Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft
File: upfBVFbrYAQD7PuxbCDggWCUT48.mft (raw, json)
Hash identifier: +G0vgOvwuo/R+6SnXOaiYyFZkd+b3LtVtbeZqoW/q8A=
Subject key identifier: A4:AD:5E:D6:7D:2A:6F:CB:40:65:AC:EA:A5:8A:FA:8C:E3:38:70:2D
Authority key identifier: BA:97:C1:54:56:EB:60:04:03:EC:FB:B1:6C:20:E0:81:60:94:4F:8F
Certificate issuer: /CN=ba97c15456eb600403ecfbb16c20e08160944f8f
Certificate serial: 019D270417CFB7422947A267CCF4B2D3AE41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/upfBVFbrYAQD7PuxbCDggWCUT48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft
Manifest number: 150F
Signing time: Wed 25 Mar 2026 22:01:12 +0000
Manifest this update: Wed 25 Mar 2026 22:01:12 +0000
Manifest next update: Thu 26 Mar 2026 22:01:12 +0000
Files and hashes: 1: UfY9uP-gSFGDl_psdLY21k8D6rE.roa (hash: liAqA+LlTWz2PCuepJi3NtGWRqXh2SEVE/+htWLewMQ=)
2: upfBVFbrYAQD7PuxbCDggWCUT48.crl (hash: wxJBpuJcap/BdInPonsJMJv8nIecd6oE6wHPIq0kPwQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft
rsync://rpki.ripe.net/repository/DEFAULT/upfBVFbrYAQD7PuxbCDggWCUT48.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:04:17:cf:b7:42:29:47:a2:67:cc:f4:b2:d3:ae:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba97c15456eb600403ecfbb16c20e08160944f8f
Validity
Not Before: Mar 25 22:01:12 2026 GMT
Not After : Mar 26 22:01:12 2026 GMT
Subject: CN=a4ad5ed67d2a6fcb4065aceaa58afa8ce338702d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:a2:8a:b5:7e:78:0e:34:61:85:ff:e2:40:1b:
f6:79:28:c0:92:3e:cf:83:bb:ef:ba:04:fd:44:f3:
c6:3f:6c:39:27:18:26:9e:b4:49:92:ec:2b:22:a3:
a0:a4:7d:47:f1:ef:f6:34:34:ee:6e:15:95:9a:35:
2f:10:8f:67:c6:6d:8a:8b:e0:20:e4:ba:ca:55:95:
a3:fb:95:d7:5f:f9:98:c1:7c:1b:a3:44:64:2c:42:
49:48:e7:d1:58:fc:24:8b:00:ef:a8:d7:31:54:76:
62:db:5e:9a:8c:52:93:da:f0:ec:69:61:f7:f0:1f:
04:c2:03:2f:3b:12:bc:ab:0e:e2:1f:15:64:65:be:
3b:d7:29:fd:d3:e5:d8:fc:a5:4a:42:59:34:da:83:
cf:3b:13:32:48:bc:0c:d0:c6:57:3d:45:8d:1b:33:
0a:d8:f5:35:9f:e7:54:64:51:dc:69:dd:de:45:a5:
64:10:b3:84:aa:d2:79:d8:48:b6:d6:b5:4d:11:44:
51:32:28:07:e1:b0:8d:eb:57:26:5a:34:9b:7c:3e:
a7:b6:d9:58:16:d7:10:39:8d:03:c0:14:8d:12:f1:
99:2a:1e:cd:43:29:6e:bd:fb:10:20:f6:50:45:2c:
92:b2:87:07:dd:eb:d3:a7:63:26:4b:18:ec:7b:df:
bf:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:AD:5E:D6:7D:2A:6F:CB:40:65:AC:EA:A5:8A:FA:8C:E3:38:70:2D
X509v3 Authority Key Identifier:
keyid:BA:97:C1:54:56:EB:60:04:03:EC:FB:B1:6C:20:E0:81:60:94:4F:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/upfBVFbrYAQD7PuxbCDggWCUT48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
