Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft
File: ALlD7lfDXyx_T-wGhel9YDsHytI.mft (raw, json)
Hash identifier: 1xdUagZtSj1EXPsLy4ba+9SLI6BC7vGKss+ZSosLWf4=
Subject key identifier: 22:06:39:A5:B1:60:3B:2B:CA:04:53:4E:62:E6:60:5F:5C:8C:A3:0C
Authority key identifier: 00:B9:43:EE:57:C3:5F:2C:7F:4F:EC:06:85:E9:7D:60:3B:07:CA:D2
Certificate issuer: /CN=00b943ee57c35f2c7f4fec0685e97d603b07cad2
Certificate serial: 019D37C0D117C96E7680AC146B7370BE447E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ALlD7lfDXyx_T-wGhel9YDsHytI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft
Manifest number: 0C51
Signing time: Sun 29 Mar 2026 04:01:16 +0000
Manifest this update: Sun 29 Mar 2026 04:01:16 +0000
Manifest next update: Mon 30 Mar 2026 04:01:16 +0000
Files and hashes: 1: ALlD7lfDXyx_T-wGhel9YDsHytI.crl (hash: QY+RSi7SGhtaHzjQDdUfB/YdP3MLHrdb1+jzfvjYAg0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ALlD7lfDXyx_T-wGhel9YDsHytI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:d1:17:c9:6e:76:80:ac:14:6b:73:70:be:44:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00b943ee57c35f2c7f4fec0685e97d603b07cad2
Validity
Not Before: Mar 29 04:01:16 2026 GMT
Not After : Mar 30 04:01:16 2026 GMT
Subject: CN=220639a5b1603b2bca04534e62e6605f5c8ca30c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:dd:99:e0:00:f9:d9:43:9c:bf:88:fe:bf:3d:
83:36:c2:c7:c0:72:d6:1d:49:50:0b:83:48:f5:e8:
e1:c2:be:5e:35:79:cb:33:01:2c:f9:3b:fa:95:6b:
ac:6b:8c:51:f3:39:6d:6b:ed:ca:8a:1f:a2:9f:0d:
67:3c:97:59:b0:63:af:85:c1:cf:20:67:1a:02:2a:
24:b4:d7:3d:24:95:de:b4:6d:5c:33:53:49:76:6c:
e9:72:aa:fa:9b:e0:ff:b4:9c:78:d4:79:27:6f:fd:
59:55:a2:ff:53:b4:18:f0:42:cc:ea:a8:c4:91:80:
27:da:24:ec:2c:7c:68:01:02:4d:35:4f:a7:de:a2:
7c:b3:ce:4e:4d:39:66:01:ee:60:65:a2:bd:48:26:
7c:1a:d9:51:5c:c2:4d:5a:00:6b:00:51:9f:54:e8:
63:53:27:fe:3d:0c:7c:7f:03:af:78:0e:e0:db:2a:
44:0b:36:f3:4f:b9:c0:c0:67:ee:ef:a4:f3:46:63:
f7:bc:6e:04:10:0a:61:d8:5a:81:f2:fe:87:3c:8a:
59:d1:e8:2d:70:a2:05:f1:29:e8:dc:ae:9d:32:d1:
55:8d:de:df:a8:ff:e3:b9:f3:74:e2:57:c7:8f:b7:
16:d5:cd:62:66:6a:4a:6e:52:72:b7:fa:70:2f:38:
8e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:06:39:A5:B1:60:3B:2B:CA:04:53:4E:62:E6:60:5F:5C:8C:A3:0C
X509v3 Authority Key Identifier:
keyid:00:B9:43:EE:57:C3:5F:2C:7F:4F:EC:06:85:E9:7D:60:3B:07:CA:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ALlD7lfDXyx_T-wGhel9YDsHytI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
