Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/535bf7-59ac-45f1-bec5-41dd7f3ea7a4/1/RKqBMTnAax3PG_6DMrm4Aas-swI.mft
File: RKqBMTnAax3PG_6DMrm4Aas-swI.mft (raw, json)
Hash identifier: vbautPE6dZkDMa5BV0qlty5Yq8x5K4hIP3OKI3zuHWs=
Subject key identifier: 33:57:41:EC:00:F7:B4:0D:AF:C6:A4:FB:E0:65:6C:54:62:38:8B:B3
Authority key identifier: 44:AA:81:31:39:C0:6B:1D:CF:1B:FE:83:32:B9:B8:01:AB:3E:B3:02
Certificate issuer: /CN=44aa813139c06b1dcf1bfe8332b9b801ab3eb302
Certificate serial: 019D2A3C562270D370EFBC1EB110BB24935B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RKqBMTnAax3PG_6DMrm4Aas-swI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/535bf7-59ac-45f1-bec5-41dd7f3ea7a4/1/RKqBMTnAax3PG_6DMrm4Aas-swI.mft
Manifest number: 08A0
Signing time: Thu 26 Mar 2026 13:01:30 +0000
Manifest this update: Thu 26 Mar 2026 13:01:30 +0000
Manifest next update: Fri 27 Mar 2026 13:01:30 +0000
Files and hashes: 1: RKqBMTnAax3PG_6DMrm4Aas-swI.crl (hash: yYr8QY62BndRd6zUxzt4Sq3r42e/6+7aNphyraVzDX8=)
2: ynuNLafz9LbBB3yzoCWMv9fdVAw.roa (hash: ggLRVHISQxu3PXeYplz4bZPnG+60dpFC8ZQ4LkB5T9g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/535bf7-59ac-45f1-bec5-41dd7f3ea7a4/1/RKqBMTnAax3PG_6DMrm4Aas-swI.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/535bf7-59ac-45f1-bec5-41dd7f3ea7a4/1/RKqBMTnAax3PG_6DMrm4Aas-swI.mft
rsync://rpki.ripe.net/repository/DEFAULT/RKqBMTnAax3PG_6DMrm4Aas-swI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:3c:56:22:70:d3:70:ef:bc:1e:b1:10:bb:24:93:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44aa813139c06b1dcf1bfe8332b9b801ab3eb302
Validity
Not Before: Mar 26 13:01:30 2026 GMT
Not After : Mar 27 13:01:30 2026 GMT
Subject: CN=335741ec00f7b40dafc6a4fbe0656c5462388bb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:14:53:88:81:0c:f1:d6:e4:0d:58:e9:a7:a6:
e3:64:8d:fe:2e:6d:43:c1:17:ed:05:91:bd:61:e7:
92:49:3d:e3:d5:df:06:54:81:1e:8d:ac:8e:13:61:
c5:a2:3d:98:dc:dd:9b:00:13:43:b3:68:e8:0c:e8:
9b:1f:1d:83:94:0b:14:a3:e2:34:1d:bc:5e:d7:fa:
3b:b7:18:62:6d:64:31:c4:96:85:38:11:1c:ff:76:
16:c3:38:b0:89:f2:66:03:b6:c9:e3:8d:19:b7:5c:
6b:39:15:2c:74:93:c2:15:3e:c2:ef:04:aa:b5:bf:
8b:4b:db:6d:8d:3c:28:da:29:87:e5:b0:28:2d:9f:
97:58:a1:31:d9:05:d3:a2:1d:ce:0c:77:c5:87:11:
36:70:9c:e0:c1:e5:49:f8:74:b7:c8:3f:1d:d2:c0:
d1:b5:9d:9a:b2:53:3e:2c:1c:39:c4:77:fb:85:69:
30:40:09:70:4d:5b:34:c2:70:4d:25:dc:3a:c0:f2:
c7:14:94:a1:4c:88:f3:37:96:2d:be:d3:ac:b5:a1:
8e:ae:e0:ce:43:a8:7b:0c:53:1f:76:b9:f2:2b:ee:
f5:38:29:b4:3d:25:59:a0:4c:3a:f6:8f:ec:32:0e:
b3:d9:3e:ba:71:a9:1d:cb:75:bf:1f:9c:5b:ab:23:
71:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:57:41:EC:00:F7:B4:0D:AF:C6:A4:FB:E0:65:6C:54:62:38:8B:B3
X509v3 Authority Key Identifier:
keyid:44:AA:81:31:39:C0:6B:1D:CF:1B:FE:83:32:B9:B8:01:AB:3E:B3:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RKqBMTnAax3PG_6DMrm4Aas-swI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/535bf7-59ac-45f1-bec5-41dd7f3ea7a4/1/RKqBMTnAax3PG_6DMrm4Aas-swI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/535bf7-59ac-45f1-bec5-41dd7f3ea7a4/1/RKqBMTnAax3PG_6DMrm4Aas-swI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
33:23:8e:4b:ed:2c:d5:cf:a5:27:86:ac:26:4a:5b:be:15:ef:
b4:da:5a:6c:ca:3f:f5:25:0f:f6:ed:b7:0c:65:0e:31:ec:82:
21:32:f9:9d:38:89:ca:62:cc:ff:45:c1:26:37:f1:ac:5e:e4:
01:83:98:f3:74:d3:e8:e8:a5:f4:fa:6d:17:58:92:e7:1e:4c:
40:85:32:36:ea:68:12:73:5b:ea:39:5b:d8:6d:43:a4:5b:f1:
db:b1:bf:e1:ac:1e:d0:58:72:f2:79:fd:6b:2c:00:3e:a1:4c:
33:6b:17:0c:de:3d:a9:0e:a7:f9:d9:d1:dd:f8:02:59:e5:c7:
b8:67:90:eb:37:8f:5d:86:f3:5e:1a:e8:93:c4:9e:08:2b:ca:
d8:9a:36:de:0a:8a:fb:6f:19:37:b1:73:e1:cf:0e:aa:34:0f:
db:2f:c6:69:bd:d2:af:04:75:de:29:eb:d3:e4:3f:fd:20:a8:
d6:60:d3:a6:7b:80:0d:74:6c:4e:cd:26:d3:08:32:0e:97:8b:
b4:97:f9:f2:bd:c2:20:94:07:9f:97:77:62:0e:3d:60:68:45:
69:7c:8e:50:a2:63:2f:8b:55:d9:47:1b:9b:13:81:1b:73:f8:
8f:03:4e:88:da:48:ab:66:b7:eb:f6:fe:2c:1c:61:bc:26:c7:
7e:e8:0c:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qPFYicNNw77wesRC7JJNbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YWE4MTMxMzljMDZiMWRjZjFiZmU4MzMyYjliODAxYWIz
ZWIzMDIwHhcNMjYwMzI2MTMwMTMwWhcNMjYwMzI3MTMwMTMwWjAzMTEwLwYDVQQD
EygzMzU3NDFlYzAwZjdiNDBkYWZjNmE0ZmJlMDY1NmM1NDYyMzg4YmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxRTiIEM8dbkDVjpp6bjZI3+Lm1D
wRftBZG9YeeSST3j1d8GVIEejayOE2HFoj2Y3N2bABNDs2joDOibHx2DlAsUo+I0
Hbxe1/o7txhibWQxxJaFOBEc/3YWwziwifJmA7bJ440Zt1xrORUsdJPCFT7C7wSq
tb+LS9ttjTwo2imH5bAoLZ+XWKEx2QXToh3ODHfFhxE2cJzgweVJ+HS3yD8d0sDR
tZ2aslM+LBw5xHf7hWkwQAlwTVs0wnBNJdw6wPLHFJShTIjzN5YtvtOstaGOruDO
Q6h7DFMfdrnyK+71OCm0PSVZoEw69o/sMg6z2T66cakdy3W/H5xbqyNx9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDNXQewA97QNr8ak++BlbFRiOIuzMB8GA1UdIwQY
MBaAFESqgTE5wGsdzxv+gzK5uAGrPrMCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUktxQk1UbkFheDNQR182RE1ybTRBYXMtc3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy81MzViZjctNTlhYy00NWYxLWJlYzUt
NDFkZDdmM2VhN2E0LzEvUktxQk1UbkFheDNQR182RE1ybTRBYXMtc3dJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy81MzViZjctNTlhYy00NWYxLWJlYzUtNDFkZDdmM2VhN2E0
LzEvUktxQk1UbkFheDNQR182RE1ybTRBYXMtc3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMyOOS+0s
1c+lJ4asJkpbvhXvtNpabMo/9SUP9u23DGUOMeyCITL5nTiJymLM/0XBJjfxrF7k
AYOY83TT6Oil9PptF1iS5x5MQIUyNupoEnNb6jlb2G1DpFvx27G/4awe0Fhy8nn9
aywAPqFMM2sXDN49qQ6n+dnR3fgCWeXHuGeQ6zePXYbzXhrok8SeCCvK2Jo23gqK
+28ZN7Fz4c8OqjQP2y/Gab3SrwR13inr0+Q//SCo1mDTpnuADXRsTs0m0wgyDpeL
tJf58r3CIJQHn5d3Yg49YGhFaXyOUKJjL4tV2UcbmxOBG3P4jwNOiNpIq2a36/b+
LBxhvCbHfugMdw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:33:04 2026 by rpki-client