Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/e38fc5-13a9-4906-b55e-79453adff1bd/1/vWGQNE2etusMy5SON6oKqr4vLpA.mft
File: vWGQNE2etusMy5SON6oKqr4vLpA.mft (raw, json)
Hash identifier: WA+gjrlsF+fR/ANQDDb3td46AmDszEn4CoL3/Pc+vd0=
Subject key identifier: 96:25:26:73:98:FA:E1:3F:CE:C2:3A:E9:01:73:69:37:90:8A:AF:81
Authority key identifier: BD:61:90:34:4D:9E:B6:EB:0C:CB:94:8E:37:AA:0A:AA:BE:2F:2E:90
Certificate issuer: /CN=bd6190344d9eb6eb0ccb948e37aa0aaabe2f2e90
Certificate serial: 019D38D320955FDA1B6CB9F924CE4CEEA551
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vWGQNE2etusMy5SON6oKqr4vLpA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/e38fc5-13a9-4906-b55e-79453adff1bd/1/vWGQNE2etusMy5SON6oKqr4vLpA.mft
Manifest number: AF
Signing time: Sun 29 Mar 2026 09:00:53 +0000
Manifest this update: Sun 29 Mar 2026 09:00:53 +0000
Manifest next update: Mon 30 Mar 2026 09:00:53 +0000
Files and hashes: 1: jtZWo2_OJ4vZNZgWUmJ6XplYoBw.asa (hash: 4Rm+AgcIx2QNLzodYb14yKwLv1JgZDJIFSxZdtp7HDw=)
2: vWGQNE2etusMy5SON6oKqr4vLpA.crl (hash: MEsu5y9nryX+b2coe6UiGh5mwu//IZf/Ijmz62VpnWQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/e38fc5-13a9-4906-b55e-79453adff1bd/1/vWGQNE2etusMy5SON6oKqr4vLpA.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/e38fc5-13a9-4906-b55e-79453adff1bd/1/vWGQNE2etusMy5SON6oKqr4vLpA.mft
rsync://rpki.ripe.net/repository/DEFAULT/vWGQNE2etusMy5SON6oKqr4vLpA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:20:95:5f:da:1b:6c:b9:f9:24:ce:4c:ee:a5:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd6190344d9eb6eb0ccb948e37aa0aaabe2f2e90
Validity
Not Before: Mar 29 09:00:53 2026 GMT
Not After : Mar 30 09:00:53 2026 GMT
Subject: CN=9625267398fae13fcec23ae901736937908aaf81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b6:a7:26:52:8f:ec:3b:2f:25:eb:24:a0:41:
db:bf:f1:e9:ed:91:9c:c4:48:0b:7d:4d:5a:64:36:
86:5b:61:65:14:45:e2:e0:97:11:aa:9d:fd:d9:fb:
85:45:e5:83:0b:a8:65:8d:52:0d:aa:f7:30:9b:c1:
98:5d:60:f1:8a:81:85:18:c3:a8:a9:16:d7:e2:c6:
c8:fd:35:0b:a2:7e:6e:70:69:36:1f:95:8d:3e:8d:
4e:85:18:f3:dd:55:d6:35:cc:43:a4:01:47:d7:c1:
fa:44:e8:00:b4:f6:5a:8b:ac:96:db:a6:f1:a2:a5:
61:d4:fa:68:f1:6e:0d:ca:98:29:16:0c:bc:13:3a:
41:08:f8:06:3a:20:fe:8e:46:70:f7:70:5b:6d:ba:
dc:bf:59:97:7e:0b:5b:9c:e1:fe:c8:b0:cb:e7:5c:
8a:cf:ca:87:11:b0:8a:ff:93:6e:9b:ee:af:77:46:
13:c0:36:bd:60:5d:ad:5d:44:37:87:95:b9:f1:4c:
52:ef:61:94:fa:a9:c4:c4:58:69:57:93:ae:5e:3b:
4b:32:38:e7:61:0f:c2:f1:08:4d:d4:75:3d:aa:bb:
9e:5a:77:c9:23:dd:0c:5d:1c:da:5d:5c:4d:97:43:
eb:13:85:86:2e:82:21:5f:8f:3f:4f:be:54:5f:8a:
02:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:25:26:73:98:FA:E1:3F:CE:C2:3A:E9:01:73:69:37:90:8A:AF:81
X509v3 Authority Key Identifier:
