Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/4dfbd4-8ed7-45f2-950d-3aeb7cde036c/1/ufdp1EM7dwTfcD0WRbf-qO-_km4.mft
File: ufdp1EM7dwTfcD0WRbf-qO-_km4.mft (raw, json)
Hash identifier: CgTbHT5rV57kNIdONLppC3qbXBNuBF8MD9JpxCZdA9w=
Subject key identifier: F1:60:E2:2D:43:FE:EA:1D:C8:21:BB:E7:69:6B:F6:98:FE:0B:87:18
Authority key identifier: B9:F7:69:D4:43:3B:77:04:DF:70:3D:16:45:B7:FE:A8:EF:BF:92:6E
Certificate issuer: /CN=b9f769d4433b7704df703d1645b7fea8efbf926e
Certificate serial: 019D37C085FA05BDC858459B8EE700EE8DBB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ufdp1EM7dwTfcD0WRbf-qO-_km4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/4dfbd4-8ed7-45f2-950d-3aeb7cde036c/1/ufdp1EM7dwTfcD0WRbf-qO-_km4.mft
Manifest number: 1892
Signing time: Sun 29 Mar 2026 04:00:57 +0000
Manifest this update: Sun 29 Mar 2026 04:00:57 +0000
Manifest next update: Mon 30 Mar 2026 04:00:57 +0000
Files and hashes: 1: F9fOaYPqb4gxUHFeWSAIKisXq8Q.roa (hash: PHpRDYyGYnqjTmjt3ejWEskYaaVTFLnfQhZUlCEYSpg=)
2: ufdp1EM7dwTfcD0WRbf-qO-_km4.crl (hash: 8ztLmB/cVypKQIuvy5yuKdOh0381nVtdw7TrmnbvRj8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/4dfbd4-8ed7-45f2-950d-3aeb7cde036c/1/ufdp1EM7dwTfcD0WRbf-qO-_km4.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/4dfbd4-8ed7-45f2-950d-3aeb7cde036c/1/ufdp1EM7dwTfcD0WRbf-qO-_km4.mft
rsync://rpki.ripe.net/repository/DEFAULT/ufdp1EM7dwTfcD0WRbf-qO-_km4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:85:fa:05:bd:c8:58:45:9b:8e:e7:00:ee:8d:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9f769d4433b7704df703d1645b7fea8efbf926e
Validity
Not Before: Mar 29 04:00:57 2026 GMT
Not After : Mar 30 04:00:57 2026 GMT
Subject: CN=f160e22d43feea1dc821bbe7696bf698fe0b8718
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:5a:a2:fb:1d:5c:c7:39:aa:0f:b5:c8:dc:54:
92:cd:93:a6:f1:69:48:6f:e0:46:8f:56:d4:87:d7:
52:23:c1:ac:42:b3:82:91:90:7b:9a:9c:87:48:42:
75:25:85:79:4b:d1:a0:05:88:5c:e7:dd:43:4a:0c:
72:d5:ec:1b:e5:ee:6f:5b:98:00:18:43:45:8a:73:
c4:03:1a:99:50:39:20:f9:f1:c6:01:cf:d4:d7:c2:
32:ee:35:61:bf:64:b3:a4:1e:87:99:84:f3:a8:41:
09:44:2e:2d:dd:8f:65:45:f7:cb:70:6a:5a:e5:78:
50:d0:d8:60:3f:e9:90:a3:2d:a4:db:89:28:13:9c:
c9:0c:5c:51:fb:6b:be:ad:c7:29:e9:88:75:e8:ae:
ea:f6:ad:50:f6:e8:af:8e:b3:0d:ba:f7:b8:a7:4b:
ed:89:af:a1:01:6c:05:18:97:7f:31:12:17:f5:9e:
06:a7:36:ab:56:cf:9d:39:ed:95:9e:41:c9:fa:65:
35:34:58:47:d6:b2:78:d7:cd:f0:e2:85:0e:4c:fb:
8d:86:05:b1:35:62:71:47:95:05:65:ab:a5:a7:9a:
d1:5e:6f:47:c4:50:b4:e7:1c:3b:18:9d:bb:7b:ae:
a8:a2:33:b9:f7:45:0a:41:98:ea:d2:fc:91:ab:2a:
54:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:60:E2:2D:43:FE:EA:1D:C8:21:BB:E7:69:6B:F6:98:FE:0B:87:18
X509v3 Authority Key Identifier:
keyid:B9:F7:69:D4:43:3B:77:04:DF:70:3D:16:45:B7:FE:A8:EF:BF:92:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ufdp1EM7dwTfcD0WRbf-qO-_km4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/4dfbd4-8ed7-45f2-950d-3aeb7cde036c/1/ufdp1EM7dwTfcD0WRbf-qO-_km4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/4dfbd4-8ed7-45f2-950d-3aeb7cde036c/1/ufdp1EM7dwTfcD0WRbf-qO-_km4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bd:2f:69:e3:3e:c2:f2:75:aa:a2:09:41:43:4f:58:77:1f:60:
ac:2c:0b:b2:ec:75:fa:20:50:d0:ab:77:9e:d5:1d:c5:f1:d9:
23:05:b1:32:fb:c3:b1:19:e4:b0:fd:a7:48:2e:3a:cd:3b:3d:
98:e2:10:91:84:82:c5:bb:2b:0c:b3:d5:4a:65:9b:d5:ab:3f:
27:c9:b3:ef:d0:f5:8a:e3:be:c8:3e:88:ad:cf:76:c9:f5:ca:
94:0c:44:61:8a:d9:6f:e9:a5:6f:15:13:5f:54:cb:2e:fd:ff:
b5:2b:72:02:6b:90:c5:16:c1:ab:ed:de:dd:75:b1:37:ab:54:
80:cf:75:8a:96:70:87:b9:eb:11:a9:03:92:59:51:c4:30:ff:
7b:31:36:c8:c5:8d:ea:1d:d4:06:5d:3c:48:47:73:3e:51:22:
8e:61:91:d3:2b:14:6b:44:f4:58:53:fa:2d:e1:9c:f7:fd:82:
8a:46:b4:d1:02:8d:3a:ba:8d:a9:23:a3:b7:96:b3:e4:b6:a9:
60:e4:84:9b:ab:e4:c6:18:b4:b2:22:79:65:d5:9e:8c:6f:f2:
22:12:89:eb:8f:c0:62:32:42:7c:fe:05:7a:d4:91:13:4d:7e:
53:48:35:48:16:ff:87:86:24:d4:9f:20:a9:82:e3:f3:9a:52:
c1:ea:68:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wIX6Bb3IWEWbjucA7o27MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5Zjc2OWQ0NDMzYjc3MDRkZjcwM2QxNjQ1YjdmZWE4ZWZi
ZjkyNmUwHhcNMjYwMzI5MDQwMDU3WhcNMjYwMzMwMDQwMDU3WjAzMTEwLwYDVQQD
EyhmMTYwZTIyZDQzZmVlYTFkYzgyMWJiZTc2OTZiZjY5OGZlMGI4NzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFqi+x1cxzmqD7XI3FSSzZOm8WlI
b+BGj1bUh9dSI8GsQrOCkZB7mpyHSEJ1JYV5S9GgBYhc591DSgxy1ewb5e5vW5gA
GENFinPEAxqZUDkg+fHGAc/U18Iy7jVhv2SzpB6HmYTzqEEJRC4t3Y9lRffLcGpa
5XhQ0NhgP+mQoy2k24koE5zJDFxR+2u+rccp6Yh16K7q9q1Q9uivjrMNuve4p0vt
ia+hAWwFGJd/MRIX9Z4GpzarVs+dOe2VnkHJ+mU1NFhH1rJ4183w4oUOTPuNhgWx
NWJxR5UFZaulp5rRXm9HxFC05xw7GJ27e66oojO590UKQZjq0vyRqypUdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPFg4i1D/uodyCG752lr9pj+C4cYMB8GA1UdIwQY
MBaAFLn3adRDO3cE33A9FkW3/qjvv5JuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWZkcDFFTTdkd1RmY0QwV1JiZi1xTy1fa200LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS80ZGZiZDQtOGVkNy00NWYyLTk1MGQt
M2FlYjdjZGUwMzZjLzEvdWZkcDFFTTdkd1RmY0QwV1JiZi1xTy1fa200Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS80ZGZiZDQtOGVkNy00NWYyLTk1MGQtM2FlYjdjZGUwMzZj
LzEvdWZkcDFFTTdkd1RmY0QwV1JiZi1xTy1fa200LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvS9p4z7C
8nWqoglBQ09Ydx9grCwLsux1+iBQ0Kt3ntUdxfHZIwWxMvvDsRnksP2nSC46zTs9
mOIQkYSCxbsrDLPVSmWb1as/J8mz79D1iuO+yD6Irc92yfXKlAxEYYrZb+mlbxUT
X1TLLv3/tStyAmuQxRbBq+3e3XWxN6tUgM91ipZwh7nrEakDkllRxDD/ezE2yMWN
6h3UBl08SEdzPlEijmGR0ysUa0T0WFP6LeGc9/2Cika00QKNOrqNqSOjt5az5Lap
YOSEm6vkxhi0siJ5ZdWejG/yIhKJ64/AYjJCfP4FetSRE01+U0g1SBb/h4Yk1J8g
qYLj85pSwepoBw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:28:55 2026 by rpki-client