Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft
File: ALlD7lfDXyx_T-wGhel9YDsHytI.mft (raw, json)
Hash identifier: kv1HjZZAmNNBXHTc5uc4zmzsesEWkmzIoxlAJCW2SW0=
Subject key identifier: B4:36:62:35:7C:C5:F9:DC:B1:A4:B0:69:C0:6D:73:53:8A:06:FD:4F
Authority key identifier: 00:B9:43:EE:57:C3:5F:2C:7F:4F:EC:06:85:E9:7D:60:3B:07:CA:D2
Certificate issuer: /CN=00b943ee57c35f2c7f4fec0685e97d603b07cad2
Certificate serial: 019D2A3C53029590528F0280EC8971B9F2DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ALlD7lfDXyx_T-wGhel9YDsHytI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft
Manifest number: 0C4A
Signing time: Thu 26 Mar 2026 13:01:29 +0000
Manifest this update: Thu 26 Mar 2026 13:01:29 +0000
Manifest next update: Fri 27 Mar 2026 13:01:29 +0000
Files and hashes: 1: ALlD7lfDXyx_T-wGhel9YDsHytI.crl (hash: Js8ypHm/QZ5o5LTgzCjNuXK+61iEZpnOnBV5lAxqa4o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ALlD7lfDXyx_T-wGhel9YDsHytI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:3c:53:02:95:90:52:8f:02:80:ec:89:71:b9:f2:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00b943ee57c35f2c7f4fec0685e97d603b07cad2
Validity
Not Before: Mar 26 13:01:29 2026 GMT
Not After : Mar 27 13:01:29 2026 GMT
Subject: CN=b43662357cc5f9dcb1a4b069c06d73538a06fd4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:26:00:81:23:ce:3c:4f:12:d9:45:fd:4d:fe:
32:22:c9:90:d3:26:0c:6a:3b:fe:b3:63:7b:63:18:
fe:80:29:1d:d8:1a:18:25:23:2c:14:58:b4:8f:e4:
8c:59:e8:e6:ec:bb:bd:44:e4:59:c0:d9:7e:d7:ab:
9c:40:08:52:e9:99:a7:43:14:41:23:90:c6:b2:a3:
b4:6e:ff:61:01:2f:18:9f:cb:1d:63:7d:db:9a:dd:
31:5d:03:ab:94:8d:e9:7e:6b:5f:0c:0e:98:4d:fb:
1e:f2:c1:62:c0:cb:34:c9:bc:b1:25:dd:1d:95:c1:
46:2b:dd:78:a7:88:21:73:ec:aa:08:0f:d5:56:a4:
58:68:f3:65:f8:fa:15:e9:b2:69:cc:f4:70:f0:1b:
33:6c:86:28:c1:e6:52:fd:3f:21:fb:2e:f1:98:ac:
24:14:40:6a:f9:ff:0b:96:3c:d4:8f:0a:c1:17:28:
81:7d:4d:72:4f:8c:24:de:b7:95:81:4d:45:2a:ff:
13:48:51:96:7b:23:8a:3e:d8:60:09:a9:cd:39:5c:
59:94:32:78:51:3d:fc:ca:1c:b9:d8:5b:bb:60:ee:
e0:2a:55:4a:86:ec:f7:22:3c:c1:1f:0b:d9:4d:28:
da:0c:5e:cf:1a:db:96:19:fd:42:73:bf:03:0d:6e:
e9:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:36:62:35:7C:C5:F9:DC:B1:A4:B0:69:C0:6D:73:53:8A:06:FD:4F
X509v3 Authority Key Identifier:
keyid:00:B9:43:EE:57:C3:5F:2C:7F:4F:EC:06:85:E9:7D:60:3B:07:CA:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ALlD7lfDXyx_T-wGhel9YDsHytI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a1:c8:71:79:2a:9e:7c:45:13:75:45:35:d2:ac:38:dd:6e:65:
7c:e3:b6:25:dc:87:e7:87:cc:4a:7c:53:85:44:30:b7:40:94:
68:09:a6:b1:69:53:f3:9a:fe:06:48:52:51:18:9f:50:21:58:
ce:07:54:f3:8c:af:92:e6:7e:7b:07:7b:f2:97:df:da:c3:3c:
fa:39:95:df:0b:0d:52:01:43:f0:bf:b0:76:e2:96:f4:68:ad:
af:ab:f6:e7:11:79:6e:7e:71:85:c5:73:d1:50:61:ed:ac:a5:
3d:f9:90:22:fd:cf:ae:95:fa:be:62:22:b7:7f:b0:be:f1:2d:
6f:e3:f9:61:64:2f:cc:e5:01:82:f2:51:5a:88:ab:ae:51:74:
35:65:d3:84:94:b1:1c:34:7e:79:a8:c2:67:41:9a:5f:04:8d:
04:ac:dc:4a:83:6b:1f:d1:e7:ef:31:23:f9:46:09:6d:ec:b7:
af:7a:fc:01:8c:17:00:83:74:3f:fc:5a:a0:c2:b0:4e:b5:0f:
a2:2a:53:5f:78:41:be:e8:b0:f8:96:17:48:d4:92:2c:7b:d5:
ee:8b:3b:99:bb:e1:8e:3f:5c:30:c0:13:1c:74:b9:7d:64:ec:
d5:30:15:69:d1:1f:83:3d:8b:81:ff:c2:39:b5:12:05:4d:a8:
49:a9:46:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qPFMClZBSjwKA7IlxufLdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYjk0M2VlNTdjMzVmMmM3ZjRmZWMwNjg1ZTk3ZDYwM2Iw
N2NhZDIwHhcNMjYwMzI2MTMwMTI5WhcNMjYwMzI3MTMwMTI5WjAzMTEwLwYDVQQD
EyhiNDM2NjIzNTdjYzVmOWRjYjFhNGIwNjljMDZkNzM1MzhhMDZmZDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyYAgSPOPE8S2UX9Tf4yIsmQ0yYM
ajv+s2N7Yxj+gCkd2BoYJSMsFFi0j+SMWejm7Lu9RORZwNl+16ucQAhS6ZmnQxRB
I5DGsqO0bv9hAS8Yn8sdY33bmt0xXQOrlI3pfmtfDA6YTfse8sFiwMs0ybyxJd0d
lcFGK914p4ghc+yqCA/VVqRYaPNl+PoV6bJpzPRw8BszbIYoweZS/T8h+y7xmKwk
FEBq+f8LljzUjwrBFyiBfU1yT4wk3reVgU1FKv8TSFGWeyOKPthgCanNOVxZlDJ4
UT38yhy52Fu7YO7gKlVKhuz3IjzBHwvZTSjaDF7PGtuWGf1Cc78DDW7ptQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLQ2YjV8xfncsaSwacBtc1OKBv1PMB8GA1UdIwQY
MBaAFAC5Q+5Xw18sf0/sBoXpfWA7B8rSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUxsRDdsZkRYeXhfVC13R2hlbDlZRHNIeXRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS80OGYwOWUtNzM4Ni00MTM5LTkxYzgt
M2M4OGU0MGU3MTFjLzEvQUxsRDdsZkRYeXhfVC13R2hlbDlZRHNIeXRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS80OGYwOWUtNzM4Ni00MTM5LTkxYzgtM2M4OGU0MGU3MTFj
LzEvQUxsRDdsZkRYeXhfVC13R2hlbDlZRHNIeXRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAochxeSqe
fEUTdUU10qw43W5lfOO2JdyH54fMSnxThUQwt0CUaAmmsWlT85r+BkhSURifUCFY
zgdU84yvkuZ+ewd78pff2sM8+jmV3wsNUgFD8L+wduKW9Gitr6v25xF5bn5xhcVz
0VBh7aylPfmQIv3PrpX6vmIit3+wvvEtb+P5YWQvzOUBgvJRWoirrlF0NWXThJSx
HDR+eajCZ0GaXwSNBKzcSoNrH9Hn7zEj+UYJbey3r3r8AYwXAIN0P/xaoMKwTrUP
oipTX3hBvuiw+JYXSNSSLHvV7os7mbvhjj9cMMATHHS5fWTs1TAVadEfgz2Lgf/C
ObUSBU2oSalGUw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 18:48:16 2026 by rpki-client