Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.mft
File: MkxxBGxUn7PH1OvEz5UZ0ALnbfE.mft (raw, json)
Hash identifier: 55aGR3o/L5klzo8vNci61sRUDLHEg4tlPoGums+rYaM=
Subject key identifier: FA:93:B7:53:7C:31:F9:32:94:F1:B1:42:4B:52:BC:F5:1A:5D:DA:9A
Authority key identifier: 32:4C:71:04:6C:54:9F:B3:C7:D4:EB:C4:CF:95:19:D0:02:E7:6D:F1
Certificate issuer: /CN=324c71046c549fb3c7d4ebc4cf9519d002e76df1
Certificate serial: 019D37C0EDCD171850A8FCF25BFBADA83776
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.mft
Manifest number: 0D57
Signing time: Sun 29 Mar 2026 04:01:23 +0000
Manifest this update: Sun 29 Mar 2026 04:01:23 +0000
Manifest next update: Mon 30 Mar 2026 04:01:23 +0000
Files and hashes: 1: 0V_y0HBzvEsTHB0OqOkherqmcqg.roa (hash: 5K9v1dL8zyHCCylOHHNJD1ggYb0DLDZrjC3+O53wQvs=)
2: MkxxBGxUn7PH1OvEz5UZ0ALnbfE.crl (hash: O1vAB0+weVlkdD3bsMVUlikRwxQKxjH8pwj58nhQR2M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.mft
rsync://rpki.ripe.net/repository/DEFAULT/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:ed:cd:17:18:50:a8:fc:f2:5b:fb:ad:a8:37:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=324c71046c549fb3c7d4ebc4cf9519d002e76df1
Validity
Not Before: Mar 29 04:01:23 2026 GMT
Not After : Mar 30 04:01:23 2026 GMT
Subject: CN=fa93b7537c31f93294f1b1424b52bcf51a5dda9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:4a:52:04:d2:a8:31:ed:be:3b:18:3f:76:81:
29:e8:ed:b3:d1:85:5b:df:87:da:11:68:a2:af:6d:
71:0d:56:7a:24:13:f9:04:ec:d5:85:0b:cb:76:3a:
29:ee:98:81:a7:f0:97:2a:5e:a2:39:79:c4:f8:04:
04:86:3b:ff:bf:11:8f:86:3b:c7:f4:5e:30:89:29:
65:23:98:7e:26:58:01:4f:7d:a8:da:69:52:49:e6:
5c:f3:a5:14:13:fe:07:e0:88:fd:25:11:6e:e3:50:
f5:ef:50:a2:2b:cc:d8:e1:32:7d:46:35:5a:4c:00:
32:bd:1d:4c:47:81:35:8f:99:b0:84:01:b6:07:30:
2d:d4:0a:db:cf:5f:c1:25:ac:0b:0b:ac:38:3f:84:
9b:94:5d:44:1b:ce:e6:37:d7:2f:79:7c:67:62:0f:
b2:11:42:01:15:9a:49:94:70:12:96:6a:24:e8:d3:
0a:5a:9a:65:97:9f:8a:1f:02:c9:39:3b:92:15:51:
50:66:33:1e:23:e4:4f:8b:29:12:47:1e:b0:9f:ff:
f2:de:1f:86:87:b9:ac:b0:6e:a9:90:77:e9:16:3e:
84:0b:3a:17:4d:34:33:67:8d:d7:3c:fb:00:50:f0:
10:3c:e9:a2:39:42:b1:bc:2c:11:64:3c:6f:ae:e0:
a7:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:93:B7:53:7C:31:F9:32:94:F1:B1:42:4B:52:BC:F5:1A:5D:DA:9A
X509v3 Authority Key Identifier:
keyid:32:4C:71:04:6C:54:9F:B3:C7:D4:EB:C4:CF:95:19:D0:02:E7:6D:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3b:48:63:bc:74:74:5a:ac:c4:d7:a2:59:ee:f9:f6:18:c9:24:
