Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/d0b571-3276-4177-8163-0069030763db/1/U2XQP9hSJnTrF6x2cpTNEfcpOdE.mft
File: U2XQP9hSJnTrF6x2cpTNEfcpOdE.mft (raw, json)
Hash identifier: zb4DMV2C96706nk415wjeayOfnyBGF/h1z+Klf0PW+Y=
Subject key identifier: 77:99:F1:29:C7:25:76:75:89:A1:4B:51:EF:5B:2B:40:C5:3C:F0:89
Authority key identifier: 53:65:D0:3F:D8:52:26:74:EB:17:AC:76:72:94:CD:11:F7:29:39:D1
Certificate issuer: /CN=5365d03fd8522674eb17ac767294cd11f72939d1
Certificate serial: 019D37F719595DA73E81E1F9C7978A78C5B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U2XQP9hSJnTrF6x2cpTNEfcpOdE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/d0b571-3276-4177-8163-0069030763db/1/U2XQP9hSJnTrF6x2cpTNEfcpOdE.mft
Manifest number: 01D3
Signing time: Sun 29 Mar 2026 05:00:33 +0000
Manifest this update: Sun 29 Mar 2026 05:00:33 +0000
Manifest next update: Mon 30 Mar 2026 05:00:33 +0000
Files and hashes: 1: U2XQP9hSJnTrF6x2cpTNEfcpOdE.crl (hash: IMpp/LuY8gQJdbrz26JlG561ItZWYUjL18Jv/0BXBDs=)
2: gRIS3IOjEAgDn__cPvDxP1mU1_8.roa (hash: hSl8/IpiF3/9ilxJHWR9J4Hc4H+z1qdb5D3HNsLaVuo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/d0b571-3276-4177-8163-0069030763db/1/U2XQP9hSJnTrF6x2cpTNEfcpOdE.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/d0b571-3276-4177-8163-0069030763db/1/U2XQP9hSJnTrF6x2cpTNEfcpOdE.mft
rsync://rpki.ripe.net/repository/DEFAULT/U2XQP9hSJnTrF6x2cpTNEfcpOdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 05:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:f7:19:59:5d:a7:3e:81:e1:f9:c7:97:8a:78:c5:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5365d03fd8522674eb17ac767294cd11f72939d1
Validity
Not Before: Mar 29 05:00:33 2026 GMT
Not After : Mar 30 05:00:33 2026 GMT
Subject: CN=7799f129c725767589a14b51ef5b2b40c53cf089
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e0:f2:25:61:27:80:57:e6:71:2d:05:e0:cd:
79:9e:c1:f1:34:68:6e:61:ef:39:4c:a2:90:31:8e:
90:fa:bc:f5:2d:77:09:b2:b0:8a:9d:35:36:9c:08:
a0:93:37:17:02:8b:62:35:ec:ad:4f:f3:16:a8:77:
b8:32:cb:5e:36:cf:85:ac:f3:7f:f0:6a:02:ec:e0:
56:66:00:98:4c:91:78:d6:f3:0e:7d:d7:4c:10:f1:
8c:85:b9:35:d7:81:7f:0d:83:21:44:d2:78:00:26:
65:11:00:6d:90:8a:35:36:be:27:cc:57:10:8f:5b:
c3:ea:20:6b:26:a0:d4:93:d8:3d:87:fc:ab:31:08:
9b:64:95:a8:47:d7:32:42:c7:49:4b:1c:b4:c5:f2:
51:a7:96:e6:e7:b9:48:51:79:65:73:53:98:52:b3:
27:0a:73:96:98:d5:80:df:23:3f:37:91:78:11:c4:
3f:6e:fc:0a:3f:d4:d0:9a:61:1d:cc:30:09:df:39:
5f:69:07:cf:b9:a8:6a:94:97:4d:cd:0c:37:e0:e0:
44:05:00:3a:b0:6d:be:08:f1:13:4f:d6:a7:db:1c:
8a:c0:a2:11:cc:44:8b:bb:21:e4:e4:44:f2:72:4f:
fd:f9:06:13:4c:91:34:51:1d:de:9e:67:11:1a:28:
14:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:99:F1:29:C7:25:76:75:89:A1:4B:51:EF:5B:2B:40:C5:3C:F0:89
X509v3 Authority Key Identifier:
keyid:53:65:D0:3F:D8:52:26:74:EB:17:AC:76:72:94:CD:11:F7:29:39:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U2XQP9hSJnTrF6x2cpTNEfcpOdE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/d0b571-3276-4177-8163-0069030763db/1/U2XQP9hSJnTrF6x2cpTNEfcpOdE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/d0b571-3276-4177-8163-0069030763db/1/U2XQP9hSJnTrF6x2cpTNEfcpOdE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
49:65:d3:80:8f:ba:54:69:6a:bc:bc:28:00:cb:c6:5f:1b:e0:
b9:bc:71:dc:37:11:47:0c:fe:c1:fc:35:4d:dc:6c:4b:a8:83:
d7:49:f4:2d:57:c0:da:c3:63:6f:69:01:98:f8:74:5f:db:2c:
d3:86:a6:aa:78:12:fe:67:33:8e:84:62:75:c2:77:12:06:0e:
e2:52:f4:2f:08:54:af:82:f1:82:46:5e:3d:56:6d:34:b5:fb:
db:64:00:24:06:29:55:6c:c2:57:3d:b2:66:ce:08:06:6b:9f:
2c:2f:bf:66:40:c6:0e:b9:96:3a:12:d3:2d:71:e7:d1:79:13:
33:48:8a:80:7f:5c:4f:aa:33:bc:a0:f3:bd:a9:7b:be:6c:54:
07:b0:1f:fb:fd:f9:fc:27:dd:a5:bb:25:cb:f4:64:9c:82:08:
58:9a:ed:51:33:52:40:0e:ef:04:31:c8:d6:3e:c5:db:3d:88:
fd:81:4c:0f:48:4f:a7:77:1b:46:48:36:b6:f7:cb:ab:97:47:
85:4f:d4:87:6b:4e:62:87:22:1e:9e:6a:b0:f1:eb:05:3e:8b:
98:2d:19:3d:66:c8:1f:82:45:78:0d:54:8d:ed:d1:1d:d7:72:
ad:01:e3:56:06:5c:be:84:1e:18:b0:0f:52:0f:44:0d:56:c6:
06:8d:22:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ039xlZXac+geH5x5eKeMWxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNjVkMDNmZDg1MjI2NzRlYjE3YWM3NjcyOTRjZDExZjcy
OTM5ZDEwHhcNMjYwMzI5MDUwMDMzWhcNMjYwMzMwMDUwMDMzWjAzMTEwLwYDVQQD
Eyg3Nzk5ZjEyOWM3MjU3Njc1ODlhMTRiNTFlZjViMmI0MGM1M2NmMDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArODyJWEngFfmcS0F4M15nsHxNGhu
Ye85TKKQMY6Q+rz1LXcJsrCKnTU2nAigkzcXAotiNeytT/MWqHe4MsteNs+FrPN/
8GoC7OBWZgCYTJF41vMOfddMEPGMhbk114F/DYMhRNJ4ACZlEQBtkIo1Nr4nzFcQ
j1vD6iBrJqDUk9g9h/yrMQibZJWoR9cyQsdJSxy0xfJRp5bm57lIUXllc1OYUrMn
CnOWmNWA3yM/N5F4EcQ/bvwKP9TQmmEdzDAJ3zlfaQfPuahqlJdNzQw34OBEBQA6
sG2+CPETT9an2xyKwKIRzESLuyHk5ETyck/9+QYTTJE0UR3enmcRGigUhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHeZ8SnHJXZ1iaFLUe9bK0DFPPCJMB8GA1UdIwQY
MBaAFFNl0D/YUiZ06xesdnKUzRH3KTnRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTJYUVA5aFNKblRyRjZ4MmNwVE5FZmNwT2RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9kMGI1NzEtMzI3Ni00MTc3LTgxNjMt
MDA2OTAzMDc2M2RiLzEvVTJYUVA5aFNKblRyRjZ4MmNwVE5FZmNwT2RFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9kMGI1NzEtMzI3Ni00MTc3LTgxNjMtMDA2OTAzMDc2M2Ri
LzEvVTJYUVA5aFNKblRyRjZ4MmNwVE5FZmNwT2RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASWXTgI+6
VGlqvLwoAMvGXxvgubxx3DcRRwz+wfw1TdxsS6iD10n0LVfA2sNjb2kBmPh0X9ss
04amqngS/mczjoRidcJ3EgYO4lL0LwhUr4LxgkZePVZtNLX722QAJAYpVWzCVz2y
Zs4IBmufLC+/ZkDGDrmWOhLTLXHn0XkTM0iKgH9cT6ozvKDzval7vmxUB7Af+/35
/Cfdpbsly/RknIIIWJrtUTNSQA7vBDHI1j7F2z2I/YFMD0hPp3cbRkg2tvfLq5dH
hU/Uh2tOYociHp5qsPHrBT6LmC0ZPWbIH4JFeA1Uje3RHddyrQHjVgZcvoQeGLAP
Ug9EDVbGBo0ibA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:17:12 2026 by rpki-client