Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
File: bNmlABXpaTdlb8DKW21WXkWb02A.mft (raw, json)
Hash identifier: TgtSNoB01C99S2Bx+HIdGHsmesXPkCt/RzmHm0QoW84=
Subject key identifier: 40:13:57:67:0C:87:D7:A3:73:EE:BA:97:11:D2:85:A9:6A:68:AA:58
Authority key identifier: 6C:D9:A5:00:15:E9:69:37:65:6F:C0:CA:5B:6D:56:5E:45:9B:D3:60
Certificate issuer: /CN=6cd9a50015e96937656fc0ca5b6d565e459bd360
Certificate serial: 019D3866405BAD3D47601A5686C3721AA38D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
Manifest number: 188D
Signing time: Sun 29 Mar 2026 07:01:58 +0000
Manifest this update: Sun 29 Mar 2026 07:01:58 +0000
Manifest next update: Mon 30 Mar 2026 07:01:58 +0000
Files and hashes: 1: bNmlABXpaTdlb8DKW21WXkWb02A.crl (hash: mIUijXPnkXMDjKmapqzl5o8PoVSB71xL5Ob5aaHDf2Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:66:40:5b:ad:3d:47:60:1a:56:86:c3:72:1a:a3:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cd9a50015e96937656fc0ca5b6d565e459bd360
Validity
Not Before: Mar 29 07:01:58 2026 GMT
Not After : Mar 30 07:01:58 2026 GMT
Subject: CN=401357670c87d7a373eeba9711d285a96a68aa58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a3:76:0c:f6:f0:5e:14:a3:5e:6d:9e:43:de:
c2:3a:ea:d2:c2:03:5a:dd:53:b4:6c:16:52:8b:f2:
4c:fd:7a:d8:f0:2c:85:82:8b:0b:98:ba:47:32:84:
21:d6:65:c8:fb:a2:25:8a:5e:b2:ab:36:bd:cc:30:
31:2e:b7:87:31:a5:62:15:b9:f1:84:db:b8:fe:71:
e8:99:fa:04:ff:6a:67:cc:9d:97:f8:86:f2:94:70:
78:ae:4a:f5:8e:38:86:4e:fa:1d:fd:b1:3b:70:e5:
10:11:c1:cd:54:c7:5e:ec:55:16:5d:65:58:30:8a:
3d:68:c3:a9:a4:97:90:2b:13:c5:ef:01:96:19:7c:
36:a5:a9:28:1e:a4:b4:18:12:2d:10:09:8a:3b:08:
eb:d9:e6:16:16:15:fe:72:0d:58:cf:0e:e2:0d:64:
8d:5e:cd:b3:ab:9a:a3:77:c3:c7:09:2a:a7:b1:5c:
1b:1e:f2:d5:28:1e:1d:82:b4:f6:a0:7b:5b:35:f5:
18:a2:99:2c:45:bf:a8:91:13:6d:62:a4:33:04:6d:
74:b6:af:c8:e1:33:98:fb:55:b1:d7:8f:c5:9d:46:
75:72:95:cf:1d:34:65:59:c3:06:fa:e7:c9:d1:4f:
5a:d6:44:e5:a0:7f:62:f7:60:4d:6d:76:b2:90:e4:
0e:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:13:57:67:0C:87:D7:A3:73:EE:BA:97:11:D2:85:A9:6A:68:AA:58
X509v3 Authority Key Identifier:
keyid:6C:D9:A5:00:15:E9:69:37:65:6F:C0:CA:5B:6D:56:5E:45:9B:D3:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9d:6b:7f:c4:7f:09:f0:a9:63:75:73:16:c2:7b:fb:2b:c1:e5:
