Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft
File: Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft (raw, json)
Hash identifier: f4dSLNW2faOIbFxUZQ9sX6xWzWubGiRQGK4wSA1U1GQ=
Subject key identifier: AA:25:B0:96:FB:D9:AB:2A:D7:2D:A6:65:78:7B:DF:0D:C6:48:74:33
Authority key identifier: 49:F9:B8:80:F2:59:B8:81:90:70:2C:22:BF:83:21:71:B7:59:74:34
Certificate issuer: /CN=49f9b880f259b88190702c22bf832171b7597434
Certificate serial: 019D38668750C1BCCBC5EFAAE00422FF7BBC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft
Manifest number: 14E2
Signing time: Sun 29 Mar 2026 07:02:16 +0000
Manifest this update: Sun 29 Mar 2026 07:02:16 +0000
Manifest next update: Mon 30 Mar 2026 07:02:16 +0000
Files and hashes: 1: Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.crl (hash: WLU5P1PMCIQuDy63hGs1kykJk76XYkip1TRZRgsUbkA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:66:87:50:c1:bc:cb:c5:ef:aa:e0:04:22:ff:7b:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49f9b880f259b88190702c22bf832171b7597434
Validity
Not Before: Mar 29 07:02:16 2026 GMT
Not After : Mar 30 07:02:16 2026 GMT
Subject: CN=aa25b096fbd9ab2ad72da665787bdf0dc6487433
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:36:1c:22:8d:cf:76:56:fd:1f:1f:0d:57:1d:
f9:ec:0e:71:d1:d4:36:94:4c:e4:3f:7c:6a:f8:61:
ee:9d:c4:9f:de:4b:03:d9:40:bd:e6:78:bd:83:32:
73:d8:98:52:07:f1:cc:08:80:2f:48:1e:d2:d3:8e:
13:54:d3:b9:c6:23:52:f8:45:54:4b:36:87:00:32:
f8:47:6d:35:ce:95:63:b1:fb:ff:3a:0a:50:cc:87:
be:7c:53:7e:d2:b8:cf:80:7f:9f:7d:ca:b9:9e:86:
92:48:d7:0b:91:40:3b:19:94:70:c0:36:69:bb:ba:
13:4b:14:c1:19:67:d8:f7:0b:13:00:e9:83:e1:f0:
8e:cb:a0:e0:90:99:99:7e:04:f5:a0:f0:e2:21:03:
b2:f3:33:81:c0:77:52:40:ab:19:3e:49:6b:f6:b8:
b0:dc:bc:27:37:f2:d0:b5:f5:c0:97:aa:dc:13:d0:
37:80:d1:32:da:84:6d:fe:2b:88:d0:87:fb:31:74:
8c:a6:e9:18:cd:e0:17:e0:54:7e:db:36:c9:d1:6b:
85:65:e0:23:50:da:64:f1:d8:84:74:88:ac:15:56:
7e:cb:d3:89:a7:8a:b7:e4:6a:b0:76:a0:82:2b:4f:
a4:ca:4e:1d:c0:14:88:e4:b0:6c:84:18:2b:4f:8c:
f3:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:25:B0:96:FB:D9:AB:2A:D7:2D:A6:65:78:7B:DF:0D:C6:48:74:33
X509v3 Authority Key Identifier:
keyid:49:F9:B8:80:F2:59:B8:81:90:70:2C:22:BF:83:21:71:B7:59:74:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
41:88:c7:ec:e9:7f:48:00:8b:9b:07:e7:b7:fa:38:df:9d:bd:
e7:d4:cb:5f:ed:c8:cd:8c:2a:76:79:1d:dd:16:92:be:9d:c3:
e0:0b:96:4e:b8:52:2a:03:aa:b0:d5:d4:0c:5b:a2:2d:db:26:
62:28:1a:36:5e:c0:a1:42:f5:a5:5d:36:c6:c4:30:f2:a3:7e:
ba:fb:b4:4e:00:8c:99:96:7d:a4:a1:5d:b4:ca:97:48:8c:56:
4c:d6:42:dc:59:12:4b:57:f8:68:7f:c6:31:2b:7e:67:df:94:
af:bf:eb:6d:a0:13:8c:67:27:cb:38:14:53:20:1a:7b:03:19:
01:43:f9:9a:76:e2:ba:2d:56:e9:8a:1e:e2:96:55:cb:c5:6f:
e9:4e:51:01:ff:43:eb:fc:c1:4e:04:c3:87:ed:c1:93:85:3b:
32:7b:5e:7c:15:50:68:b3:92:78:98:df:cb:58:eb:c7:17:cc:
dc:24:0a:2a:d8:ff:ad:02:78:d8:fc:47:dc:a6:82:70:fe:ff:
4f:46:21:33:7b:09:86:06:15:c7:4a:cb:e3:77:55:c2:42:ad:
3b:8f:a9:79:5b:0f:ed:d4:a2:1f:42:84:e0:6c:37:6b:6c:06:
d1:9d:ee:f5:07:c9:48:b4:44:aa:a9:2c:3b:66:52:11:be:34:
ee:ed:db:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZodQwbzLxe+q4AQi/3u8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZjliODgwZjI1OWI4ODE5MDcwMmMyMmJmODMyMTcxYjc1
OTc0MzQwHhcNMjYwMzI5MDcwMjE2WhcNMjYwMzMwMDcwMjE2WjAzMTEwLwYDVQQD
EyhhYTI1YjA5NmZiZDlhYjJhZDcyZGE2NjU3ODdiZGYwZGM2NDg3NDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6DYcIo3Pdlb9Hx8NVx357A5x0dQ2
lEzkP3xq+GHuncSf3ksD2UC95ni9gzJz2JhSB/HMCIAvSB7S044TVNO5xiNS+EVU
SzaHADL4R201zpVjsfv/OgpQzIe+fFN+0rjPgH+ffcq5noaSSNcLkUA7GZRwwDZp
u7oTSxTBGWfY9wsTAOmD4fCOy6DgkJmZfgT1oPDiIQOy8zOBwHdSQKsZPklr9riw
3LwnN/LQtfXAl6rcE9A3gNEy2oRt/iuI0If7MXSMpukYzeAX4FR+2zbJ0WuFZeAj
UNpk8diEdIisFVZ+y9OJp4q35GqwdqCCK0+kyk4dwBSI5LBshBgrT4zzEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKolsJb72asq1y2mZXh73w3GSHQzMB8GA1UdIwQY
MBaAFEn5uIDyWbiBkHAsIr+DIXG3WXQ0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2ZtNGdQSlp1SUdRY0N3aXY0TWhjYmRaZERRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9hOTk4YmItM2JjMy00NTk3LThkY2Mt
YzRmMjI1MzZhYjA1LzEvU2ZtNGdQSlp1SUdRY0N3aXY0TWhjYmRaZERRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9hOTk4YmItM2JjMy00NTk3LThkY2MtYzRmMjI1MzZhYjA1
LzEvU2ZtNGdQSlp1SUdRY0N3aXY0TWhjYmRaZERRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQYjH7Ol/
SACLmwfnt/o4352959TLX+3IzYwqdnkd3RaSvp3D4AuWTrhSKgOqsNXUDFuiLdsm
YigaNl7AoUL1pV02xsQw8qN+uvu0TgCMmZZ9pKFdtMqXSIxWTNZC3FkSS1f4aH/G
MSt+Z9+Ur7/rbaATjGcnyzgUUyAaewMZAUP5mnbiui1W6Yoe4pZVy8Vv6U5RAf9D
6/zBTgTDh+3Bk4U7MntefBVQaLOSeJjfy1jrxxfM3CQKKtj/rQJ42PxH3KaCcP7/
T0YhM3sJhgYVx0rL43dVwkKtO4+peVsP7dSiH0KE4Gw3a2wG0Z3u9QfJSLREqqks
O2ZSEb407u3b8Q==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:35:17 2026 by rpki-client