phZ19YRHlVcnBRS0R2MHFkeFRfa09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9lYzRjMjUtZTU1Mi00ZDBjLTk1ZWUt
M2JiYzY2MWI0Y2M1LzEvQkQwc2phZ19YRHlVcnBRS0R2MHFkeFRfa09JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9lYzRjMjUtZTU1Mi00ZDBjLTk1ZWUtM2JiYzY2MWI0Y2M1
LzEvQkQwc2phZ19YRHlVcnBRS0R2MHFkeFRfa09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGuqGbNXF
eSd/Z2MZ0bPWOliK2QXfIQfggRE/KbkKNQuOR6vl1LfL5ots+gHJV8pC+HwpEzl8
62MdJ1UgennFWfjE0YpxXLgJzCiSPc6wmajfJBA3GnfEk4ZVkoNJROxbS94PxLYh
ix/l9i+p1onDFWtGqpFnnXvF/IsBmCkp3UpGafD/EWqLPj+gqIqGrTws3eORApel
/izI17H473lVmx6aDUMRdzTVeAvQOY/NFKFtGDLtlfUUS45lK7F5e+P8GTBCbC0o
hPMD7R0/9UqmacPuKU8F10kwWBUqtcCUXKBKaJaflb/22H/oqxpZ2Zx2oCIbh3W+
4KtaRJsWmvs+EQ==
-----END CERTIFICATE-----
Generated at Sat Mar 28 11:47:51 2026 by rpki-client