aa:8b:24:66:19:c0:2a:1e:30:7a:42:ba:19:8c:bc:80:0e:15:
8e:38:57:0f:9e:00:87:8c:6e:95:60:48:13:51:78:c6:37:8b:
d9:ab:0e:ed:d2:d8:4f:72:32:5d:2d:74:d2:ff:3e:5f:bf:fc:
4d:4d:de:4d:43:55:81:a0:fc:e6:8d:af:a5:2a:68:18:63:0e:
19:47:b4:ac:f7:19:7f:92:df:66:6d:44:32:d5:b8:0d:25:a6:
f7:38:a1:46:62:8d:ed:5c:52:5b:28:86:60:4b:7b:10:8c:77:
73:a1:20:b3:dc:a2:bf:3f:60:aa:44:ce:95:12:53:5a:3f:03:
10:96:b0:4f:2d:b7:a0:77:a7:5c:98:3a:4e:ac:a7:ed:47:41:
94:37:39:02:f8:5f:09:b3:07:ef:7b:3e:ed:31:30:76:c2:c7:
e7:8e:41:d8:ac:99:5d:b2:f8:eb:d9:85:d2:6c:47:18:45:e4:
79:07:07:80:78:25:48:f9:8c:4b:a3:a7:96:e5:24:7f:bb:28:
15:b3:96:3c:3b:42:3a:19:ac:15:64:8d:35:a6:2b:74:1f:1e:
83:82:6f:b6:cf:6b:58:be:27:7c:b6:0c:b6:64:6b:17:35:b2:
b8:cd:49:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZkBbrT1HYBpWhsNyGqONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZDlhNTAwMTVlOTY5Mzc2NTZmYzBjYTViNmQ1NjVlNDU5
YmQzNjAwHhcNMjYwMzI5MDcwMTU4WhcNMjYwMzMwMDcwMTU4WjAzMTEwLwYDVQQD
Eyg0MDEzNTc2NzBjODdkN2EzNzNlZWJhOTcxMWQyODVhOTZhNjhhYTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaN2DPbwXhSjXm2eQ97COurSwgNa
3VO0bBZSi/JM/XrY8CyFgosLmLpHMoQh1mXI+6Ilil6yqza9zDAxLreHMaViFbnx
hNu4/nHomfoE/2pnzJ2X+IbylHB4rkr1jjiGTvod/bE7cOUQEcHNVMde7FUWXWVY
MIo9aMOppJeQKxPF7wGWGXw2pakoHqS0GBItEAmKOwjr2eYWFhX+cg1Yzw7iDWSN
Xs2zq5qjd8PHCSqnsVwbHvLVKB4dgrT2oHtbNfUYopksRb+okRNtYqQzBG10tq/I
4TOY+1Wx14/FnUZ1cpXPHTRlWcMG+ufJ0U9a1kTloH9i92BNbXaykOQOyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEATV2cMh9ejc+66lxHShalqaKpYMB8GA1UdIwQY
MBaAFGzZpQAV6Wk3ZW/AylttVl5Fm9NgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi83ZGJkMTEtMWIyMi00MDRjLTk0ZDMt
MmI5ZDQzN2ZlOTAyLzEvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi83ZGJkMTEtMWIyMi00MDRjLTk0ZDMtMmI5ZDQzN2ZlOTAy
LzEvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnWt/xH8J
8KljdXMWwnv7K8HlqoskZhnAKh4wekK6GYy8gA4VjjhXD54Ah4xulWBIE1F4xjeL
2asO7dLYT3IyXS100v8+X7/8TU3eTUNVgaD85o2vpSpoGGMOGUe0rPcZf5LfZm1E
MtW4DSWm9zihRmKN7VxSWyiGYEt7EIx3c6Egs9yivz9gqkTOlRJTWj8DEJawTy23
oHenXJg6Tqyn7UdBlDc5AvhfCbMH73s+7TEwdsLH545B2KyZXbL469mF0mxHGEXk
eQcHgHglSPmMS6OnluUkf7soFbOWPDtCOhmsFWSNNaYrdB8eg4Jvts9rWL4nfLYM
tmRrFzWyuM1JfQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:13:07 2026 by rpki-client