Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/af72e8-f0d2-4d66-b520-3aba595b58a8/1/upcN4SazoLVI2tdvXvqIhVxvH_I.mft
File: upcN4SazoLVI2tdvXvqIhVxvH_I.mft (raw, json)
Hash identifier: AHlDyQvo6AA4qEEti9k6bwy9HCtNXAOAC3SV37+K1+Q=
Subject key identifier: 5A:BE:9B:A5:DA:4D:42:12:A3:F5:93:2E:71:E2:0A:9E:5A:8B:F4:C5
Authority key identifier: BA:97:0D:E1:26:B3:A0:B5:48:DA:D7:6F:5E:FA:88:85:5C:6F:1F:F2
Certificate issuer: /CN=ba970de126b3a0b548dad76f5efa88855c6f1ff2
Certificate serial: 019D3A8A914C4BED62B4E98838C8EC2C5667
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/upcN4SazoLVI2tdvXvqIhVxvH_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/af72e8-f0d2-4d66-b520-3aba595b58a8/1/upcN4SazoLVI2tdvXvqIhVxvH_I.mft
Manifest number: 0C17
Signing time: Sun 29 Mar 2026 17:00:52 +0000
Manifest this update: Sun 29 Mar 2026 17:00:52 +0000
Manifest next update: Mon 30 Mar 2026 17:00:52 +0000
Files and hashes: 1: Q_P7X5C1lmaNlkbuzVGT844GFfo.asa (hash: nwImYSIcMFyAUiCaJ41mpvQb3aaHOwHGxJ4PTZp+Yz0=)
2: sH_i52u9I2QPQooV8iPsfP3TRkE.roa (hash: 3i21QPZ/ky3oP395rnMd9Ue3A3mgKCo4RMpPmWOaqwk=)
3: upcN4SazoLVI2tdvXvqIhVxvH_I.crl (hash: YO/k039up8gbUrKR92tp3a07Ff0neBFxJkllglM4KaQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/af72e8-f0d2-4d66-b520-3aba595b58a8/1/upcN4SazoLVI2tdvXvqIhVxvH_I.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/af72e8-f0d2-4d66-b520-3aba595b58a8/1/upcN4SazoLVI2tdvXvqIhVxvH_I.mft
rsync://rpki.ripe.net/repository/DEFAULT/upcN4SazoLVI2tdvXvqIhVxvH_I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 16:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3a:8a:91:4c:4b:ed:62:b4:e9:88:38:c8:ec:2c:56:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba970de126b3a0b548dad76f5efa88855c6f1ff2
Validity
Not Before: Mar 29 17:00:52 2026 GMT
Not After : Mar 30 17:00:52 2026 GMT
Subject: CN=5abe9ba5da4d4212a3f5932e71e20a9e5a8bf4c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:7a:16:13:35:0d:38:eb:c6:78:41:e1:a8:95:
46:6b:1e:fc:cf:3c:09:31:77:b0:7d:13:82:92:58:
41:4b:ca:2b:28:f7:7f:e8:95:59:eb:86:08:1b:71:
10:2b:13:63:7f:87:66:c0:9f:ff:b7:07:1c:e9:82:
5e:d8:c0:45:d2:f4:21:6a:3f:a0:5e:3d:51:eb:ae:
52:0f:c5:e9:1a:db:27:e6:98:75:ba:f1:fd:bd:82:
73:c2:b3:2e:64:00:3e:37:7a:dd:ab:da:fa:72:d6:
e2:1a:b0:87:d3:f6:28:89:59:d8:30:99:98:98:6a:
b9:04:16:9a:1e:ad:eb:7a:c4:4b:3c:94:19:b9:3a:
52:5f:e5:b4:15:47:a3:30:04:f9:2f:99:9a:b3:71:
05:cb:f5:6f:b6:38:b2:bd:10:4a:bf:a6:cf:a8:52:
5d:14:bd:29:82:f9:de:e6:3e:58:f6:e9:b5:db:0a:
95:e1:14:31:7f:81:f5:29:a4:44:be:ca:d3:83:59:
9b:fc:7f:eb:a2:50:93:42:43:55:7b:d5:68:39:a1:
43:c5:a2:40:5b:4b:0d:e9:fc:75:12:55:de:e7:0d:
f5:3b:a7:5d:a3:e2:13:3f:48:7f:5c:e2:c1:72:23:
a8:80:22:0a:18:ae:bf:99:07:65:16:55:87:f8:2f:
58:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:BE:9B:A5:DA:4D:42:12:A3:F5:93:2E:71:E2:0A:9E:5A:8B:F4:C5
X509v3 Authority Key Identifier:
keyid:BA:97:0D:E1:26:B3:A0:B5:48:DA:D7:6F:5E:FA:88:85:5C:6F:1F:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/upcN4SazoLVI2tdvXvqIhVxvH_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/af72e8-f0d2-4d66-b520-3aba595b58a8/1/upcN4SazoLVI2tdvXvqIhVxvH_I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/af72e8-f0d2-4d66-b520-3aba595b58a8/1/upcN4SazoLVI2tdvXvqIhVxvH_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
31:3e:60:2e:2b:3e:b2:a2:95:4f:5c:3c:80:dc:6d:8c:40:6a:
9c:f3:2a:d9:36:49:17:14:3c:23:f7:81:30:51:c9:fe:47:01:
28:53:17:72:bf:8d:b9:8d:26:b9:8f:5e:c8:54:03:09:f9:a4:
be:dc:00:79:bc:ec:dc:65:c8:09:4b:da:3d:91:1a:4b:f5:e0:
68:2f:8d:76:cf:0b:78:f7:2e:bb:82:2e:0d:49:d5:d8:dd:06:
59:fd:e4:99:45:d1:7c:cf:c3:6b:46:c5:f3:29:47:23:30:6e:
7b:4b:bc:0f:3f:f5:f3:e1:94:cb:b1:15:5f:2e:6e:29:36:c5:
6f:1a:bb:1c:1f:2d:78:bf:31:f6:1f:9f:87:e8:68:dd:c2:86:
e5:75:5d:78:9d:3a:ef:a4:a1:60:48:39:f9:f8:96:1d:a9:9d:
31:c5:da:0c:93:9a:61:e2:54:d9:bd:f0:cf:5f:5c:45:57:d9:
56:6b:d2:ca:8e:4d:de:1b:d5:b6:2f:e3:5c:0c:71:65:44:d3:
32:af:9d:70:94:b7:f5:1b:6c:51:d4:ed:db:da:1a:fd:68:cd:
87:f5:ce:9c:f1:0b:53:d1:d2:ba:4b:69:33:c2:0f:3f:df:17:
e2:2f:19:c2:49:0c:13:5b:4a:44:8d:96:45:2b:1e:e4:93:a1:
d1:70:2a:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06ipFMS+1itOmIOMjsLFZnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOTcwZGUxMjZiM2EwYjU0OGRhZDc2ZjVlZmE4ODg1NWM2
ZjFmZjIwHhcNMjYwMzI5MTcwMDUyWhcNMjYwMzMwMTcwMDUyWjAzMTEwLwYDVQQD
Eyg1YWJlOWJhNWRhNGQ0MjEyYTNmNTkzMmU3MWUyMGE5ZTVhOGJmNGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXoWEzUNOOvGeEHhqJVGax78zzwJ
MXewfROCklhBS8orKPd/6JVZ64YIG3EQKxNjf4dmwJ//twcc6YJe2MBF0vQhaj+g
Xj1R665SD8XpGtsn5ph1uvH9vYJzwrMuZAA+N3rdq9r6ctbiGrCH0/YoiVnYMJmY
mGq5BBaaHq3resRLPJQZuTpSX+W0FUejMAT5L5mas3EFy/VvtjiyvRBKv6bPqFJd
FL0pgvne5j5Y9um12wqV4RQxf4H1KaREvsrTg1mb/H/rolCTQkNVe9VoOaFDxaJA
W0sN6fx1ElXe5w31O6ddo+ITP0h/XOLBciOogCIKGK6/mQdlFlWH+C9YDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFq+m6XaTUISo/WTLnHiCp5ai/TFMB8GA1UdIwQY
MBaAFLqXDeEms6C1SNrXb176iIVcbx/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXBjTjRTYXpvTFZJMnRkdlh2cUloVnh2SF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9hZjcyZTgtZjBkMi00ZDY2LWI1MjAt
M2FiYTU5NWI1OGE4LzEvdXBjTjRTYXpvTFZJMnRkdlh2cUloVnh2SF9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9hZjcyZTgtZjBkMi00ZDY2LWI1MjAtM2FiYTU5NWI1OGE4
LzEvdXBjTjRTYXpvTFZJMnRkdlh2cUloVnh2SF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMT5gLis+
sqKVT1w8gNxtjEBqnPMq2TZJFxQ8I/eBMFHJ/kcBKFMXcr+NuY0muY9eyFQDCfmk
vtwAebzs3GXICUvaPZEaS/XgaC+Nds8LePcuu4IuDUnV2N0GWf3kmUXRfM/Da0bF
8ylHIzBue0u8Dz/18+GUy7EVXy5uKTbFbxq7HB8teL8x9h+fh+ho3cKG5XVdeJ06
76ShYEg5+fiWHamdMcXaDJOaYeJU2b3wz19cRVfZVmvSyo5N3hvVti/jXAxxZUTT
Mq+dcJS39RtsUdTt29oa/WjNh/XOnPELU9HSuktpM8IPP98X4i8ZwkkME1tKRI2W
RSse5JOh0XAqfA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 21:16:06 2026 by rpki-client