Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
File: 352lG6cnhKBORBIPne1HhWd5TBs.mft (raw, json)
Hash identifier: cA8jGaFNOpV76QIoMSVtjjvMtPOAaUCKxQ1XlwsnNpo=
Subject key identifier: BF:F0:03:8A:B3:05:28:42:A1:91:6C:CD:99:B1:0E:6D:D7:A9:C5:0A
Authority key identifier: DF:9D:A5:1B:A7:27:84:A0:4E:44:12:0F:9D:ED:47:85:67:79:4C:1B
Certificate issuer: /CN=df9da51ba72784a04e44120f9ded478567794c1b
Certificate serial: 019D359B41F3A912FC9423EDAC2938FBA6CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
Manifest number: 0C76
Signing time: Sat 28 Mar 2026 18:01:00 +0000
Manifest this update: Sat 28 Mar 2026 18:01:00 +0000
Manifest next update: Sun 29 Mar 2026 18:01:00 +0000
Files and hashes: 1: 2W88bJ9UIevT6ruHtvcfNI1Zt7c.roa (hash: WGP7jajyyzt7YE+QpBz+OBA3QcdppcJEykw9cTms7PE=)
2: 352lG6cnhKBORBIPne1HhWd5TBs.crl (hash: f0FpyD+5gTcVXuEFp+FPe6BOe8WtAa5nN/I7s3qm/l0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 13:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:35:9b:41:f3:a9:12:fc:94:23:ed:ac:29:38:fb:a6:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df9da51ba72784a04e44120f9ded478567794c1b
Validity
Not Before: Mar 28 18:01:00 2026 GMT
Not After : Mar 29 18:01:00 2026 GMT
Subject: CN=bff0038ab3052842a1916ccd99b10e6dd7a9c50a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:10:c6:12:31:74:97:83:ef:ed:ff:ed:b3:5b:
7f:f6:df:33:3c:08:ce:22:cd:b2:02:7c:a6:19:96:
1f:77:43:9a:aa:ad:c7:3d:b5:05:de:2b:b0:90:1e:
7d:0b:ca:15:00:a1:da:f7:20:66:92:47:88:fa:d5:
ba:7a:16:cf:75:b2:3f:82:0e:06:4e:4a:64:7c:19:
61:1d:a8:03:04:4b:ad:a0:67:52:e8:8d:9c:a7:7b:
b2:92:a2:75:29:c7:00:b0:6e:fa:85:07:9a:30:ca:
ba:ba:d6:8b:6a:ad:b2:cb:80:76:3a:b2:4c:ca:a2:
d7:a2:59:b0:45:65:3a:38:27:4e:42:c1:28:df:d1:
d2:a2:0b:a1:fd:2d:df:18:f3:13:bc:4c:f1:7f:02:
e0:b5:39:4f:6f:95:dc:3e:45:13:c1:9a:55:62:a6:
b0:b4:ca:0d:97:8c:cf:6f:6a:70:12:c7:9e:f3:0b:
fe:1b:3b:c4:bb:0b:61:18:4c:c4:c7:19:ac:ac:f7:
a7:bb:58:f6:cc:c1:c1:0b:e7:bf:ad:07:cb:80:8f:
dc:ee:3b:e0:74:20:1f:92:29:5e:51:37:5f:97:7a:
94:7b:26:33:94:03:c4:b4:c8:69:d8:38:ef:f1:10:
13:40:f0:cc:25:98:9d:a5:24:af:e2:8c:9c:9a:c6:
b9:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:F0:03:8A:B3:05:28:42:A1:91:6C:CD:99:B1:0E:6D:D7:A9:C5:0A
X509v3 Authority Key Identifier:
keyid:DF:9D:A5:1B:A7:27:84:A0:4E:44:12:0F:9D:ED:47:85:67:79:4C:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
