Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.mft
File: Brft72GFhyPErevj7lqJ9wBY1f4.mft (raw, json)
Hash identifier: Dr5UKFNcJrksH41FfniyzZ+0tluNbpOvGrdgJPOrMZ4=
Subject key identifier: 65:91:20:72:3D:12:7E:E0:90:7C:9A:DC:13:C5:FE:3C:BB:AD:A0:2D
Authority key identifier: 06:B7:ED:EF:61:85:87:23:C4:AD:EB:E3:EE:5A:89:F7:00:58:D5:FE
Certificate issuer: /CN=06b7edef61858723c4adebe3ee5a89f70058d5fe
Certificate serial: 019D3977D39B42460EC6EA2143C97EFE5309
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Brft72GFhyPErevj7lqJ9wBY1f4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.mft
Manifest number: 1891
Signing time: Sun 29 Mar 2026 12:00:47 +0000
Manifest this update: Sun 29 Mar 2026 12:00:47 +0000
Manifest next update: Mon 30 Mar 2026 12:00:47 +0000
Files and hashes: 1: B923TTC0Df04C2WKB5eoCgT73fQ.roa (hash: u8SWrYqzCDPEqqAsY+pz5LjUeslP1zMGGkEQ+CEEG6g=)
2: Brft72GFhyPErevj7lqJ9wBY1f4.crl (hash: RJjAB0gORl2T+n5P1EyCAcrwSEZxV7lBt4Pj/ZdONT0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Brft72GFhyPErevj7lqJ9wBY1f4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 12:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:77:d3:9b:42:46:0e:c6:ea:21:43:c9:7e:fe:53:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06b7edef61858723c4adebe3ee5a89f70058d5fe
Validity
Not Before: Mar 29 12:00:47 2026 GMT
Not After : Mar 30 12:00:47 2026 GMT
Subject: CN=659120723d127ee0907c9adc13c5fe3cbbada02d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:01:21:c3:c4:f5:26:6e:48:83:69:a8:ae:cb:
25:96:8e:18:68:48:db:27:5c:ab:e1:8c:cc:82:50:
82:0d:36:00:5b:e8:b7:2f:24:9f:8b:1b:51:fc:c6:
94:07:40:df:5f:69:50:7b:ef:db:f5:f8:26:4c:a4:
3b:68:ed:97:12:62:e7:c5:e2:8c:e5:24:22:a3:8c:
11:58:15:17:b8:27:36:48:1c:02:46:ff:0e:c2:08:
7d:6e:07:5e:81:2b:40:7d:e3:cf:26:51:20:db:3a:
c5:00:58:0c:e4:61:84:c7:1e:47:4a:ce:d7:6f:19:
ee:a4:60:1c:7c:f9:ee:ea:51:60:e1:7e:c5:af:04:
83:42:ed:8e:56:ec:1f:2b:f3:43:37:9a:91:73:83:
fa:44:fe:a0:2f:fc:d7:b7:9e:04:a2:58:34:69:e3:
77:5d:7d:e1:97:3f:d8:a8:d0:87:d7:cf:92:6b:43:
7c:dc:a8:0b:88:b2:bb:34:b9:32:37:76:6a:40:e2:
d5:2d:5d:5f:3f:c4:3c:4e:69:cd:15:c5:f1:ee:00:
6b:b2:83:4f:ea:9c:72:0a:5b:53:e6:d0:50:59:6b:
b6:16:dc:99:35:4b:5b:37:ac:c9:87:f0:25:8a:a0:
dc:bb:22:2f:26:1a:50:80:3a:67:b9:20:d5:22:47:
c4:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:91:20:72:3D:12:7E:E0:90:7C:9A:DC:13:C5:FE:3C:BB:AD:A0:2D
X509v3 Authority Key Identifier:
keyid:06:B7:ED:EF:61:85:87:23:C4:AD:EB:E3:EE:5A:89:F7:00:58:D5:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Brft72GFhyPErevj7lqJ9wBY1f4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
