Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft
File: clOCbDGl92CXvNwqL2UZiKE2flM.mft (raw, json)
Hash identifier: 87ttHvIHjgIGArvsa86/nwTmOF7xYGOV0+I9Aa+9wFg=
Subject key identifier: FA:E7:5B:5A:03:3A:61:F1:1C:BB:15:5E:3E:10:28:B4:6D:67:87:BA
Authority key identifier: 72:53:82:6C:31:A5:F7:60:97:BC:DC:2A:2F:65:19:88:A1:36:7E:53
Certificate issuer: /CN=7253826c31a5f76097bcdc2a2f651988a1367e53
Certificate serial: 019D3AC1C31C0ED18416AE47107377A654A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/clOCbDGl92CXvNwqL2UZiKE2flM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft
Manifest number: 0B68
Signing time: Sun 29 Mar 2026 18:01:10 +0000
Manifest this update: Sun 29 Mar 2026 18:01:10 +0000
Manifest next update: Mon 30 Mar 2026 18:01:10 +0000
Files and hashes: 1: clOCbDGl92CXvNwqL2UZiKE2flM.crl (hash: C1S1Kv0tSJqKoIUvYdAoXzx4hLoZ29ASltKKGIqZ25w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft
rsync://rpki.ripe.net/repository/DEFAULT/clOCbDGl92CXvNwqL2UZiKE2flM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 16:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3a:c1:c3:1c:0e:d1:84:16:ae:47:10:73:77:a6:54:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7253826c31a5f76097bcdc2a2f651988a1367e53
Validity
Not Before: Mar 29 18:01:10 2026 GMT
Not After : Mar 30 18:01:10 2026 GMT
Subject: CN=fae75b5a033a61f11cbb155e3e1028b46d6787ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:7c:fe:b5:54:07:85:ff:2b:2f:97:2d:4e:3c:
a4:cf:52:19:38:2d:60:15:3a:fa:2b:e3:e1:29:6e:
be:6d:08:99:9c:a5:16:bd:08:b6:e5:b1:ce:82:cc:
7a:c8:2d:de:d4:c7:20:b6:32:08:50:39:75:10:36:
97:72:11:97:d8:f2:11:32:85:43:9c:43:44:6a:9f:
05:18:60:85:ab:e4:34:94:f6:70:9f:ea:28:c4:d0:
8b:81:05:fa:54:66:13:b8:15:42:3c:67:18:8e:9f:
aa:46:04:45:4c:c6:58:cc:0f:9e:6f:0e:14:85:09:
46:b5:65:3e:39:82:9a:dc:1f:b9:6a:de:d5:1d:5d:
b6:bc:f6:dc:f5:a6:d5:df:ae:9e:01:1e:a5:9b:9e:
9d:de:b0:27:47:03:93:10:5c:ef:df:1b:39:52:97:
fa:5e:e2:76:af:73:2b:12:d1:d0:a9:ce:41:ba:45:
40:1e:32:11:f5:51:71:5a:56:52:46:61:d6:e8:77:
4e:94:81:01:f7:4a:e5:f8:a5:3a:85:d3:68:98:ab:
72:b3:08:74:6c:ae:6c:95:8c:b4:49:c8:f7:05:5f:
b9:8f:65:64:75:94:17:8d:24:45:b1:c5:84:0a:60:
83:1c:67:f7:1c:ac:3e:3b:3b:a1:81:2c:58:12:ab:
bf:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:E7:5B:5A:03:3A:61:F1:1C:BB:15:5E:3E:10:28:B4:6D:67:87:BA
X509v3 Authority Key Identifier:
keyid:72:53:82:6C:31:A5:F7:60:97:BC:DC:2A:2F:65:19:88:A1:36:7E:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/clOCbDGl92CXvNwqL2UZiKE2flM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9b:97:6b:52:58:95:99:39:68:9d:15:c7:d6:ef:e0:07:2e:89:
