Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/b8a9e7-9450-436c-bf90-8e90466bad38/1/VKFL5hl1Xu7rkf4vYqHU7geGFJY.mft
File: VKFL5hl1Xu7rkf4vYqHU7geGFJY.mft (raw, json)
Hash identifier: CX39/ijghMKcOFsu+/WGlX2Ti1sDO8ev9kcDqOueaJg=
Subject key identifier: E5:B4:11:C2:B5:BD:5A:40:37:5C:CB:6E:D9:01:A7:58:C7:69:1A:81
Authority key identifier: 54:A1:4B:E6:19:75:5E:EE:EB:91:FE:2F:62:A1:D4:EE:07:86:14:96
Certificate issuer: /CN=54a14be619755eeeeb91fe2f62a1d4ee07861496
Certificate serial: 019D3A1C44BB474192D0FF5AB04207CFCBB4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VKFL5hl1Xu7rkf4vYqHU7geGFJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/b8a9e7-9450-436c-bf90-8e90466bad38/1/VKFL5hl1Xu7rkf4vYqHU7geGFJY.mft
Manifest number: 0F89
Signing time: Sun 29 Mar 2026 15:00:24 +0000
Manifest this update: Sun 29 Mar 2026 15:00:24 +0000
Manifest next update: Mon 30 Mar 2026 15:00:24 +0000
Files and hashes: 1: 3BS1Vk6oY_4Q-IA4IkoRCzuBzcM.roa (hash: gfB5bbDDulAvXz0n1M7KzaA+1p0+Euw0D8YsIhe2tHw=)
2: VKFL5hl1Xu7rkf4vYqHU7geGFJY.crl (hash: iu7tRm0POKZXB3ERNqKoCCcLaVN/tMz0fUVQZmPBVYI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/b8a9e7-9450-436c-bf90-8e90466bad38/1/VKFL5hl1Xu7rkf4vYqHU7geGFJY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/b8a9e7-9450-436c-bf90-8e90466bad38/1/VKFL5hl1Xu7rkf4vYqHU7geGFJY.mft
rsync://rpki.ripe.net/repository/DEFAULT/VKFL5hl1Xu7rkf4vYqHU7geGFJY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 15:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3a:1c:44:bb:47:41:92:d0:ff:5a:b0:42:07:cf:cb:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54a14be619755eeeeb91fe2f62a1d4ee07861496
Validity
Not Before: Mar 29 15:00:24 2026 GMT
Not After : Mar 30 15:00:24 2026 GMT
Subject: CN=e5b411c2b5bd5a40375ccb6ed901a758c7691a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6f:85:7c:fa:02:9e:94:17:a4:ab:bc:aa:09:
c9:33:31:f1:27:ae:e9:d5:d4:10:5e:d6:bb:65:d0:
c7:f5:8e:c5:23:ad:91:c2:62:59:75:b7:95:63:ad:
d6:ad:6c:47:ac:36:e1:11:b2:99:ed:fd:2c:c6:5b:
96:0f:86:ef:c7:ec:ad:d6:f4:d7:b1:eb:72:4e:d5:
d9:7f:c5:3e:1a:a3:57:3f:91:03:b1:cd:7f:05:c6:
3d:7c:43:6a:18:5c:93:d0:45:d9:66:1f:2a:d5:7c:
5c:67:4a:54:59:f2:d6:b2:b2:65:c6:50:c3:a8:91:
07:79:52:88:4a:d0:27:b0:6c:0e:bb:35:48:7e:ed:
37:36:be:5e:67:ce:4f:fa:37:8d:69:5a:10:23:15:
af:53:d9:b0:51:34:98:41:9c:e6:a7:d0:5f:e8:d6:
c4:16:25:4d:1c:b8:56:ff:cd:67:61:43:ec:50:f0:
a0:e9:25:2d:4c:ae:a2:4f:24:c8:07:38:f0:75:39:
3f:5e:a4:ca:2d:70:ec:c5:0b:a5:e0:82:4c:6d:4c:
1f:9d:22:5f:8e:8f:bd:e2:89:35:93:54:84:02:15:
14:7b:73:ca:38:2e:eb:28:06:75:a2:29:8f:3b:08:
b6:db:5d:0c:bf:5e:47:54:11:60:7d:2d:96:55:f5:
54:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:B4:11:C2:B5:BD:5A:40:37:5C:CB:6E:D9:01:A7:58:C7:69:1A:81
X509v3 Authority Key Identifier:
keyid:54:A1:4B:E6:19:75:5E:EE:EB:91:FE:2F:62:A1:D4:EE:07:86:14:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VKFL5hl1Xu7rkf4vYqHU7geGFJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/b8a9e7-9450-436c-bf90-8e90466bad38/1/VKFL5hl1Xu7rkf4vYqHU7geGFJY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/b8a9e7-9450-436c-bf90-8e90466bad38/1/VKFL5hl1Xu7rkf4vYqHU7geGFJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:bf:f1:ba:36:aa:e6:bb:0a:96:9a:97:71:99:e9:0f:92:61:
80:1f:fd:b7:4d:74:99:71:4f:10:8d:07:9c:c1:80:24:88:f0:
79:41:db:c7:f7:17:38:73:37:8b:2f:92:31:18:47:54:6b:fc:
9b:3b:17:da:6a:23:93:3f:60:38:3a:16:8e:93:bb:27:4e:77:
c4:b6:cd:fe:58:2b:0d:49:13:ba:6d:b2:53:be:71:55:f5:60:
48:24:89:21:40:e7:1a:cc:b8:e5:99:5c:74:e3:97:cf:30:d3:
ac:42:e1:86:ee:4b:99:34:1f:37:36:fb:a1:04:db:74:39:a4:
8d:60:13:fa:0e:55:74:68:43:8e:52:42:fc:0e:d1:31:43:8a:
e5:9c:90:ca:a7:06:37:92:1a:fd:18:80:78:8d:aa:7a:52:f9:
2d:3b:c0:b5:10:49:9c:15:a9:b7:10:f5:7e:75:1e:6a:fa:c6:
0b:66:e9:6d:07:f8:b9:5e:4e:27:15:88:5d:55:9b:96:1a:9f:
44:88:7f:8c:aa:61:05:1e:7b:40:9c:b0:ba:be:57:c1:b8:48:
d8:fc:d5:f5:68:ca:9a:1a:ee:38:03:84:67:6e:23:9f:78:fc:
c6:98:3d:0b:3b:e6:fe:f2:14:fb:09:6c:d1:64:0b:df:44:bb:
cc:01:59:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06HES7R0GS0P9asEIHz8u0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0YTE0YmU2MTk3NTVlZWVlYjkxZmUyZjYyYTFkNGVlMDc4
NjE0OTYwHhcNMjYwMzI5MTUwMDI0WhcNMjYwMzMwMTUwMDI0WjAzMTEwLwYDVQQD
EyhlNWI0MTFjMmI1YmQ1YTQwMzc1Y2NiNmVkOTAxYTc1OGM3NjkxYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsG+FfPoCnpQXpKu8qgnJMzHxJ67p
1dQQXta7ZdDH9Y7FI62RwmJZdbeVY63WrWxHrDbhEbKZ7f0sxluWD4bvx+yt1vTX
setyTtXZf8U+GqNXP5EDsc1/BcY9fENqGFyT0EXZZh8q1XxcZ0pUWfLWsrJlxlDD
qJEHeVKIStAnsGwOuzVIfu03Nr5eZ85P+jeNaVoQIxWvU9mwUTSYQZzmp9Bf6NbE
FiVNHLhW/81nYUPsUPCg6SUtTK6iTyTIBzjwdTk/XqTKLXDsxQul4IJMbUwfnSJf
jo+94ok1k1SEAhUUe3PKOC7rKAZ1oimPOwi2210Mv15HVBFgfS2WVfVU0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOW0EcK1vVpAN1zLbtkBp1jHaRqBMB8GA1UdIwQY
MBaAFFShS+YZdV7u65H+L2Kh1O4HhhSWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVktGTDVobDFYdTdya2Y0dllxSFU3Z2VHRkpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iOGE5ZTctOTQ1MC00MzZjLWJmOTAt
OGU5MDQ2NmJhZDM4LzEvVktGTDVobDFYdTdya2Y0dllxSFU3Z2VHRkpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iOGE5ZTctOTQ1MC00MzZjLWJmOTAtOGU5MDQ2NmJhZDM4
LzEvVktGTDVobDFYdTdya2Y0dllxSFU3Z2VHRkpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGr/xujaq
5rsKlpqXcZnpD5JhgB/9t010mXFPEI0HnMGAJIjweUHbx/cXOHM3iy+SMRhHVGv8
mzsX2mojkz9gODoWjpO7J053xLbN/lgrDUkTum2yU75xVfVgSCSJIUDnGsy45Zlc
dOOXzzDTrELhhu5LmTQfNzb7oQTbdDmkjWAT+g5VdGhDjlJC/A7RMUOK5ZyQyqcG
N5Ia/RiAeI2qelL5LTvAtRBJnBWptxD1fnUeavrGC2bpbQf4uV5OJxWIXVWblhqf
RIh/jKphBR57QJywur5XwbhI2PzV9WjKmhruOAOEZ24jn3j8xpg9Czvm/vIU+wls
0WQL30S7zAFZOA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 21:22:04 2026 by rpki-client