Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.mft
File: uH9ej-619ec7CXtmZX7tjbl0pA4.mft (raw, json)
Hash identifier: CBer+K8f6AmiUVv0KK9NZzAg8Apmlk8zoAxpPkkKkFA=
Subject key identifier: BA:EF:28:96:ED:33:31:2A:91:DF:CC:B4:EB:2B:1A:49:8F:C2:D4:A9
Authority key identifier: B8:7F:5E:8F:EE:B5:F5:E7:3B:09:7B:66:65:7E:ED:8D:B9:74:A4:0E
Certificate issuer: /CN=b87f5e8feeb5f5e73b097b66657eed8db974a40e
Certificate serial: 019D3A540FCD5EBF81EE3710B166005BF75E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uH9ej-619ec7CXtmZX7tjbl0pA4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.mft
Manifest number: 106D
Signing time: Sun 29 Mar 2026 16:01:20 +0000
Manifest this update: Sun 29 Mar 2026 16:01:20 +0000
Manifest next update: Mon 30 Mar 2026 16:01:20 +0000
Files and hashes: 1: uH9ej-619ec7CXtmZX7tjbl0pA4.crl (hash: uBRQeopolJ+2RCbGGxGY1OsrzrIQxGOPPGP8wu12DOo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.mft
rsync://rpki.ripe.net/repository/DEFAULT/uH9ej-619ec7CXtmZX7tjbl0pA4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 16:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3a:54:0f:cd:5e:bf:81:ee:37:10:b1:66:00:5b:f7:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b87f5e8feeb5f5e73b097b66657eed8db974a40e
Validity
Not Before: Mar 29 16:01:20 2026 GMT
Not After : Mar 30 16:01:20 2026 GMT
Subject: CN=baef2896ed33312a91dfccb4eb2b1a498fc2d4a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:41:19:eb:8a:a6:23:4a:86:1c:fe:c7:cc:43:
f8:dc:46:57:34:7d:2e:bc:0f:34:e4:57:e8:16:09:
1b:21:30:0b:01:f7:6e:e8:01:59:3d:99:d4:44:1b:
6e:55:f1:aa:25:e7:be:c4:e6:cd:1f:9f:b8:12:14:
6e:84:e6:0f:ad:14:27:b1:3e:51:6f:a3:7e:3d:88:
fc:5f:3a:5e:81:3f:02:01:38:cd:0c:c8:03:9b:93:
cf:8c:e8:eb:58:30:43:3e:ea:7d:92:5f:65:86:84:
98:6f:92:f8:f6:41:76:ca:46:fe:b4:d6:c5:24:c0:
d6:0f:f6:7f:81:32:12:e8:89:0e:5c:a4:39:a9:b4:
37:bf:64:49:6f:c3:32:dc:4e:f7:f2:ba:2b:14:1c:
e4:a3:91:40:0c:33:3d:24:15:4a:0d:23:2f:b0:1c:
21:75:57:96:67:f4:b1:fd:ab:4b:56:f1:b8:1d:81:
7c:d1:91:ea:78:93:69:0f:ed:4c:8e:39:ea:3a:ad:
11:06:4c:27:0c:51:c1:07:b2:1c:1a:2f:bc:11:ed:
be:2d:2d:ee:14:4b:7a:0d:93:ac:42:22:1c:f3:1b:
10:05:eb:71:10:f8:f8:e7:d0:8b:a9:dc:99:99:67:
91:94:11:a6:5f:ec:4d:2f:a4:a3:11:ec:bd:7c:6f:
4d:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:EF:28:96:ED:33:31:2A:91:DF:CC:B4:EB:2B:1A:49:8F:C2:D4:A9
X509v3 Authority Key Identifier:
keyid:B8:7F:5E:8F:EE:B5:F5:E7:3B:09:7B:66:65:7E:ED:8D:B9:74:A4:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uH9ej-619ec7CXtmZX7tjbl0pA4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
