Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/y2RbwP24YmvOLAQlxAh7VOFQ04Y.mft
File: y2RbwP24YmvOLAQlxAh7VOFQ04Y.mft (raw, json)
Hash identifier: bfccfp+psreV3KEQwCHsZxl0KgxESfY1gD2mrstr+NI=
Subject key identifier: 9A:52:4E:79:1B:C4:4A:53:52:46:AF:59:D7:32:D6:0A:20:96:D4:F4
Authority key identifier: CB:64:5B:C0:FD:B8:62:6B:CE:2C:04:25:C4:08:7B:54:E1:50:D3:86
Certificate issuer: /CN=cb645bc0fdb8626bce2c0425c4087b54e150d386
Certificate serial: 019D389C2968CB8DA1CFF6BB08CD8019EC46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y2RbwP24YmvOLAQlxAh7VOFQ04Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/y2RbwP24YmvOLAQlxAh7VOFQ04Y.mft
Manifest number: 142E
Signing time: Sun 29 Mar 2026 08:00:51 +0000
Manifest this update: Sun 29 Mar 2026 08:00:51 +0000
Manifest next update: Mon 30 Mar 2026 08:00:51 +0000
Files and hashes: 1: g8srjClL_WgGHUbPNnBUFgTpuTk.roa (hash: gDJAvf7gVoC2n87omYhiXK7E56pj3nGGaW/bXZGo4II=)
2: y2RbwP24YmvOLAQlxAh7VOFQ04Y.crl (hash: GHUAHbPCFQc3FhFWw3/zlNbsXaI7VOMSpR6uiVIxdmQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/y2RbwP24YmvOLAQlxAh7VOFQ04Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/y2RbwP24YmvOLAQlxAh7VOFQ04Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/y2RbwP24YmvOLAQlxAh7VOFQ04Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9c:29:68:cb:8d:a1:cf:f6:bb:08:cd:80:19:ec:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb645bc0fdb8626bce2c0425c4087b54e150d386
Validity
Not Before: Mar 29 08:00:51 2026 GMT
Not After : Mar 30 08:00:51 2026 GMT
Subject: CN=9a524e791bc44a535246af59d732d60a2096d4f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e3:a7:5f:38:70:64:ff:aa:02:3a:b6:dc:1d:
44:59:48:71:c9:ea:b6:86:b7:76:e3:ff:cb:c5:e8:
55:97:43:6c:54:19:04:18:32:1a:98:f2:19:a9:80:
e5:13:4f:13:a7:5d:38:4b:0a:b7:73:e1:06:11:de:
fa:97:7e:98:69:34:21:fe:6d:98:d5:5a:96:74:df:
c1:83:39:4b:b7:4f:3a:58:1f:b3:e3:8f:57:dc:a1:
2f:d4:54:3c:94:a3:f6:31:45:d8:8a:66:f3:6f:c0:
7d:3d:a1:82:a5:4f:35:d0:39:7c:2e:0f:2e:d4:ca:
43:c4:97:be:7c:f1:62:00:8b:3c:cb:9a:1b:c3:eb:
73:8a:65:c0:3a:f0:b9:e9:89:06:0f:d8:1e:d0:42:
42:dc:cb:bc:3d:17:74:c2:65:21:36:94:8d:43:ea:
18:d7:1d:73:b5:83:48:d7:f2:09:d1:2a:12:bd:fa:
9b:a6:92:5f:fa:ba:9f:76:80:18:e3:3b:58:50:db:
48:00:d7:71:05:66:04:5c:70:54:8d:c6:e9:1d:29:
f7:32:6f:45:5f:50:c6:82:9a:4b:e2:5c:be:ea:71:
0a:5d:ad:85:aa:a2:01:20:28:67:76:0f:24:9d:a6:
af:8c:ca:20:a3:fc:8b:4d:dc:4b:93:d5:c3:eb:dc:
17:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:52:4E:79:1B:C4:4A:53:52:46:AF:59:D7:32:D6:0A:20:96:D4:F4
X509v3 Authority Key Identifier:
