Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/cf10db-7582-4553-bf1b-17911594ae51/1/urwezBf2YNW9ieFhZ7nVAxv2oMs.mft
File: urwezBf2YNW9ieFhZ7nVAxv2oMs.mft (raw, json)
Hash identifier: uzDD4YGZa4Zh7g5Dq5+vE9VtrFkVtQ2IJioQR7YBt8o=
Subject key identifier: B7:83:B6:AC:2E:F9:AF:D0:2A:06:A7:FC:71:AC:B5:8C:38:41:67:99
Authority key identifier: BA:BC:1E:CC:17:F6:60:D5:BD:89:E1:61:67:B9:D5:03:1B:F6:A0:CB
Certificate issuer: /CN=babc1ecc17f660d5bd89e16167b9d5031bf6a0cb
Certificate serial: 019D37C0AD0F2F03BBE83888DC12A3746DA9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/urwezBf2YNW9ieFhZ7nVAxv2oMs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/cf10db-7582-4553-bf1b-17911594ae51/1/urwezBf2YNW9ieFhZ7nVAxv2oMs.mft
Manifest number: 0BF6
Signing time: Sun 29 Mar 2026 04:01:07 +0000
Manifest this update: Sun 29 Mar 2026 04:01:07 +0000
Manifest next update: Mon 30 Mar 2026 04:01:07 +0000
Files and hashes: 1: OUJf-sc0f-zTH1OOEDEe1u3vDUI.roa (hash: jsm1Kc9N3YzBvdT9WWkethSdjz6IIBqoQUC68R7xEgA=)
2: urwezBf2YNW9ieFhZ7nVAxv2oMs.crl (hash: yxD1oa52PsOqrYXrrXuvAu+yqFRLPCCnfmwVDQjwr9k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/cf10db-7582-4553-bf1b-17911594ae51/1/urwezBf2YNW9ieFhZ7nVAxv2oMs.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/cf10db-7582-4553-bf1b-17911594ae51/1/urwezBf2YNW9ieFhZ7nVAxv2oMs.mft
rsync://rpki.ripe.net/repository/DEFAULT/urwezBf2YNW9ieFhZ7nVAxv2oMs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:ad:0f:2f:03:bb:e8:38:88:dc:12:a3:74:6d:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=babc1ecc17f660d5bd89e16167b9d5031bf6a0cb
Validity
Not Before: Mar 29 04:01:07 2026 GMT
Not After : Mar 30 04:01:07 2026 GMT
Subject: CN=b783b6ac2ef9afd02a06a7fc71acb58c38416799
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:12:d5:24:9e:7e:f1:7f:e1:a3:39:1b:8b:39:
8c:e1:c2:45:eb:69:ee:67:41:5b:f2:07:1b:cb:d3:
45:20:8f:df:6b:02:4c:b7:0b:fa:08:0f:4b:8f:b3:
4d:50:5d:33:19:c7:c9:b4:66:65:c1:03:18:c7:71:
27:cb:5a:f1:8f:fb:c5:e4:0b:c1:34:1d:88:b2:79:
79:cb:39:48:12:cb:e2:25:3f:c8:a2:ea:23:bb:b4:
d1:5c:31:32:c6:22:cb:ab:b7:41:76:e7:f6:04:da:
11:f5:a7:b1:df:29:11:bd:03:21:0d:76:0a:1f:dc:
09:b4:a7:a1:ae:78:83:18:4a:ef:69:73:50:48:a7:
32:34:46:b9:88:42:1f:53:33:ea:6d:9b:9d:0c:53:
12:5a:3c:3a:5d:ef:0a:98:3f:d1:8d:62:a0:fc:86:
f0:ec:16:28:ba:56:0c:9d:15:90:f8:8f:c5:24:71:
38:51:fb:08:ee:f0:b8:4f:09:89:65:82:b4:79:1d:
1b:ad:b4:1d:2b:74:39:57:35:8f:09:84:68:3d:80:
f8:f3:8f:a6:e6:17:a3:b2:c2:dc:ae:d5:66:34:5b:
8d:59:f3:e9:95:4b:18:13:ac:3d:c7:cb:4f:39:25:
f9:9d:3c:34:16:6b:92:7b:77:6d:4f:46:71:ed:15:
23:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:83:B6:AC:2E:F9:AF:D0:2A:06:A7:FC:71:AC:B5:8C:38:41:67:99
X509v3 Authority Key Identifier:
