Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/0942ec-2e9f-4172-8c53-c4946b8e630d/1/rKcX8QfgYizkyz71KwFU-n-baS0.mft
File: rKcX8QfgYizkyz71KwFU-n-baS0.mft (raw, json)
Hash identifier: Oa3vhUI8RBHvYkXChb26rjoZUl0I5bKuG3DZIt47EEk=
Subject key identifier: C2:5E:E2:DB:37:E3:B2:14:86:88:10:FD:62:25:BE:65:CE:1E:9D:B2
Authority key identifier: AC:A7:17:F1:07:E0:62:2C:E4:CB:3E:F5:2B:01:54:FA:7F:9B:69:2D
Certificate issuer: /CN=aca717f107e0622ce4cb3ef52b0154fa7f9b692d
Certificate serial: 019D3865E6DF4F728679D5B37331D77FBD8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKcX8QfgYizkyz71KwFU-n-baS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/0942ec-2e9f-4172-8c53-c4946b8e630d/1/rKcX8QfgYizkyz71KwFU-n-baS0.mft
Manifest number: 140D
Signing time: Sun 29 Mar 2026 07:01:35 +0000
Manifest this update: Sun 29 Mar 2026 07:01:35 +0000
Manifest next update: Mon 30 Mar 2026 07:01:35 +0000
Files and hashes: 1: rKcX8QfgYizkyz71KwFU-n-baS0.crl (hash: o0Fg+LIgOhmO551pjRe7VDB0OjEk84CEneNdYLvFfgg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/0942ec-2e9f-4172-8c53-c4946b8e630d/1/rKcX8QfgYizkyz71KwFU-n-baS0.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/0942ec-2e9f-4172-8c53-c4946b8e630d/1/rKcX8QfgYizkyz71KwFU-n-baS0.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKcX8QfgYizkyz71KwFU-n-baS0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:65:e6:df:4f:72:86:79:d5:b3:73:31:d7:7f:bd:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca717f107e0622ce4cb3ef52b0154fa7f9b692d
Validity
Not Before: Mar 29 07:01:35 2026 GMT
Not After : Mar 30 07:01:35 2026 GMT
Subject: CN=c25ee2db37e3b214868810fd6225be65ce1e9db2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:e7:a2:ae:e0:f3:86:a1:bd:e7:4d:9b:e7:52:
3a:12:a8:90:ae:c4:28:4c:b5:18:eb:79:5a:ae:2e:
5b:7c:80:88:42:5e:bf:98:35:53:01:94:39:1c:9b:
8d:9c:c8:eb:5d:29:a3:9d:b8:f8:e8:22:b1:ee:91:
f0:7b:54:c0:a2:08:64:33:f7:13:cf:14:57:58:8d:
1c:0d:4e:64:8f:d1:a3:38:10:12:f9:03:45:49:85:
83:a9:6f:5a:a0:1d:34:f8:37:c1:0f:d1:8a:26:33:
5b:e7:28:ad:68:a5:9e:8b:31:2b:d4:6a:eb:6d:ba:
6f:f6:06:9b:11:1a:6f:01:2e:2b:36:79:6e:24:79:
5d:fd:d8:40:10:01:54:6a:61:3a:b3:9a:a5:11:a1:
81:8a:ec:0e:f7:9c:9a:94:f2:86:fb:75:f8:e2:04:
36:11:b2:e2:fd:60:ab:37:a5:6d:e2:7c:df:b4:5b:
0e:71:15:3c:1b:32:d2:4d:60:6b:25:4a:ef:07:c9:
ca:30:cb:82:0c:e2:9b:11:63:bb:d2:a4:05:cc:7e:
44:8f:76:f3:d9:45:de:a3:85:5a:de:1b:98:a4:a7:
11:50:82:80:b3:68:91:f9:94:08:b6:e9:2b:d1:ae:
71:be:b7:de:fc:89:a8:7c:df:d8:4b:c0:38:8d:c1:
64:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:5E:E2:DB:37:E3:B2:14:86:88:10:FD:62:25:BE:65:CE:1E:9D:B2
X509v3 Authority Key Identifier:
keyid:AC:A7:17:F1:07:E0:62:2C:E4:CB:3E:F5:2B:01:54:FA:7F:9B:69:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKcX8QfgYizkyz71KwFU-n-baS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/0942ec-2e9f-4172-8c53-c4946b8e630d/1/rKcX8QfgYizkyz71KwFU-n-baS0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/0942ec-2e9f-4172-8c53-c4946b8e630d/1/rKcX8QfgYizkyz71KwFU-n-baS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
92:09:bb:17:3c:49:bf:3c:7b:f6:4f:d2:29:84:67:f9:8e:ca:
fe:ab:59:81:de:11:4d:3b:0a:13:f5:bf:63:cf:0e:c1:18:18:
6a:2f:4b:5b:c8:03:72:3b:f1:ac:5b:68:71:d6:74:e2:e0:af:
67:7d:a3:67:ef:a2:6e:72:57:0d:6a:a4:6c:1a:e9:e9:13:7f:
b0:19:80:66:3c:2c:1e:89:08:41:9d:e1:53:c7:f8:fb:41:97:
fe:94:56:ae:be:c4:c1:35:94:f7:17:c2:79:45:a7:b9:02:71:
a0:5f:f6:05:81:5b:77:a5:f3:87:a0:09:57:b2:14:0f:05:87:
5d:51:80:f6:e8:93:54:78:ff:f2:76:4d:0c:bf:77:86:2f:50:
d7:a9:60:aa:27:72:fc:eb:c8:11:fb:f0:f1:6a:6f:b9:94:aa:
fd:f6:3f:94:80:01:88:0a:87:39:1b:a3:ec:6d:39:fd:0c:97:
e7:85:c3:6e:59:1b:42:9f:6b:f7:5e:c4:d3:2b:2e:7b:9c:44:
ff:09:8c:88:36:c7:a2:41:d3:c8:a7:17:07:bb:9f:7a:bf:c9:
bf:a9:74:1d:3d:e4:75:c7:69:a7:c3:9b:2c:7d:26:63:a6:7f:
fb:b6:bd:f7:5d:ca:ca:74:81:c8:09:14:c0:00:de:80:0b:20:
31:74:b0:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZebfT3KGedWzczHXf72KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTcxN2YxMDdlMDYyMmNlNGNiM2VmNTJiMDE1NGZhN2Y5
YjY5MmQwHhcNMjYwMzI5MDcwMTM1WhcNMjYwMzMwMDcwMTM1WjAzMTEwLwYDVQQD
EyhjMjVlZTJkYjM3ZTNiMjE0ODY4ODEwZmQ2MjI1YmU2NWNlMWU5ZGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+eiruDzhqG9502b51I6EqiQrsQo
TLUY63lari5bfICIQl6/mDVTAZQ5HJuNnMjrXSmjnbj46CKx7pHwe1TAoghkM/cT
zxRXWI0cDU5kj9GjOBAS+QNFSYWDqW9aoB00+DfBD9GKJjNb5yitaKWeizEr1Grr
bbpv9gabERpvAS4rNnluJHld/dhAEAFUamE6s5qlEaGBiuwO95yalPKG+3X44gQ2
EbLi/WCrN6Vt4nzftFsOcRU8GzLSTWBrJUrvB8nKMMuCDOKbEWO70qQFzH5Ej3bz
2UXeo4Va3huYpKcRUIKAs2iR+ZQItukr0a5xvrfe/ImofN/YS8A4jcFk4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMJe4ts347IUhogQ/WIlvmXOHp2yMB8GA1UdIwQY
MBaAFKynF/EH4GIs5Ms+9SsBVPp/m2ktMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktjWDhRZmdZaXpreXo3MUt3RlUtbi1iYVMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8wOTQyZWMtMmU5Zi00MTcyLThjNTMt
YzQ5NDZiOGU2MzBkLzEvcktjWDhRZmdZaXpreXo3MUt3RlUtbi1iYVMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8wOTQyZWMtMmU5Zi00MTcyLThjNTMtYzQ5NDZiOGU2MzBk
LzEvcktjWDhRZmdZaXpreXo3MUt3RlUtbi1iYVMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkgm7FzxJ
vzx79k/SKYRn+Y7K/qtZgd4RTTsKE/W/Y88OwRgYai9LW8gDcjvxrFtocdZ04uCv
Z32jZ++ibnJXDWqkbBrp6RN/sBmAZjwsHokIQZ3hU8f4+0GX/pRWrr7EwTWU9xfC
eUWnuQJxoF/2BYFbd6Xzh6AJV7IUDwWHXVGA9uiTVHj/8nZNDL93hi9Q16lgqidy
/OvIEfvw8WpvuZSq/fY/lIABiAqHORuj7G05/QyX54XDblkbQp9r917E0ysue5xE
/wmMiDbHokHTyKcXB7ufer/Jv6l0HT3kdcdpp8ObLH0mY6Z/+7a9913KynSByAkU
wADegAsgMXSwFg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:51:47 2026 by rpki-client