Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f63307-4a0f-4053-8fc3-f535578984c2/1/AT9tsP1X0Z-e4VJCouQWfvtSLQQ.mft
File: AT9tsP1X0Z-e4VJCouQWfvtSLQQ.mft (raw, json)
Hash identifier: CXyHGNS4jedJ3kMkDzhlq+WsgrH49f0Yz36DCU+cUss=
Subject key identifier: BE:FD:14:D6:12:E5:17:CB:A2:C0:DA:29:8A:3C:35:FD:04:28:01:57
Authority key identifier: 01:3F:6D:B0:FD:57:D1:9F:9E:E1:52:42:A2:E4:16:7E:FB:52:2D:04
Certificate issuer: /CN=013f6db0fd57d19f9ee15242a2e4167efb522d04
Certificate serial: 019D386609DED75306325A04BEFB8FFB03D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AT9tsP1X0Z-e4VJCouQWfvtSLQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/f63307-4a0f-4053-8fc3-f535578984c2/1/AT9tsP1X0Z-e4VJCouQWfvtSLQQ.mft
Manifest number: 0D65
Signing time: Sun 29 Mar 2026 07:01:44 +0000
Manifest this update: Sun 29 Mar 2026 07:01:44 +0000
Manifest next update: Mon 30 Mar 2026 07:01:44 +0000
Files and hashes: 1: AT9tsP1X0Z-e4VJCouQWfvtSLQQ.crl (hash: JHY1vZUwDjqynyVH9UBmXeA4NAdAKjmiZg61Z2gwCwA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/f63307-4a0f-4053-8fc3-f535578984c2/1/AT9tsP1X0Z-e4VJCouQWfvtSLQQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/f63307-4a0f-4053-8fc3-f535578984c2/1/AT9tsP1X0Z-e4VJCouQWfvtSLQQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/AT9tsP1X0Z-e4VJCouQWfvtSLQQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:66:09:de:d7:53:06:32:5a:04:be:fb:8f:fb:03:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=013f6db0fd57d19f9ee15242a2e4167efb522d04
Validity
Not Before: Mar 29 07:01:44 2026 GMT
Not After : Mar 30 07:01:44 2026 GMT
Subject: CN=befd14d612e517cba2c0da298a3c35fd04280157
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b2:5b:5b:7b:4b:e7:2a:f1:c9:f8:ee:a3:f2:
22:c6:d7:49:f0:ef:0a:8d:a4:e3:f6:f3:46:aa:59:
d1:aa:0d:07:71:96:d1:f4:b0:a8:e0:10:57:27:94:
c5:a2:11:bc:c2:0e:14:df:5e:e0:e8:9f:de:4c:6a:
39:7d:eb:cd:f5:fe:69:e1:52:5c:78:80:dd:95:52:
ea:43:b0:72:5c:d6:17:8c:fa:b7:c9:f8:86:b3:79:
ca:82:1f:6f:1c:7e:7a:db:13:25:3c:5a:80:b1:35:
93:61:7b:31:f3:91:cd:df:4e:2c:31:13:2c:fe:eb:
c6:36:e3:f6:74:01:92:86:20:54:cd:0e:e4:10:e0:
21:de:cf:12:2e:80:ff:f0:49:e9:7a:75:68:a6:16:
3f:83:a1:5a:36:4e:e2:e5:d6:12:08:4b:3b:a4:b9:
03:9b:57:29:b3:cf:34:0a:8a:43:e4:28:bc:b6:98:
72:11:e2:2f:a8:ad:61:23:c9:f9:25:54:3f:fa:ef:
e6:03:77:ba:77:3e:44:85:91:fa:40:52:75:5e:67:
f6:ea:63:44:52:f1:38:73:d1:b1:9d:e9:16:61:39:
53:b3:f3:ef:c6:27:2b:11:53:3a:79:6c:7a:49:f5:
b9:bf:58:58:08:bd:02:52:07:fe:76:32:6a:84:2d:
64:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:FD:14:D6:12:E5:17:CB:A2:C0:DA:29:8A:3C:35:FD:04:28:01:57
X509v3 Authority Key Identifier:
keyid:01:3F:6D:B0:FD:57:D1:9F:9E:E1:52:42:A2:E4:16:7E:FB:52:2D:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AT9tsP1X0Z-e4VJCouQWfvtSLQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f63307-4a0f-4053-8fc3-f535578984c2/1/AT9tsP1X0Z-e4VJCouQWfvtSLQQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f63307-4a0f-4053-8fc3-f535578984c2/1/AT9tsP1X0Z-e4VJCouQWfvtSLQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
01:bb:15:a5:84:dd:d6:e4:9f:af:7f:1b:5c:3c:86:d3:bd:c0:
2b:38:79:72:59:4b:a1:f5:86:c5:75:c5:89:00:e6:16:08:20:
bc:f0:21:19:32:c3:a5:8b:13:01:31:93:97:8b:59:42:1d:1c:
db:d2:e6:18:62:fb:aa:94:62:37:01:ab:31:bd:ec:ec:df:22:
74:50:92:6a:84:b0:73:6a:4a:a1:ea:5a:56:a2:27:c9:3c:28:
68:72:53:39:cb:7f:74:21:f9:7c:02:a0:bd:19:5f:c5:6e:29:
f7:95:51:10:bb:d4:43:98:1e:f6:b7:e5:51:21:51:21:65:1c:
55:0b:4f:62:66:f1:59:02:57:11:ae:bf:8a:3c:a5:a3:f1:74:
b9:fd:82:4d:67:0d:bb:8c:7b:31:35:ee:d5:05:17:69:89:f5:
c8:e9:80:50:b7:42:ae:16:42:8b:94:06:34:25:4f:6d:65:bf:
b6:75:a5:d7:6e:20:4c:fd:3f:5d:e7:a1:49:85:d5:ff:90:18:
86:7e:6c:35:1c:cd:47:e5:f8:66:1f:55:28:c6:84:44:4f:04:
5e:ec:9d:89:4e:ed:75:ee:6c:00:f6:79:4b:4d:d1:72:cc:f6:
0c:11:28:3f:b4:52:5d:b5:63:3a:36:ad:3c:64:22:70:b6:ce:
85:4a:bc:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zgne11MGMloEvvuP+wPTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxM2Y2ZGIwZmQ1N2QxOWY5ZWUxNTI0MmEyZTQxNjdlZmI1
MjJkMDQwHhcNMjYwMzI5MDcwMTQ0WhcNMjYwMzMwMDcwMTQ0WjAzMTEwLwYDVQQD
EyhiZWZkMTRkNjEyZTUxN2NiYTJjMGRhMjk4YTNjMzVmZDA0MjgwMTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLJbW3tL5yrxyfjuo/IixtdJ8O8K
jaTj9vNGqlnRqg0HcZbR9LCo4BBXJ5TFohG8wg4U317g6J/eTGo5fevN9f5p4VJc
eIDdlVLqQ7ByXNYXjPq3yfiGs3nKgh9vHH562xMlPFqAsTWTYXsx85HN304sMRMs
/uvGNuP2dAGShiBUzQ7kEOAh3s8SLoD/8EnpenVophY/g6FaNk7i5dYSCEs7pLkD
m1cps880CopD5Ci8tphyEeIvqK1hI8n5JVQ/+u/mA3e6dz5EhZH6QFJ1Xmf26mNE
UvE4c9GxnekWYTlTs/PvxicrEVM6eWx6SfW5v1hYCL0CUgf+djJqhC1kHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL79FNYS5RfLosDaKYo8Nf0EKAFXMB8GA1UdIwQY
MBaAFAE/bbD9V9GfnuFSQqLkFn77Ui0EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVQ5dHNQMVgwWi1lNFZKQ291UVdmdnRTTFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNjMzMDctNGEwZi00MDUzLThmYzMt
ZjUzNTU3ODk4NGMyLzEvQVQ5dHNQMVgwWi1lNFZKQ291UVdmdnRTTFFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNjMzMDctNGEwZi00MDUzLThmYzMtZjUzNTU3ODk4NGMy
LzEvQVQ5dHNQMVgwWi1lNFZKQ291UVdmdnRTTFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAbsVpYTd
1uSfr38bXDyG073AKzh5cllLofWGxXXFiQDmFgggvPAhGTLDpYsTATGTl4tZQh0c
29LmGGL7qpRiNwGrMb3s7N8idFCSaoSwc2pKoepaVqInyTwoaHJTOct/dCH5fAKg
vRlfxW4p95VRELvUQ5ge9rflUSFRIWUcVQtPYmbxWQJXEa6/ijylo/F0uf2CTWcN
u4x7MTXu1QUXaYn1yOmAULdCrhZCi5QGNCVPbWW/tnWl124gTP0/XeehSYXV/5AY
hn5sNRzNR+X4Zh9VKMaERE8EXuydiU7tde5sAPZ5S03Rcsz2DBEoP7RSXbVjOjat
PGQicLbOhUq8Kg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 16:25:57 2026 by rpki-client