Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/0a429b-a454-428b-bb88-88b58d02b2a1/1/mlCFOiSox2IjTokTpKWymFwzHa0.mft
File: mlCFOiSox2IjTokTpKWymFwzHa0.mft (raw, json)
Hash identifier: dJOsVuBT4rXz+YMl53FMCQFkzUoafsSBiUCJTXJUWMQ=
Subject key identifier: 4A:26:FA:C4:95:49:6B:67:7F:C6:54:E4:50:7C:B3:DA:63:06:D0:AE
Authority key identifier: 9A:50:85:3A:24:A8:C7:62:23:4E:89:13:A4:A5:B2:98:5C:33:1D:AD
Certificate issuer: /CN=9a50853a24a8c762234e8913a4a5b2985c331dad
Certificate serial: 019D37527167F563401E9A046C9F1969D4B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mlCFOiSox2IjTokTpKWymFwzHa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/0a429b-a454-428b-bb88-88b58d02b2a1/1/mlCFOiSox2IjTokTpKWymFwzHa0.mft
Manifest number: 164F
Signing time: Sun 29 Mar 2026 02:00:42 +0000
Manifest this update: Sun 29 Mar 2026 02:00:42 +0000
Manifest next update: Mon 30 Mar 2026 02:00:42 +0000
Files and hashes: 1: 8fdsNHAoxPgGvUJ1-IIbNzs4kR8.roa (hash: oToJ7/CBn32SApKsPhftng2rCZIvh8kkblOHjghDJj8=)
2: mlCFOiSox2IjTokTpKWymFwzHa0.crl (hash: dyW95jZHY2M0WqRkGNaRPOE00AJ+loIL2U3V6fbqZoU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/0a429b-a454-428b-bb88-88b58d02b2a1/1/mlCFOiSox2IjTokTpKWymFwzHa0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/0a429b-a454-428b-bb88-88b58d02b2a1/1/mlCFOiSox2IjTokTpKWymFwzHa0.mft
rsync://rpki.ripe.net/repository/DEFAULT/mlCFOiSox2IjTokTpKWymFwzHa0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 02:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:52:71:67:f5:63:40:1e:9a:04:6c:9f:19:69:d4:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a50853a24a8c762234e8913a4a5b2985c331dad
Validity
Not Before: Mar 29 02:00:42 2026 GMT
Not After : Mar 30 02:00:42 2026 GMT
Subject: CN=4a26fac495496b677fc654e4507cb3da6306d0ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:8e:87:5c:4c:5c:75:77:0d:ce:85:4f:76:8d:
1d:a7:8e:8c:ea:e6:0e:4d:2c:82:85:49:7e:c1:eb:
b7:80:5b:14:0a:29:1c:e1:8c:b3:29:ba:e5:ea:4a:
35:48:94:5d:e9:c2:f2:5b:5e:3a:04:e7:47:93:a0:
fb:10:17:2a:46:e9:83:a9:6e:62:68:70:e5:52:3f:
aa:d7:9c:96:b5:f6:57:c4:5d:16:23:02:b7:36:82:
44:48:af:0e:bc:02:6d:87:ca:ae:b2:dc:d9:f4:09:
e2:8a:91:3f:39:c0:15:13:cb:84:91:9b:e6:29:82:
b1:39:ad:50:ff:d9:f6:5d:eb:82:e2:53:66:e9:b3:
ec:d3:93:06:03:b1:7c:81:87:db:c0:5e:fb:02:c9:
86:f4:5c:20:a8:d2:53:7b:47:1f:94:72:11:71:df:
c6:3c:d9:d2:0f:5e:3b:3d:87:34:59:53:32:d2:7e:
d2:f6:ab:c2:25:93:83:15:27:a8:e0:04:57:60:d3:
7d:a5:82:b1:66:35:fa:f8:48:f7:a0:d3:5c:84:94:
cf:e7:37:02:b8:71:09:a0:4a:e2:b4:89:ee:35:78:
6b:53:d3:01:52:cb:5f:6e:06:08:34:a0:dd:e2:9b:
43:3b:d9:96:13:37:94:b1:dd:12:c0:51:bc:2c:9b:
9b:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:26:FA:C4:95:49:6B:67:7F:C6:54:E4:50:7C:B3:DA:63:06:D0:AE
X509v3 Authority Key Identifier:
keyid:9A:50:85:3A:24:A8:C7:62:23:4E:89:13:A4:A5:B2:98:5C:33:1D:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mlCFOiSox2IjTokTpKWymFwzHa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0a429b-a454-428b-bb88-88b58d02b2a1/1/mlCFOiSox2IjTokTpKWymFwzHa0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0a429b-a454-428b-bb88-88b58d02b2a1/1/mlCFOiSox2IjTokTpKWymFwzHa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
55:c5:ce:c2:b5:ca:bc:06:dc:d2:19:94:54:47:69:37:9a:06:
74:3e:59:19:16:5a:0f:d1:f6:36:d6:4d:08:64:b6:83:4d:d9:
c8:b0:6f:3b:58:5d:4c:9a:3d:19:47:7a:d9:89:a4:38:da:c3:
f2:97:71:9e:85:dd:96:79:46:7d:57:8c:d3:41:60:e5:e3:37:
12:ec:21:02:07:6b:eb:69:31:ad:9b:c3:dc:3d:4c:29:1a:42:
ba:dd:ec:32:8f:25:db:e6:a6:3a:37:0f:44:7c:dd:3e:8b:61:
b5:22:23:e0:d4:b2:7c:cc:20:12:23:86:60:73:bd:cd:f6:54:
92:88:e6:17:ba:95:99:2a:91:05:d7:6a:e2:e4:f4:50:c6:82:
df:6c:07:0c:df:a9:22:b0:98:d3:81:a3:97:f3:97:e9:b9:30:
97:cd:09:47:85:9b:30:fe:cf:95:a7:48:a0:9e:95:de:d0:a3:
e4:97:ad:84:81:ad:66:69:85:f3:62:14:8a:44:17:e7:44:b8:
f4:80:42:6f:c0:b3:08:39:54:22:70:d1:bb:79:72:c9:00:79:
22:0f:1a:da:06:fd:42:a2:dc:c5:5d:d1:d1:43:79:7d:85:4e:
55:30:12:ed:00:b6:c1:f9:bd:e7:87:e3:2a:dc:75:ab:73:30:
44:b6:0c:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UnFn9WNAHpoEbJ8ZadS2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNTA4NTNhMjRhOGM3NjIyMzRlODkxM2E0YTViMjk4NWMz
MzFkYWQwHhcNMjYwMzI5MDIwMDQyWhcNMjYwMzMwMDIwMDQyWjAzMTEwLwYDVQQD
Eyg0YTI2ZmFjNDk1NDk2YjY3N2ZjNjU0ZTQ1MDdjYjNkYTYzMDZkMGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiI6HXExcdXcNzoVPdo0dp46M6uYO
TSyChUl+weu3gFsUCikc4YyzKbrl6ko1SJRd6cLyW146BOdHk6D7EBcqRumDqW5i
aHDlUj+q15yWtfZXxF0WIwK3NoJESK8OvAJth8qustzZ9AniipE/OcAVE8uEkZvm
KYKxOa1Q/9n2XeuC4lNm6bPs05MGA7F8gYfbwF77AsmG9FwgqNJTe0cflHIRcd/G
PNnSD147PYc0WVMy0n7S9qvCJZODFSeo4ARXYNN9pYKxZjX6+Ej3oNNchJTP5zcC
uHEJoEritInuNXhrU9MBUstfbgYINKDd4ptDO9mWEzeUsd0SwFG8LJub0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEom+sSVSWtnf8ZU5FB8s9pjBtCuMB8GA1UdIwQY
MBaAFJpQhTokqMdiI06JE6SlsphcMx2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWxDRk9pU294MklqVG9rVHBLV3ltRnd6SGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8wYTQyOWItYTQ1NC00MjhiLWJiODgt
ODhiNThkMDJiMmExLzEvbWxDRk9pU294MklqVG9rVHBLV3ltRnd6SGEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8wYTQyOWItYTQ1NC00MjhiLWJiODgtODhiNThkMDJiMmEx
LzEvbWxDRk9pU294MklqVG9rVHBLV3ltRnd6SGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVcXOwrXK
vAbc0hmUVEdpN5oGdD5ZGRZaD9H2NtZNCGS2g03ZyLBvO1hdTJo9GUd62YmkONrD
8pdxnoXdlnlGfVeM00Fg5eM3EuwhAgdr62kxrZvD3D1MKRpCut3sMo8l2+amOjcP
RHzdPothtSIj4NSyfMwgEiOGYHO9zfZUkojmF7qVmSqRBddq4uT0UMaC32wHDN+p
IrCY04Gjl/OX6bkwl80JR4WbMP7PladIoJ6V3tCj5JethIGtZmmF82IUikQX50S4
9IBCb8CzCDlUInDRu3lyyQB5Ig8a2gb9QqLcxV3R0UN5fYVOVTAS7QC2wfm954fj
Ktx1q3MwRLYM4g==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:13:55 2026 by rpki-client