Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.mft
File: JlNDThz2kK0m1HoDs_w1qAKnm1g.mft (raw, json)
Hash identifier: pDzg0FNMziiFR+ZhvaeGL12GSspFen+QFSp9Wdhu52Q=
Subject key identifier: 3A:6E:4C:49:FB:64:06:26:DC:E9:CF:CA:2B:CE:B2:A4:21:46:80:E2
Authority key identifier: 26:53:43:4E:1C:F6:90:AD:26:D4:7A:03:B3:FC:35:A8:02:A7:9B:58
Certificate issuer: /CN=2653434e1cf690ad26d47a03b3fc35a802a79b58
Certificate serial: 019D38662C2137854BAB24BBDD0FD82A0836
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JlNDThz2kK0m1HoDs_w1qAKnm1g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.mft
Manifest number: 0B7D
Signing time: Sun 29 Mar 2026 07:01:53 +0000
Manifest this update: Sun 29 Mar 2026 07:01:53 +0000
Manifest next update: Mon 30 Mar 2026 07:01:53 +0000
Files and hashes: 1: JlNDThz2kK0m1HoDs_w1qAKnm1g.crl (hash: Hf9VqR/hoRoIgebql03bKZl/EJUGv2iEXWpXedgdrzs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.mft
rsync://rpki.ripe.net/repository/DEFAULT/JlNDThz2kK0m1HoDs_w1qAKnm1g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:66:2c:21:37:85:4b:ab:24:bb:dd:0f:d8:2a:08:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2653434e1cf690ad26d47a03b3fc35a802a79b58
Validity
Not Before: Mar 29 07:01:53 2026 GMT
Not After : Mar 30 07:01:53 2026 GMT
Subject: CN=3a6e4c49fb640626dce9cfca2bceb2a4214680e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f3:31:62:3c:d7:2e:2a:ca:8e:ac:b9:4f:b7:
3e:a2:99:34:2f:c7:83:62:bd:a3:a4:da:9c:71:27:
88:2e:ca:8e:27:8a:d4:1e:ca:c6:38:c2:11:25:4a:
f8:8b:5f:3c:fb:c5:65:28:cf:d5:eb:77:7a:77:20:
09:75:66:65:46:fc:ea:a9:86:d8:45:5b:9e:e2:dc:
2b:d1:15:de:df:16:df:4a:02:d6:a0:73:73:3f:a5:
d8:48:0b:46:51:76:10:4b:fa:e5:b4:57:6b:51:59:
9c:e1:4f:29:e3:6e:c6:9f:8e:9a:47:21:ef:11:43:
5e:a9:00:7d:6a:d1:27:02:4d:65:67:ce:b4:b5:37:
e6:4e:5b:74:ce:65:5d:ee:7c:e6:e1:90:52:e3:1a:
76:fd:34:4c:9c:20:a5:bd:e5:91:a0:b8:07:ef:e9:
2e:cd:e0:96:bd:e0:ab:bf:01:71:d9:99:64:46:c3:
49:54:97:df:37:ea:47:0d:22:bd:f4:60:6a:1f:60:
69:86:30:ab:c3:59:0f:12:20:f2:cc:9c:77:76:b8:
e1:20:c5:da:bd:cb:3f:8c:dc:8a:7a:15:ec:6c:48:
4b:1a:85:71:35:3b:98:2e:3e:34:84:b0:6e:f8:b6:
2f:f4:03:60:88:50:ee:8b:6c:bd:20:bf:20:70:e5:
db:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:6E:4C:49:FB:64:06:26:DC:E9:CF:CA:2B:CE:B2:A4:21:46:80:E2
X509v3 Authority Key Identifier:
keyid:26:53:43:4E:1C:F6:90:AD:26:D4:7A:03:B3:FC:35:A8:02:A7:9B:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JlNDThz2kK0m1HoDs_w1qAKnm1g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/cba1ce-f01e-4f94-b5ae-cba5d978f371/1/JlNDThz2kK0m1HoDs_w1qAKnm1g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
