Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
File: r433xPeRM3MP4-aJR3enlgSly3k.mft (raw, json)
Hash identifier: BrcohKeGnByJ4ugckv70anSx2Y6dIBWX/hBsgx5kb5s=
Subject key identifier: 1C:6D:30:00:DB:B2:88:43:47:E7:5A:4E:0D:2B:E1:F0:5F:C3:EC:AA
Authority key identifier: AF:8D:F7:C4:F7:91:33:73:0F:E3:E6:89:47:77:A7:96:04:A5:CB:79
Certificate issuer: /CN=af8df7c4f79133730fe3e6894777a79604a5cb79
Certificate serial: 019D38D33F0F3A193038FDC3EB52EB61F3CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
Manifest number: 188F
Signing time: Sun 29 Mar 2026 09:01:01 +0000
Manifest this update: Sun 29 Mar 2026 09:01:01 +0000
Manifest next update: Mon 30 Mar 2026 09:01:01 +0000
Files and hashes: 1: kuAD5Ak5tICpfFdRaA3UxwlGKQY.roa (hash: LrGV/66Vber5csiZnP6rnRq7f8Ux68WVAZ/WZeDwWRw=)
2: r433xPeRM3MP4-aJR3enlgSly3k.crl (hash: Y8Qjv/2gBZKNBVZUy4RCVrbwAdGvIpcy9nDyWhk9keM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:3f:0f:3a:19:30:38:fd:c3:eb:52:eb:61:f3:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af8df7c4f79133730fe3e6894777a79604a5cb79
Validity
Not Before: Mar 29 09:01:01 2026 GMT
Not After : Mar 30 09:01:01 2026 GMT
Subject: CN=1c6d3000dbb2884347e75a4e0d2be1f05fc3ecaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c8:02:77:0b:09:96:b7:07:8b:39:67:8d:25:
33:fb:ad:fb:60:11:86:d9:12:87:ea:19:e5:14:a2:
02:fa:cb:ae:f4:74:6e:34:28:dc:67:2e:10:fd:01:
41:03:8a:81:3d:08:c7:5e:64:d7:28:9d:86:4c:20:
70:a1:50:5c:44:11:01:9b:46:4f:06:49:17:e8:a4:
48:09:0d:1b:19:8e:e1:cf:2c:83:3c:96:32:3b:a0:
3f:cb:14:63:65:5b:3a:7a:d7:99:54:f9:3f:c1:0f:
47:d5:6e:e0:62:37:26:1f:a7:d5:95:4a:87:93:66:
6a:72:6c:9e:27:a4:86:09:6c:91:45:aa:2c:83:42:
08:f6:ca:c2:9c:99:4c:cc:d7:f6:a8:ed:7e:1e:ea:
0e:78:c0:9a:dc:34:7d:2f:2b:9d:16:25:de:29:20:
ca:a9:78:6e:ca:d0:07:9a:9d:b3:92:66:6b:22:41:
e2:f0:e8:1b:0a:0a:03:ec:33:a2:7b:ed:98:12:82:
52:41:6f:5e:9f:47:2a:d6:03:b2:75:ff:15:42:09:
1a:db:ee:2b:29:34:63:9b:de:0a:e5:0c:a6:6a:03:
f8:0f:17:47:89:db:cc:c3:18:b8:25:c1:3e:70:12:
40:38:e1:90:99:b1:f1:7b:4c:ff:d5:5e:c6:55:be:
85:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:6D:30:00:DB:B2:88:43:47:E7:5A:4E:0D:2B:E1:F0:5F:C3:EC:AA
X509v3 Authority Key Identifier:
keyid:AF:8D:F7:C4:F7:91:33:73:0F:E3:E6:89:47:77:A7:96:04:A5:CB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