47:d9:b4:49:06:1c:d1:84:29:86:bc:a4:7b:a6:31:43:ba:fa:
5a:6a:e0:fd:34:20:9b:e8:9d:44:ea:66:7b:e9:f6:05:7c:b0:
02:c5:9a:72:fe:36:3f:fb:77:d4:9a:ec:88:b8:a9:f1:c6:10:
15:9c:52:3d:e6:83:01:ea:23:cd:81:46:28:5e:56:2a:b0:33:
21:ad:13:66:d2:c6:ae:f0:62:dd:8c:7d:a3:9c:f3:3c:cd:f6:
1a:80:4c:10:d4:0e:89:16:8d:67:8c:2c:de:9e:80:84:e5:aa:
16:41:f9:ef:ac:fe:a2:dc:21:1d:86:37:ae:83:73:e0:60:89:
1a:3a:3a:40:5f:8b:c7:81:97:64:4f:1b:71:a8:bf:cc:68:1b:
51:e2:5f:5a:e1:47:a8:05:81:12:e7:5c:6c:ea:7b:71:2d:73:
3c:4a:e9:ce:bd:c1:80:1d:bf:b4:b5:1b:63:95:9b:af:90:aa:
37:3d:dc:b3:5b:9e:df:28:fe:02:74:24:9a:5a:7c:84:8f:65:
31:86:b7:4b:94:4c:1d:9f:7c:f8:bc:ca:47:76:97:8b:57:c9:
30:ec:41:fb:80:57:58:c8:02:cc:e6:d3:e4:0a:7a:33:36:9f:
16:b5:aa:47:a6:bb:e0:99:f4:91:66:06:7c:f3:f8:f1:c6:13:
e9:ef:64:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wNEXyW52gKwUa3NwvkR+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYjk0M2VlNTdjMzVmMmM3ZjRmZWMwNjg1ZTk3ZDYwM2Iw
N2NhZDIwHhcNMjYwMzI5MDQwMTE2WhcNMjYwMzMwMDQwMTE2WjAzMTEwLwYDVQQD
EygyMjA2MzlhNWIxNjAzYjJiY2EwNDUzNGU2MmU2NjA1ZjVjOGNhMzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAst2Z4AD52UOcv4j+vz2DNsLHwHLW
HUlQC4NI9ejhwr5eNXnLMwEs+Tv6lWusa4xR8zlta+3Kih+inw1nPJdZsGOvhcHP
IGcaAioktNc9JJXetG1cM1NJdmzpcqr6m+D/tJx41Hknb/1ZVaL/U7QY8ELM6qjE
kYAn2iTsLHxoAQJNNU+n3qJ8s85OTTlmAe5gZaK9SCZ8GtlRXMJNWgBrAFGfVOhj
Uyf+PQx8fwOveA7g2ypECzbzT7nAwGfu76TzRmP3vG4EEAph2FqB8v6HPIpZ0egt
cKIF8Sno3K6dMtFVjd7fqP/jufN04lfHj7cW1c1iZmpKblJyt/pwLziOewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCIGOaWxYDsrygRTTmLmYF9cjKMMMB8GA1UdIwQY
MBaAFAC5Q+5Xw18sf0/sBoXpfWA7B8rSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUxsRDdsZkRYeXhfVC13R2hlbDlZRHNIeXRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS80OGYwOWUtNzM4Ni00MTM5LTkxYzgt
M2M4OGU0MGU3MTFjLzEvQUxsRDdsZkRYeXhfVC13R2hlbDlZRHNIeXRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS80OGYwOWUtNzM4Ni00MTM5LTkxYzgtM2M4OGU0MGU3MTFj
LzEvQUxsRDdsZkRYeXhfVC13R2hlbDlZRHNIeXRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR9m0SQYc
0YQphryke6YxQ7r6Wmrg/TQgm+idROpme+n2BXywAsWacv42P/t31JrsiLip8cYQ
FZxSPeaDAeojzYFGKF5WKrAzIa0TZtLGrvBi3Yx9o5zzPM32GoBMENQOiRaNZ4ws
3p6AhOWqFkH576z+otwhHYY3roNz4GCJGjo6QF+Lx4GXZE8bcai/zGgbUeJfWuFH
qAWBEudcbOp7cS1zPErpzr3BgB2/tLUbY5Wbr5CqNz3cs1ue3yj+AnQkmlp8hI9l
MYa3S5RMHZ98+LzKR3aXi1fJMOxB+4BXWMgCzObT5Ap6MzafFrWqR6a74Jn0kWYG
fPP48cYT6e9kIQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:03:06 2026 by rpki-client