c0:54:d0:f8:eb:e9:3f:5f:ce:bf:18:f4:c4:78:81:20:94:9a:
48:4e:ca:02:ce:a4:72:e2:c0:45:d9:04:f9:cb:64:c0:85:3e:
d7:72:f3:50:d0:da:bf:23:14:ec:f9:a6:a1:89:d5:a8:29:58:
3b:b8:03:9c:d4:57:1d:55:ab:f5:b8:83:ca:9a:34:14:84:4b:
2c:ec:b2:e1:5a:50:a1:20:53:2c:d8:fe:f1:ae:17:db:f8:5e:
b4:35:24:46:29:f2:26:b0:21:e5:5b:90:18:bf:29:3c:c7:34:
a0:0f:00:8c:da:b4:1d:91:84:18:dd:24:22:61:fb:1e:c8:94:
b5:af:6e:7b:80:0c:25:fb:e3:ca:3c:51:49:9d:3f:10:9f:f1:
db:a1:16:b2:27:0f:c2:c2:1a:97:c3:cb:5f:4d:7b:32:94:9c:
dc:2f:e1:0a:67:22:59:8d:de:e2:87:9a:d1:1b:9e:20:ea:e6:
8a:ca:73:b1:9b:4c:63:fb:9f:75:38:61:82:27:fd:cc:96:fa:
9d:57:81:2b:19:fb:25:57:80:a6:8d:f4:29:30:f0:06:68:c2:
ec:22:46:8e:cf:4e:f8:df:46:6a:bc:d0:2e:0f:4c:2b:ff:36:
2a:a7:ce:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06wcMcDtGEFq5HEHN3plSnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNTM4MjZjMzFhNWY3NjA5N2JjZGMyYTJmNjUxOTg4YTEz
NjdlNTMwHhcNMjYwMzI5MTgwMTEwWhcNMjYwMzMwMTgwMTEwWjAzMTEwLwYDVQQD
EyhmYWU3NWI1YTAzM2E2MWYxMWNiYjE1NWUzZTEwMjhiNDZkNjc4N2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXz+tVQHhf8rL5ctTjykz1IZOC1g
FTr6K+PhKW6+bQiZnKUWvQi25bHOgsx6yC3e1McgtjIIUDl1EDaXchGX2PIRMoVD
nENEap8FGGCFq+Q0lPZwn+ooxNCLgQX6VGYTuBVCPGcYjp+qRgRFTMZYzA+ebw4U
hQlGtWU+OYKa3B+5at7VHV22vPbc9abV366eAR6lm56d3rAnRwOTEFzv3xs5Upf6
XuJ2r3MrEtHQqc5BukVAHjIR9VFxWlZSRmHW6HdOlIEB90rl+KU6hdNomKtyswh0
bK5slYy0Scj3BV+5j2VkdZQXjSRFscWECmCDHGf3HKw+OzuhgSxYEqu/hQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPrnW1oDOmHxHLsVXj4QKLRtZ4e6MB8GA1UdIwQY
MBaAFHJTgmwxpfdgl7zcKi9lGYihNn5TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2xPQ2JER2w5MkNYdk53cUwyVVppS0UyZmxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy83YTRhNDItN2RjNS00MGMwLTgwNGIt
ZjNmNTFjMTA3MGI5LzEvY2xPQ2JER2w5MkNYdk53cUwyVVppS0UyZmxNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy83YTRhNDItN2RjNS00MGMwLTgwNGItZjNmNTFjMTA3MGI5
LzEvY2xPQ2JER2w5MkNYdk53cUwyVVppS0UyZmxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm5drUliV
mTlonRXH1u/gBy6JwFTQ+OvpP1/Ovxj0xHiBIJSaSE7KAs6kcuLARdkE+ctkwIU+
13LzUNDavyMU7PmmoYnVqClYO7gDnNRXHVWr9biDypo0FIRLLOyy4VpQoSBTLNj+
8a4X2/hetDUkRinyJrAh5VuQGL8pPMc0oA8AjNq0HZGEGN0kImH7HsiUta9ue4AM
JfvjyjxRSZ0/EJ/x26EWsicPwsIal8PLX017MpSc3C/hCmciWY3e4oea0RueIOrm
ispzsZtMY/ufdThhgif9zJb6nVeBKxn7JVeApo30KTDwBmjC7CJGjs9O+N9GarzQ
Lg9MK/82KqfOMg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 21:21:08 2026 by rpki-client