Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/be439e-d3c8-48a1-a7b7-c296ec4b2170/1/r5aNFt0rQdNStf0zxJs-xP2tQlg.mft
File: r5aNFt0rQdNStf0zxJs-xP2tQlg.mft (raw, json)
Hash identifier: 91FjM3HfS28hs4Y4xtQaUhH+l1Ds5DhGHDcstaZ5U4Y=
Subject key identifier: 21:96:CE:B0:D0:07:C6:8F:E7:0D:CB:84:F5:1F:62:B4:F7:66:44:33
Authority key identifier: AF:96:8D:16:DD:2B:41:D3:52:B5:FD:33:C4:9B:3E:C4:FD:AD:42:58
Certificate issuer: /CN=af968d16dd2b41d352b5fd33c49b3ec4fdad4258
Certificate serial: 019D39AF7A15A6B52AA48D50F6CCE29F749F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r5aNFt0rQdNStf0zxJs-xP2tQlg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/be439e-d3c8-48a1-a7b7-c296ec4b2170/1/r5aNFt0rQdNStf0zxJs-xP2tQlg.mft
Manifest number: 11A0
Signing time: Sun 29 Mar 2026 13:01:34 +0000
Manifest this update: Sun 29 Mar 2026 13:01:34 +0000
Manifest next update: Mon 30 Mar 2026 13:01:34 +0000
Files and hashes: 1: r5aNFt0rQdNStf0zxJs-xP2tQlg.crl (hash: kMACMVfzndhKM+rJtQ22uSAE0E9+Ng1Yzu4mxnf/dXY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/be439e-d3c8-48a1-a7b7-c296ec4b2170/1/r5aNFt0rQdNStf0zxJs-xP2tQlg.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/be439e-d3c8-48a1-a7b7-c296ec4b2170/1/r5aNFt0rQdNStf0zxJs-xP2tQlg.mft
rsync://rpki.ripe.net/repository/DEFAULT/r5aNFt0rQdNStf0zxJs-xP2tQlg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:af:7a:15:a6:b5:2a:a4:8d:50:f6:cc:e2:9f:74:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af968d16dd2b41d352b5fd33c49b3ec4fdad4258
Validity
Not Before: Mar 29 13:01:34 2026 GMT
Not After : Mar 30 13:01:34 2026 GMT
Subject: CN=2196ceb0d007c68fe70dcb84f51f62b4f7664433
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:59:b3:b2:93:2e:5b:a3:47:51:85:82:0b:1b:
fb:41:4b:c7:d6:90:b9:19:15:ce:b7:5e:27:4d:68:
c5:cf:9d:19:d3:1e:39:92:f0:58:2b:30:e6:65:f3:
42:0b:42:e5:c5:c2:1d:63:36:e6:21:b5:31:38:58:
d9:58:20:71:c6:f2:92:63:86:35:6d:d4:f2:bb:27:
b4:22:6f:4b:3c:4c:71:61:1d:86:13:12:8c:76:fc:
80:a9:f1:37:6e:41:27:ad:ed:22:93:19:b7:d6:af:
5c:da:4c:2d:de:cf:7b:58:37:e5:c7:d2:78:24:2c:
30:b2:01:98:0f:09:b7:87:1d:b8:05:08:f1:73:cf:
3b:44:7f:ec:ff:f1:c2:ea:71:b9:88:83:42:24:22:
59:93:27:e5:a0:d3:f5:77:61:10:a4:89:8f:45:1b:
15:03:06:e8:02:79:e3:cc:b7:7a:19:9c:4b:d9:1a:
9d:c5:ac:b8:30:d2:95:ed:23:b7:49:24:94:7c:97:
9d:f2:9a:4a:6e:f4:93:1b:6d:70:36:4a:ef:f1:0e:
cb:ed:8d:f0:e0:a5:6f:f6:78:63:4d:60:06:75:ad:
16:d5:e2:46:17:db:a6:85:8c:83:ea:5e:94:73:81:
36:71:41:51:5f:d7:f6:c9:27:c1:fa:52:ee:f2:24:
ac:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:96:CE:B0:D0:07:C6:8F:E7:0D:CB:84:F5:1F:62:B4:F7:66:44:33
X509v3 Authority Key Identifier:
keyid:AF:96:8D:16:DD:2B:41:D3:52:B5:FD:33:C4:9B:3E:C4:FD:AD:42:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r5aNFt0rQdNStf0zxJs-xP2tQlg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/be439e-d3c8-48a1-a7b7-c296ec4b2170/1/r5aNFt0rQdNStf0zxJs-xP2tQlg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/be439e-d3c8-48a1-a7b7-c296ec4b2170/1/r5aNFt0rQdNStf0zxJs-xP2tQlg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1c:fd:17:76:15:85:fb:be:2b:33:1a:19:87:df:10:cf:33:d5:
4f:22:cf:ec:52:b8:b2:fa:be:e4:f2:86:95:6e:2c:ea:3a:f1:
ec:17:3a:eb:90:26:f6:c5:a7:1d:ae:ec:bc:a4:f4:7b:0c:03:
70:7e:07:26:a3:35:2d:7c:f7:f7:86:65:94:28:f9:4d:42:f8:
f2:1d:6b:69:e8:78:3a:0b:4c:0c:37:55:5e:70:8b:3c:9e:0f:
30:07:bf:74:a6:80:6a:cb:dc:9d:49:05:fe:bc:4b:80:4b:80:
79:08:72:04:bf:a7:07:c1:b3:98:55:c2:94:76:a5:0a:fd:31:
4e:6a:05:39:1c:8e:0b:33:62:f6:d9:bf:db:5e:dc:6e:fa:7b:
8d:5d:36:57:30:73:da:66:9d:08:15:b9:3a:84:77:d4:80:7e:
6a:aa:7b:65:ff:b8:e4:ef:93:59:9c:21:1a:ba:24:2c:00:54:
70:22:4b:2f:5f:0b:47:ac:00:a7:19:d5:52:6c:95:e8:9e:68:
d9:6c:14:1f:33:f8:cc:bb:e3:91:de:2e:44:62:11:ba:96:cb:
b8:3b:77:09:e1:11:db:a6:97:0f:4f:23:33:5d:11:e8:eb:3c:
bd:0c:82:c0:09:c4:d8:96:02:fd:62:e2:41:b6:63:2d:91:5f:
a2:21:12:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05r3oVprUqpI1Q9szin3SfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOTY4ZDE2ZGQyYjQxZDM1MmI1ZmQzM2M0OWIzZWM0ZmRh
ZDQyNTgwHhcNMjYwMzI5MTMwMTM0WhcNMjYwMzMwMTMwMTM0WjAzMTEwLwYDVQQD
EygyMTk2Y2ViMGQwMDdjNjhmZTcwZGNiODRmNTFmNjJiNGY3NjY0NDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulmzspMuW6NHUYWCCxv7QUvH1pC5
GRXOt14nTWjFz50Z0x45kvBYKzDmZfNCC0LlxcIdYzbmIbUxOFjZWCBxxvKSY4Y1
bdTyuye0Im9LPExxYR2GExKMdvyAqfE3bkEnre0ikxm31q9c2kwt3s97WDflx9J4
JCwwsgGYDwm3hx24BQjxc887RH/s//HC6nG5iINCJCJZkyfloNP1d2EQpImPRRsV
AwboAnnjzLd6GZxL2Rqdxay4MNKV7SO3SSSUfJed8ppKbvSTG21wNkrv8Q7L7Y3w
4KVv9nhjTWAGda0W1eJGF9umhYyD6l6Uc4E2cUFRX9f2ySfB+lLu8iSsnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCGWzrDQB8aP5w3LhPUfYrT3ZkQzMB8GA1UdIwQY
MBaAFK+WjRbdK0HTUrX9M8SbPsT9rUJYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjVhTkZ0MHJRZE5TdGYwenhKcy14UDJ0UWxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9iZTQzOWUtZDNjOC00OGExLWE3Yjct
YzI5NmVjNGIyMTcwLzEvcjVhTkZ0MHJRZE5TdGYwenhKcy14UDJ0UWxnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9iZTQzOWUtZDNjOC00OGExLWE3YjctYzI5NmVjNGIyMTcw
LzEvcjVhTkZ0MHJRZE5TdGYwenhKcy14UDJ0UWxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHP0XdhWF
+74rMxoZh98QzzPVTyLP7FK4svq+5PKGlW4s6jrx7Bc665Am9sWnHa7svKT0ewwD
cH4HJqM1LXz394ZllCj5TUL48h1raeh4OgtMDDdVXnCLPJ4PMAe/dKaAasvcnUkF
/rxLgEuAeQhyBL+nB8GzmFXClHalCv0xTmoFORyOCzNi9tm/217cbvp7jV02VzBz
2madCBW5OoR31IB+aqp7Zf+45O+TWZwhGrokLABUcCJLL18LR6wApxnVUmyV6J5o
2WwUHzP4zLvjkd4uRGIRupbLuDt3CeER26aXD08jM10R6Os8vQyCwAnE2JYC/WLi
QbZjLZFfoiESbg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 16:26:21 2026 by rpki-client