Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/b36636-3306-448f-8ecf-56482b390678/1/U8DiB45PPrpfh5UD_dgJw4O7dig.mft
File: U8DiB45PPrpfh5UD_dgJw4O7dig.mft (raw, json)
Hash identifier: 4wmZba86leP0Otn7fgiTUajVQ3WS1jhcwDrUYkN3KlU=
Subject key identifier: AC:53:31:59:11:81:D6:4D:BF:38:B7:B3:43:D6:FE:3C:66:1C:F0:48
Authority key identifier: 53:C0:E2:07:8E:4F:3E:BA:5F:87:95:03:FD:D8:09:C3:83:BB:76:28
Certificate issuer: /CN=53c0e2078e4f3eba5f879503fdd809c383bb7628
Certificate serial: 019D39E5DA59B0BA291AC3FACD2BEEE1D496
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U8DiB45PPrpfh5UD_dgJw4O7dig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/b36636-3306-448f-8ecf-56482b390678/1/U8DiB45PPrpfh5UD_dgJw4O7dig.mft
Manifest number: 128D
Signing time: Sun 29 Mar 2026 14:00:58 +0000
Manifest this update: Sun 29 Mar 2026 14:00:58 +0000
Manifest next update: Mon 30 Mar 2026 14:00:58 +0000
Files and hashes: 1: 1-GMVzwMDxSiYZaD7figfVQ0BMo8.roa (hash: 6cucZyQkv8Clqp8Dmj2mB2zHAVxhCmtUwPlqKFCqEpw=)
2: U8DiB45PPrpfh5UD_dgJw4O7dig.crl (hash: a+vLB3Bar4JeoGh1AY/VmZn22a1tt8DB/XDfDcCgvXE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/b36636-3306-448f-8ecf-56482b390678/1/U8DiB45PPrpfh5UD_dgJw4O7dig.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/b36636-3306-448f-8ecf-56482b390678/1/U8DiB45PPrpfh5UD_dgJw4O7dig.mft
rsync://rpki.ripe.net/repository/DEFAULT/U8DiB45PPrpfh5UD_dgJw4O7dig.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 14:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:e5:da:59:b0:ba:29:1a:c3:fa:cd:2b:ee:e1:d4:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53c0e2078e4f3eba5f879503fdd809c383bb7628
Validity
Not Before: Mar 29 14:00:58 2026 GMT
Not After : Mar 30 14:00:58 2026 GMT
Subject: CN=ac5331591181d64dbf38b7b343d6fe3c661cf048
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:0a:ca:09:07:a6:f6:d6:3a:d3:65:f3:ff:9e:
1f:9f:56:f6:64:1e:f8:3a:79:90:47:ff:ca:03:a2:
dd:b8:63:c5:4e:cd:dc:a9:cc:9a:05:3b:50:fd:ce:
a9:a8:ac:c7:f9:5a:55:d9:d5:f8:91:3d:8a:30:db:
d3:f3:81:73:59:f1:0c:a5:0b:ad:6c:fd:d1:53:e1:
e2:3a:50:51:51:ce:65:b9:40:0f:c8:3a:b5:89:94:
fb:8d:f2:52:3a:e9:6d:29:50:df:81:fd:97:d3:f1:
12:3b:73:04:b2:fb:75:24:e1:54:60:1e:ca:92:d0:
aa:2f:e7:05:f9:45:ca:36:01:cf:e9:b1:85:91:47:
8f:48:0e:d4:0e:2b:b4:35:d2:98:56:80:77:90:7f:
1e:31:5c:37:a6:8a:32:e3:fa:d2:47:9e:c4:5d:34:
41:86:fa:ce:1c:64:eb:c6:fe:8f:16:f6:5b:e9:d0:
f7:ed:cf:b3:af:8d:1b:79:cf:8d:b7:60:37:75:96:
67:f9:d5:dd:90:a6:f2:7b:fb:28:52:c7:62:d0:fe:
3b:12:6a:cc:31:f2:83:8e:55:c6:6e:e6:4f:07:52:
67:1e:5f:7e:62:59:76:5f:29:99:81:3e:69:52:b3:
f8:31:e8:32:85:1a:04:7a:ed:53:4f:95:35:46:31:
6f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:53:31:59:11:81:D6:4D:BF:38:B7:B3:43:D6:FE:3C:66:1C:F0:48
X509v3 Authority Key Identifier:
keyid:53:C0:E2:07:8E:4F:3E:BA:5F:87:95:03:FD:D8:09:C3:83:BB:76:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U8DiB45PPrpfh5UD_dgJw4O7dig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/b36636-3306-448f-8ecf-56482b390678/1/U8DiB45PPrpfh5UD_dgJw4O7dig.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/b36636-3306-448f-8ecf-56482b390678/1/U8DiB45PPrpfh5UD_dgJw4O7dig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
43:c9:6e:09:88:fc:ff:3a:67:b7:01:4e:d9:05:a6:16:a6:75:
1c:e3:fe:d5:e8:9e:5d:34:ce:bc:98:64:af:3c:13:8a:68:93:
3c:a0:90:a8:3d:b0:9d:cd:12:91:78:7c:8f:8b:f1:71:19:8d:
16:1b:d5:6f:73:01:0b:2f:ab:b3:d0:20:a0:9e:13:ed:20:d1:
9e:8f:cb:a8:a5:4b:5b:28:83:ad:86:ea:d6:b7:ec:73:6d:e6:
8b:d4:07:ae:4e:6e:49:5e:d7:00:4f:a9:16:f3:a2:9a:53:79:
6b:70:df:36:d9:c6:87:57:7b:ca:c2:7d:4d:4b:b3:a2:bd:e3:
b3:63:0d:52:d1:f0:7f:24:37:e3:45:15:cc:00:a9:28:de:51:
3e:5f:e6:d5:8c:41:67:61:d7:1d:23:d7:00:40:94:14:6f:69:
bb:28:71:09:03:0b:e6:33:d5:2e:61:e5:5b:dc:d8:29:e1:93:
08:94:26:ef:30:1b:6d:5a:83:70:b9:9e:62:6d:88:e3:0f:11:
ef:5b:ec:e8:42:57:86:e8:5c:50:39:1c:08:c8:c9:93:84:33:
86:2f:73:8d:ef:30:ce:66:df:05:c3:2a:85:83:f1:b1:07:c4:
53:1c:0b:70:ec:a4:9c:d1:e7:fd:2d:28:2c:64:65:3e:b0:fe:
57:28:b5:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ055dpZsLopGsP6zSvu4dSWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYzBlMjA3OGU0ZjNlYmE1Zjg3OTUwM2ZkZDgwOWMzODNi
Yjc2MjgwHhcNMjYwMzI5MTQwMDU4WhcNMjYwMzMwMTQwMDU4WjAzMTEwLwYDVQQD
EyhhYzUzMzE1OTExODFkNjRkYmYzOGI3YjM0M2Q2ZmUzYzY2MWNmMDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwrKCQem9tY602Xz/54fn1b2ZB74
OnmQR//KA6LduGPFTs3cqcyaBTtQ/c6pqKzH+VpV2dX4kT2KMNvT84FzWfEMpQut
bP3RU+HiOlBRUc5luUAPyDq1iZT7jfJSOultKVDfgf2X0/ESO3MEsvt1JOFUYB7K
ktCqL+cF+UXKNgHP6bGFkUePSA7UDiu0NdKYVoB3kH8eMVw3pooy4/rSR57EXTRB
hvrOHGTrxv6PFvZb6dD37c+zr40bec+Nt2A3dZZn+dXdkKbye/soUsdi0P47EmrM
MfKDjlXGbuZPB1JnHl9+Yll2XymZgT5pUrP4MegyhRoEeu1TT5U1RjFvhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKxTMVkRgdZNvzi3s0PW/jxmHPBIMB8GA1UdIwQY
MBaAFFPA4geOTz66X4eVA/3YCcODu3YoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVThEaUI0NVBQcnBmaDVVRF9kZ0p3NE83ZGlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9iMzY2MzYtMzMwNi00NDhmLThlY2Yt
NTY0ODJiMzkwNjc4LzEvVThEaUI0NVBQcnBmaDVVRF9kZ0p3NE83ZGlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9iMzY2MzYtMzMwNi00NDhmLThlY2YtNTY0ODJiMzkwNjc4
LzEvVThEaUI0NVBQcnBmaDVVRF9kZ0p3NE83ZGlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ8luCYj8
/zpntwFO2QWmFqZ1HOP+1eieXTTOvJhkrzwTimiTPKCQqD2wnc0SkXh8j4vxcRmN
FhvVb3MBCy+rs9AgoJ4T7SDRno/LqKVLWyiDrYbq1rfsc23mi9QHrk5uSV7XAE+p
FvOimlN5a3DfNtnGh1d7ysJ9TUuzor3js2MNUtHwfyQ340UVzACpKN5RPl/m1YxB
Z2HXHSPXAECUFG9puyhxCQML5jPVLmHlW9zYKeGTCJQm7zAbbVqDcLmeYm2I4w8R
71vs6EJXhuhcUDkcCMjJk4Qzhi9zje8wzmbfBcMqhYPxsQfEUxwLcOyknNHn/S0o
LGRlPrD+Vyi1ew==
-----END CERTIFICATE-----
Generated at Sun Mar 29 20:25:41 2026 by rpki-client