Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.mft
File: aU0ylbrOkvvFQHllxly2WWm60Cg.mft (raw, json)
Hash identifier: bvGbfzKi2xBD65Bje7k/vRuj+tyjft3tcJWl0DpZoyc=
Subject key identifier: 29:95:C8:8B:59:1F:D6:94:65:3B:83:0A:20:D8:1F:40:32:18:92:A3
Authority key identifier: 69:4D:32:95:BA:CE:92:FB:C5:40:79:65:C6:5C:B6:59:69:BA:D0:28
Certificate issuer: /CN=694d3295bace92fbc5407965c65cb65969bad028
Certificate serial: 019D273AA3A90C8D885FA764FE86885391CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aU0ylbrOkvvFQHllxly2WWm60Cg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.mft
Manifest number: 0384
Signing time: Wed 25 Mar 2026 23:00:47 +0000
Manifest this update: Wed 25 Mar 2026 23:00:47 +0000
Manifest next update: Thu 26 Mar 2026 23:00:47 +0000
Files and hashes: 1: aU0ylbrOkvvFQHllxly2WWm60Cg.crl (hash: oLv/XDhDCfOa7wjOcYIlL9keCkCVBkE3tK+W6yiwJTs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.mft
rsync://rpki.ripe.net/repository/DEFAULT/aU0ylbrOkvvFQHllxly2WWm60Cg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:3a:a3:a9:0c:8d:88:5f:a7:64:fe:86:88:53:91:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=694d3295bace92fbc5407965c65cb65969bad028
Validity
Not Before: Mar 25 23:00:47 2026 GMT
Not After : Mar 26 23:00:47 2026 GMT
Subject: CN=2995c88b591fd694653b830a20d81f40321892a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ed:c5:b2:9a:09:01:45:0b:67:67:9a:72:89:
ea:d7:d8:2b:2b:fd:4a:8e:d3:8a:fe:c5:81:7e:37:
e5:a0:3d:e5:2b:6a:73:82:a4:c4:3e:03:b6:a6:32:
ab:4f:d7:7c:35:18:b6:74:eb:cc:1e:12:d0:1f:1f:
c6:90:25:8a:d7:7a:4a:fa:22:2f:30:02:f0:36:cb:
59:ba:26:c9:31:45:6a:78:8e:1d:81:3e:9a:e4:c1:
b6:b2:f0:72:7e:88:f3:f2:87:f0:4d:bf:ff:1a:bc:
b1:b5:e6:90:37:f6:40:75:76:52:44:a1:84:40:81:
9a:a6:c5:45:89:84:38:40:e7:9b:ba:03:fb:58:d8:
a5:72:bb:c2:01:8e:d8:6c:0c:62:18:38:a0:e1:fe:
a0:2a:b2:99:c2:c1:f9:60:aa:31:b0:69:43:8c:73:
3f:b3:c0:2c:66:8a:fe:ed:a6:1a:32:48:ed:6b:c1:
82:e7:fb:5c:cb:e8:17:93:7f:ce:6b:9c:4c:5c:48:
b4:33:86:75:36:f7:22:d0:b1:af:5b:2a:8f:a9:96:
90:1b:7c:97:d5:eb:b1:ea:4d:7c:9d:6a:10:89:2f:
a4:57:79:4b:93:31:f1:12:52:33:0e:83:1c:1e:d1:
a7:6e:be:8b:78:02:36:37:01:12:eb:49:d8:af:2c:
a0:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:95:C8:8B:59:1F:D6:94:65:3B:83:0A:20:D8:1F:40:32:18:92:A3
X509v3 Authority Key Identifier:
keyid:69:4D:32:95:BA:CE:92:FB:C5:40:79:65:C6:5C:B6:59:69:BA:D0:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aU0ylbrOkvvFQHllxly2WWm60Cg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
