Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a2fc18-534b-4454-9bd1-fe6bb049337d/1/UFrRf0xiDVjUU9X218kjP84SZJk.mft
File: UFrRf0xiDVjUU9X218kjP84SZJk.mft (raw, json)
Hash identifier: XBZ5dAGeDqBP8OVKyfC4zQoiWpn/Zd9+vLVrwKZXlb4=
Subject key identifier: 68:B7:DD:0E:AA:31:DC:5E:06:FA:D1:19:C0:C9:10:8D:0A:53:6A:31
Authority key identifier: 50:5A:D1:7F:4C:62:0D:58:D4:53:D5:F6:D7:C9:23:3F:CE:12:64:99
Certificate issuer: /CN=505ad17f4c620d58d453d5f6d7c9233fce126499
Certificate serial: 019D389C12DBBB51D63D1BB74E3D74BCEE73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFrRf0xiDVjUU9X218kjP84SZJk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/a2fc18-534b-4454-9bd1-fe6bb049337d/1/UFrRf0xiDVjUU9X218kjP84SZJk.mft
Manifest number: 091A
Signing time: Sun 29 Mar 2026 08:00:45 +0000
Manifest this update: Sun 29 Mar 2026 08:00:45 +0000
Manifest next update: Mon 30 Mar 2026 08:00:45 +0000
Files and hashes: 1: UFrRf0xiDVjUU9X218kjP84SZJk.crl (hash: A24InOAZaaqrJB8sP/ogQJGx7sDPZHvhWSsxV6CTSRg=)
2: n29c-eqwdShZtcEOhZv3Ign1VGo.roa (hash: uxh/IP+egHWNQsX3vB68RQ/0/wzosXKCxI7jga5PL14=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/a2fc18-534b-4454-9bd1-fe6bb049337d/1/UFrRf0xiDVjUU9X218kjP84SZJk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/a2fc18-534b-4454-9bd1-fe6bb049337d/1/UFrRf0xiDVjUU9X218kjP84SZJk.mft
rsync://rpki.ripe.net/repository/DEFAULT/UFrRf0xiDVjUU9X218kjP84SZJk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9c:12:db:bb:51:d6:3d:1b:b7:4e:3d:74:bc:ee:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=505ad17f4c620d58d453d5f6d7c9233fce126499
Validity
Not Before: Mar 29 08:00:45 2026 GMT
Not After : Mar 30 08:00:45 2026 GMT
Subject: CN=68b7dd0eaa31dc5e06fad119c0c9108d0a536a31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:00:9c:31:10:ca:08:26:bf:5a:ce:c1:ca:16:
c4:ea:7f:74:90:48:f3:c2:a2:ce:47:01:c2:f5:35:
ba:29:99:bf:a4:90:8a:17:2e:6e:0c:d2:df:2e:6d:
13:99:30:25:94:53:e9:5a:f6:31:0e:6b:ef:69:47:
83:b1:07:7e:d6:c7:0b:34:b5:a4:b8:c4:85:b2:d7:
2d:42:0b:5f:a5:2a:83:82:c0:36:e7:91:55:54:93:
4b:4e:b5:c5:f1:c0:57:e1:6f:ce:a8:cd:63:59:62:
6e:87:20:df:02:6b:ff:0d:15:dd:a8:6d:db:e6:fb:
3a:a0:f1:6c:14:fe:28:e2:5e:59:08:1c:dd:01:8c:
9f:ef:0b:5a:39:20:c2:45:e4:da:f8:a1:6c:42:01:
92:cf:6c:5e:53:b3:06:ef:f9:c3:07:e8:06:6b:4b:
80:3d:65:a4:4c:84:00:02:bb:64:f0:79:34:a0:e6:
b1:6b:ba:48:4d:ba:89:d3:5a:aa:b7:33:50:e4:c8:
6f:1a:12:b7:37:54:eb:70:32:4e:83:b1:3c:56:28:
5e:ef:bc:d5:7b:07:dc:fa:2c:68:8b:3a:71:7c:db:
20:37:cf:0c:d6:f1:ea:50:22:69:69:68:29:99:55:
96:dc:52:1f:b2:52:9f:fa:7c:a2:c1:69:e2:83:58:
eb:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:B7:DD:0E:AA:31:DC:5E:06:FA:D1:19:C0:C9:10:8D:0A:53:6A:31
X509v3 Authority Key Identifier:
keyid:50:5A:D1:7F:4C:62:0D:58:D4:53:D5:F6:D7:C9:23:3F:CE:12:64:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFrRf0xiDVjUU9X218kjP84SZJk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a2fc18-534b-4454-9bd1-fe6bb049337d/1/UFrRf0xiDVjUU9X218kjP84SZJk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a2fc18-534b-4454-9bd1-fe6bb049337d/1/UFrRf0xiDVjUU9X218kjP84SZJk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
78:4f:d0:70:fc:3e:93:d0:1d:4b:1c:fe:13:bb:93:64:79:31:
42:4d:8f:6a:95:af:45:64:fb:fe:94:f3:40:68:05:33:fa:a5:
73:aa:3b:41:73:bd:be:14:81:97:da:42:a9:6d:51:07:4e:5c:
8f:2a:2d:21:46:b2:60:68:1d:e0:3f:35:b2:62:26:3a:14:6a:
30:1c:68:32:ef:6f:c9:5f:b3:2a:db:f1:d9:6a:25:b3:c3:d1:
4c:10:7a:21:f1:77:5d:bd:cc:64:9f:cc:aa:aa:8a:86:99:c7:
b0:46:ef:16:35:31:30:34:c1:00:a6:ef:9f:55:6a:d4:89:b6:
ef:38:db:44:b1:a0:0c:8f:5d:67:f5:75:8a:74:f4:a5:ac:f2:
aa:4b:b8:13:95:7a:0d:91:6e:d6:e1:80:b8:d5:5a:9d:bd:ed:
f8:cf:c7:9d:ea:06:24:5e:4d:1f:fc:84:31:07:94:a6:bc:20:
f9:84:0d:59:b9:e8:c5:ce:4c:10:5f:73:12:a5:81:17:ca:67:
e2:9f:e6:b7:97:b1:a0:6f:f5:da:22:f5:71:12:a3:8f:7a:4a:
99:2f:46:0a:ee:d0:72:33:70:ee:a6:13:94:6f:79:d8:5b:aa:
a8:6a:a6:ae:ae:64:52:6c:d3:c3:dc:fc:9d:4b:3a:c8:75:93:
d0:70:39:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nBLbu1HWPRu3Tj10vO5zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNWFkMTdmNGM2MjBkNThkNDUzZDVmNmQ3YzkyMzNmY2Ux
MjY0OTkwHhcNMjYwMzI5MDgwMDQ1WhcNMjYwMzMwMDgwMDQ1WjAzMTEwLwYDVQQD
Eyg2OGI3ZGQwZWFhMzFkYzVlMDZmYWQxMTljMGM5MTA4ZDBhNTM2YTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQCcMRDKCCa/Ws7ByhbE6n90kEjz
wqLORwHC9TW6KZm/pJCKFy5uDNLfLm0TmTAllFPpWvYxDmvvaUeDsQd+1scLNLWk
uMSFstctQgtfpSqDgsA255FVVJNLTrXF8cBX4W/OqM1jWWJuhyDfAmv/DRXdqG3b
5vs6oPFsFP4o4l5ZCBzdAYyf7wtaOSDCReTa+KFsQgGSz2xeU7MG7/nDB+gGa0uA
PWWkTIQAArtk8Hk0oOaxa7pITbqJ01qqtzNQ5MhvGhK3N1TrcDJOg7E8Vihe77zV
ewfc+ixoizpxfNsgN88M1vHqUCJpaWgpmVWW3FIfslKf+nyiwWnig1jrzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGi33Q6qMdxeBvrRGcDJEI0KU2oxMB8GA1UdIwQY
MBaAFFBa0X9MYg1Y1FPV9tfJIz/OEmSZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZyUmYweGlEVmpVVTlYMjE4a2pQODRTWkprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hMmZjMTgtNTM0Yi00NDU0LTliZDEt
ZmU2YmIwNDkzMzdkLzEvVUZyUmYweGlEVmpVVTlYMjE4a2pQODRTWkprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hMmZjMTgtNTM0Yi00NDU0LTliZDEtZmU2YmIwNDkzMzdk
LzEvVUZyUmYweGlEVmpVVTlYMjE4a2pQODRTWkprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeE/QcPw+
k9AdSxz+E7uTZHkxQk2PapWvRWT7/pTzQGgFM/qlc6o7QXO9vhSBl9pCqW1RB05c
jyotIUayYGgd4D81smImOhRqMBxoMu9vyV+zKtvx2Wols8PRTBB6IfF3Xb3MZJ/M
qqqKhpnHsEbvFjUxMDTBAKbvn1Vq1Im27zjbRLGgDI9dZ/V1inT0pazyqku4E5V6
DZFu1uGAuNVanb3t+M/HneoGJF5NH/yEMQeUprwg+YQNWbnoxc5MEF9zEqWBF8pn
4p/mt5exoG/12iL1cRKjj3pKmS9GCu7QcjNw7qYTlG952FuqqGqmrq5kUmzTw9z8
nUs6yHWT0HA5og==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:25:49 2026 by rpki-client