keyid:BA:BC:1E:CC:17:F6:60:D5:BD:89:E1:61:67:B9:D5:03:1B:F6:A0:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/urwezBf2YNW9ieFhZ7nVAxv2oMs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/cf10db-7582-4553-bf1b-17911594ae51/1/urwezBf2YNW9ieFhZ7nVAxv2oMs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/cf10db-7582-4553-bf1b-17911594ae51/1/urwezBf2YNW9ieFhZ7nVAxv2oMs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
46:6b:3f:88:c7:84:46:25:13:85:8a:3b:1c:14:0b:4f:cd:71:
29:46:54:1c:bf:07:c2:29:a6:8e:d3:91:48:0d:43:52:d4:a0:
d4:8d:99:8d:02:d7:61:ef:d3:c9:d9:21:e3:9f:1d:0a:ae:08:
a9:64:5b:e6:31:25:4c:3b:91:e6:82:8c:cc:21:fe:ce:a4:b7:
88:7d:c3:ba:cc:75:28:5d:30:0b:a0:e0:fa:30:ce:64:7d:0c:
83:27:b9:25:3a:90:ca:46:01:c8:f9:d7:2f:71:a0:03:d2:88:
56:a3:88:cf:32:fc:47:c7:c2:7b:af:a4:4c:fa:e9:91:ad:a0:
27:0c:07:43:ad:2b:ad:e5:01:d8:83:c0:cf:97:70:c6:71:b0:
13:62:85:c2:74:f5:7f:44:43:70:85:98:da:b7:24:2a:9e:98:
0f:5b:8b:78:89:72:2a:d1:36:a3:4f:7a:5b:23:0d:66:ef:46:
2d:0e:39:b5:f9:dc:ed:b6:8a:35:7d:cf:fc:69:fa:bb:35:58:
fc:ad:79:3c:5f:a6:fa:45:81:08:e6:fd:f0:38:cb:b5:6a:03:
81:9c:cc:af:9f:67:5e:4a:24:75:5e:07:82:b2:bc:54:00:35:
c8:83:c5:6e:08:81:b7:12:6c:6b:5d:82:3d:02:6f:f1:2f:ba:
1d:e5:15:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wK0PLwO76DiI3BKjdG2pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYmMxZWNjMTdmNjYwZDViZDg5ZTE2MTY3YjlkNTAzMWJm
NmEwY2IwHhcNMjYwMzI5MDQwMTA3WhcNMjYwMzMwMDQwMTA3WjAzMTEwLwYDVQQD
EyhiNzgzYjZhYzJlZjlhZmQwMmEwNmE3ZmM3MWFjYjU4YzM4NDE2Nzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2xLVJJ5+8X/hozkbizmM4cJF62nu
Z0Fb8gcby9NFII/fawJMtwv6CA9Lj7NNUF0zGcfJtGZlwQMYx3Eny1rxj/vF5AvB
NB2Isnl5yzlIEsviJT/Iouoju7TRXDEyxiLLq7dBduf2BNoR9aex3ykRvQMhDXYK
H9wJtKehrniDGErvaXNQSKcyNEa5iEIfUzPqbZudDFMSWjw6Xe8KmD/RjWKg/Ibw
7BYoulYMnRWQ+I/FJHE4UfsI7vC4TwmJZYK0eR0brbQdK3Q5VzWPCYRoPYD484+m
5hejssLcrtVmNFuNWfPplUsYE6w9x8tPOSX5nTw0FmuSe3dtT0Zx7RUjbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLeDtqwu+a/QKgan/HGstYw4QWeZMB8GA1UdIwQY
MBaAFLq8HswX9mDVvYnhYWe51QMb9qDLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXJ3ZXpCZjJZTlc5aWVGaFo3blZBeHYyb01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9jZjEwZGItNzU4Mi00NTUzLWJmMWIt
MTc5MTE1OTRhZTUxLzEvdXJ3ZXpCZjJZTlc5aWVGaFo3blZBeHYyb01zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9jZjEwZGItNzU4Mi00NTUzLWJmMWItMTc5MTE1OTRhZTUx
LzEvdXJ3ZXpCZjJZTlc5aWVGaFo3blZBeHYyb01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARms/iMeE
RiUThYo7HBQLT81xKUZUHL8HwimmjtORSA1DUtSg1I2ZjQLXYe/Tydkh458dCq4I
qWRb5jElTDuR5oKMzCH+zqS3iH3Dusx1KF0wC6Dg+jDOZH0Mgye5JTqQykYByPnX
L3GgA9KIVqOIzzL8R8fCe6+kTPrpka2gJwwHQ60rreUB2IPAz5dwxnGwE2KFwnT1
f0RDcIWY2rckKp6YD1uLeIlyKtE2o096WyMNZu9GLQ45tfnc7baKNX3P/Gn6uzVY
/K15PF+m+kWBCOb98DjLtWoDgZzMr59nXkokdV4HgrK8VAA1yIPFbgiBtxJsa12C
PQJv8S+6HeUVXw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:47:25 2026 by rpki-client