Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft
File: upfBVFbrYAQD7PuxbCDggWCUT48.mft (raw, json)
Hash identifier: yJbKRc+A0VmMXZFVI9QlcyUTzOERXSd+C628SnxN/pk=
Subject key identifier: 89:41:10:0A:67:FC:F2:9C:B6:3E:F0:BF:69:8A:DA:A8:A4:41:E4:94
Authority key identifier: BA:97:C1:54:56:EB:60:04:03:EC:FB:B1:6C:20:E0:81:60:94:4F:8F
Certificate issuer: /CN=ba97c15456eb600403ecfbb16c20e08160944f8f
Certificate serial: 019D3865C359A89CB7FB1B907F5808EEE681
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/upfBVFbrYAQD7PuxbCDggWCUT48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft
Manifest number: 1518
Signing time: Sun 29 Mar 2026 07:01:26 +0000
Manifest this update: Sun 29 Mar 2026 07:01:26 +0000
Manifest next update: Mon 30 Mar 2026 07:01:26 +0000
Files and hashes: 1: UfY9uP-gSFGDl_psdLY21k8D6rE.roa (hash: liAqA+LlTWz2PCuepJi3NtGWRqXh2SEVE/+htWLewMQ=)
2: upfBVFbrYAQD7PuxbCDggWCUT48.crl (hash: rzbb+2mwKgcDwXkUjeflDqczyVTtUB4jAJwNlws2PA0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft
rsync://rpki.ripe.net/repository/DEFAULT/upfBVFbrYAQD7PuxbCDggWCUT48.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:65:c3:59:a8:9c:b7:fb:1b:90:7f:58:08:ee:e6:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba97c15456eb600403ecfbb16c20e08160944f8f
Validity
Not Before: Mar 29 07:01:26 2026 GMT
Not After : Mar 30 07:01:26 2026 GMT
Subject: CN=8941100a67fcf29cb63ef0bf698adaa8a441e494
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:08:1c:5d:1a:e2:c0:f7:ca:70:3d:fd:10:95:
9d:a8:82:b1:7a:81:17:f7:70:0a:e4:d6:43:8d:e2:
4d:80:98:d1:1f:f2:01:33:44:08:14:ac:07:0f:2b:
4b:0f:43:33:1f:9d:4b:3c:ad:b0:aa:13:2a:8c:cd:
0a:12:46:a8:f5:24:8e:2b:7d:81:7a:57:dc:66:b4:
71:e9:f7:58:3e:3f:58:fb:53:ea:74:cb:b5:6c:4d:
52:c6:c3:07:94:31:23:0c:ed:27:c6:a3:16:32:99:
02:00:fa:1f:77:7b:2c:4e:03:d5:1b:1e:4f:26:ca:
53:db:60:ed:40:29:77:1b:6d:e4:01:1c:dc:8a:9e:
f7:e1:96:49:8a:be:cc:eb:c0:1d:03:36:ec:38:c5:
f1:50:7d:28:84:48:89:1d:41:f9:ff:a5:f6:dc:78:
4c:99:32:25:1f:ec:d4:72:12:02:8e:a2:66:41:45:
b5:d0:af:68:38:da:49:f4:e2:94:21:5b:b5:e4:8f:
36:01:2e:50:ce:d5:fb:22:af:55:5e:a4:fc:a2:b5:
db:8d:00:2a:94:9f:05:0b:8a:ec:8a:3f:36:58:7a:
d1:d5:4c:3a:ae:5c:a9:f1:b9:44:fa:a0:26:17:d7:
01:98:53:c9:0c:a5:e5:be:84:ad:26:b4:b1:d4:56:
ae:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:41:10:0A:67:FC:F2:9C:B6:3E:F0:BF:69:8A:DA:A8:A4:41:E4:94
X509v3 Authority Key Identifier:
keyid:BA:97:C1:54:56:EB:60:04:03:EC:FB:B1:6C:20:E0:81:60:94:4F:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/upfBVFbrYAQD7PuxbCDggWCUT48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a1:8a:4d:3a:9f:ff:7e:1f:ea:f1:99:59:e2:20:f8:08:34:91:
06:95:ea:0b:c9:7e:ea:e3:8d:bb:be:84:57:0d:87:79:b7:1f:
1a:90:55:85:f1:53:d9:83:69:b4:5d:4c:81:21:1d:6c:49:86:
64:6c:c1:20:0d:c2:7e:04:47:05:8f:fe:3c:3b:4a:de:fe:ca:
3b:1d:b2:14:34:22:3b:d8:e0:ba:8a:61:45:16:84:2b:6f:47:
51:0e:be:aa:2a:fa:e1:57:96:86:f9:e5:e9:63:e8:a3:4b:17:
07:59:e4:03:9b:72:f4:0f:bc:f9:17:72:be:2f:89:e7:f6:24:
f4:24:5f:6d:da:1e:fc:89:f8:1b:f8:56:8f:56:6e:6f:56:6f:
31:41:9d:93:e9:5c:55:0b:f7:97:23:b1:38:ee:e6:df:d5:1f:
77:4f:9e:d5:c9:e4:62:07:9e:0c:82:e4:62:e5:1e:99:87:24:
49:d1:f7:91:1b:93:47:fc:14:65:4c:a1:9f:af:8b:ff:ea:42:
a5:82:19:86:aa:e3:7f:50:c5:ad:23:6e:cc:3e:43:1b:ae:f4:
ba:f0:40:ce:5e:7c:eb:42:09:ba:bb:70:e0:cf:d1:92:48:0b:
3d:f6:41:bc:3b:17:f7:07:7e:db:f5:2f:81:66:84:41:f3:bc:
fa:89:36:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZcNZqJy3+xuQf1gI7uaBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOTdjMTU0NTZlYjYwMDQwM2VjZmJiMTZjMjBlMDgxNjA5
NDRmOGYwHhcNMjYwMzI5MDcwMTI2WhcNMjYwMzMwMDcwMTI2WjAzMTEwLwYDVQQD
Eyg4OTQxMTAwYTY3ZmNmMjljYjYzZWYwYmY2OThhZGFhOGE0NDFlNDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxggcXRriwPfKcD39EJWdqIKxeoEX
93AK5NZDjeJNgJjRH/IBM0QIFKwHDytLD0MzH51LPK2wqhMqjM0KEkao9SSOK32B
elfcZrRx6fdYPj9Y+1PqdMu1bE1SxsMHlDEjDO0nxqMWMpkCAPofd3ssTgPVGx5P
JspT22DtQCl3G23kARzcip734ZZJir7M68AdAzbsOMXxUH0ohEiJHUH5/6X23HhM
mTIlH+zUchICjqJmQUW10K9oONpJ9OKUIVu15I82AS5QztX7Iq9VXqT8orXbjQAq
lJ8FC4rsij82WHrR1Uw6rlyp8blE+qAmF9cBmFPJDKXlvoStJrSx1Fau+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIlBEApn/PKctj7wv2mK2qikQeSUMB8GA1UdIwQY
MBaAFLqXwVRW62AEA+z7sWwg4IFglE+PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXBmQlZGYnJZQVFEN1B1eGJDRGdnV0NVVDQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9jNDZkMWUtOTg3ZC00ZjY1LWIxMWIt
MmUyY2Q2NDM1MTA2LzEvdXBmQlZGYnJZQVFEN1B1eGJDRGdnV0NVVDQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9jNDZkMWUtOTg3ZC00ZjY1LWIxMWItMmUyY2Q2NDM1MTA2
LzEvdXBmQlZGYnJZQVFEN1B1eGJDRGdnV0NVVDQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoYpNOp//
fh/q8ZlZ4iD4CDSRBpXqC8l+6uONu76EVw2HebcfGpBVhfFT2YNptF1MgSEdbEmG
ZGzBIA3CfgRHBY/+PDtK3v7KOx2yFDQiO9jguophRRaEK29HUQ6+qir64VeWhvnl
6WPoo0sXB1nkA5ty9A+8+Rdyvi+J5/Yk9CRfbdoe/In4G/hWj1Zub1ZvMUGdk+lc
VQv3lyOxOO7m39Ufd0+e1cnkYgeeDILkYuUemYckSdH3kRuTR/wUZUyhn6+L/+pC
pYIZhqrjf1DFrSNuzD5DG670uvBAzl5860IJurtw4M/RkkgLPfZBvDsX9wd+2/Uv
gWaEQfO8+ok2bA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:32:32 2026 by rpki-client