Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/06f9a3-8fca-414e-b5ad-ca36d98b3c4d/1/U_8iLUoiYwLL8QBoyqb0xB97scs.mft
File: U_8iLUoiYwLL8QBoyqb0xB97scs.mft (raw, json)
Hash identifier: zIWKf3pOPCvaU4sJGUNlhMkiJHifUyjnDHho8x+nb9M=
Subject key identifier: 48:D6:64:93:A5:1A:66:F2:AB:69:C8:D6:1C:2A:6C:2B:89:51:A1:50
Authority key identifier: 53:FF:22:2D:4A:22:63:02:CB:F1:00:68:CA:A6:F4:C4:1F:7B:B1:CB
Certificate issuer: /CN=53ff222d4a226302cbf10068caa6f4c41f7bb1cb
Certificate serial: 019D38664C088708703D92C6B51EFA0BB521
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U_8iLUoiYwLL8QBoyqb0xB97scs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/06f9a3-8fca-414e-b5ad-ca36d98b3c4d/1/U_8iLUoiYwLL8QBoyqb0xB97scs.mft
Manifest number: 0435
Signing time: Sun 29 Mar 2026 07:02:01 +0000
Manifest this update: Sun 29 Mar 2026 07:02:01 +0000
Manifest next update: Mon 30 Mar 2026 07:02:01 +0000
Files and hashes: 1: U_8iLUoiYwLL8QBoyqb0xB97scs.crl (hash: j+mA2hHWGpNrPhPDNdGtqagLKUyfiuy8FzM+zKC21Fc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/06f9a3-8fca-414e-b5ad-ca36d98b3c4d/1/U_8iLUoiYwLL8QBoyqb0xB97scs.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/06f9a3-8fca-414e-b5ad-ca36d98b3c4d/1/U_8iLUoiYwLL8QBoyqb0xB97scs.mft
rsync://rpki.ripe.net/repository/DEFAULT/U_8iLUoiYwLL8QBoyqb0xB97scs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:66:4c:08:87:08:70:3d:92:c6:b5:1e:fa:0b:b5:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53ff222d4a226302cbf10068caa6f4c41f7bb1cb
Validity
Not Before: Mar 29 07:02:01 2026 GMT
Not After : Mar 30 07:02:01 2026 GMT
Subject: CN=48d66493a51a66f2ab69c8d61c2a6c2b8951a150
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:41:9b:d1:28:90:b7:2c:d5:13:f3:94:3e:88:
f9:68:bd:4b:d0:24:dc:6f:5d:64:bb:2a:8e:81:f9:
44:3b:55:01:61:72:94:a5:36:14:47:c8:26:24:1e:
71:38:53:52:38:49:4c:7c:83:c2:97:11:91:46:05:
83:2d:2c:4e:9c:1e:2e:78:8b:76:8f:55:21:da:5f:
f6:a0:60:da:05:82:14:81:d1:ef:af:6c:54:21:4e:
01:d9:25:1c:39:58:27:69:86:67:1e:9b:a7:5a:b5:
da:ea:bb:56:7f:ad:ac:09:7b:55:cc:bb:12:0a:de:
46:07:f0:8b:04:8a:ee:a4:c1:2d:67:56:69:39:86:
b3:e7:6d:53:50:56:8c:60:88:39:7c:90:50:c6:61:
6a:89:e0:0d:1e:8a:9b:d3:fa:87:ba:9f:fb:86:b7:
53:8b:33:c0:4d:3b:ae:89:c0:65:f1:3e:13:b8:d4:
75:ca:56:2e:d2:ec:7b:31:57:82:11:95:03:cf:af:
8d:2b:ba:41:49:d4:2c:56:b4:e5:21:70:47:d1:7c:
eb:7e:11:a7:cc:f5:1d:71:fc:59:e9:38:6d:bc:41:
33:6c:70:3d:09:8e:5b:23:81:35:c5:5c:a0:7c:9a:
82:b6:9a:c9:10:ec:b3:4e:2b:e9:cc:1e:d0:b3:6c:
f7:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:D6:64:93:A5:1A:66:F2:AB:69:C8:D6:1C:2A:6C:2B:89:51:A1:50
X509v3 Authority Key Identifier:
keyid:53:FF:22:2D:4A:22:63:02:CB:F1:00:68:CA:A6:F4:C4:1F:7B:B1:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U_8iLUoiYwLL8QBoyqb0xB97scs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/06f9a3-8fca-414e-b5ad-ca36d98b3c4d/1/U_8iLUoiYwLL8QBoyqb0xB97scs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/06f9a3-8fca-414e-b5ad-ca36d98b3c4d/1/U_8iLUoiYwLL8QBoyqb0xB97scs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3b:ae:03:b9:49:a8:6f:19:b4:dc:6e:5c:35:30:99:37:ee:4b:
eb:17:ea:ac:f9:a9:f7:19:ba:04:94:de:d3:b1:1b:5a:ee:65:
8e:7e:5b:3b:ef:c8:d1:93:bb:5a:a9:a3:39:e5:6e:f4:72:dd:
72:e5:4d:b8:c2:ed:e4:7d:29:19:0b:f7:c2:b1:4e:49:39:23:
74:0d:45:b8:5e:36:a9:b2:8c:fc:44:04:9b:e3:83:64:8a:7a:
37:05:6e:67:2d:ac:35:be:ff:54:e8:76:e0:99:36:cc:d2:a1:
9d:5e:3e:d2:da:f6:a7:a7:ee:9e:b8:f3:d5:76:10:79:ef:9e:
ad:12:f6:bf:b0:47:ad:f4:74:98:3c:3b:99:3b:ec:bb:00:a0:
ec:04:29:81:9b:5d:e0:40:c1:61:17:3e:ef:3a:06:47:a6:c0:
a5:bf:de:ab:c3:bf:3a:85:8a:a8:a8:83:9b:89:4f:6b:96:11:
74:ba:f6:01:4a:85:ea:36:c7:5d:83:dc:18:39:be:ff:3e:f2:
8f:ea:6b:7b:6c:9d:a8:bc:02:be:c1:8f:2e:aa:46:4f:9c:72:
4b:26:89:fb:08:0e:04:a3:64:31:70:29:41:77:66:cd:81:e3:
ea:f6:65:3d:f1:d6:da:c4:7e:fb:61:ad:77:b5:08:e4:2f:71:
f4:2a:a1:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZkwIhwhwPZLGtR76C7UhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZmYyMjJkNGEyMjYzMDJjYmYxMDA2OGNhYTZmNGM0MWY3
YmIxY2IwHhcNMjYwMzI5MDcwMjAxWhcNMjYwMzMwMDcwMjAxWjAzMTEwLwYDVQQD
Eyg0OGQ2NjQ5M2E1MWE2NmYyYWI2OWM4ZDYxYzJhNmMyYjg5NTFhMTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3kGb0SiQtyzVE/OUPoj5aL1L0CTc
b11kuyqOgflEO1UBYXKUpTYUR8gmJB5xOFNSOElMfIPClxGRRgWDLSxOnB4ueIt2
j1Uh2l/2oGDaBYIUgdHvr2xUIU4B2SUcOVgnaYZnHpunWrXa6rtWf62sCXtVzLsS
Ct5GB/CLBIrupMEtZ1ZpOYaz521TUFaMYIg5fJBQxmFqieANHoqb0/qHup/7hrdT
izPATTuuicBl8T4TuNR1ylYu0ux7MVeCEZUDz6+NK7pBSdQsVrTlIXBH0XzrfhGn
zPUdcfxZ6ThtvEEzbHA9CY5bI4E1xVygfJqCtprJEOyzTivpzB7Qs2z3QwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEjWZJOlGmbyq2nI1hwqbCuJUaFQMB8GA1UdIwQY
MBaAFFP/Ii1KImMCy/EAaMqm9MQfe7HLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVV84aUxVb2lZd0xMOFFCb3lxYjB4Qjk3c2NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8wNmY5YTMtOGZjYS00MTRlLWI1YWQt
Y2EzNmQ5OGIzYzRkLzEvVV84aUxVb2lZd0xMOFFCb3lxYjB4Qjk3c2NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8wNmY5YTMtOGZjYS00MTRlLWI1YWQtY2EzNmQ5OGIzYzRk
LzEvVV84aUxVb2lZd0xMOFFCb3lxYjB4Qjk3c2NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO64DuUmo
bxm03G5cNTCZN+5L6xfqrPmp9xm6BJTe07EbWu5ljn5bO+/I0ZO7WqmjOeVu9HLd
cuVNuMLt5H0pGQv3wrFOSTkjdA1FuF42qbKM/EQEm+ODZIp6NwVuZy2sNb7/VOh2
4Jk2zNKhnV4+0tr2p6funrjz1XYQee+erRL2v7BHrfR0mDw7mTvsuwCg7AQpgZtd
4EDBYRc+7zoGR6bApb/eq8O/OoWKqKiDm4lPa5YRdLr2AUqF6jbHXYPcGDm+/z7y
j+pre2ydqLwCvsGPLqpGT5xySyaJ+wgOBKNkMXApQXdmzYHj6vZlPfHW2sR++2Gt
d7UI5C9x9Cqh8Q==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:00:49 2026 by rpki-client