4f:4d:30:e5:6d:81:23:49:a6:7d:74:60:d5:1f:fd:da:76:e1:
a9:75:0c:d7:48:54:27:61:e8:d0:d1:3f:90:84:da:fd:ac:1b:
5b:49:11:cf:8c:63:8b:4b:40:72:ae:63:f4:50:20:bb:b7:11:
86:fa:f8:cf:31:5d:a2:0f:bd:6c:ba:2d:1c:ea:86:12:76:fc:
c5:a0:b5:82:23:e2:38:37:9b:a1:9e:7b:a2:55:eb:53:33:03:
59:5f:58:d0:26:81:2c:87:c5:55:54:ec:c1:50:fc:3d:e6:a5:
36:a9:98:95:2f:09:8e:39:ac:26:d5:53:5f:e0:8a:3b:4b:75:
97:7e:55:b2:76:cb:41:2c:90:6a:89:ca:b1:6a:d9:28:c7:fc:
b0:b3:00:67:52:0b:89:33:a6:12:a1:e8:59:ed:9e:ca:88:96:
6d:b8:6c:c1:fc:a1:e4:21:9a:ff:ee:80:1e:dd:25:c4:85:54:
71:52:d5:5a:10:9e:08:cb:eb:0d:ea:26:50:62:83:db:4b:d1:
55:d0:17:2b:8d:ff:e6:c6:ad:f5:60:31:dc:f8:59:17:b3:f3:
8b:e6:05:5c:f3:35:37:9d:ec:06:1a:30:88:80:ff:19:16:f1:
8f:85:d2:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wO3NFxhQqPzyW/utqDd2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNGM3MTA0NmM1NDlmYjNjN2Q0ZWJjNGNmOTUxOWQwMDJl
NzZkZjEwHhcNMjYwMzI5MDQwMTIzWhcNMjYwMzMwMDQwMTIzWjAzMTEwLwYDVQQD
EyhmYTkzYjc1MzdjMzFmOTMyOTRmMWIxNDI0YjUyYmNmNTFhNWRkYTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEpSBNKoMe2+Oxg/doEp6O2z0YVb
34faEWiir21xDVZ6JBP5BOzVhQvLdjop7piBp/CXKl6iOXnE+AQEhjv/vxGPhjvH
9F4wiSllI5h+JlgBT32o2mlSSeZc86UUE/4H4Ij9JRFu41D171CiK8zY4TJ9RjVa
TAAyvR1MR4E1j5mwhAG2BzAt1Arbz1/BJawLC6w4P4SblF1EG87mN9cveXxnYg+y
EUIBFZpJlHASlmok6NMKWppll5+KHwLJOTuSFVFQZjMeI+RPiykSRx6wn//y3h+G
h7mssG6pkHfpFj6ECzoXTTQzZ43XPPsAUPAQPOmiOUKxvCwRZDxvruCnJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPqTt1N8MfkylPGxQktSvPUaXdqaMB8GA1UdIwQY
MBaAFDJMcQRsVJ+zx9TrxM+VGdAC523xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWt4eEJHeFVuN1BIMU92RXo1VVowQUxuYmZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8xMjViOWQtMmExZi00NjNhLTk2NWUt
N2NmZWFmMDg2ZTE0LzEvTWt4eEJHeFVuN1BIMU92RXo1VVowQUxuYmZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8xMjViOWQtMmExZi00NjNhLTk2NWUtN2NmZWFmMDg2ZTE0
LzEvTWt4eEJHeFVuN1BIMU92RXo1VVowQUxuYmZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO0hjvHR0
WqzE16JZ7vn2GMkkT00w5W2BI0mmfXRg1R/92nbhqXUM10hUJ2Ho0NE/kITa/awb
W0kRz4xji0tAcq5j9FAgu7cRhvr4zzFdog+9bLotHOqGEnb8xaC1giPiODeboZ57
olXrUzMDWV9Y0CaBLIfFVVTswVD8PealNqmYlS8JjjmsJtVTX+CKO0t1l35VsnbL
QSyQaonKsWrZKMf8sLMAZ1ILiTOmEqHoWe2eyoiWbbhswfyh5CGa/+6AHt0lxIVU
cVLVWhCeCMvrDeomUGKD20vRVdAXK43/5sat9WAx3PhZF7Pzi+YFXPM1N53sBhow
iID/GRbxj4XSxQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:26:43 2026 by rpki-client