Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.mft
File: T03F1MB2_YQmOrcubxe1_0rLhEg.mft (raw, json)
Hash identifier: pbELzFs//6ZDB/GKJJfVQv2qeNhbNa2/7TPi2b+YRrU=
Subject key identifier: CB:A6:90:0C:34:45:1F:54:BE:E5:47:47:2C:20:F5:E4:7A:5F:06:D2
Authority key identifier: 4F:4D:C5:D4:C0:76:FD:84:26:3A:B7:2E:6F:17:B5:FF:4A:CB:84:48
Certificate issuer: /CN=4f4dc5d4c076fd84263ab72e6f17b5ff4acb8448
Certificate serial: 019D3A1C72372A6CABE94A81EA673A5A0893
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T03F1MB2_YQmOrcubxe1_0rLhEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.mft
Manifest number: 0BAD
Signing time: Sun 29 Mar 2026 15:00:35 +0000
Manifest this update: Sun 29 Mar 2026 15:00:35 +0000
Manifest next update: Mon 30 Mar 2026 15:00:35 +0000
Files and hashes: 1: T03F1MB2_YQmOrcubxe1_0rLhEg.crl (hash: D8cGGEj6Hb7d2QDQzAPoQxxs8d/+VzgGHaGdCB87WGc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.mft
rsync://rpki.ripe.net/repository/DEFAULT/T03F1MB2_YQmOrcubxe1_0rLhEg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3a:1c:72:37:2a:6c:ab:e9:4a:81:ea:67:3a:5a:08:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f4dc5d4c076fd84263ab72e6f17b5ff4acb8448
Validity
Not Before: Mar 29 15:00:35 2026 GMT
Not After : Mar 30 15:00:35 2026 GMT
Subject: CN=cba6900c34451f54bee547472c20f5e47a5f06d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d6:94:e7:b4:0d:f2:b6:8c:3d:d5:98:a9:23:
3d:50:68:92:9b:00:e1:d9:c8:5b:40:8b:15:14:78:
16:08:41:d5:da:a7:f0:b5:b7:7f:cf:59:01:ea:36:
15:d0:21:5d:07:3b:07:92:a7:f5:32:6e:50:c6:7e:
71:f8:60:02:62:60:3a:65:2b:83:53:e7:85:bc:8c:
c8:a5:ee:ab:1e:e2:c5:b5:32:4c:81:dc:a4:8c:77:
cd:fa:84:15:bc:92:31:aa:05:06:cf:da:cd:f9:bc:
fb:b5:b5:8c:c7:38:67:ff:e1:d1:9f:50:93:ae:7e:
9b:ab:bb:af:bf:26:81:9b:96:b1:2c:df:b0:23:d2:
0a:49:32:99:d2:ae:c2:fc:5e:12:68:4b:5a:66:be:
c4:d5:75:c1:fe:52:d5:ec:1c:98:16:49:bc:cc:13:
3c:59:58:42:03:d2:ed:02:68:b2:da:53:d8:7f:20:
c2:df:ed:f2:92:84:bb:5a:85:5f:ef:3d:06:23:3f:
5c:a1:2c:26:e8:43:29:63:bc:2b:0d:6c:42:5e:06:
d8:50:59:3b:2d:b1:30:35:8b:a7:55:8b:05:c1:23:
ac:c6:8d:ca:eb:57:22:9d:43:9e:0d:f0:7a:d3:fd:
4f:e1:aa:c8:ae:ee:50:a9:cb:32:f3:5b:cd:d6:4f:
ca:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:A6:90:0C:34:45:1F:54:BE:E5:47:47:2C:20:F5:E4:7A:5F:06:D2
X509v3 Authority Key Identifier:
keyid:4F:4D:C5:D4:C0:76:FD:84:26:3A:B7:2E:6F:17:B5:FF:4A:CB:84:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T03F1MB2_YQmOrcubxe1_0rLhEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0d:ff:3f:93:bd:17:7e:12:a2:b7:f3:8c:d1:21:41:1e:5f:05:
14:18:c4:ac:af:b5:7f:9a:9a:44:e1:93:7e:e7:27:62:d5:1a:
61:21:6c:5b:43:bd:0e:6a:21:8c:c9:50:af:ea:af:b1:78:bb:
7b:d2:8b:20:86:1d:ba:3a:a1:c7:78:6d:a5:4c:07:42:b7:87:
00:4c:2c:4b:a9:17:57:f3:a3:c5:1a:d5:64:bc:04:d9:fa:40:
29:f8:0a:64:2e:ae:f3:bf:87:6a:34:9e:ab:49:6e:a3:b7:80:
e6:1a:b4:3a:15:b8:14:6f:cf:2c:7b:5f:77:c7:36:a7:1a:87:
6b:a5:a2:0e:b5:c3:36:a4:92:e6:4d:a3:60:07:26:6c:44:bb:
10:4b:65:61:7a:24:9c:3a:49:9d:8f:71:62:df:d5:49:3c:e2:
c0:6e:3b:99:82:c9:d5:71:02:a6:69:8b:b7:f3:5e:0a:94:ba:
58:a8:5f:e6:a5:49:40:66:b9:08:f8:da:7b:53:30:f0:55:54:
9d:73:d6:9d:33:5e:52:8d:c1:63:58:0d:9d:32:c5:8c:8d:8f:
27:e3:da:90:25:13:6c:0d:ee:2c:e5:23:9a:a1:cb:33:36:f9:
77:ea:ae:78:39:91:51:e1:0d:4a:77:e8:e0:c1:80:43:22:e8:
6f:9a:30:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06HHI3Kmyr6UqB6mc6WgiTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmNGRjNWQ0YzA3NmZkODQyNjNhYjcyZTZmMTdiNWZmNGFj
Yjg0NDgwHhcNMjYwMzI5MTUwMDM1WhcNMjYwMzMwMTUwMDM1WjAzMTEwLwYDVQQD
EyhjYmE2OTAwYzM0NDUxZjU0YmVlNTQ3NDcyYzIwZjVlNDdhNWYwNmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNaU57QN8raMPdWYqSM9UGiSmwDh
2chbQIsVFHgWCEHV2qfwtbd/z1kB6jYV0CFdBzsHkqf1Mm5Qxn5x+GACYmA6ZSuD
U+eFvIzIpe6rHuLFtTJMgdykjHfN+oQVvJIxqgUGz9rN+bz7tbWMxzhn/+HRn1CT
rn6bq7uvvyaBm5axLN+wI9IKSTKZ0q7C/F4SaEtaZr7E1XXB/lLV7ByYFkm8zBM8
WVhCA9LtAmiy2lPYfyDC3+3ykoS7WoVf7z0GIz9coSwm6EMpY7wrDWxCXgbYUFk7
LbEwNYunVYsFwSOsxo3K61cinUOeDfB60/1P4arIru5Qqcsy81vN1k/KNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMumkAw0RR9UvuVHRywg9eR6XwbSMB8GA1UdIwQY
MBaAFE9NxdTAdv2EJjq3Lm8Xtf9Ky4RIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDAzRjFNQjJfWVFtT3JjdWJ4ZTFfMHJMaEVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yNTc1ZmUtYTUyNi00MTk1LTk3NDUt
ZmE5NmJkZDJmZmEzLzEvVDAzRjFNQjJfWVFtT3JjdWJ4ZTFfMHJMaEVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8yNTc1ZmUtYTUyNi00MTk1LTk3NDUtZmE5NmJkZDJmZmEz
LzEvVDAzRjFNQjJfWVFtT3JjdWJ4ZTFfMHJMaEVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADf8/k70X
fhKit/OM0SFBHl8FFBjErK+1f5qaROGTfucnYtUaYSFsW0O9DmohjMlQr+qvsXi7
e9KLIIYdujqhx3htpUwHQreHAEwsS6kXV/OjxRrVZLwE2fpAKfgKZC6u87+HajSe
q0luo7eA5hq0OhW4FG/PLHtfd8c2pxqHa6WiDrXDNqSS5k2jYAcmbES7EEtlYXok
nDpJnY9xYt/VSTziwG47mYLJ1XECpmmLt/NeCpS6WKhf5qVJQGa5CPjae1Mw8FVU
nXPWnTNeUo3BY1gNnTLFjI2PJ+PakCUTbA3uLOUjmqHLMzb5d+queDmRUeENSnfo
4MGAQyLob5owDw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:47:48 2026 by rpki-client