25:36:6b:cb:a9:51:6b:c9:53:a6:71:23:f8:4e:d7:ab:fb:be:
e3:04:85:f9:4e:00:e1:43:d9:91:0f:4f:4d:fd:bb:c7:27:4a:
f0:1d:39:48:41:04:c5:41:c1:d9:20:ee:63:69:4f:29:66:79:
dd:4b:39:f4:34:c7:05:a4:51:5d:3e:0f:5d:a0:75:71:8f:eb:
94:27:37:5d:e8:39:59:ba:dc:a4:37:d3:c9:9e:2d:a7:66:b9:
f1:13:24:82:c0:05:b1:48:77:8d:e7:0b:e0:37:57:ba:08:11:
17:44:ac:fb:9a:37:b2:6b:fe:c5:d4:23:5e:45:52:7f:37:fc:
d7:f4:7c:0c:ef:5d:91:05:a9:34:dc:e0:10:7f:67:86:9a:0a:
51:81:4a:01:c6:d6:cc:b9:88:3e:b6:26:a9:13:79:7a:3e:33:
68:39:b8:31:80:bd:8e:04:b0:3b:95:29:c3:51:d7:c5:32:47:
7d:4e:7c:93:97:0a:d6:e2:5a:72:00:d8:4f:fd:08:06:9f:9f:
ce:95:7d:e7:93:b1:a3:74:a9:a2:fb:5d:64:4f:8c:64:2c:5a:
cb:b7:22:ca:4b:34:fa:bc:48:fd:f1:6c:5c:b7:95:ed:aa:94:
3a:c3:51:c7:d8:2f:b9:c4:cd:8b:a8:c2:9a:8b:32:89:fc:3f:
20:f6:66:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d9ObQkYOxuohQ8l+/lMJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2YjdlZGVmNjE4NTg3MjNjNGFkZWJlM2VlNWE4OWY3MDA1
OGQ1ZmUwHhcNMjYwMzI5MTIwMDQ3WhcNMjYwMzMwMTIwMDQ3WjAzMTEwLwYDVQQD
Eyg2NTkxMjA3MjNkMTI3ZWUwOTA3YzlhZGMxM2M1ZmUzY2JiYWRhMDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugEhw8T1Jm5Ig2morssllo4YaEjb
J1yr4YzMglCCDTYAW+i3LySfixtR/MaUB0DfX2lQe+/b9fgmTKQ7aO2XEmLnxeKM
5SQio4wRWBUXuCc2SBwCRv8Owgh9bgdegStAfePPJlEg2zrFAFgM5GGExx5HSs7X
bxnupGAcfPnu6lFg4X7FrwSDQu2OVuwfK/NDN5qRc4P6RP6gL/zXt54Eolg0aeN3
XX3hlz/YqNCH18+Sa0N83KgLiLK7NLkyN3ZqQOLVLV1fP8Q8TmnNFcXx7gBrsoNP
6pxyCltT5tBQWWu2FtyZNUtbN6zJh/AliqDcuyIvJhpQgDpnuSDVIkfESwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGWRIHI9En7gkHya3BPF/jy7raAtMB8GA1UdIwQY
MBaAFAa37e9hhYcjxK3r4+5aifcAWNX+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnJmdDcyR0ZoeVBFcmV2ajdscUo5d0JZMWY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8wMTBjYTEtNWIzMC00YmFmLTgzMWUt
ODk1NTFlOGNjZTEyLzEvQnJmdDcyR0ZoeVBFcmV2ajdscUo5d0JZMWY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8wMTBjYTEtNWIzMC00YmFmLTgzMWUtODk1NTFlOGNjZTEy
LzEvQnJmdDcyR0ZoeVBFcmV2ajdscUo5d0JZMWY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJTZry6lR
a8lTpnEj+E7Xq/u+4wSF+U4A4UPZkQ9PTf27xydK8B05SEEExUHB2SDuY2lPKWZ5
3Us59DTHBaRRXT4PXaB1cY/rlCc3Xeg5WbrcpDfTyZ4tp2a58RMkgsAFsUh3jecL
4DdXuggRF0Ss+5o3smv+xdQjXkVSfzf81/R8DO9dkQWpNNzgEH9nhpoKUYFKAcbW
zLmIPrYmqRN5ej4zaDm4MYC9jgSwO5Upw1HXxTJHfU58k5cK1uJacgDYT/0IBp+f
zpV955Oxo3SpovtdZE+MZCxay7ciyks0+rxI/fFsXLeV7aqUOsNRx9gvucTNi6jC
mosyifw/IPZmSQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 20:00:54 2026 by rpki-client