Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/a5e531-1a08-4336-b0d8-4832659994cb/1/1PhqmjxCnBvCbsBqOuTkF8p0394.mft
File: 1PhqmjxCnBvCbsBqOuTkF8p0394.mft (raw, json)
Hash identifier: pl8+IFsXeuTnk+ubgKeB9u9aVr9s3L/FkFSqtw8me2g=
Subject key identifier: 53:4F:39:53:6D:F9:CE:D1:83:B8:32:E0:88:95:54:B4:C2:AD:BE:9D
Authority key identifier: D4:F8:6A:9A:3C:42:9C:1B:C2:6E:C0:6A:3A:E4:E4:17:CA:74:DF:DE
Certificate issuer: /CN=d4f86a9a3c429c1bc26ec06a3ae4e417ca74dfde
Certificate serial: 019D3940CB0F97B577125447B545A5A098E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1PhqmjxCnBvCbsBqOuTkF8p0394.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/a5e531-1a08-4336-b0d8-4832659994cb/1/1PhqmjxCnBvCbsBqOuTkF8p0394.mft
Manifest number: 0B17
Signing time: Sun 29 Mar 2026 11:00:40 +0000
Manifest this update: Sun 29 Mar 2026 11:00:40 +0000
Manifest next update: Mon 30 Mar 2026 11:00:40 +0000
Files and hashes: 1: 1PhqmjxCnBvCbsBqOuTkF8p0394.crl (hash: UNe7+cMOg3mWbBj8JmEpqltMsTIdA4vEmQ2QfvfPyRw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/a5e531-1a08-4336-b0d8-4832659994cb/1/1PhqmjxCnBvCbsBqOuTkF8p0394.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/a5e531-1a08-4336-b0d8-4832659994cb/1/1PhqmjxCnBvCbsBqOuTkF8p0394.mft
rsync://rpki.ripe.net/repository/DEFAULT/1PhqmjxCnBvCbsBqOuTkF8p0394.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:40:cb:0f:97:b5:77:12:54:47:b5:45:a5:a0:98:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4f86a9a3c429c1bc26ec06a3ae4e417ca74dfde
Validity
Not Before: Mar 29 11:00:40 2026 GMT
Not After : Mar 30 11:00:40 2026 GMT
Subject: CN=534f39536df9ced183b832e0889554b4c2adbe9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:7d:48:9a:43:d7:c8:1b:42:38:2f:c6:f2:e6:
4c:97:39:c6:54:9b:53:e7:1a:c6:3a:35:9c:bc:ba:
b3:0a:8f:9b:b4:cf:2d:7f:fb:55:b2:f3:a8:ab:f8:
d6:40:18:68:aa:8c:7f:25:b7:e1:5f:2f:9a:33:f6:
90:55:0a:7d:6c:1b:e6:8a:4e:8c:99:b7:18:cc:62:
3c:03:bc:51:9f:8f:9f:c0:10:1d:46:25:ea:c2:4a:
2a:d9:24:92:67:e3:13:61:2e:41:18:aa:9a:f3:9a:
ab:39:6c:8a:be:fb:aa:95:0f:f9:b5:53:64:41:55:
b1:54:f3:ee:f3:95:1f:d2:7d:8a:95:d7:c6:91:a9:
57:b1:48:92:59:06:d5:97:d5:34:87:ab:ec:91:97:
47:21:1e:b1:d2:d9:46:2e:4a:24:d1:d6:e5:75:6b:
4e:50:ae:be:2b:4f:c4:13:5f:cc:e9:74:e8:1e:03:
ee:71:ad:02:53:5b:7e:15:ce:d7:44:c9:c1:6b:f2:
8d:4c:3a:7f:6f:51:74:41:08:bb:4b:ef:7b:91:0a:
66:69:40:a7:a5:dd:9d:30:10:0c:65:6d:6d:33:bb:
27:2b:34:03:63:6e:cb:ed:70:9d:d4:a9:8d:de:4e:
d7:3a:f1:89:18:7d:ca:fe:21:f5:ae:e7:cc:48:6c:
ca:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:4F:39:53:6D:F9:CE:D1:83:B8:32:E0:88:95:54:B4:C2:AD:BE:9D
X509v3 Authority Key Identifier:
keyid:D4:F8:6A:9A:3C:42:9C:1B:C2:6E:C0:6A:3A:E4:E4:17:CA:74:DF:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1PhqmjxCnBvCbsBqOuTkF8p0394.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/a5e531-1a08-4336-b0d8-4832659994cb/1/1PhqmjxCnBvCbsBqOuTkF8p0394.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/a5e531-1a08-4336-b0d8-4832659994cb/1/1PhqmjxCnBvCbsBqOuTkF8p0394.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9d:55:5f:29:61:39:fe:23:b4:c7:cb:dd:1f:bc:3c:f5:f9:59:
fc:84:75:74:3c:1a:e8:e3:23:af:e1:95:aa:14:72:4f:98:2a:
68:6c:8f:18:6b:ef:b3:5e:41:a2:fd:4c:8a:4f:4d:8c:fe:35:
56:e9:a8:98:f8:ff:32:70:3b:e0:16:1f:ea:48:85:16:53:88:
4b:5a:9a:8e:3f:aa:d8:e9:f5:55:c6:2e:4a:c2:ce:b2:1a:18:
f7:a3:81:e8:d7:56:7f:f4:5b:25:3e:d4:b6:78:e1:cd:86:e1:
b4:b2:84:c6:c7:8d:5a:98:6b:a9:be:a0:46:bc:ce:58:f4:1a:
c0:49:45:19:e7:1d:55:44:ae:e7:d1:2a:b9:9a:18:5d:e1:09:
a2:23:96:35:c4:38:e9:17:8a:49:49:d1:2e:15:8b:69:3f:2a:
a4:36:a2:75:e7:c6:09:1c:fd:56:74:4a:54:5e:41:8c:5f:cf:
09:9f:31:6b:7b:58:ba:01:b1:f5:23:ca:98:12:5b:3f:9d:7c:
1d:43:6e:65:31:da:ea:cb:8b:9d:88:7c:21:ab:17:94:de:89:
df:e7:50:bc:be:6c:f1:d3:9c:8a:21:48:50:95:87:cc:6b:4a:
00:f0:7f:f2:56:1d:63:b1:31:02:7f:15:7a:af:74:32:39:5f:
2f:ca:cd:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QMsPl7V3ElRHtUWloJjjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Zjg2YTlhM2M0MjljMWJjMjZlYzA2YTNhZTRlNDE3Y2E3
NGRmZGUwHhcNMjYwMzI5MTEwMDQwWhcNMjYwMzMwMTEwMDQwWjAzMTEwLwYDVQQD
Eyg1MzRmMzk1MzZkZjljZWQxODNiODMyZTA4ODk1NTRiNGMyYWRiZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn31ImkPXyBtCOC/G8uZMlznGVJtT
5xrGOjWcvLqzCo+btM8tf/tVsvOoq/jWQBhoqox/JbfhXy+aM/aQVQp9bBvmik6M
mbcYzGI8A7xRn4+fwBAdRiXqwkoq2SSSZ+MTYS5BGKqa85qrOWyKvvuqlQ/5tVNk
QVWxVPPu85Uf0n2KldfGkalXsUiSWQbVl9U0h6vskZdHIR6x0tlGLkok0dbldWtO
UK6+K0/EE1/M6XToHgPuca0CU1t+Fc7XRMnBa/KNTDp/b1F0QQi7S+97kQpmaUCn
pd2dMBAMZW1tM7snKzQDY27L7XCd1KmN3k7XOvGJGH3K/iH1rufMSGzKGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFNPOVNt+c7Rg7gy4IiVVLTCrb6dMB8GA1UdIwQY
MBaAFNT4apo8Qpwbwm7Aajrk5BfKdN/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVBocW1qeENuQnZDYnNCcU91VGtGOHAwMzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hNWU1MzEtMWEwOC00MzM2LWIwZDgt
NDgzMjY1OTk5NGNiLzEvMVBocW1qeENuQnZDYnNCcU91VGtGOHAwMzk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hNWU1MzEtMWEwOC00MzM2LWIwZDgtNDgzMjY1OTk5NGNi
LzEvMVBocW1qeENuQnZDYnNCcU91VGtGOHAwMzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnVVfKWE5
/iO0x8vdH7w89flZ/IR1dDwa6OMjr+GVqhRyT5gqaGyPGGvvs15Bov1Mik9NjP41
VumomPj/MnA74BYf6kiFFlOIS1qajj+q2On1VcYuSsLOshoY96OB6NdWf/RbJT7U
tnjhzYbhtLKExseNWphrqb6gRrzOWPQawElFGecdVUSu59EquZoYXeEJoiOWNcQ4
6ReKSUnRLhWLaT8qpDaidefGCRz9VnRKVF5BjF/PCZ8xa3tYugGx9SPKmBJbP518
HUNuZTHa6suLnYh8IasXlN6J3+dQvL5s8dOciiFIUJWHzGtKAPB/8lYdY7ExAn8V
eq90MjlfL8rN9g==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:09:59 2026 by rpki-client