49:a5:cc:8e:e0:45:11:ac:71:42:ba:e1:69:80:7a:f7:9f:08:
a7:eb:61:bc:6a:ed:25:81:0c:eb:bc:51:77:2a:87:ed:8f:df:
01:f9:61:38:b3:0e:c4:42:05:a4:ec:a1:94:1d:aa:a2:f8:0d:
a3:8b:80:18:69:36:03:c8:fa:36:2e:d2:e6:d0:16:55:b7:2f:
35:0e:07:56:7a:b7:a3:3d:d4:66:4a:d8:d8:cc:7b:95:24:af:
88:48:8e:af:05:9c:be:b4:01:21:57:e2:e6:97:89:da:0c:85:
82:3c:9d:9f:b3:20:87:78:2c:d5:e6:40:b6:90:a4:56:d9:87:
55:4e:15:f7:ea:27:1f:88:fd:d6:86:57:30:42:cb:a1:a4:12:
3e:5c:3f:5b:63:5f:9d:a6:1b:f0:73:f2:5b:a9:44:c6:c4:1f:
71:a3:01:ce:db:ab:a2:d2:42:47:43:cf:ac:06:80:7a:7a:69:
95:cc:26:2f:78:2e:a0:30:fb:d3:f3:c8:dd:84:9e:79:68:b3:
b7:44:7a:c2:0d:1f:f9:7c:8c:e0:20:44:3b:9d:5c:50:41:88:
94:e5:69:89:e7:3d:b0:fb:3f:e4:19:ce:d6:60:70:5f:d8:3a:
8a:f5:fc:ea:13:7a:87:c7:5f:35:aa:31:3a:cc:01:47:c4:f8:
08:d5:1b:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040z8POhkwOP3D61LrYfPMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOGRmN2M0Zjc5MTMzNzMwZmUzZTY4OTQ3NzdhNzk2MDRh
NWNiNzkwHhcNMjYwMzI5MDkwMTAxWhcNMjYwMzMwMDkwMTAxWjAzMTEwLwYDVQQD
EygxYzZkMzAwMGRiYjI4ODQzNDdlNzVhNGUwZDJiZTFmMDVmYzNlY2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMgCdwsJlrcHizlnjSUz+637YBGG
2RKH6hnlFKIC+suu9HRuNCjcZy4Q/QFBA4qBPQjHXmTXKJ2GTCBwoVBcRBEBm0ZP
BkkX6KRICQ0bGY7hzyyDPJYyO6A/yxRjZVs6eteZVPk/wQ9H1W7gYjcmH6fVlUqH
k2ZqcmyeJ6SGCWyRRaosg0II9srCnJlMzNf2qO1+HuoOeMCa3DR9LyudFiXeKSDK
qXhuytAHmp2zkmZrIkHi8OgbCgoD7DOie+2YEoJSQW9en0cq1gOydf8VQgka2+4r
KTRjm94K5QymagP4DxdHidvMwxi4JcE+cBJAOOGQmbHxe0z/1V7GVb6FlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBxtMADbsohDR+daTg0r4fBfw+yqMB8GA1UdIwQY
MBaAFK+N98T3kTNzD+PmiUd3p5YEpct5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC81MGZmMDAtNzc3YS00MTFkLTkzOGIt
ZjRkNjBlY2RmMmIyLzEvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC81MGZmMDAtNzc3YS00MTFkLTkzOGItZjRkNjBlY2RmMmIy
LzEvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASaXMjuBF
EaxxQrrhaYB6958Ip+thvGrtJYEM67xRdyqH7Y/fAflhOLMOxEIFpOyhlB2qovgN
o4uAGGk2A8j6Ni7S5tAWVbcvNQ4HVnq3oz3UZkrY2Mx7lSSviEiOrwWcvrQBIVfi
5peJ2gyFgjydn7Mgh3gs1eZAtpCkVtmHVU4V9+onH4j91oZXMELLoaQSPlw/W2Nf
naYb8HPyW6lExsQfcaMBzturotJCR0PPrAaAenpplcwmL3guoDD70/PI3YSeeWiz
t0R6wg0f+XyM4CBEO51cUEGIlOVpiec9sPs/5BnO1mBwX9g6ivX86hN6h8dfNaox
OswBR8T4CNUbEA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:06:11 2026 by rpki-client