Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.mft
File: pL9-XCjULmcUGeYsMmBJ5cedSOA.mft (raw, json)
Hash identifier: 285+OKNfwd7+uwn/QiqvCvI01J4vJgl0brbRHQHvCaA=
Subject key identifier: EE:D9:E7:AC:34:D4:BD:B8:BA:6B:1E:CC:B9:71:C1:79:9D:01:90:CB
Authority key identifier: A4:BF:7E:5C:28:D4:2E:67:14:19:E6:2C:32:60:49:E5:C7:9D:48:E0
Certificate issuer: /CN=a4bf7e5c28d42e671419e62c326049e5c79d48e0
Certificate serial: 019D26962FE3138A00232F2D437E4C282EFF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pL9-XCjULmcUGeYsMmBJ5cedSOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.mft
Manifest number: 028E
Signing time: Wed 25 Mar 2026 20:01:09 +0000
Manifest this update: Wed 25 Mar 2026 20:01:09 +0000
Manifest next update: Thu 26 Mar 2026 20:01:09 +0000
Files and hashes: 1: pL9-XCjULmcUGeYsMmBJ5cedSOA.crl (hash: zbzETgLjGJP+G/NO/TqzO8JCBrF24eipKXATwws0Atk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.mft
rsync://rpki.ripe.net/repository/DEFAULT/pL9-XCjULmcUGeYsMmBJ5cedSOA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 20:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:96:2f:e3:13:8a:00:23:2f:2d:43:7e:4c:28:2e:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4bf7e5c28d42e671419e62c326049e5c79d48e0
Validity
Not Before: Mar 25 20:01:09 2026 GMT
Not After : Mar 26 20:01:09 2026 GMT
Subject: CN=eed9e7ac34d4bdb8ba6b1eccb971c1799d0190cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:69:f0:e3:fb:b1:a3:02:bb:a8:1f:8f:c4:b1:
f6:bc:13:50:69:64:1e:d9:bc:4a:04:ac:21:4e:91:
99:af:36:5b:47:6f:2d:73:d0:ea:d2:e6:b4:0e:f2:
5b:fa:ec:bc:cf:33:c3:e2:76:18:35:12:be:f6:aa:
72:aa:d0:95:17:a0:54:03:19:b8:e2:2a:0f:6e:68:
89:77:19:0b:da:d7:7f:b4:82:de:dd:b1:35:cf:75:
45:ad:81:0c:76:e9:3c:76:1a:5e:69:50:94:93:83:
b7:36:79:b9:22:4f:4b:f1:5f:9d:09:4d:2a:12:3e:
f7:97:6a:c7:cc:a2:ab:85:2e:16:aa:8d:e1:a8:38:
f7:a9:c0:a1:3d:40:af:d0:72:44:39:2f:8f:26:1e:
01:c0:e0:e0:cc:e3:ac:50:75:ec:b5:28:ea:15:d0:
7c:2c:e4:c3:f0:60:3f:da:22:45:cb:9b:ad:bc:09:
68:af:9d:98:64:2d:b1:c4:49:d8:b4:65:06:b7:16:
22:b1:b2:0a:1f:a1:a5:6c:d5:7f:7d:cb:b6:93:f1:
84:b5:de:c9:88:8e:f4:a3:fc:e8:98:c5:bb:9d:88:
89:34:db:59:8b:4d:fe:de:61:6e:99:f1:e0:fe:ad:
1b:d4:b7:c2:7a:a7:61:a6:76:63:ed:16:3b:97:bc:
9e:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:D9:E7:AC:34:D4:BD:B8:BA:6B:1E:CC:B9:71:C1:79:9D:01:90:CB
X509v3 Authority Key Identifier:
keyid:A4:BF:7E:5C:28:D4:2E:67:14:19:E6:2C:32:60:49:E5:C7:9D:48:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pL9-XCjULmcUGeYsMmBJ5cedSOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6c:4c:9e:35:f0:f6:7e:69:bd:c8:da:80:5a:70:8e:89:8d:84:
c7:01:3b:59:b8:20:5d:1e:67:7f:06:f5:fe:77:15:b7:93:c0:
f5:a1:e1:0b:5a:d0:0d:82:d4:8a:43:81:4a:e2:b3:a3:c7:c8:
02:d3:12:b6:cf:fb:50:59:91:9a:cc:70:38:66:14:eb:f0:f7:
40:6d:78:00:97:98:ec:4c:78:57:7b:78:88:c4:51:b6:cd:c7:
98:0a:40:67:85:67:e0:cc:fc:f7:34:3d:33:5d:0a:5e:28:6e:
0b:71:ab:71:bd:dc:89:df:76:20:92:7e:18:99:33:e9:5e:28:
26:ee:61:1f:c0:65:06:e3:f2:a1:e8:7a:23:05:9c:27:3e:00:
57:93:c2:19:30:8a:c2:9d:77:bc:f3:79:bb:13:34:8f:b0:99:
2e:48:ab:4a:e1:a1:5d:21:d2:5a:31:57:7c:0a:b1:8b:5f:48:
b3:8b:9f:5d:f5:18:9a:d4:27:ab:94:c0:75:6f:13:e5:9c:22:
95:4c:2b:9b:da:fd:bc:57:f5:40:d9:34:54:d8:71:50:c6:b6:
60:83:40:3f:64:34:6f:fe:c3:28:c6:fb:b6:69:9e:1c:e0:f7:
e8:22:6a:5d:3d:cc:1e:46:8d:82:cf:03:0d:be:8a:b8:4c:2f:
21:eb:20:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mli/jE4oAIy8tQ35MKC7/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YmY3ZTVjMjhkNDJlNjcxNDE5ZTYyYzMyNjA0OWU1Yzc5
ZDQ4ZTAwHhcNMjYwMzI1MjAwMTA5WhcNMjYwMzI2MjAwMTA5WjAzMTEwLwYDVQQD
EyhlZWQ5ZTdhYzM0ZDRiZGI4YmE2YjFlY2NiOTcxYzE3OTlkMDE5MGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Wnw4/uxowK7qB+PxLH2vBNQaWQe
2bxKBKwhTpGZrzZbR28tc9Dq0ua0DvJb+uy8zzPD4nYYNRK+9qpyqtCVF6BUAxm4
4ioPbmiJdxkL2td/tILe3bE1z3VFrYEMduk8dhpeaVCUk4O3Nnm5Ik9L8V+dCU0q
Ej73l2rHzKKrhS4Wqo3hqDj3qcChPUCv0HJEOS+PJh4BwODgzOOsUHXstSjqFdB8
LOTD8GA/2iJFy5utvAlor52YZC2xxEnYtGUGtxYisbIKH6GlbNV/fcu2k/GEtd7J
iI70o/zomMW7nYiJNNtZi03+3mFumfHg/q0b1LfCeqdhpnZj7RY7l7ye/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO7Z56w01L24umsezLlxwXmdAZDLMB8GA1UdIwQY
MBaAFKS/flwo1C5nFBnmLDJgSeXHnUjgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEw5LVhDalVMbWNVR2VZc01tQko1Y2VkU09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS80ZWY4YjQtN2UwNi00NzY4LWI0N2Et
OTcwZmIwZTQ0YzQ3LzEvcEw5LVhDalVMbWNVR2VZc01tQko1Y2VkU09BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS80ZWY4YjQtN2UwNi00NzY4LWI0N2EtOTcwZmIwZTQ0YzQ3
LzEvcEw5LVhDalVMbWNVR2VZc01tQko1Y2VkU09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbEyeNfD2
fmm9yNqAWnCOiY2ExwE7WbggXR5nfwb1/ncVt5PA9aHhC1rQDYLUikOBSuKzo8fI
AtMSts/7UFmRmsxwOGYU6/D3QG14AJeY7Ex4V3t4iMRRts3HmApAZ4Vn4Mz89zQ9
M10KXihuC3Grcb3cid92IJJ+GJkz6V4oJu5hH8BlBuPyoeh6IwWcJz4AV5PCGTCK
wp13vPN5uxM0j7CZLkirSuGhXSHSWjFXfAqxi19Is4ufXfUYmtQnq5TAdW8T5Zwi
lUwrm9r9vFf1QNk0VNhxUMa2YINAP2Q0b/7DKMb7tmmeHOD36CJqXT3MHkaNgs8D
Db6KuEwvIesgLA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 03:37:28 2026 by rpki-client