Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/338fc0-7025-49ea-a52d-21b034c2f8dc/1/04nufcekvqjSach0bP59NhmNIh4.mft
File: 04nufcekvqjSach0bP59NhmNIh4.mft (raw, json)
Hash identifier: 3bmXiSwuUC1JlrW/K5EQHV5D4ZXZAuEQVwLJ5roTTnM=
Subject key identifier: 5B:32:09:3C:00:4A:51:6E:42:8E:D7:3E:DA:C1:47:50:C8:21:89:23
Authority key identifier: D3:89:EE:7D:C7:A4:BE:A8:D2:69:C8:74:6C:FE:7D:36:19:8D:22:1E
Certificate issuer: /CN=d389ee7dc7a4bea8d269c8746cfe7d36198d221e
Certificate serial: 019D3789CC9DB54A30631996BD4AE33E76EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/04nufcekvqjSach0bP59NhmNIh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/338fc0-7025-49ea-a52d-21b034c2f8dc/1/04nufcekvqjSach0bP59NhmNIh4.mft
Manifest number: BA
Signing time: Sun 29 Mar 2026 03:01:10 +0000
Manifest this update: Sun 29 Mar 2026 03:01:10 +0000
Manifest next update: Mon 30 Mar 2026 03:01:10 +0000
Files and hashes: 1: 04nufcekvqjSach0bP59NhmNIh4.crl (hash: Pc4sidOdHhl7SpiLAe8vug5MV4tmVsS3ejZgUlKnHHo=)
2: DMYjGVXF04RFwUn6UCWXk-mgrnQ.roa (hash: 1IKdEVdxinUDX4GEoCU9iDa0wsb9FYEO+VbnWoVZHRQ=)
3: uldmgPFlTuQeBt-ipePLSPYN-eI.asa (hash: kElPpLT8qkmreugOZZKYSI8vXfLFDf0CKmt+bqNFxbU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/338fc0-7025-49ea-a52d-21b034c2f8dc/1/04nufcekvqjSach0bP59NhmNIh4.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/338fc0-7025-49ea-a52d-21b034c2f8dc/1/04nufcekvqjSach0bP59NhmNIh4.mft
rsync://rpki.ripe.net/repository/DEFAULT/04nufcekvqjSach0bP59NhmNIh4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 03:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:89:cc:9d:b5:4a:30:63:19:96:bd:4a:e3:3e:76:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d389ee7dc7a4bea8d269c8746cfe7d36198d221e
Validity
Not Before: Mar 29 03:01:10 2026 GMT
Not After : Mar 30 03:01:10 2026 GMT
Subject: CN=5b32093c004a516e428ed73edac14750c8218923
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7d:c9:bd:c2:e7:36:33:3d:bc:34:36:e8:bb:
c0:3a:f3:e7:eb:13:ca:2e:11:2c:fd:ad:7f:35:6c:
b4:b5:bb:20:66:23:03:11:80:83:2b:44:9f:9c:f1:
3e:cf:e5:21:40:72:a2:d3:45:77:02:55:af:10:f8:
1f:d6:4a:1a:16:99:36:fe:b9:05:3c:09:29:9f:3d:
03:e5:35:c2:cd:11:95:38:91:83:c4:4f:aa:bf:38:
e6:a8:bc:01:3b:d0:98:6d:15:cc:d4:b9:81:fe:0b:
45:ec:d3:09:f3:8f:d1:28:f3:3e:31:bb:41:cd:a2:
b9:e8:9f:c5:cd:42:59:62:cc:05:81:06:ab:70:c4:
33:db:39:12:f1:14:89:86:b4:a8:f9:aa:b0:99:a9:
fd:d8:31:c4:7f:24:1f:99:ce:6f:75:96:ab:3c:24:
6a:1c:b2:42:fa:d6:77:2c:62:04:67:ea:16:d3:19:
23:47:6d:69:d8:43:fc:c2:c1:63:57:96:9d:3b:e0:
71:46:53:e1:5b:35:83:ef:07:35:9f:a0:80:d2:3a:
ce:3a:fc:38:54:84:ff:4f:a3:67:d3:86:58:d5:b7:
fd:db:0d:4a:a0:6d:d9:1a:45:76:34:b4:af:42:62:
14:e6:58:4f:1e:ec:94:52:85:09:f6:7f:45:50:5a:
8f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:32:09:3C:00:4A:51:6E:42:8E:D7:3E:DA:C1:47:50:C8:21:89:23
X509v3 Authority Key Identifier:
keyid:D3:89:EE:7D:C7:A4:BE:A8:D2:69:C8:74:6C:FE:7D:36:19:8D:22:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/04nufcekvqjSach0bP59NhmNIh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/338fc0-7025-49ea-a52d-21b034c2f8dc/1/04nufcekvqjSach0bP59NhmNIh4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/338fc0-7025-49ea-a52d-21b034c2f8dc/1/04nufcekvqjSach0bP59NhmNIh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8b:a1:9c:d5:b2:2d:62:58:ae:14:48:05:27:7a:ef:5b:69:72:
26:da:2d:13:2c:24:7f:a0:58:4a:a0:c6:60:05:4f:2c:52:80:
88:33:a3:0b:6f:35:31:3c:0c:88:a2:b4:44:05:aa:1d:42:28:
41:aa:0e:33:06:76:a9:7d:cb:6c:e5:37:1b:8c:23:15:96:cb:
96:9f:a1:40:99:6f:0c:fe:89:2b:05:21:53:7c:a9:d9:7b:1e:
5a:d7:b2:ff:53:df:6e:c2:30:d2:43:c2:16:b9:cb:fa:01:82:
d9:c2:6d:fc:da:3a:2a:42:a7:b6:9d:be:53:e3:fe:a0:3d:97:
2b:9f:8c:5c:b0:5a:d3:0c:8e:05:74:e1:fc:61:4d:3c:73:47:
af:3e:5c:41:7c:c3:e2:41:d4:20:f8:d5:cf:ef:97:c3:c3:bf:
98:78:dd:3b:85:bb:4e:4e:99:63:79:44:bb:8a:0e:a0:2e:7c:
e9:69:bc:eb:1e:c3:86:5d:67:2f:ba:7f:a7:f5:01:ee:f5:da:
cf:7c:56:cf:58:b4:ed:9a:b4:70:a5:f2:43:a4:41:49:40:f5:
33:60:36:d3:be:1c:f4:41:80:fb:41:fb:66:51:78:63:ce:24:
f3:6e:4a:77:75:25:3e:d1:ea:2d:a8:1a:f4:16:f7:49:e7:3f:
08:07:1d:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03icydtUowYxmWvUrjPnbsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzODllZTdkYzdhNGJlYThkMjY5Yzg3NDZjZmU3ZDM2MTk4
ZDIyMWUwHhcNMjYwMzI5MDMwMTEwWhcNMjYwMzMwMDMwMTEwWjAzMTEwLwYDVQQD
Eyg1YjMyMDkzYzAwNGE1MTZlNDI4ZWQ3M2VkYWMxNDc1MGM4MjE4OTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxX3JvcLnNjM9vDQ26LvAOvPn6xPK
LhEs/a1/NWy0tbsgZiMDEYCDK0SfnPE+z+UhQHKi00V3AlWvEPgf1koaFpk2/rkF
PAkpnz0D5TXCzRGVOJGDxE+qvzjmqLwBO9CYbRXM1LmB/gtF7NMJ84/RKPM+MbtB
zaK56J/FzUJZYswFgQarcMQz2zkS8RSJhrSo+aqwman92DHEfyQfmc5vdZarPCRq
HLJC+tZ3LGIEZ+oW0xkjR21p2EP8wsFjV5adO+BxRlPhWzWD7wc1n6CA0jrOOvw4
VIT/T6Nn04ZY1bf92w1KoG3ZGkV2NLSvQmIU5lhPHuyUUoUJ9n9FUFqPTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFsyCTwASlFuQo7XPtrBR1DIIYkjMB8GA1UdIwQY
MBaAFNOJ7n3HpL6o0mnIdGz+fTYZjSIeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDRudWZjZWt2cWpTYWNoMGJQNTlOaG1OSWg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8zMzhmYzAtNzAyNS00OWVhLWE1MmQt
MjFiMDM0YzJmOGRjLzEvMDRudWZjZWt2cWpTYWNoMGJQNTlOaG1OSWg0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8zMzhmYzAtNzAyNS00OWVhLWE1MmQtMjFiMDM0YzJmOGRj
LzEvMDRudWZjZWt2cWpTYWNoMGJQNTlOaG1OSWg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi6Gc1bIt
YliuFEgFJ3rvW2lyJtotEywkf6BYSqDGYAVPLFKAiDOjC281MTwMiKK0RAWqHUIo
QaoOMwZ2qX3LbOU3G4wjFZbLlp+hQJlvDP6JKwUhU3yp2XseWtey/1PfbsIw0kPC
FrnL+gGC2cJt/No6KkKntp2+U+P+oD2XK5+MXLBa0wyOBXTh/GFNPHNHrz5cQXzD
4kHUIPjVz++Xw8O/mHjdO4W7Tk6ZY3lEu4oOoC586Wm86x7Dhl1nL7p/p/UB7vXa
z3xWz1i07Zq0cKXyQ6RBSUD1M2A2074c9EGA+0H7ZlF4Y84k825Kd3UlPtHqLaga
9Bb3Sec/CAcd+g==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:35:18 2026 by rpki-client