49:ab:95:7c:3c:e3:90:ee:e0:10:5c:90:44:80:bf:3c:8d:25:
42:ca:80:aa:ea:a3:8b:e8:ca:cb:42:3d:cb:14:57:61:9f:bb:
b1:d2:e2:e7:01:0e:52:39:1f:9e:ed:7c:6b:51:54:e1:8f:9d:
55:2e:c2:cf:b4:57:78:3a:11:02:0f:39:e2:ba:d4:e6:e8:29:
56:02:73:e9:71:8e:da:d9:8f:d5:9b:25:59:1b:9a:62:5d:6b:
95:62:df:d5:b3:14:82:33:a6:81:46:83:0e:7f:3e:07:44:42:
c2:a7:d1:7a:c4:68:54:f6:b3:e5:43:fb:0e:1b:a0:89:af:f9:
ce:6a:cc:95:99:37:ff:f2:86:60:eb:97:fd:0f:1a:77:1e:46:
bf:40:a8:e8:0c:82:cd:57:87:23:55:d4:8d:96:37:88:92:8a:
1b:fa:d8:51:a0:fb:b0:23:ec:82:9b:16:5f:41:09:b7:c0:48:
39:c6:dc:56:30:f1:74:f7:a5:c0:f1:58:57:29:00:cb:f0:86:
75:e2:43:50:68:5e:84:6c:67:3c:65:e4:aa:b4:a7:15:9c:fd:
87:6d:3a:81:9c:8a:df:51:fb:86:53:18:f0:95:b2:34:e4:e5:
19:83:32:91:32:bf:f1:ed:26:4b:1e:32:c9:90:a4:e4:d6:0a:
90:d6:dc:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBBfPt0IpR6JnzPSy065BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOTdjMTU0NTZlYjYwMDQwM2VjZmJiMTZjMjBlMDgxNjA5
NDRmOGYwHhcNMjYwMzI1MjIwMTEyWhcNMjYwMzI2MjIwMTEyWjAzMTEwLwYDVQQD
EyhhNGFkNWVkNjdkMmE2ZmNiNDA2NWFjZWFhNThhZmE4Y2UzMzg3MDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8aKKtX54DjRhhf/iQBv2eSjAkj7P
g7vvugT9RPPGP2w5JxgmnrRJkuwrIqOgpH1H8e/2NDTubhWVmjUvEI9nxm2Ki+Ag
5LrKVZWj+5XXX/mYwXwbo0RkLEJJSOfRWPwkiwDvqNcxVHZi216ajFKT2vDsaWH3
8B8EwgMvOxK8qw7iHxVkZb471yn90+XY/KVKQlk02oPPOxMySLwM0MZXPUWNGzMK
2PU1n+dUZFHcad3eRaVkELOEqtJ52Ei21rVNEURRMigH4bCN61cmWjSbfD6nttlY
FtcQOY0DwBSNEvGZKh7NQyluvfsQIPZQRSySsocH3evTp2MmSxjse9+/iwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKStXtZ9Km/LQGWs6qWK+ozjOHAtMB8GA1UdIwQY
MBaAFLqXwVRW62AEA+z7sWwg4IFglE+PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXBmQlZGYnJZQVFEN1B1eGJDRGdnV0NVVDQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9jNDZkMWUtOTg3ZC00ZjY1LWIxMWIt
MmUyY2Q2NDM1MTA2LzEvdXBmQlZGYnJZQVFEN1B1eGJDRGdnV0NVVDQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9jNDZkMWUtOTg3ZC00ZjY1LWIxMWItMmUyY2Q2NDM1MTA2
LzEvdXBmQlZGYnJZQVFEN1B1eGJDRGdnV0NVVDQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASauVfDzj
kO7gEFyQRIC/PI0lQsqAquqji+jKy0I9yxRXYZ+7sdLi5wEOUjkfnu18a1FU4Y+d
VS7Cz7RXeDoRAg854rrU5ugpVgJz6XGO2tmP1ZslWRuaYl1rlWLf1bMUgjOmgUaD
Dn8+B0RCwqfResRoVPaz5UP7Dhugia/5zmrMlZk3//KGYOuX/Q8adx5Gv0Co6AyC
zVeHI1XUjZY3iJKKG/rYUaD7sCPsgpsWX0EJt8BIOcbcVjDxdPelwPFYVykAy/CG
deJDUGhehGxnPGXkqrSnFZz9h206gZyK31H7hlMY8JWyNOTlGYMykTK/8e0mSx4y
yZCk5NYKkNbcjA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:25:22 2026 by rpki-client