Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/5ea2a6-ff2f-47fd-b7c8-f4f45043b8bc/1/p3tNEFqlxNZemaq2926tWJ5ih8w.mft
File: p3tNEFqlxNZemaq2926tWJ5ih8w.mft (raw, json)
Hash identifier: BQC3UIDUvq9p6UNF8LIxDIcpa90/rLPIYpOs0IpwQdg=
Subject key identifier: D5:E0:9F:1D:54:20:0A:C5:38:93:5A:A0:E4:09:BB:08:4E:A1:8D:D2
Authority key identifier: A7:7B:4D:10:5A:A5:C4:D6:5E:99:AA:B6:F7:6E:AD:58:9E:62:87:CC
Certificate issuer: /CN=a77b4d105aa5c4d65e99aab6f76ead589e6287cc
Certificate serial: 019D38D2A787703571A17E10F719764A675F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p3tNEFqlxNZemaq2926tWJ5ih8w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/5ea2a6-ff2f-47fd-b7c8-f4f45043b8bc/1/p3tNEFqlxNZemaq2926tWJ5ih8w.mft
Manifest number: 068C
Signing time: Sun 29 Mar 2026 09:00:22 +0000
Manifest this update: Sun 29 Mar 2026 09:00:22 +0000
Manifest next update: Mon 30 Mar 2026 09:00:22 +0000
Files and hashes: 1: p3tNEFqlxNZemaq2926tWJ5ih8w.crl (hash: ReKZRhWSnB7/WpD9RkGuFKGODeB1pW3QplkMydyM5+4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/5ea2a6-ff2f-47fd-b7c8-f4f45043b8bc/1/p3tNEFqlxNZemaq2926tWJ5ih8w.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/5ea2a6-ff2f-47fd-b7c8-f4f45043b8bc/1/p3tNEFqlxNZemaq2926tWJ5ih8w.mft
rsync://rpki.ripe.net/repository/DEFAULT/p3tNEFqlxNZemaq2926tWJ5ih8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d2:a7:87:70:35:71:a1:7e:10:f7:19:76:4a:67:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a77b4d105aa5c4d65e99aab6f76ead589e6287cc
Validity
Not Before: Mar 29 09:00:22 2026 GMT
Not After : Mar 30 09:00:22 2026 GMT
Subject: CN=d5e09f1d54200ac538935aa0e409bb084ea18dd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b8:b4:29:e2:ec:06:d3:2b:21:9c:ee:58:4e:
5e:84:5a:b9:47:c2:92:aa:3c:98:2b:21:4d:a9:74:
2f:ec:36:ce:65:2f:92:46:1c:ad:32:84:2b:e6:35:
9c:53:74:4c:0c:89:45:6d:b0:19:da:c1:35:7c:63:
33:47:76:e3:c5:10:0d:f2:4b:86:f5:5c:d8:97:2e:
75:2f:4f:37:89:6f:8e:af:53:f0:db:14:ba:2d:6e:
50:63:1b:48:0b:2f:83:ea:9e:8d:6f:5c:5b:92:77:
26:40:14:32:09:5a:5d:c7:40:77:bd:5c:a5:db:7c:
be:33:74:d5:b0:af:86:7e:b7:27:2d:2d:57:7f:c1:
6b:1a:c6:4d:e7:9d:17:30:6b:66:82:6c:36:09:50:
a8:43:fa:00:47:74:9c:35:10:83:03:ff:a0:f4:63:
7c:fe:65:71:b0:3e:43:11:e9:40:ce:73:7a:9e:e6:
c9:55:4b:c4:ea:be:ef:96:b3:5a:4b:a3:f9:0f:2f:
19:11:f5:57:94:dc:67:ed:63:68:62:2e:74:5b:2b:
e5:32:37:42:88:71:78:70:88:17:16:fd:de:1d:81:
2b:98:55:49:6e:6a:dc:e1:2d:f1:0e:03:63:36:98:
03:85:e6:eb:08:58:06:71:a4:66:88:8e:6f:a4:53:
b2:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:E0:9F:1D:54:20:0A:C5:38:93:5A:A0:E4:09:BB:08:4E:A1:8D:D2
X509v3 Authority Key Identifier:
keyid:A7:7B:4D:10:5A:A5:C4:D6:5E:99:AA:B6:F7:6E:AD:58:9E:62:87:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p3tNEFqlxNZemaq2926tWJ5ih8w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/5ea2a6-ff2f-47fd-b7c8-f4f45043b8bc/1/p3tNEFqlxNZemaq2926tWJ5ih8w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/5ea2a6-ff2f-47fd-b7c8-f4f45043b8bc/1/p3tNEFqlxNZemaq2926tWJ5ih8w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
40:a0:e6:c0:f4:1b:fc:33:63:f2:58:68:bc:e8:fc:c1:f9:41:
1c:0f:c7:d2:9b:b0:70:21:b2:3a:33:3c:f6:ca:1b:1f:09:97:
56:81:31:4e:d2:c9:e1:53:bc:e0:6a:d3:49:4c:c3:76:50:f3:
17:dc:b0:b5:29:df:eb:ab:a9:fe:4f:05:75:43:9c:b6:72:e7:
e0:ff:87:c9:86:30:e1:ca:5d:d7:8f:39:d7:cf:ae:7e:7c:5d:
98:08:5c:01:1c:2d:51:9c:3b:83:97:88:c3:a1:6f:ff:d9:6f:
81:5d:c0:fe:2e:83:bd:7e:30:41:5b:d3:6b:68:9a:95:0c:b5:
b5:1c:5e:40:27:14:a0:b7:47:3f:81:9d:d4:87:23:8c:c0:a2:
46:4a:d6:5b:9b:4b:b9:c1:98:c1:a0:23:7d:6a:05:2d:1b:ab:
ac:1a:3a:37:3b:be:e5:d1:22:73:44:45:6f:04:fa:8d:e5:05:
64:6b:a9:52:e6:8d:da:85:3d:d0:78:63:19:f2:fe:74:b8:1f:
83:1a:1c:a1:09:db:d3:08:ec:12:5c:56:bc:4a:17:e8:a2:ab:
a8:64:82:61:18:06:55:eb:97:7b:4c:0d:75:ee:e7:ac:94:af:
d5:d4:1a:9d:34:c8:b2:7f:96:73:9c:86:ec:d0:4b:02:27:9d:
83:43:ea:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040qeHcDVxoX4Q9xl2SmdfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3N2I0ZDEwNWFhNWM0ZDY1ZTk5YWFiNmY3NmVhZDU4OWU2
Mjg3Y2MwHhcNMjYwMzI5MDkwMDIyWhcNMjYwMzMwMDkwMDIyWjAzMTEwLwYDVQQD
EyhkNWUwOWYxZDU0MjAwYWM1Mzg5MzVhYTBlNDA5YmIwODRlYTE4ZGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7i0KeLsBtMrIZzuWE5ehFq5R8KS
qjyYKyFNqXQv7DbOZS+SRhytMoQr5jWcU3RMDIlFbbAZ2sE1fGMzR3bjxRAN8kuG
9VzYly51L083iW+Or1Pw2xS6LW5QYxtICy+D6p6Nb1xbkncmQBQyCVpdx0B3vVyl
23y+M3TVsK+GfrcnLS1Xf8FrGsZN550XMGtmgmw2CVCoQ/oAR3ScNRCDA/+g9GN8
/mVxsD5DEelAznN6nubJVUvE6r7vlrNaS6P5Dy8ZEfVXlNxn7WNoYi50WyvlMjdC
iHF4cIgXFv3eHYErmFVJbmrc4S3xDgNjNpgDhebrCFgGcaRmiI5vpFOyvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNXgnx1UIArFOJNaoOQJuwhOoY3SMB8GA1UdIwQY
MBaAFKd7TRBapcTWXpmqtvdurVieYofMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDN0TkVGcWx4TlplbWFxMjkyNnRXSjVpaDh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81ZWEyYTYtZmYyZi00N2ZkLWI3Yzgt
ZjRmNDUwNDNiOGJjLzEvcDN0TkVGcWx4TlplbWFxMjkyNnRXSjVpaDh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81ZWEyYTYtZmYyZi00N2ZkLWI3YzgtZjRmNDUwNDNiOGJj
LzEvcDN0TkVGcWx4TlplbWFxMjkyNnRXSjVpaDh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQKDmwPQb
/DNj8lhovOj8wflBHA/H0puwcCGyOjM89sobHwmXVoExTtLJ4VO84GrTSUzDdlDz
F9ywtSnf66up/k8FdUOctnLn4P+HyYYw4cpd148518+ufnxdmAhcARwtUZw7g5eI
w6Fv/9lvgV3A/i6DvX4wQVvTa2ialQy1tRxeQCcUoLdHP4Gd1IcjjMCiRkrWW5tL
ucGYwaAjfWoFLRurrBo6Nzu+5dEic0RFbwT6jeUFZGupUuaN2oU90HhjGfL+dLgf
gxocoQnb0wjsElxWvEoX6KKrqGSCYRgGVeuXe0wNde7nrJSv1dQanTTIsn+Wc5yG
7NBLAiedg0Pqzw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:44:35 2026 by rpki-client