Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/4a79a1-3d19-4de4-be89-8a200691f724/1/u_pCfUICOv2oiOhBX07c97ffGwU.mft
File: u_pCfUICOv2oiOhBX07c97ffGwU.mft (raw, json)
Hash identifier: H2mnmCosTB3R7EcfQM7vQ8K1pMB3oZegtysLpqec0aU=
Subject key identifier: 28:FB:6A:AF:00:DC:D9:06:BD:3E:F7:A3:F3:DC:4B:F8:D2:E6:38:D5
Authority key identifier: BB:FA:42:7D:42:02:3A:FD:A8:88:E8:41:5F:4E:DC:F7:B7:DF:1B:05
Certificate issuer: /CN=bbfa427d42023afda888e8415f4edcf7b7df1b05
Certificate serial: 019D38D29C209D19FEE4147A20B752DDB67B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u_pCfUICOv2oiOhBX07c97ffGwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/4a79a1-3d19-4de4-be89-8a200691f724/1/u_pCfUICOv2oiOhBX07c97ffGwU.mft
Manifest number: 0AE2
Signing time: Sun 29 Mar 2026 09:00:19 +0000
Manifest this update: Sun 29 Mar 2026 09:00:19 +0000
Manifest next update: Mon 30 Mar 2026 09:00:19 +0000
Files and hashes: 1: 1-hnniNiqKhghSmVXCidavYogegc.roa (hash: Jduthbq3o8EtI4RJz3qiljL6aUb5nGCPK55RrxKoNyI=)
2: u_pCfUICOv2oiOhBX07c97ffGwU.crl (hash: BR6rNdTMMBdYLtFTCd9owCPZnh2PtkwDlhBK4SWuSYw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/4a79a1-3d19-4de4-be89-8a200691f724/1/u_pCfUICOv2oiOhBX07c97ffGwU.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/4a79a1-3d19-4de4-be89-8a200691f724/1/u_pCfUICOv2oiOhBX07c97ffGwU.mft
rsync://rpki.ripe.net/repository/DEFAULT/u_pCfUICOv2oiOhBX07c97ffGwU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d2:9c:20:9d:19:fe:e4:14:7a:20:b7:52:dd:b6:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbfa427d42023afda888e8415f4edcf7b7df1b05
Validity
Not Before: Mar 29 09:00:19 2026 GMT
Not After : Mar 30 09:00:19 2026 GMT
Subject: CN=28fb6aaf00dcd906bd3ef7a3f3dc4bf8d2e638d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:0a:55:47:f9:66:8f:3c:7c:e6:1d:14:a6:66:
aa:91:43:b8:7b:78:0a:50:5f:e6:0b:d5:a0:4b:fd:
44:71:4f:d8:69:b1:90:1d:fc:c6:02:79:70:0d:a2:
e7:13:d7:02:7d:d2:05:45:3e:d4:c9:67:54:04:a0:
b7:1e:2f:63:06:72:07:ec:af:d7:2e:71:e2:a0:3b:
b0:4e:81:4b:b3:dd:c2:cd:24:9a:06:6c:8c:7c:96:
0d:96:e5:b7:d8:4f:a7:11:c5:a6:77:ee:5a:eb:30:
f8:2b:3d:d2:20:92:da:49:c8:7f:56:e5:5a:59:a5:
f1:19:42:e1:9c:63:ab:ea:96:0e:07:8d:c7:cd:ae:
44:83:15:cc:cb:7e:61:95:9a:18:05:e5:85:fa:04:
cc:f7:d0:4a:40:89:3d:83:bf:4e:55:ff:0a:83:7d:
31:d5:b5:ba:fa:78:1f:1b:d8:bf:0c:ac:8c:07:80:
0b:a6:01:12:3e:84:20:37:cb:c1:66:e9:a2:10:7a:
44:09:52:b4:1b:cc:40:10:0f:4d:21:5f:0d:40:45:
52:a9:0b:2e:ae:91:9a:06:a3:ba:ce:77:c4:e7:f2:
9d:d9:17:e7:b0:a5:10:e0:ef:8d:14:ae:4d:2c:fe:
a0:a4:57:f3:10:c7:2c:8e:a8:c4:f2:1f:b5:fc:f2:
73:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:FB:6A:AF:00:DC:D9:06:BD:3E:F7:A3:F3:DC:4B:F8:D2:E6:38:D5
X509v3 Authority Key Identifier:
keyid:BB:FA:42:7D:42:02:3A:FD:A8:88:E8:41:5F:4E:DC:F7:B7:DF:1B:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u_pCfUICOv2oiOhBX07c97ffGwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/4a79a1-3d19-4de4-be89-8a200691f724/1/u_pCfUICOv2oiOhBX07c97ffGwU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/4a79a1-3d19-4de4-be89-8a200691f724/1/u_pCfUICOv2oiOhBX07c97ffGwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
04:54:18:35:15:3b:8d:6f:c4:c3:94:f8:7a:41:d8:3b:8a:d7:
00:73:24:25:2f:dc:d2:2a:35:a7:a1:d4:fb:20:55:10:26:1f:
96:f2:97:af:18:34:74:21:bb:7d:e9:cf:13:0e:60:10:8e:5b:
42:8b:63:be:26:9c:0a:8d:cd:ca:fa:38:b8:45:de:5e:95:44:
52:67:94:90:67:a2:6d:76:2b:24:6a:9b:10:17:8b:55:28:61:
4b:9a:5c:1f:c7:af:ae:05:53:11:3a:55:29:18:10:53:61:4c:
48:9c:e2:3a:f2:fd:08:6c:d4:ed:2b:cb:37:3c:2b:13:d0:6a:
cd:fc:5c:90:5a:63:15:34:b8:91:b6:17:b3:09:2f:6d:6c:9c:
0f:90:ab:6c:c2:31:45:7e:b3:7a:dc:23:8f:ba:50:fd:ad:dd:
c2:d6:03:5f:38:66:5d:e1:b1:2e:a0:ed:6a:62:8e:b2:f9:8f:
97:95:92:ed:b8:8d:af:7a:8d:b3:a4:01:c3:9f:5c:95:ed:92:
e0:ca:e5:ce:94:89:b1:df:85:6f:22:eb:fc:ef:d9:c0:5f:12:
8d:4d:e9:e2:7d:0d:06:de:a5:43:a7:64:ad:05:6b:e5:47:aa:
53:55:b7:1b:0b:bc:69:11:b0:a1:02:6e:05:50:cb:51:f0:69:
ed:54:3b:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040pwgnRn+5BR6ILdS3bZ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZmE0MjdkNDIwMjNhZmRhODg4ZTg0MTVmNGVkY2Y3Yjdk
ZjFiMDUwHhcNMjYwMzI5MDkwMDE5WhcNMjYwMzMwMDkwMDE5WjAzMTEwLwYDVQQD
EygyOGZiNmFhZjAwZGNkOTA2YmQzZWY3YTNmM2RjNGJmOGQyZTYzOGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswpVR/lmjzx85h0UpmaqkUO4e3gK
UF/mC9WgS/1EcU/YabGQHfzGAnlwDaLnE9cCfdIFRT7UyWdUBKC3Hi9jBnIH7K/X
LnHioDuwToFLs93CzSSaBmyMfJYNluW32E+nEcWmd+5a6zD4Kz3SIJLaSch/VuVa
WaXxGULhnGOr6pYOB43Hza5EgxXMy35hlZoYBeWF+gTM99BKQIk9g79OVf8Kg30x
1bW6+ngfG9i/DKyMB4ALpgESPoQgN8vBZumiEHpECVK0G8xAEA9NIV8NQEVSqQsu
rpGaBqO6znfE5/Kd2RfnsKUQ4O+NFK5NLP6gpFfzEMcsjqjE8h+1/PJzmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCj7aq8A3NkGvT73o/PcS/jS5jjVMB8GA1UdIwQY
MBaAFLv6Qn1CAjr9qIjoQV9O3Pe33xsFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdV9wQ2ZVSUNPdjJvaU9oQlgwN2M5N2ZmR3dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS80YTc5YTEtM2QxOS00ZGU0LWJlODkt
OGEyMDA2OTFmNzI0LzEvdV9wQ2ZVSUNPdjJvaU9oQlgwN2M5N2ZmR3dVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS80YTc5YTEtM2QxOS00ZGU0LWJlODktOGEyMDA2OTFmNzI0
LzEvdV9wQ2ZVSUNPdjJvaU9oQlgwN2M5N2ZmR3dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABFQYNRU7
jW/Ew5T4ekHYO4rXAHMkJS/c0io1p6HU+yBVECYflvKXrxg0dCG7fenPEw5gEI5b
QotjviacCo3Nyvo4uEXeXpVEUmeUkGeibXYrJGqbEBeLVShhS5pcH8evrgVTETpV
KRgQU2FMSJziOvL9CGzU7SvLNzwrE9BqzfxckFpjFTS4kbYXswkvbWycD5CrbMIx
RX6zetwjj7pQ/a3dwtYDXzhmXeGxLqDtamKOsvmPl5WS7biNr3qNs6QBw59cle2S
4MrlzpSJsd+FbyLr/O/ZwF8SjU3p4n0NBt6lQ6dkrQVr5UeqU1W3Gwu8aRGwoQJu
BVDLUfBp7VQ7MQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:54:31 2026 by rpki-client