Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/BaQevhJyohyuDqGzXcCD-taKXX0.mft
File: BaQevhJyohyuDqGzXcCD-taKXX0.mft (raw, json)
Hash identifier: feNQBrz/bglsVc2YYLuYXMvAQGPsJx9Qt7Ed5AFaXtE=
Subject key identifier: AF:0A:91:00:69:64:57:F2:53:4F:5E:C1:29:0E:5A:D6:58:81:C8:D1
Authority key identifier: 05:A4:1E:BE:12:72:A2:1C:AE:0E:A1:B3:5D:C0:83:FA:D6:8A:5D:7D
Certificate issuer: /CN=05a41ebe1272a21cae0ea1b35dc083fad68a5d7d
Certificate serial: 019D28BB8FD11FF967B2CA0A2B259D0DED53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BaQevhJyohyuDqGzXcCD-taKXX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/BaQevhJyohyuDqGzXcCD-taKXX0.mft
Manifest number: 1884
Signing time: Thu 26 Mar 2026 06:01:13 +0000
Manifest this update: Thu 26 Mar 2026 06:01:13 +0000
Manifest next update: Fri 27 Mar 2026 06:01:13 +0000
Files and hashes: 1: 8Cyiu9TGgmUOUznTzwuimvpBz-0.roa (hash: fxDhOvakeaBpONzylzbpa6MC2T2cHPWJh3ryLVED65Q=)
2: BaQevhJyohyuDqGzXcCD-taKXX0.crl (hash: g49cSKRkA6FgiDvxybscAlCg4SSAsoTeEmX9lIELrww=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/BaQevhJyohyuDqGzXcCD-taKXX0.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/BaQevhJyohyuDqGzXcCD-taKXX0.mft
rsync://rpki.ripe.net/repository/DEFAULT/BaQevhJyohyuDqGzXcCD-taKXX0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 06:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:bb:8f:d1:1f:f9:67:b2:ca:0a:2b:25:9d:0d:ed:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05a41ebe1272a21cae0ea1b35dc083fad68a5d7d
Validity
Not Before: Mar 26 06:01:13 2026 GMT
Not After : Mar 27 06:01:13 2026 GMT
Subject: CN=af0a9100696457f2534f5ec1290e5ad65881c8d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:dc:87:a6:fe:a8:0d:ee:7c:16:d1:f2:75:07:
89:92:61:aa:d8:4a:0f:96:56:9b:ed:03:61:d7:f2:
da:c4:97:0c:27:04:ad:42:aa:5c:62:86:3a:ab:fe:
6e:13:d8:7e:24:ed:75:8a:6a:4e:11:d9:ae:02:b5:
93:02:fe:79:41:bd:89:3c:a5:d9:f7:05:81:21:b3:
bc:78:6c:bf:a3:b8:79:94:dd:a7:a5:ac:77:77:51:
3f:be:e8:73:23:91:06:fa:54:0c:b7:d1:b7:31:5c:
07:38:9a:c1:d7:90:3e:f1:27:ac:6f:89:81:e3:47:
03:c2:32:80:5f:2b:8e:30:41:8a:5c:e0:e1:8c:b8:
46:88:d8:c7:a8:83:aa:e4:20:c7:3d:0f:83:df:49:
bb:4b:00:1b:41:54:aa:2b:d9:ce:09:f3:eb:f4:f4:
96:9e:05:cc:d4:60:d6:2e:e0:c6:64:5a:a2:99:f5:
b5:5e:79:57:f4:8f:27:f0:cb:86:65:b9:4b:da:99:
44:a7:69:a7:08:63:3b:1d:28:3f:84:67:8b:92:84:
fd:11:58:64:d4:a4:b3:00:bf:02:15:85:68:5e:83:
03:81:70:81:cc:75:f5:1d:7d:39:68:da:60:a9:78:
5a:f6:53:0b:1b:12:73:ad:7a:97:d0:df:6d:70:5e:
09:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:0A:91:00:69:64:57:F2:53:4F:5E:C1:29:0E:5A:D6:58:81:C8:D1
X509v3 Authority Key Identifier:
keyid:05:A4:1E:BE:12:72:A2:1C:AE:0E:A1:B3:5D:C0:83:FA:D6:8A:5D:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BaQevhJyohyuDqGzXcCD-taKXX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/BaQevhJyohyuDqGzXcCD-taKXX0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/BaQevhJyohyuDqGzXcCD-taKXX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8a:04:20:d4:f2:60:6c:d7:c0:e4:e3:4e:ce:f8:42:ff:1b:bc:
f8:ee:29:f0:b1:82:da:62:06:74:9a:0e:93:6f:be:30:39:fb:
bd:10:c3:72:46:e3:30:4c:19:ad:88:0e:35:e0:14:6c:0c:e4:
ef:a0:79:21:86:9d:a3:12:b5:5e:85:a7:4b:db:86:de:5c:d5:
52:55:32:96:9c:34:e8:ad:df:be:e0:2f:84:0f:d2:3d:55:1a:
21:bc:5b:b3:71:52:fa:4e:29:3e:5b:15:65:45:29:07:fe:48:
3a:c4:f8:85:bf:a9:e0:cf:06:1e:a2:ae:3e:3d:c1:12:29:12:
be:b1:ec:fb:58:82:a4:6e:31:de:56:eb:a2:93:25:59:b2:d0:
5e:37:ed:4f:53:2b:52:23:e7:a8:66:09:50:ee:fe:59:ad:e4:
21:1c:5c:b7:78:6d:b0:9e:0f:3c:3f:61:fe:1c:af:1d:14:2e:
83:36:df:6f:ab:1a:15:3e:94:4b:fe:e8:33:6a:96:02:4a:90:
f6:92:4f:9c:6c:eb:c6:d0:fb:c5:0b:97:c4:0d:13:a4:e9:da:
5c:f3:fd:d8:d3:d8:19:fd:77:97:22:47:bb:ba:a7:0c:67:2c:
5f:81:19:6b:85:5b:e9:24:2c:1a:eb:5b:2b:6e:87:39:48:1c:
e9:a7:6e:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ou4/RH/lnssoKKyWdDe1TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YTQxZWJlMTI3MmEyMWNhZTBlYTFiMzVkYzA4M2ZhZDY4
YTVkN2QwHhcNMjYwMzI2MDYwMTEzWhcNMjYwMzI3MDYwMTEzWjAzMTEwLwYDVQQD
EyhhZjBhOTEwMDY5NjQ1N2YyNTM0ZjVlYzEyOTBlNWFkNjU4ODFjOGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdyHpv6oDe58FtHydQeJkmGq2EoP
llab7QNh1/LaxJcMJwStQqpcYoY6q/5uE9h+JO11impOEdmuArWTAv55Qb2JPKXZ
9wWBIbO8eGy/o7h5lN2npax3d1E/vuhzI5EG+lQMt9G3MVwHOJrB15A+8Sesb4mB
40cDwjKAXyuOMEGKXODhjLhGiNjHqIOq5CDHPQ+D30m7SwAbQVSqK9nOCfPr9PSW
ngXM1GDWLuDGZFqimfW1XnlX9I8n8MuGZblL2plEp2mnCGM7HSg/hGeLkoT9EVhk
1KSzAL8CFYVoXoMDgXCBzHX1HX05aNpgqXha9lMLGxJzrXqX0N9tcF4JOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK8KkQBpZFfyU09ewSkOWtZYgcjRMB8GA1UdIwQY
MBaAFAWkHr4ScqIcrg6hs13Ag/rWil19MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmFRZXZoSnlvaHl1RHFHelhjQ0QtdGFLWFgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi85NTYwMmUtOWViMy00MThiLWJjMDAt
MTY3ODMxNjEzMTQ1LzEvQmFRZXZoSnlvaHl1RHFHelhjQ0QtdGFLWFgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi85NTYwMmUtOWViMy00MThiLWJjMDAtMTY3ODMxNjEzMTQ1
LzEvQmFRZXZoSnlvaHl1RHFHelhjQ0QtdGFLWFgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAigQg1PJg
bNfA5ONOzvhC/xu8+O4p8LGC2mIGdJoOk2++MDn7vRDDckbjMEwZrYgONeAUbAzk
76B5IYadoxK1XoWnS9uG3lzVUlUylpw06K3fvuAvhA/SPVUaIbxbs3FS+k4pPlsV
ZUUpB/5IOsT4hb+p4M8GHqKuPj3BEikSvrHs+1iCpG4x3lbropMlWbLQXjftT1Mr
UiPnqGYJUO7+Wa3kIRxct3htsJ4PPD9h/hyvHRQugzbfb6saFT6US/7oM2qWAkqQ
9pJPnGzrxtD7xQuXxA0TpOnaXPP92NPYGf13lyJHu7qnDGcsX4EZa4Vb6SQsGutb
K26HOUgc6adufg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:29:34 2026 by rpki-client