keyid:CB:64:5B:C0:FD:B8:62:6B:CE:2C:04:25:C4:08:7B:54:E1:50:D3:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y2RbwP24YmvOLAQlxAh7VOFQ04Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/y2RbwP24YmvOLAQlxAh7VOFQ04Y.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/y2RbwP24YmvOLAQlxAh7VOFQ04Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:f4:1e:3d:3d:98:29:56:73:ee:3f:f0:6c:a7:2b:de:14:f1:
b8:1a:25:a8:ca:02:a6:31:84:5a:b7:5e:62:fd:91:7b:f5:d9:
63:fc:aa:49:88:b3:18:8b:46:25:f9:38:53:2e:fb:e4:96:46:
51:8c:07:15:7a:fa:87:36:97:df:ff:be:84:f0:4b:0d:74:b9:
81:1b:e0:cb:6c:56:ce:0d:7c:1d:49:29:47:61:38:82:50:10:
35:31:41:7d:c3:74:e1:5a:c8:51:c0:f5:26:ad:8d:08:ef:4d:
4a:20:aa:e4:0b:e1:32:1a:ce:0e:dc:8c:cb:a0:ed:f3:35:28:
9f:c9:95:18:7c:fd:14:2d:ae:94:19:bf:94:57:4c:29:05:1c:
cd:b6:9b:eb:20:d6:e1:83:0e:1d:ed:c4:3d:30:a1:41:13:e0:
cb:2f:54:34:d1:2c:62:d2:a4:7f:65:10:67:d0:df:cf:ec:2d:
17:6e:38:4d:7a:93:ab:c1:2e:9e:04:14:39:ca:d2:e4:33:11:
d2:ee:6e:33:b8:37:49:ae:a0:79:bf:04:e2:84:9e:4d:f8:1f:
ae:b0:64:c3:ff:af:59:f4:b0:8e:cc:5e:10:db:cd:78:8a:c1:
da:3b:6d:7d:c2:7e:e8:e0:9a:0e:63:32:c9:45:4f:8d:01:ba:
66:b6:7d:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nCloy42hz/a7CM2AGexGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNjQ1YmMwZmRiODYyNmJjZTJjMDQyNWM0MDg3YjU0ZTE1
MGQzODYwHhcNMjYwMzI5MDgwMDUxWhcNMjYwMzMwMDgwMDUxWjAzMTEwLwYDVQQD
Eyg5YTUyNGU3OTFiYzQ0YTUzNTI0NmFmNTlkNzMyZDYwYTIwOTZkNGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+OnXzhwZP+qAjq23B1EWUhxyeq2
hrd24//LxehVl0NsVBkEGDIamPIZqYDlE08Tp104Swq3c+EGEd76l36YaTQh/m2Y
1VqWdN/BgzlLt086WB+z449X3KEv1FQ8lKP2MUXYimbzb8B9PaGCpU810Dl8Lg8u
1MpDxJe+fPFiAIs8y5obw+tzimXAOvC56YkGD9ge0EJC3Mu8PRd0wmUhNpSNQ+oY
1x1ztYNI1/IJ0SoSvfqbppJf+rqfdoAY4ztYUNtIANdxBWYEXHBUjcbpHSn3Mm9F
X1DGgppL4ly+6nEKXa2FqqIBIChndg8knaavjMogo/yLTdxLk9XD69wXhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJpSTnkbxEpTUkavWdcy1gogltT0MB8GA1UdIwQY
MBaAFMtkW8D9uGJrziwEJcQIe1ThUNOGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTJSYndQMjRZbXZPTEFRbHhBaDdWT0ZRMDRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81N2JmODktZmUzYi00YzIxLThmZmIt
ZTg3NTRkMDA1ZWJlLzEveTJSYndQMjRZbXZPTEFRbHhBaDdWT0ZRMDRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81N2JmODktZmUzYi00YzIxLThmZmItZTg3NTRkMDA1ZWJl
LzEveTJSYndQMjRZbXZPTEFRbHhBaDdWT0ZRMDRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYPQePT2Y
KVZz7j/wbKcr3hTxuBolqMoCpjGEWrdeYv2Re/XZY/yqSYizGItGJfk4Uy775JZG
UYwHFXr6hzaX3/++hPBLDXS5gRvgy2xWzg18HUkpR2E4glAQNTFBfcN04VrIUcD1
Jq2NCO9NSiCq5AvhMhrODtyMy6Dt8zUon8mVGHz9FC2ulBm/lFdMKQUczbab6yDW
4YMOHe3EPTChQRPgyy9UNNEsYtKkf2UQZ9Dfz+wtF244TXqTq8EungQUOcrS5DMR
0u5uM7g3Sa6geb8E4oSeTfgfrrBkw/+vWfSwjsxeENvNeIrB2jttfcJ+6OCaDmMy
yUVPjQG6ZrZ9hQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:41:40 2026 by rpki-client