32:17:b0:2b:b4:5c:6e:3e:82:6c:6a:4c:eb:95:f3:03:2d:88:
bb:42:34:df:03:2b:23:ae:6d:cb:c5:5a:31:ab:d0:75:40:8e:
a2:53:88:c2:a3:d2:a1:a0:d7:ec:1e:d9:08:5b:74:1f:04:71:
d4:c2:0a:86:3e:02:cc:73:95:e2:f1:e3:a3:bf:99:70:8b:6b:
99:ed:ad:9e:f4:71:65:e5:64:37:2e:a7:d2:7b:10:f4:80:04:
a3:7d:40:ce:77:07:37:1f:60:cf:86:d5:d5:d6:b6:af:35:ce:
93:8e:9a:fa:a0:c3:58:e7:dc:4a:e7:f2:a9:49:a0:d9:02:9c:
1c:f8:18:08:aa:6b:3c:4a:3c:e0:66:bf:c3:a2:65:31:a6:10:
e1:2f:5f:bb:0f:a3:50:f2:6c:0c:53:71:64:c9:8c:6e:36:c5:
27:1e:81:e3:cb:fc:fd:27:be:8c:9a:6e:42:14:ec:5b:6b:d4:
21:4f:f3:15:77:e9:3a:cc:e1:54:08:21:5f:ec:75:1f:22:58:
01:d2:60:32:52:6c:d2:ef:6d:5e:6e:fe:aa:00:dd:91:73:bf:
f8:9e:1d:c3:79:01:d8:4c:0e:12:fd:53:2a:a4:0c:ad:99:d8:
03:50:3a:29:92:b1:c1:c9:d8:4e:b1:f1:48:41:d7:8a:af:78:
12:70:32:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZiwhN4VLqyS73Q/YKgg2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NTM0MzRlMWNmNjkwYWQyNmQ0N2EwM2IzZmMzNWE4MDJh
NzliNTgwHhcNMjYwMzI5MDcwMTUzWhcNMjYwMzMwMDcwMTUzWjAzMTEwLwYDVQQD
EygzYTZlNGM0OWZiNjQwNjI2ZGNlOWNmY2EyYmNlYjJhNDIxNDY4MGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfMxYjzXLirKjqy5T7c+opk0L8eD
Yr2jpNqccSeILsqOJ4rUHsrGOMIRJUr4i188+8VlKM/V63d6dyAJdWZlRvzqqYbY
RVue4twr0RXe3xbfSgLWoHNzP6XYSAtGUXYQS/rltFdrUVmc4U8p427Gn46aRyHv
EUNeqQB9atEnAk1lZ860tTfmTlt0zmVd7nzm4ZBS4xp2/TRMnCClveWRoLgH7+ku
zeCWveCrvwFx2ZlkRsNJVJffN+pHDSK99GBqH2BphjCrw1kPEiDyzJx3drjhIMXa
vcs/jNyKehXsbEhLGoVxNTuYLj40hLBu+LYv9ANgiFDui2y9IL8gcOXbCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDpuTEn7ZAYm3OnPyivOsqQhRoDiMB8GA1UdIwQY
MBaAFCZTQ04c9pCtJtR6A7P8NagCp5tYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmxORFRoejJrSzBtMUhvRHNfdzFxQUtubTFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9jYmExY2UtZjAxZS00Zjk0LWI1YWUt
Y2JhNWQ5NzhmMzcxLzEvSmxORFRoejJrSzBtMUhvRHNfdzFxQUtubTFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9jYmExY2UtZjAxZS00Zjk0LWI1YWUtY2JhNWQ5NzhmMzcx
LzEvSmxORFRoejJrSzBtMUhvRHNfdzFxQUtubTFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMhewK7Rc
bj6CbGpM65XzAy2Iu0I03wMrI65ty8VaMavQdUCOolOIwqPSoaDX7B7ZCFt0HwRx
1MIKhj4CzHOV4vHjo7+ZcItrme2tnvRxZeVkNy6n0nsQ9IAEo31AzncHNx9gz4bV
1da2rzXOk46a+qDDWOfcSufyqUmg2QKcHPgYCKprPEo84Ga/w6JlMaYQ4S9fuw+j
UPJsDFNxZMmMbjbFJx6B48v8/Se+jJpuQhTsW2vUIU/zFXfpOszhVAghX+x1HyJY
AdJgMlJs0u9tXm7+qgDdkXO/+J4dw3kB2EwOEv1TKqQMrZnYA1A6KZKxwcnYTrHx
SEHXiq94EnAyfQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:10:02 2026 by rpki-client