Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/fe07b7-f464-4e67-8299-ca5e685438a2/1/uXK9SdVRtK2lvWu2lWGKeUUa004.mft
File: uXK9SdVRtK2lvWu2lWGKeUUa004.mft (raw, json)
Hash identifier: UCfNTBBYLQGi2o4oWzlUE/UMIPWcY+LtW43CWuVngc0=
Subject key identifier: 93:A2:2E:20:43:2C:44:D9:20:3A:A2:B3:CF:CC:36:DF:98:F2:09:43
Authority key identifier: B9:72:BD:49:D5:51:B4:AD:A5:BD:6B:B6:95:61:8A:79:45:1A:D3:4E
Certificate issuer: /CN=b972bd49d551b4ada5bd6bb695618a79451ad34e
Certificate serial: 019D3977C6D9C87146E8C19153E85A0844C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXK9SdVRtK2lvWu2lWGKeUUa004.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/fe07b7-f464-4e67-8299-ca5e685438a2/1/uXK9SdVRtK2lvWu2lWGKeUUa004.mft
Manifest number: 0AF1
Signing time: Sun 29 Mar 2026 12:00:44 +0000
Manifest this update: Sun 29 Mar 2026 12:00:44 +0000
Manifest next update: Mon 30 Mar 2026 12:00:44 +0000
Files and hashes: 1: 0FR4rtBsUgkCQ9m5OguHfOm1GHQ.roa (hash: d7VJiBtsIdM7jSysdAdRwoEyVrklS+9IpbWKmL/eW6A=)
2: jOeIMzKbhpgFfG5e3hDQe_UydwM.roa (hash: y03l7aLK3bctMe56clUbqVb6IeHiboemDaPxdQDYS7Y=)
3: uXK9SdVRtK2lvWu2lWGKeUUa004.crl (hash: HkQPF3WjmXNcOiuOAlKcB2uj+o0IC2mhMC670Bkea+k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/fe07b7-f464-4e67-8299-ca5e685438a2/1/uXK9SdVRtK2lvWu2lWGKeUUa004.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/fe07b7-f464-4e67-8299-ca5e685438a2/1/uXK9SdVRtK2lvWu2lWGKeUUa004.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXK9SdVRtK2lvWu2lWGKeUUa004.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:77:c6:d9:c8:71:46:e8:c1:91:53:e8:5a:08:44:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b972bd49d551b4ada5bd6bb695618a79451ad34e
Validity
Not Before: Mar 29 12:00:44 2026 GMT
Not After : Mar 30 12:00:44 2026 GMT
Subject: CN=93a22e20432c44d9203aa2b3cfcc36df98f20943
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:65:d3:b7:30:2d:d4:48:b7:13:60:bc:78:21:
59:6b:3f:4c:34:2e:b5:ec:4d:9a:0b:02:d2:4e:40:
ae:21:6d:1d:19:a2:1a:ce:59:9a:2b:a1:e5:c0:3b:
bf:7f:00:68:73:db:ee:7a:4e:b4:87:f2:f6:82:0f:
78:03:e1:0a:ff:76:07:c6:b5:83:1e:d2:3a:55:5a:
04:13:2f:ee:05:12:a6:bb:99:ed:c5:58:1a:0f:ff:
e4:b0:24:7b:f0:16:4e:b6:d9:11:ec:bb:72:03:b6:
c5:34:00:dc:71:3d:ac:e4:9e:2d:aa:7c:6e:90:cb:
72:1a:c7:b1:8d:1b:9f:c7:41:d2:dd:11:4e:a4:3f:
fe:61:6f:8d:95:c6:87:b1:1a:27:35:9d:24:b5:b0:
72:42:88:df:bd:d3:7b:b8:01:93:40:91:e5:83:59:
c1:66:0a:76:8a:d5:3c:93:b8:32:01:39:19:53:d9:
56:6f:e7:ef:d9:c7:1c:ad:9b:78:bc:4e:73:bc:96:
ca:b1:2e:f5:b2:76:22:c5:d3:9f:80:bb:eb:3f:c1:
ac:a1:23:fc:88:16:8e:8d:2e:64:a9:f5:da:4e:6f:
be:9f:af:2e:d5:a6:06:f3:90:d5:ac:05:1f:fe:8f:
28:f3:19:50:ae:56:c1:5e:ef:7c:57:01:d1:83:76:
bc:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:A2:2E:20:43:2C:44:D9:20:3A:A2:B3:CF:CC:36:DF:98:F2:09:43
X509v3 Authority Key Identifier:
keyid:B9:72:BD:49:D5:51:B4:AD:A5:BD:6B:B6:95:61:8A:79:45:1A:D3:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXK9SdVRtK2lvWu2lWGKeUUa004.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/fe07b7-f464-4e67-8299-ca5e685438a2/1/uXK9SdVRtK2lvWu2lWGKeUUa004.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/fe07b7-f464-4e67-8299-ca5e685438a2/1/uXK9SdVRtK2lvWu2lWGKeUUa004.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b2:6b:f6:c5:8f:73:6c:e5:cc:b0:d2:a8:60:f8:b0:a2:fc:d3:
a9:8c:a2:a7:04:9c:1b:0d:35:c1:b5:9f:c9:51:6a:d3:9d:99:
de:e5:be:88:81:e9:8a:be:4e:99:90:8f:ac:dc:66:a1:1c:3f:
58:ad:f3:50:b6:39:01:31:8e:74:49:c0:c5:80:bf:4b:d6:6d:
02:ef:ca:ac:8a:38:ba:a6:bb:24:5e:de:f8:e8:23:7b:ab:99:
e4:6d:17:00:0e:aa:9f:0f:1f:95:52:f7:8b:2c:f8:63:dc:9e:
32:62:61:1e:e9:b0:5e:09:01:25:cc:41:c0:b9:a7:93:f8:6f:
08:8c:13:ad:55:9a:30:a3:22:da:2b:8b:10:2d:90:3b:a7:26:
31:25:f9:d9:f0:31:d0:2c:05:98:7b:74:6e:6c:c9:df:4c:16:
88:0d:cc:22:0c:f3:40:73:c6:d9:b9:a7:e8:be:6b:56:45:16:
b0:84:4d:be:e6:83:c5:c0:82:86:5b:1b:10:48:e1:13:e1:7a:
9e:0e:fd:bd:1b:5e:8d:fe:22:c0:7f:57:3c:74:28:e6:44:8c:
7e:84:53:30:52:65:aa:0c:d3:e5:3c:a5:65:04:2e:6f:12:c2:
c9:57:c2:35:e6:dd:ad:54:4e:be:dd:55:b6:47:1c:75:8c:b9:
c1:e3:6c:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d8bZyHFG6MGRU+haCETIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NzJiZDQ5ZDU1MWI0YWRhNWJkNmJiNjk1NjE4YTc5NDUx
YWQzNGUwHhcNMjYwMzI5MTIwMDQ0WhcNMjYwMzMwMTIwMDQ0WjAzMTEwLwYDVQQD
Eyg5M2EyMmUyMDQzMmM0NGQ5MjAzYWEyYjNjZmNjMzZkZjk4ZjIwOTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmXTtzAt1Ei3E2C8eCFZaz9MNC61
7E2aCwLSTkCuIW0dGaIazlmaK6HlwDu/fwBoc9vuek60h/L2gg94A+EK/3YHxrWD
HtI6VVoEEy/uBRKmu5ntxVgaD//ksCR78BZOttkR7LtyA7bFNADccT2s5J4tqnxu
kMtyGsexjRufx0HS3RFOpD/+YW+NlcaHsRonNZ0ktbByQojfvdN7uAGTQJHlg1nB
Zgp2itU8k7gyATkZU9lWb+fv2cccrZt4vE5zvJbKsS71snYixdOfgLvrP8GsoSP8
iBaOjS5kqfXaTm++n68u1aYG85DVrAUf/o8o8xlQrlbBXu98VwHRg3a8JwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJOiLiBDLETZIDqis8/MNt+Y8glDMB8GA1UdIwQY
MBaAFLlyvUnVUbStpb1rtpVhinlFGtNOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVhLOVNkVlJ0SzJsdld1MmxXR0tlVVVhMDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mZTA3YjctZjQ2NC00ZTY3LTgyOTkt
Y2E1ZTY4NTQzOGEyLzEvdVhLOVNkVlJ0SzJsdld1MmxXR0tlVVVhMDA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mZTA3YjctZjQ2NC00ZTY3LTgyOTktY2E1ZTY4NTQzOGEy
LzEvdVhLOVNkVlJ0SzJsdld1MmxXR0tlVVVhMDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsmv2xY9z
bOXMsNKoYPiwovzTqYyipwScGw01wbWfyVFq052Z3uW+iIHpir5OmZCPrNxmoRw/
WK3zULY5ATGOdEnAxYC/S9ZtAu/KrIo4uqa7JF7e+Ogje6uZ5G0XAA6qnw8flVL3
iyz4Y9yeMmJhHumwXgkBJcxBwLmnk/hvCIwTrVWaMKMi2iuLEC2QO6cmMSX52fAx
0CwFmHt0bmzJ30wWiA3MIgzzQHPG2bmn6L5rVkUWsIRNvuaDxcCChlsbEEjhE+F6
ng79vRtejf4iwH9XPHQo5kSMfoRTMFJlqgzT5TylZQQubxLCyVfCNebdrVROvt1V
tkccdYy5weNsBA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:03:49 2026 by rpki-client