keyid:BD:61:90:34:4D:9E:B6:EB:0C:CB:94:8E:37:AA:0A:AA:BE:2F:2E:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vWGQNE2etusMy5SON6oKqr4vLpA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e38fc5-13a9-4906-b55e-79453adff1bd/1/vWGQNE2etusMy5SON6oKqr4vLpA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e38fc5-13a9-4906-b55e-79453adff1bd/1/vWGQNE2etusMy5SON6oKqr4vLpA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bb:f9:8d:27:44:de:13:47:73:59:08:0a:17:7c:44:1d:a9:0b:
bd:1e:66:e5:90:86:af:b3:3e:1e:e6:83:4d:58:e1:3e:2d:4d:
15:75:0b:63:6f:22:c7:15:3d:63:58:d5:87:43:0b:9c:e8:ff:
09:00:c4:ab:cd:57:f9:f1:c7:48:f4:bd:a4:52:87:0a:5a:2e:
c4:d3:a3:a2:12:5f:ed:a0:d8:9f:9d:22:f1:23:29:3b:fe:7a:
29:17:07:bd:8a:90:0a:ad:f8:c1:d6:45:7f:4d:9c:9c:bb:2a:
75:12:de:cc:39:9b:1e:dd:95:22:7a:94:01:72:c6:af:96:51:
63:4e:92:a0:9c:14:a0:c8:a3:e7:80:85:72:53:18:a4:f5:23:
38:b7:ad:59:6a:f5:77:8c:c6:1a:9d:72:b5:3a:3b:69:d2:f4:
b6:88:b1:0a:c5:41:bb:d5:ca:e2:1a:c3:25:28:7f:c9:d3:e7:
66:c8:5a:74:38:46:4b:c7:8a:4c:73:ca:20:db:d5:0a:f7:35:
89:f2:9a:32:9a:b1:8a:9e:a1:df:eb:ee:0d:bd:ec:d8:46:d5:
98:19:0e:9d:61:c4:ee:e9:87:a4:0e:e8:3a:88:68:bb:55:e8:
93:18:23:e1:25:e9:4e:7f:5c:c4:c5:57:15:bd:42:b8:bf:f5:
ee:e3:3e:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040yCVX9obbLn5JM5M7qVRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNjE5MDM0NGQ5ZWI2ZWIwY2NiOTQ4ZTM3YWEwYWFhYmUy
ZjJlOTAwHhcNMjYwMzI5MDkwMDUzWhcNMjYwMzMwMDkwMDUzWjAzMTEwLwYDVQQD
Eyg5NjI1MjY3Mzk4ZmFlMTNmY2VjMjNhZTkwMTczNjkzNzkwOGFhZjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7anJlKP7DsvJeskoEHbv/Hp7ZGc
xEgLfU1aZDaGW2FlFEXi4JcRqp392fuFReWDC6hljVINqvcwm8GYXWDxioGFGMOo
qRbX4sbI/TULon5ucGk2H5WNPo1OhRjz3VXWNcxDpAFH18H6ROgAtPZai6yW26bx
oqVh1Ppo8W4NypgpFgy8EzpBCPgGOiD+jkZw93Bbbbrcv1mXfgtbnOH+yLDL51yK
z8qHEbCK/5Num+6vd0YTwDa9YF2tXUQ3h5W58UxS72GU+qnExFhpV5OuXjtLMjjn
YQ/C8QhN1HU9qrueWnfJI90MXRzaXVxNl0PrE4WGLoIhX48/T75UX4oCTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJYlJnOY+uE/zsI66QFzaTeQiq+BMB8GA1UdIwQY
MBaAFL1hkDRNnrbrDMuUjjeqCqq+Ly6QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdldHUU5FMmV0dXNNeTVTT042b0txcjR2THBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9lMzhmYzUtMTNhOS00OTA2LWI1NWUt
Nzk0NTNhZGZmMWJkLzEvdldHUU5FMmV0dXNNeTVTT042b0txcjR2THBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9lMzhmYzUtMTNhOS00OTA2LWI1NWUtNzk0NTNhZGZmMWJk
LzEvdldHUU5FMmV0dXNNeTVTT042b0txcjR2THBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu/mNJ0Te
E0dzWQgKF3xEHakLvR5m5ZCGr7M+HuaDTVjhPi1NFXULY28ixxU9Y1jVh0MLnOj/
CQDEq81X+fHHSPS9pFKHClouxNOjohJf7aDYn50i8SMpO/56KRcHvYqQCq34wdZF
f02cnLsqdRLezDmbHt2VInqUAXLGr5ZRY06SoJwUoMij54CFclMYpPUjOLetWWr1
d4zGGp1ytTo7adL0toixCsVBu9XK4hrDJSh/ydPnZshadDhGS8eKTHPKINvVCvc1
ifKaMpqxip6h3+vuDb3s2EbVmBkOnWHE7umHpA7oOohou1Xokxgj4SXpTn9cxMVX
Fb1CuL/17uM+Jw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:33:06 2026 by rpki-client