Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/70AaUuP95plIbplnjb9Ih1Mpwz0.mft
File: 70AaUuP95plIbplnjb9Ih1Mpwz0.mft (raw, json)
Hash identifier: 9NaFF6e7wjEJHA7i7a0fvqnIvd32dnAOj7mWZtlgXZE=
Subject key identifier: C1:D3:F5:C3:92:00:0D:0B:CF:9E:26:90:75:E9:06:61:2B:1F:63:05
Authority key identifier: EF:40:1A:52:E3:FD:E6:99:48:6E:99:67:8D:BF:48:87:53:29:C3:3D
Certificate issuer: /CN=ef401a52e3fde699486e99678dbf48875329c33d
Certificate serial: 019D29607C38A3403AE39E3FBDC18673F7BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/70AaUuP95plIbplnjb9Ih1Mpwz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/70AaUuP95plIbplnjb9Ih1Mpwz0.mft
Manifest number: 0FF3
Signing time: Thu 26 Mar 2026 09:01:22 +0000
Manifest this update: Thu 26 Mar 2026 09:01:22 +0000
Manifest next update: Fri 27 Mar 2026 09:01:22 +0000
Files and hashes: 1: 1-SL9hlivQGt-mLTuChMVipJ552A.roa (hash: M4LxMEo5XBi46ojcg/gR85XlQ9Z1KIxYuUCF1vDeIuI=)
2: 70AaUuP95plIbplnjb9Ih1Mpwz0.crl (hash: PLXsEiEJLsaWuOnmOVWCTWfYlxFshytpuivCFrktbfo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/70AaUuP95plIbplnjb9Ih1Mpwz0.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/70AaUuP95plIbplnjb9Ih1Mpwz0.mft
rsync://rpki.ripe.net/repository/DEFAULT/70AaUuP95plIbplnjb9Ih1Mpwz0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:60:7c:38:a3:40:3a:e3:9e:3f:bd:c1:86:73:f7:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef401a52e3fde699486e99678dbf48875329c33d
Validity
Not Before: Mar 26 09:01:22 2026 GMT
Not After : Mar 27 09:01:22 2026 GMT
Subject: CN=c1d3f5c392000d0bcf9e269075e906612b1f6305
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:76:28:e8:39:5f:1f:48:9d:07:b4:1e:87:ec:
b0:ff:13:db:cf:02:fd:14:09:da:80:f8:e1:4a:f7:
d4:2c:ff:db:03:4f:04:a8:d1:8f:cc:95:2f:2c:39:
ee:65:41:a4:fa:f8:02:05:49:77:02:da:e7:b4:7b:
de:8f:c6:ba:17:60:32:22:f5:7f:d1:2b:71:df:ef:
f1:85:84:af:c8:d2:51:7b:c3:60:00:32:a5:0d:7f:
96:2f:ce:fe:1b:66:a5:45:22:6f:b0:24:bc:a7:dc:
a0:a3:c3:76:bd:64:2b:36:41:4b:35:6a:04:3d:5b:
47:a6:a2:7a:19:bb:72:e3:05:df:3a:00:10:aa:33:
6c:f1:2d:56:1b:81:b9:06:ca:bf:1b:8e:c1:cb:6e:
7f:cc:58:b5:46:f0:a0:74:c6:2f:c3:02:8f:0c:79:
99:fa:23:f4:03:d9:a6:72:c7:b4:c1:c3:48:08:27:
79:ae:e8:27:c6:56:e5:35:41:49:9e:2b:b1:bc:72:
39:d4:d5:f7:dd:af:9f:97:4f:e5:25:cc:90:44:88:
79:48:6c:2b:f5:34:4b:8d:b7:57:ce:db:0e:34:aa:
94:65:94:71:7e:de:fc:6b:73:65:dc:ba:3a:92:94:
74:77:e6:a9:0c:8e:53:6d:a0:8e:1d:d3:3f:ad:71:
04:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:D3:F5:C3:92:00:0D:0B:CF:9E:26:90:75:E9:06:61:2B:1F:63:05
X509v3 Authority Key Identifier:
keyid:EF:40:1A:52:E3:FD:E6:99:48:6E:99:67:8D:BF:48:87:53:29:C3:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/70AaUuP95plIbplnjb9Ih1Mpwz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/70AaUuP95plIbplnjb9Ih1Mpwz0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/70AaUuP95plIbplnjb9Ih1Mpwz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
51:f5:42:e8:f7:99:b2:fe:34:84:b7:93:26:53:12:fc:25:28:
2e:d2:2e:75:14:fa:02:06:85:70:04:4b:74:8c:8d:0c:2c:9e:
9c:4a:f7:84:f8:4a:44:b9:5c:cd:7f:bd:6c:2f:81:7f:cb:49:
e1:65:0d:9c:18:a1:a7:04:54:57:78:95:9a:0b:e9:36:49:82:
99:b6:d1:24:7a:05:5b:ec:47:34:7c:c5:03:aa:fe:2e:e9:72:
0d:b0:64:12:59:8e:02:2a:22:4e:15:10:5e:a9:3d:81:b1:de:
91:3a:c6:7d:2d:e1:d3:00:26:89:e0:5d:67:49:be:d1:bf:f9:
4a:b7:63:3f:60:68:52:55:ff:66:9f:a3:21:10:72:2c:4e:70:
92:da:22:64:94:66:91:2e:0a:c6:e6:87:1c:47:11:67:f1:ac:
21:60:ea:5c:f6:ff:40:2d:78:13:79:09:f8:80:a7:7b:65:ff:
27:68:0f:28:a6:4a:8a:4b:f1:3a:63:1e:6d:ab:4c:de:88:a7:
22:48:2e:4a:b0:5e:8e:c2:58:be:41:62:73:31:a1:bf:80:67:
9e:11:e3:78:a7:81:00:44:5b:a6:72:aa:a5:c7:fe:72:82:14:
3e:f8:c5:03:b2:41:f1:ea:2d:6e:df:d1:a1:a0:07:15:d4:c4:
d1:12:ce:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYHw4o0A6454/vcGGc/e7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNDAxYTUyZTNmZGU2OTk0ODZlOTk2NzhkYmY0ODg3NTMy
OWMzM2QwHhcNMjYwMzI2MDkwMTIyWhcNMjYwMzI3MDkwMTIyWjAzMTEwLwYDVQQD
EyhjMWQzZjVjMzkyMDAwZDBiY2Y5ZTI2OTA3NWU5MDY2MTJiMWY2MzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23Yo6DlfH0idB7Qeh+yw/xPbzwL9
FAnagPjhSvfULP/bA08EqNGPzJUvLDnuZUGk+vgCBUl3AtrntHvej8a6F2AyIvV/
0Stx3+/xhYSvyNJRe8NgADKlDX+WL87+G2alRSJvsCS8p9ygo8N2vWQrNkFLNWoE
PVtHpqJ6Gbty4wXfOgAQqjNs8S1WG4G5Bsq/G47By25/zFi1RvCgdMYvwwKPDHmZ
+iP0A9mmcse0wcNICCd5rugnxlblNUFJniuxvHI51NX33a+fl0/lJcyQRIh5SGwr
9TRLjbdXztsONKqUZZRxft78a3Nl3Lo6kpR0d+apDI5TbaCOHdM/rXEEQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMHT9cOSAA0Lz54mkHXpBmErH2MFMB8GA1UdIwQY
MBaAFO9AGlLj/eaZSG6ZZ42/SIdTKcM9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzBBYVV1UDk1cGxJYnBsbmpiOUloMU1wd3owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8yNTIzOGMtOGVlZS00NDAzLTkxMDQt
OWNhOTQ3YWE2NjVhLzEvNzBBYVV1UDk1cGxJYnBsbmpiOUloMU1wd3owLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8yNTIzOGMtOGVlZS00NDAzLTkxMDQtOWNhOTQ3YWE2NjVh
LzEvNzBBYVV1UDk1cGxJYnBsbmpiOUloMU1wd3owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUfVC6PeZ
sv40hLeTJlMS/CUoLtIudRT6AgaFcARLdIyNDCyenEr3hPhKRLlczX+9bC+Bf8tJ
4WUNnBihpwRUV3iVmgvpNkmCmbbRJHoFW+xHNHzFA6r+LulyDbBkElmOAioiThUQ
Xqk9gbHekTrGfS3h0wAmieBdZ0m+0b/5SrdjP2BoUlX/Zp+jIRByLE5wktoiZJRm
kS4KxuaHHEcRZ/GsIWDqXPb/QC14E3kJ+ICne2X/J2gPKKZKikvxOmMebatM3oin
IkguSrBejsJYvkFiczGhv4BnnhHjeKeBAERbpnKqpcf+coIUPvjFA7JB8eotbt/R
oaAHFdTE0RLORQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:08:29 2026 by rpki-client