Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/70AaUuP95plIbplnjb9Ih1Mpwz0.mft
File: 70AaUuP95plIbplnjb9Ih1Mpwz0.mft (raw, json)
Hash identifier: qd1K34L/V/xFxyut6hhJgL6MAouwP4XyKMFw8bHQfMM=
Subject key identifier: 4C:56:57:37:9A:37:50:07:48:C8:73:9C:5A:3D:26:81:1D:94:54:CF
Authority key identifier: EF:40:1A:52:E3:FD:E6:99:48:6E:99:67:8D:BF:48:87:53:29:C3:3D
Certificate issuer: /CN=ef401a52e3fde699486e99678dbf48875329c33d
Certificate serial: 019D2D3CD0BCF3B853C872D632FEBCA31363
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/70AaUuP95plIbplnjb9Ih1Mpwz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/70AaUuP95plIbplnjb9Ih1Mpwz0.mft
Manifest number: 0FF5
Signing time: Fri 27 Mar 2026 03:00:53 +0000
Manifest this update: Fri 27 Mar 2026 03:00:53 +0000
Manifest next update: Sat 28 Mar 2026 03:00:53 +0000
Files and hashes: 1: 1-SL9hlivQGt-mLTuChMVipJ552A.roa (hash: M4LxMEo5XBi46ojcg/gR85XlQ9Z1KIxYuUCF1vDeIuI=)
2: 70AaUuP95plIbplnjb9Ih1Mpwz0.crl (hash: cnXyuDizK72HK2aKdYseHvw5ct7RSQpK3f0TaiZ7xpI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/70AaUuP95plIbplnjb9Ih1Mpwz0.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/70AaUuP95plIbplnjb9Ih1Mpwz0.mft
rsync://rpki.ripe.net/repository/DEFAULT/70AaUuP95plIbplnjb9Ih1Mpwz0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Mar 2026 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2d:3c:d0:bc:f3:b8:53:c8:72:d6:32:fe:bc:a3:13:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef401a52e3fde699486e99678dbf48875329c33d
Validity
Not Before: Mar 27 03:00:53 2026 GMT
Not After : Mar 28 03:00:53 2026 GMT
Subject: CN=4c5657379a37500748c8739c5a3d26811d9454cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:c6:50:2e:44:7b:e7:44:ec:50:29:54:cd:56:
c3:cd:8d:c1:1e:c0:6e:15:ab:16:2d:3e:8c:1c:37:
7e:c0:9b:35:b6:4e:38:a4:c1:67:d2:bf:bc:05:2a:
67:90:af:2c:88:a9:55:90:7f:ed:0e:40:a8:ac:16:
72:bc:13:de:01:25:8d:80:77:89:f7:b2:d5:be:14:
37:3e:1e:77:b4:6e:97:76:1f:2c:54:32:39:c2:28:
28:7e:46:35:7a:1b:43:1b:5f:f3:eb:a0:2f:45:c2:
4b:2a:ca:b7:f4:2a:31:a7:f3:8f:a3:8b:48:20:b5:
fa:dc:a6:7d:13:04:b6:1e:6f:2f:19:fd:9f:a7:af:
e5:fe:46:1b:b3:61:04:e6:9d:79:50:57:12:d5:b7:
f7:4c:55:99:f5:e7:cc:95:21:f7:f2:29:59:f0:79:
11:9c:8d:6e:a9:57:8d:84:21:70:e6:4e:c1:45:f9:
34:43:ed:91:39:5a:f6:37:60:b4:e1:65:67:46:23:
85:0f:67:60:0a:b4:84:e0:01:dd:b0:0c:7c:db:3e:
d6:8e:ce:b8:86:93:25:3f:ad:79:4f:56:11:75:60:
c3:5a:ac:be:1f:7c:7f:38:f9:4b:0b:fe:2a:0c:e6:
fc:62:78:bc:f2:ce:5e:d7:40:da:02:c4:48:53:fe:
18:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:56:57:37:9A:37:50:07:48:C8:73:9C:5A:3D:26:81:1D:94:54:CF
X509v3 Authority Key Identifier:
keyid:EF:40:1A:52:E3:FD:E6:99:48:6E:99:67:8D:BF:48:87:53:29:C3:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/70AaUuP95plIbplnjb9Ih1Mpwz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/70AaUuP95plIbplnjb9Ih1Mpwz0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/70AaUuP95plIbplnjb9Ih1Mpwz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:45:a4:37:91:3d:a0:05:c0:48:1e:58:f0:88:5f:d4:0f:97:
b5:33:0d:c2:dd:a8:b3:d3:50:cc:db:60:1a:0e:4a:7c:37:72:
77:58:a3:e2:ee:2e:fc:78:7c:6f:07:40:64:c2:3c:03:7c:b6:
c5:81:46:6a:94:9e:81:86:49:16:91:e9:25:e0:6a:f3:bb:24:
82:65:1c:0b:e0:cd:13:03:8a:c7:2f:85:a5:9d:40:32:bf:33:
67:fe:a9:fb:ec:42:de:fe:c7:15:d8:fc:bd:c3:94:32:c0:18:
3b:e9:7a:2e:61:44:57:6b:70:b9:d0:70:29:85:06:78:21:ba:
17:2b:02:a2:5e:a7:2d:39:70:71:e9:36:cf:67:ab:39:99:5e:
b5:fb:e6:86:f5:99:fa:cf:16:81:fa:29:2c:3d:c7:ab:ee:8d:
a9:bd:f2:1d:6e:8c:0d:85:95:87:4a:ec:85:a6:f7:fd:54:19:
46:43:a3:bd:de:2c:28:a9:a1:36:3b:c6:89:1b:7f:51:ad:43:
58:c7:e3:f2:4e:a6:9b:dd:57:18:be:85:8d:31:82:10:9c:65:
b8:e5:97:65:38:09:58:06:96:03:a6:75:6a:af:5c:09:85:24:
a0:7e:71:da:14:4a:a3:ea:35:94:d1:54:eb:f2:c7:04:d1:0c:
7c:4a:d8:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0tPNC887hTyHLWMv68oxNjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNDAxYTUyZTNmZGU2OTk0ODZlOTk2NzhkYmY0ODg3NTMy
OWMzM2QwHhcNMjYwMzI3MDMwMDUzWhcNMjYwMzI4MDMwMDUzWjAzMTEwLwYDVQQD
Eyg0YzU2NTczNzlhMzc1MDA3NDhjODczOWM1YTNkMjY4MTFkOTQ1NGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3MZQLkR750TsUClUzVbDzY3BHsBu
FasWLT6MHDd+wJs1tk44pMFn0r+8BSpnkK8siKlVkH/tDkCorBZyvBPeASWNgHeJ
97LVvhQ3Ph53tG6Xdh8sVDI5wigofkY1ehtDG1/z66AvRcJLKsq39Coxp/OPo4tI
ILX63KZ9EwS2Hm8vGf2fp6/l/kYbs2EE5p15UFcS1bf3TFWZ9efMlSH38ilZ8HkR
nI1uqVeNhCFw5k7BRfk0Q+2ROVr2N2C04WVnRiOFD2dgCrSE4AHdsAx82z7Wjs64
hpMlP615T1YRdWDDWqy+H3x/OPlLC/4qDOb8Yni88s5e10DaAsRIU/4YZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFExWVzeaN1AHSMhznFo9JoEdlFTPMB8GA1UdIwQY
MBaAFO9AGlLj/eaZSG6ZZ42/SIdTKcM9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzBBYVV1UDk1cGxJYnBsbmpiOUloMU1wd3owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8yNTIzOGMtOGVlZS00NDAzLTkxMDQt
OWNhOTQ3YWE2NjVhLzEvNzBBYVV1UDk1cGxJYnBsbmpiOUloMU1wd3owLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8yNTIzOGMtOGVlZS00NDAzLTkxMDQtOWNhOTQ3YWE2NjVh
LzEvNzBBYVV1UDk1cGxJYnBsbmpiOUloMU1wd3owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW0WkN5E9
oAXASB5Y8Ihf1A+XtTMNwt2os9NQzNtgGg5KfDdyd1ij4u4u/Hh8bwdAZMI8A3y2
xYFGapSegYZJFpHpJeBq87skgmUcC+DNEwOKxy+FpZ1AMr8zZ/6p++xC3v7HFdj8
vcOUMsAYO+l6LmFEV2twudBwKYUGeCG6FysCol6nLTlwcek2z2erOZletfvmhvWZ
+s8WgfopLD3Hq+6Nqb3yHW6MDYWVh0rshab3/VQZRkOjvd4sKKmhNjvGiRt/Ua1D
WMfj8k6mm91XGL6FjTGCEJxluOWXZTgJWAaWA6Z1aq9cCYUkoH5x2hRKo+o1lNFU
6/LHBNEMfErY9A==
-----END CERTIFICATE-----
Generated at Fri Mar 27 08:15:16 2026 by rpki-client