58:9d:d1:b5:cd:89:fc:dd:49:72:6f:4a:f5:25:13:23:b0:58:
47:e5:f5:ed:3e:be:01:2a:2b:44:c4:13:2f:de:d3:b2:42:13:
cf:b7:28:97:22:af:6e:10:b5:6d:d3:c4:ff:fc:f6:53:2e:20:
8f:b6:df:b4:ef:fa:ca:fb:c4:58:b6:c4:e3:b4:82:98:cd:1f:
31:2e:7f:19:c3:66:f4:c0:eb:e2:62:b7:df:cb:d0:1c:3b:d4:
3f:53:37:2b:d0:42:c9:c9:e1:46:9e:64:b9:72:d5:35:2a:36:
37:92:23:5e:31:ec:2f:d4:e6:46:70:a0:bf:02:c6:f6:ce:ec:
51:5a:f7:c2:04:ff:cb:b8:31:8f:13:11:81:41:93:45:56:2e:
be:dd:79:4c:61:bc:d8:e4:05:e8:45:78:e3:92:e8:bf:50:ce:
80:26:93:69:1c:ce:bf:e9:b6:c8:72:5b:97:60:33:d8:52:a5:
54:b0:a0:c2:23:23:b9:5e:5d:86:76:67:fd:a3:f3:c0:f9:58:
5b:fe:97:13:8e:97:37:aa:7a:10:cd:64:e3:2c:fc:2e:ab:f5:
8a:0e:69:f5:97:5d:19:55:46:83:90:fd:f2:38:87:fc:41:b1:
22:30:10:bb:13:a7:ec:d8:94:2e:36:fd:9a:bc:97:9c:ad:06:
d7:31:3f:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ01m0HzqRL8lCPtrCk4+6bLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmOWRhNTFiYTcyNzg0YTA0ZTQ0MTIwZjlkZWQ0Nzg1Njc3
OTRjMWIwHhcNMjYwMzI4MTgwMTAwWhcNMjYwMzI5MTgwMTAwWjAzMTEwLwYDVQQD
EyhiZmYwMDM4YWIzMDUyODQyYTE5MTZjY2Q5OWIxMGU2ZGQ3YTljNTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2xDGEjF0l4Pv7f/ts1t/9t8zPAjO
Is2yAnymGZYfd0Oaqq3HPbUF3iuwkB59C8oVAKHa9yBmkkeI+tW6ehbPdbI/gg4G
TkpkfBlhHagDBEutoGdS6I2cp3uykqJ1KccAsG76hQeaMMq6utaLaq2yy4B2OrJM
yqLXolmwRWU6OCdOQsEo39HSoguh/S3fGPMTvEzxfwLgtTlPb5XcPkUTwZpVYqaw
tMoNl4zPb2pwEsee8wv+GzvEuwthGEzExxmsrPenu1j2zMHBC+e/rQfLgI/c7jvg
dCAfkileUTdfl3qUeyYzlAPEtMhp2Djv8RATQPDMJZidpSSv4oycmsa5dwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL/wA4qzBShCoZFszZmxDm3XqcUKMB8GA1UdIwQY
MBaAFN+dpRunJ4SgTkQSD53tR4VneUwbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iZjhlY2EtYmNmOS00NTM2LTg4YmYt
YmM2OTc1NTYxMDc4LzEvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9iZjhlY2EtYmNmOS00NTM2LTg4YmYtYmM2OTc1NTYxMDc4
LzEvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWJ3Rtc2J
/N1Jcm9K9SUTI7BYR+X17T6+ASorRMQTL97TskITz7colyKvbhC1bdPE//z2Uy4g
j7bftO/6yvvEWLbE47SCmM0fMS5/GcNm9MDr4mK338vQHDvUP1M3K9BCycnhRp5k
uXLVNSo2N5IjXjHsL9TmRnCgvwLG9s7sUVr3wgT/y7gxjxMRgUGTRVYuvt15TGG8
2OQF6EV445Lov1DOgCaTaRzOv+m2yHJbl2Az2FKlVLCgwiMjuV5dhnZn/aPzwPlY
W/6XE46XN6p6EM1k4yz8Lqv1ig5p9ZddGVVGg5D98jiH/EGxIjAQuxOn7NiULjb9
mryXnK0G1zE/Ng==
-----END CERTIFICATE-----
Generated at Sat Mar 28 23:15:52 2026 by rpki-client