17:1b:97:f3:1b:d7:f5:51:bc:57:9f:6c:80:03:d6:9d:1b:63:
5f:f2:0e:de:81:45:0c:17:a3:29:a2:bd:c8:45:66:3c:e2:29:
d4:87:aa:b2:13:7f:75:2f:5c:a7:1b:c5:a1:4a:26:18:10:30:
0b:6e:68:bf:3e:1c:c9:f5:df:81:bd:ab:c9:fc:d3:95:3e:ab:
81:76:a2:27:3c:c1:29:d0:0f:1e:a9:30:ee:97:9a:4a:d0:05:
19:a2:c8:ec:67:e9:94:68:17:c7:2f:aa:fb:a2:4e:09:f7:f2:
4b:26:bb:3f:8b:af:ba:f3:37:22:cf:03:b6:82:72:86:33:72:
88:2d:30:4c:ef:82:1c:6b:bb:c5:05:10:15:73:c4:86:b1:2f:
9f:92:d6:48:2c:48:06:68:a8:a5:73:fb:a2:89:87:fc:96:3e:
89:1f:f2:b8:f1:34:94:b1:61:02:4a:e1:97:6e:a8:02:4b:06:
41:43:eb:b4:06:26:a7:58:db:c6:4e:d9:a8:90:9d:f7:96:03:
db:d0:de:ab:a1:4b:09:8d:c1:b9:00:49:72:25:29:72:4b:1e:
c8:46:c3:59:57:e2:a0:c2:71:07:18:90:e0:7c:35:b4:90:af:
ab:6e:27:31:ef:db:c0:87:81:10:07:34:52:12:fd:e0:03:2e:
9d:97:0e:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06VA/NXr+B7jcQsWYAW/deMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4N2Y1ZThmZWViNWY1ZTczYjA5N2I2NjY1N2VlZDhkYjk3
NGE0MGUwHhcNMjYwMzI5MTYwMTIwWhcNMjYwMzMwMTYwMTIwWjAzMTEwLwYDVQQD
EyhiYWVmMjg5NmVkMzMzMTJhOTFkZmNjYjRlYjJiMWE0OThmYzJkNGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkEZ64qmI0qGHP7HzEP43EZXNH0u
vA805FfoFgkbITALAfdu6AFZPZnURBtuVfGqJee+xObNH5+4EhRuhOYPrRQnsT5R
b6N+PYj8XzpegT8CATjNDMgDm5PPjOjrWDBDPup9kl9lhoSYb5L49kF2ykb+tNbF
JMDWD/Z/gTIS6IkOXKQ5qbQ3v2RJb8My3E738rorFBzko5FADDM9JBVKDSMvsBwh
dVeWZ/Sx/atLVvG4HYF80ZHqeJNpD+1MjjnqOq0RBkwnDFHBB7IcGi+8Ee2+LS3u
FEt6DZOsQiIc8xsQBetxEPj459CLqdyZmWeRlBGmX+xNL6SjEey9fG9N+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLrvKJbtMzEqkd/MtOsrGkmPwtSpMB8GA1UdIwQY
MBaAFLh/Xo/utfXnOwl7ZmV+7Y25dKQOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUg5ZWotNjE5ZWM3Q1h0bVpYN3RqYmwwcEE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9mZmMwMGQtMzMxNi00Mjg2LTg5MzIt
Y2M2MGE1ZmRlZWIyLzEvdUg5ZWotNjE5ZWM3Q1h0bVpYN3RqYmwwcEE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9mZmMwMGQtMzMxNi00Mjg2LTg5MzItY2M2MGE1ZmRlZWIy
LzEvdUg5ZWotNjE5ZWM3Q1h0bVpYN3RqYmwwcEE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFxuX8xvX
9VG8V59sgAPWnRtjX/IO3oFFDBejKaK9yEVmPOIp1IeqshN/dS9cpxvFoUomGBAw
C25ovz4cyfXfgb2ryfzTlT6rgXaiJzzBKdAPHqkw7peaStAFGaLI7GfplGgXxy+q
+6JOCffySya7P4uvuvM3Is8DtoJyhjNyiC0wTO+CHGu7xQUQFXPEhrEvn5LWSCxI
BmiopXP7oomH/JY+iR/yuPE0lLFhAkrhl26oAksGQUPrtAYmp1jbxk7ZqJCd95YD
29Deq6FLCY3BuQBJciUpckseyEbDWVfioMJxBxiQ4Hw1tJCvq24nMe/bwIeBEAc0
UhL94AMunZcO0A==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:55:28 2026 by rpki-client