Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/u7hl_W36q6dxJJt-uujr1SgKDJc.mft
File: u7hl_W36q6dxJJt-uujr1SgKDJc.mft (raw, json)
Hash identifier: UDvALXn4f997FGFU0rerYCX1Idx4tgKj5aikEuZaeK8=
Subject key identifier: 7A:C4:D1:85:9F:25:D2:32:72:D9:97:57:F0:59:C3:04:E9:32:64:5E
Authority key identifier: BB:B8:65:FD:6D:FA:AB:A7:71:24:9B:7E:BA:E8:EB:D5:28:0A:0C:97
Certificate issuer: /CN=bbb865fd6dfaaba771249b7ebae8ebd5280a0c97
Certificate serial: 019D389C4D9A0D5FD771AA9BBC173729E58F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u7hl_W36q6dxJJt-uujr1SgKDJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/u7hl_W36q6dxJJt-uujr1SgKDJc.mft
Manifest number: 13DA
Signing time: Sun 29 Mar 2026 08:01:00 +0000
Manifest this update: Sun 29 Mar 2026 08:01:00 +0000
Manifest next update: Mon 30 Mar 2026 08:01:00 +0000
Files and hashes: 1: Bym-x8E18AtLf0ybpilnkQ7yGpo.roa (hash: R+XsuHoebGNFenykqVHPvxpXZ/5AsWEx8oTWF+hIAFQ=)
2: u7hl_W36q6dxJJt-uujr1SgKDJc.crl (hash: SGjBEo3xqUkAnlp+wBpp/4OA+Zt1+rrxvV55x8Anz2g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/u7hl_W36q6dxJJt-uujr1SgKDJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/u7hl_W36q6dxJJt-uujr1SgKDJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/u7hl_W36q6dxJJt-uujr1SgKDJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9c:4d:9a:0d:5f:d7:71:aa:9b:bc:17:37:29:e5:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbb865fd6dfaaba771249b7ebae8ebd5280a0c97
Validity
Not Before: Mar 29 08:01:00 2026 GMT
Not After : Mar 30 08:01:00 2026 GMT
Subject: CN=7ac4d1859f25d23272d99757f059c304e932645e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f5:89:6d:3c:81:8b:6e:1b:72:c2:ee:f5:fe:
87:33:a9:ea:94:8c:e5:53:d8:4f:c6:0e:08:f3:40:
e9:97:b5:6e:da:5f:d6:91:d6:d2:8d:de:c7:77:8b:
ba:d1:36:ff:80:7d:93:74:a4:a1:d8:67:f0:80:00:
3d:87:b1:2a:b8:13:ca:4b:3b:be:cf:19:65:8c:96:
53:33:2d:4c:3c:fc:9c:3e:e1:20:fd:78:90:a7:38:
3c:7a:d3:3e:3a:b4:4d:68:99:98:64:f0:0b:df:e8:
45:fd:4c:15:32:9d:59:16:ca:fc:f0:c5:d7:a5:7b:
61:91:21:3f:72:73:7c:44:6f:c5:ee:e2:02:5e:82:
b6:a6:29:0c:eb:e8:91:96:40:6d:7d:14:8b:d6:17:
d6:86:43:98:d7:0c:7e:ac:cd:ca:f7:fd:8a:ae:06:
40:a0:6a:7b:ef:e1:d7:53:4a:8e:da:4a:c5:dd:3f:
7b:98:1d:fa:27:52:17:00:bf:df:b1:4c:2b:25:34:
96:5a:1c:e6:af:28:d9:d2:b2:88:de:92:8f:70:1a:
1b:2f:0e:5d:07:3b:ad:5e:24:86:ae:21:08:6c:06:
d3:89:c8:0a:ff:44:87:ad:6e:52:81:91:86:60:f1:
07:f1:17:8c:7f:dc:4b:69:df:b1:7a:8f:82:bd:fe:
a4:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:C4:D1:85:9F:25:D2:32:72:D9:97:57:F0:59:C3:04:E9:32:64:5E
X509v3 Authority Key Identifier:
keyid:BB:B8:65:FD:6D:FA:AB:A7:71:24:9B:7E:BA:E8:EB:D5:28:0A:0C:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u7hl_W36q6dxJJt-uujr1SgKDJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/u7hl_W36q6dxJJt-uujr1SgKDJc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/u7hl_W36q6dxJJt-uujr1SgKDJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
09:e1:d6:d1:85:34:dc:bc:6d:b0:fa:40:db:40:07:3a:39:3a:
cc:99:39:64:61:25:c2:ac:87:d0:80:12:07:64:70:6d:f6:6d:
99:34:ed:f2:ce:a5:43:1f:ba:e8:eb:d2:45:a6:0b:09:88:b3:
66:2c:3f:90:24:34:b8:77:21:54:43:c1:59:30:15:26:03:9d:
b8:ef:5d:67:d0:e2:60:a7:14:62:75:cd:1f:fe:a9:5d:63:a0:
07:4d:e3:c3:18:21:a9:06:b6:d7:65:e5:c8:76:fb:7a:91:78:
20:e4:cb:c2:bb:38:53:c3:5a:15:62:f5:cf:fa:af:cb:54:48:
83:d8:99:f5:3d:d2:10:48:e2:12:86:85:7f:a0:5a:f9:9d:2a:
86:45:b9:68:bb:79:6e:48:62:c1:82:20:08:86:4c:51:e6:a8:
34:e5:ed:67:d5:45:69:7e:3a:ff:e9:60:38:2e:8e:bf:b3:d4:
92:a6:20:64:1f:48:ea:a7:75:77:86:98:cb:0d:cc:4c:6b:2a:
a9:6a:fe:aa:d5:7c:86:c7:34:3e:19:82:8c:c6:ba:17:9b:d9:
9e:dc:87:66:b9:ff:f2:84:de:4f:b8:a1:23:1c:24:04:e9:fe:
60:3d:7a:66:47:41:cd:e9:ec:35:c9:82:d1:8c:5a:14:18:30:
1c:8d:c4:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nE2aDV/XcaqbvBc3KeWPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiYjg2NWZkNmRmYWFiYTc3MTI0OWI3ZWJhZThlYmQ1Mjgw
YTBjOTcwHhcNMjYwMzI5MDgwMTAwWhcNMjYwMzMwMDgwMTAwWjAzMTEwLwYDVQQD
Eyg3YWM0ZDE4NTlmMjVkMjMyNzJkOTk3NTdmMDU5YzMwNGU5MzI2NDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPWJbTyBi24bcsLu9f6HM6nqlIzl
U9hPxg4I80Dpl7Vu2l/WkdbSjd7Hd4u60Tb/gH2TdKSh2GfwgAA9h7EquBPKSzu+
zxlljJZTMy1MPPycPuEg/XiQpzg8etM+OrRNaJmYZPAL3+hF/UwVMp1ZFsr88MXX
pXthkSE/cnN8RG/F7uICXoK2pikM6+iRlkBtfRSL1hfWhkOY1wx+rM3K9/2KrgZA
oGp77+HXU0qO2krF3T97mB36J1IXAL/fsUwrJTSWWhzmryjZ0rKI3pKPcBobLw5d
BzutXiSGriEIbAbTicgK/0SHrW5SgZGGYPEH8ReMf9xLad+xeo+Cvf6k2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHrE0YWfJdIyctmXV/BZwwTpMmReMB8GA1UdIwQY
MBaAFLu4Zf1t+quncSSbfrro69UoCgyXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTdobF9XMzZxNmR4Skp0LXV1anIxU2dLREpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80M2JiOTQtOTRjNi00ZGFkLWEzNzIt
NWZjZmE0MjE5NzVjLzEvdTdobF9XMzZxNmR4Skp0LXV1anIxU2dLREpjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS80M2JiOTQtOTRjNi00ZGFkLWEzNzItNWZjZmE0MjE5NzVj
LzEvdTdobF9XMzZxNmR4Skp0LXV1anIxU2dLREpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACeHW0YU0
3LxtsPpA20AHOjk6zJk5ZGElwqyH0IASB2RwbfZtmTTt8s6lQx+66OvSRaYLCYiz
Ziw/kCQ0uHchVEPBWTAVJgOduO9dZ9DiYKcUYnXNH/6pXWOgB03jwxghqQa212Xl
yHb7epF4IOTLwrs4U8NaFWL1z/qvy1RIg9iZ9T3SEEjiEoaFf6Ba+Z0qhkW5aLt5
bkhiwYIgCIZMUeaoNOXtZ9VFaX46/+lgOC6Ov7PUkqYgZB9I6qd1d4aYyw3MTGsq
qWr+qtV8hsc0PhmCjMa6F5vZntyHZrn/8oTeT7ihIxwkBOn+YD16ZkdBzensNcmC
0YxaFBgwHI3Eqg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:28:14 2026 by rpki-client