Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/db5101-015c-40c5-905b-657b3a7d9676/1/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.mft
File: MPkNJSCtYZrDBgs5-9LCBOKaKhQ.mft (raw, json)
Hash identifier: mPQ9Eb2V2QhkVaBQsfxkOFjtBbl5MFPSZ10/7fwiZ8g=
Subject key identifier: 28:1B:C7:CA:8E:87:82:B0:8D:67:9E:5A:76:A5:01:50:82:61:A3:CC
Authority key identifier: 30:F9:0D:25:20:AD:61:9A:C3:06:0B:39:FB:D2:C2:04:E2:9A:2A:14
Certificate issuer: /CN=30f90d2520ad619ac3060b39fbd2c204e29a2a14
Certificate serial: 019D39416B4D861704A38DC29152876E442E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/db5101-015c-40c5-905b-657b3a7d9676/1/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.mft
Manifest number: 1890
Signing time: Sun 29 Mar 2026 11:01:21 +0000
Manifest this update: Sun 29 Mar 2026 11:01:21 +0000
Manifest next update: Mon 30 Mar 2026 11:01:21 +0000
Files and hashes: 1: MPkNJSCtYZrDBgs5-9LCBOKaKhQ.crl (hash: dkKtURMzD67UomX9bGx4kvE2f2vKTp1bMd38H9bt8Y4=)
2: obgVf-JtsYpCUbCziUNUZUCJX0s.roa (hash: elZk4GLccy9BtoLZB3Moi/HhDxse12ofYTVsYp+AUXM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/db5101-015c-40c5-905b-657b3a7d9676/1/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/db5101-015c-40c5-905b-657b3a7d9676/1/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:41:6b:4d:86:17:04:a3:8d:c2:91:52:87:6e:44:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30f90d2520ad619ac3060b39fbd2c204e29a2a14
Validity
Not Before: Mar 29 11:01:21 2026 GMT
Not After : Mar 30 11:01:21 2026 GMT
Subject: CN=281bc7ca8e8782b08d679e5a76a501508261a3cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:e1:6c:74:a1:0a:a1:4f:d6:62:ff:8a:ed:68:
6a:cc:59:ad:03:d2:af:cd:ee:65:45:14:c6:35:69:
b3:88:64:9d:9a:e4:a5:43:52:ec:21:69:5f:72:cd:
de:04:29:8b:ca:c4:8a:9d:0c:30:14:97:e8:e4:21:
1b:44:16:e4:6f:32:12:83:a1:1a:e8:b5:0b:bb:de:
bb:fc:00:79:99:65:f4:92:0c:e9:cf:37:5f:6f:ea:
c4:6c:4d:6d:e3:35:8f:f1:b7:7c:a7:cd:dc:37:c5:
eb:d6:77:74:35:77:f7:99:c7:2e:b8:d4:9c:6b:10:
d2:a1:80:e2:57:76:0b:61:c9:13:7a:44:37:0e:31:
b4:23:20:e7:cf:b1:87:72:d6:9f:3a:90:8b:82:a0:
29:36:8a:14:bb:fb:fa:78:53:21:e7:a2:20:8b:b4:
21:63:40:b2:31:ec:53:c3:0a:b7:71:06:34:80:e8:
7f:0b:e5:87:1e:1b:8c:e3:a9:45:e7:cb:0f:4b:59:
d6:ca:45:5f:45:8b:27:3e:21:42:8f:22:42:32:0e:
ac:7f:b2:ea:d0:ab:ce:8d:bd:15:08:d9:0a:ca:d2:
1f:40:87:50:95:f1:cb:e2:d4:46:7b:65:b3:44:7a:
f3:36:f4:89:a8:d4:16:5c:3d:a9:f2:30:65:89:0c:
23:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:1B:C7:CA:8E:87:82:B0:8D:67:9E:5A:76:A5:01:50:82:61:A3:CC
X509v3 Authority Key Identifier:
keyid:30:F9:0D:25:20:AD:61:9A:C3:06:0B:39:FB:D2:C2:04:E2:9A:2A:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/db5101-015c-40c5-905b-657b3a7d9676/1/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/db5101-015c-40c5-905b-657b3a7d9676/1/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:64:8e:8c:c1:60:90:c4:d2:43:85:46:66:fc:f4:4a:09:1c:
d9:c8:c0:db:ff:2a:c4:c2:13:84:7a:c0:ec:29:8e:0c:79:94:
f2:0f:96:4f:59:4f:44:c0:3f:30:d5:d7:07:07:c8:d8:8e:30:
fa:f2:8c:dd:44:99:d6:a7:cb:c8:d4:80:de:d8:58:e4:19:16:
ae:c6:ed:d6:c8:31:67:9f:5c:ca:9e:b8:51:69:e1:7a:82:77:
b0:48:c7:e1:b3:29:80:91:b7:87:c1:c2:62:77:22:cb:98:06:
ee:a6:24:09:32:61:0b:f5:15:6b:31:07:76:f6:8a:d8:e4:74:
07:1e:7e:8a:a3:2b:79:3a:a0:29:1c:23:0c:da:fb:3e:bd:6c:
6a:30:16:62:20:1a:8a:19:b7:1a:62:4c:2c:fc:af:18:4f:70:
2e:91:f9:b6:09:e4:c5:28:17:49:18:66:6f:50:cc:b7:7d:22:
20:39:f9:65:11:d5:ec:53:0b:3e:15:7c:75:af:ee:f7:09:fe:
76:bf:97:b1:02:40:1c:de:ed:80:88:9e:74:83:b4:6f:eb:c0:
8f:a9:ed:39:00:af:b7:94:ba:52:3d:b8:d4:3d:c1:91:59:18:
fb:b3:6f:a0:55:5d:b9:93:e7:37:03:d4:75:2e:4c:e9:4e:bf:
f3:fa:20:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QWtNhhcEo43CkVKHbkQuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZjkwZDI1MjBhZDYxOWFjMzA2MGIzOWZiZDJjMjA0ZTI5
YTJhMTQwHhcNMjYwMzI5MTEwMTIxWhcNMjYwMzMwMTEwMTIxWjAzMTEwLwYDVQQD
EygyODFiYzdjYThlODc4MmIwOGQ2NzllNWE3NmE1MDE1MDgyNjFhM2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4OFsdKEKoU/WYv+K7WhqzFmtA9Kv
ze5lRRTGNWmziGSdmuSlQ1LsIWlfcs3eBCmLysSKnQwwFJfo5CEbRBbkbzISg6Ea
6LULu967/AB5mWX0kgzpzzdfb+rEbE1t4zWP8bd8p83cN8Xr1nd0NXf3mccuuNSc
axDSoYDiV3YLYckTekQ3DjG0IyDnz7GHctafOpCLgqApNooUu/v6eFMh56Igi7Qh
Y0CyMexTwwq3cQY0gOh/C+WHHhuM46lF58sPS1nWykVfRYsnPiFCjyJCMg6sf7Lq
0KvOjb0VCNkKytIfQIdQlfHL4tRGe2WzRHrzNvSJqNQWXD2p8jBliQwjwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCgbx8qOh4KwjWeeWnalAVCCYaPMMB8GA1UdIwQY
MBaAFDD5DSUgrWGawwYLOfvSwgTimioUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVBrTkpTQ3RZWnJEQmdzNS05TENCT0thS2hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9kYjUxMDEtMDE1Yy00MGM1LTkwNWIt
NjU3YjNhN2Q5Njc2LzEvTVBrTkpTQ3RZWnJEQmdzNS05TENCT0thS2hRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9kYjUxMDEtMDE1Yy00MGM1LTkwNWItNjU3YjNhN2Q5Njc2
LzEvTVBrTkpTQ3RZWnJEQmdzNS05TENCT0thS2hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG2SOjMFg
kMTSQ4VGZvz0Sgkc2cjA2/8qxMIThHrA7CmODHmU8g+WT1lPRMA/MNXXBwfI2I4w
+vKM3USZ1qfLyNSA3thY5BkWrsbt1sgxZ59cyp64UWnheoJ3sEjH4bMpgJG3h8HC
Ynciy5gG7qYkCTJhC/UVazEHdvaK2OR0Bx5+iqMreTqgKRwjDNr7Pr1sajAWYiAa
ihm3GmJMLPyvGE9wLpH5tgnkxSgXSRhmb1DMt30iIDn5ZRHV7FMLPhV8da/u9wn+
dr+XsQJAHN7tgIiedIO0b+vAj6ntOQCvt5S6Uj241D3BkVkY+7NvoFVduZPnNwPU
dS5M6U6/8/oguw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:46:34 2026 by rpki-client