70:b9:38:bc:5d:6c:8d:7b:80:ef:36:4c:6a:26:e7:a3:9a:c3:
f1:64:16:b7:37:73:55:6e:65:a7:6f:d7:b5:2a:44:02:b8:fd:
a3:cc:a8:64:7f:6d:8e:d9:2e:87:f6:64:4a:27:3b:44:87:2e:
a3:74:11:df:50:4b:31:9c:d8:22:e9:bc:52:fd:ba:53:4f:67:
5d:d8:6d:8e:d1:46:db:47:02:23:56:8c:24:ad:0d:b2:9f:e7:
79:a7:8a:60:84:d7:9f:45:05:c3:4b:84:26:21:17:4a:28:ab:
79:6c:ab:dc:77:60:a4:56:f2:bf:ba:fd:8d:6f:6d:87:46:f8:
47:e2:db:53:5b:01:c1:9f:39:13:8a:e0:49:49:8f:b7:e7:b7:
81:9a:a1:13:37:81:da:aa:69:25:35:8b:a4:33:00:19:14:6f:
5a:f4:89:cb:7d:90:b9:1a:df:e3:bb:f4:ba:63:b1:c1:fa:c4:
a7:e7:f4:4d:e5:b2:b3:17:67:ad:96:87:18:9b:8b:9b:bf:3b:
09:da:de:60:df:33:3c:26:08:9b:ce:cb:4d:32:ab:6a:03:90:
20:bd:c5:c0:88:f4:40:6e:3a:d9:94:47:fc:b5:56:69:75:f4:
10:d1:8e:8e:54:f5:b2:f9:7d:ad:91:de:73:04:10:54:a9:a7:
b6:b4:79:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nOqOpDI2IX6dk/oaIU5HLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NGQzMjk1YmFjZTkyZmJjNTQwNzk2NWM2NWNiNjU5Njli
YWQwMjgwHhcNMjYwMzI1MjMwMDQ3WhcNMjYwMzI2MjMwMDQ3WjAzMTEwLwYDVQQD
EygyOTk1Yzg4YjU5MWZkNjk0NjUzYjgzMGEyMGQ4MWY0MDMyMTg5MmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoO3FspoJAUULZ2eaconq19grK/1K
jtOK/sWBfjfloD3lK2pzgqTEPgO2pjKrT9d8NRi2dOvMHhLQHx/GkCWK13pK+iIv
MALwNstZuibJMUVqeI4dgT6a5MG2svByfojz8ofwTb//GryxteaQN/ZAdXZSRKGE
QIGapsVFiYQ4QOebugP7WNilcrvCAY7YbAxiGDig4f6gKrKZwsH5YKoxsGlDjHM/
s8AsZor+7aYaMkjta8GC5/tcy+gXk3/Oa5xMXEi0M4Z1Nvci0LGvWyqPqZaQG3yX
1eux6k18nWoQiS+kV3lLkzHxElIzDoMcHtGnbr6LeAI2NwES60nYryygcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCmVyItZH9aUZTuDCiDYH0AyGJKjMB8GA1UdIwQY
MBaAFGlNMpW6zpL7xUB5ZcZctllputAoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVUweWxick9rdnZGUUhsbHhseTJXV202MENnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8wYWQ0NjgtZGFlYS00YjA0LWE0MDgt
MjdlOTZiOTA0N2E4LzEvYVUweWxick9rdnZGUUhsbHhseTJXV202MENnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8wYWQ0NjgtZGFlYS00YjA0LWE0MDgtMjdlOTZiOTA0N2E4
LzEvYVUweWxick9rdnZGUUhsbHhseTJXV202MENnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcLk4vF1s
jXuA7zZMaibno5rD8WQWtzdzVW5lp2/XtSpEArj9o8yoZH9tjtkuh/ZkSic7RIcu
o3QR31BLMZzYIum8Uv26U09nXdhtjtFG20cCI1aMJK0Nsp/neaeKYITXn0UFw0uE
JiEXSiireWyr3HdgpFbyv7r9jW9th0b4R+LbU1sBwZ85E4rgSUmPt+e3gZqhEzeB
2qppJTWLpDMAGRRvWvSJy32QuRrf47v0umOxwfrEp+f0TeWysxdnrZaHGJuLm787
CdreYN8zPCYIm87LTTKragOQIL3FwIj0QG462ZRH/LVWaXX0ENGOjlT1svl9rZHe
cwQQVKmntrR52A==
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:04:34 2026 by rpki-client