Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.mft
File: Ma-3caS5EQsRSqgHr7cIaxplN54.mft (raw, json)
Hash identifier: hlyRb6hLKOak2aXuOxyj5oVmjbZtkbcKJ6g5zg5xEkw=
Subject key identifier: 4E:ED:DC:0C:64:B3:13:BD:CD:FB:19:98:E1:14:B2:74:15:D3:DE:78
Authority key identifier: 31:AF:B7:71:A4:B9:11:0B:11:4A:A8:07:AF:B7:08:6B:1A:65:37:9E
Certificate issuer: /CN=31afb771a4b9110b114aa807afb7086b1a65379e
Certificate serial: 019D329A42E957AA70A53BD268F67202B199
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ma-3caS5EQsRSqgHr7cIaxplN54.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.mft
Manifest number: 0648
Signing time: Sat 28 Mar 2026 04:01:03 +0000
Manifest this update: Sat 28 Mar 2026 04:01:03 +0000
Manifest next update: Sun 29 Mar 2026 04:01:03 +0000
Files and hashes: 1: Ma-3caS5EQsRSqgHr7cIaxplN54.crl (hash: I4+uf7BETmnEANU0N4V5kQGPeKxBFN5yAevBrmQyYss=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ma-3caS5EQsRSqgHr7cIaxplN54.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:32:9a:42:e9:57:aa:70:a5:3b:d2:68:f6:72:02:b1:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31afb771a4b9110b114aa807afb7086b1a65379e
Validity
Not Before: Mar 28 04:01:03 2026 GMT
Not After : Mar 29 04:01:03 2026 GMT
Subject: CN=4eeddc0c64b313bdcdfb1998e114b27415d3de78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:e6:4e:1a:2d:d8:e2:28:bb:a9:7a:63:bd:72:
82:19:d8:91:0b:bc:16:b7:fe:30:93:80:cf:06:2f:
78:69:62:47:fd:b9:90:a6:da:36:ea:2a:a1:1b:83:
32:f2:62:db:00:27:a8:10:94:a8:1e:97:b1:92:fe:
b1:5c:e8:48:a3:ce:bc:a8:0f:07:88:e2:82:de:a9:
d1:b7:84:3b:41:01:63:ce:bd:13:bf:07:37:3e:08:
6b:41:5e:38:89:fd:e8:f4:f0:f9:c3:6c:41:7b:7a:
f3:39:af:68:dc:ae:1e:e2:2e:48:d5:c6:e7:e8:03:
4f:9b:b7:f8:ba:70:08:0e:92:5b:43:7a:3a:b3:65:
46:90:d8:3c:c4:fc:c6:01:22:54:8b:8d:62:c6:69:
03:95:4c:c2:81:86:67:a6:67:b2:e2:f7:14:89:6a:
35:4d:9e:d4:99:84:7e:89:60:cd:7f:05:9e:e1:61:
6c:b1:92:47:58:fd:f7:42:6b:a5:c5:d8:f7:71:78:
3c:a2:9b:e9:b4:26:a7:9e:ae:81:3b:2f:b1:d2:e9:
42:af:5c:f6:64:04:8d:4d:8c:88:76:cb:30:ef:e9:
80:f1:02:11:63:70:73:3c:6b:71:4b:06:1a:32:6a:
de:21:9e:01:59:96:66:12:83:71:72:ff:4d:34:29:
c5:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:ED:DC:0C:64:B3:13:BD:CD:FB:19:98:E1:14:B2:74:15:D3:DE:78
X509v3 Authority Key Identifier:
keyid:31:AF:B7:71:A4:B9:11:0B:11:4A:A8:07:AF:B7:08:6B:1A:65:37:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ma-3caS5EQsRSqgHr7cIaxplN54.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5e:d8:b7:c2:8a:c2:94:0c:97:39:4b:74:e1:b9:d1:63:3c:d7:
0c:89:c8:5a:0b:9e:e0:40:75:9a:a8:9e:58:18:77:d3:19:df:
5b:ef:30:76:60:3d:4e:a4:c6:0a:e1:57:16:e5:8c:b5:db:62:
8b:69:56:59:f7:52:e0:f5:1b:73:61:0c:ed:d0:83:07:d3:fc:
f3:fb:f4:0a:77:7c:fb:b4:b7:63:18:d6:c7:84:4e:23:c9:15:
29:37:c2:9a:4c:1c:0c:bb:4b:f3:a5:03:88:5b:9d:b5:c8:6c:
59:a3:c0:ef:03:80:4b:5e:c2:e8:d8:ca:ff:bf:2c:46:ca:1c:
27:b2:6c:7b:6f:6a:d2:b6:0e:18:a5:91:fb:ab:a8:2d:d0:a3:
ba:32:75:95:d1:fb:4c:f9:28:f5:fd:54:11:0b:82:33:c2:f4:
fa:f5:f0:23:95:60:ea:ca:fd:0a:41:35:54:01:80:b0:68:92:
55:1f:33:8b:9c:b6:83:ef:a5:fa:70:17:fc:c4:1c:1d:af:d2:
c0:1b:9a:36:79:ff:df:d7:13:8c:cf:18:29:61:96:9e:72:ce:
a8:2b:43:f3:34:09:16:7e:12:d6:65:6a:6e:0b:91:5b:50:18:
49:62:e1:8b:84:47:c2:6f:54:df:ef:ca:27:4e:90:04:54:4d:
41:eb:f6:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ymkLpV6pwpTvSaPZyArGZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYWZiNzcxYTRiOTExMGIxMTRhYTgwN2FmYjcwODZiMWE2
NTM3OWUwHhcNMjYwMzI4MDQwMTAzWhcNMjYwMzI5MDQwMTAzWjAzMTEwLwYDVQQD
Eyg0ZWVkZGMwYzY0YjMxM2JkY2RmYjE5OThlMTE0YjI3NDE1ZDNkZTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8eZOGi3Y4ii7qXpjvXKCGdiRC7wW
t/4wk4DPBi94aWJH/bmQpto26iqhG4My8mLbACeoEJSoHpexkv6xXOhIo868qA8H
iOKC3qnRt4Q7QQFjzr0Tvwc3PghrQV44if3o9PD5w2xBe3rzOa9o3K4e4i5I1cbn
6ANPm7f4unAIDpJbQ3o6s2VGkNg8xPzGASJUi41ixmkDlUzCgYZnpmey4vcUiWo1
TZ7UmYR+iWDNfwWe4WFssZJHWP33Qmulxdj3cXg8opvptCannq6BOy+x0ulCr1z2
ZASNTYyIdssw7+mA8QIRY3BzPGtxSwYaMmreIZ4BWZZmEoNxcv9NNCnFuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE7t3AxksxO9zfsZmOEUsnQV0954MB8GA1UdIwQY
MBaAFDGvt3GkuRELEUqoB6+3CGsaZTeeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWEtM2NhUzVFUXNSU3FnSHI3Y0lheHBsTjU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xM2Q0OGEtZDBlZS00ZDU1LWEzM2It
YjBlYjRjMDZhMWU3LzEvTWEtM2NhUzVFUXNSU3FnSHI3Y0lheHBsTjU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xM2Q0OGEtZDBlZS00ZDU1LWEzM2ItYjBlYjRjMDZhMWU3
LzEvTWEtM2NhUzVFUXNSU3FnSHI3Y0lheHBsTjU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXti3worC
lAyXOUt04bnRYzzXDInIWgue4EB1mqieWBh30xnfW+8wdmA9TqTGCuFXFuWMtdti
i2lWWfdS4PUbc2EM7dCDB9P88/v0Cnd8+7S3YxjWx4ROI8kVKTfCmkwcDLtL86UD
iFudtchsWaPA7wOAS17C6NjK/78sRsocJ7Jse29q0rYOGKWR+6uoLdCjujJ1ldH7
TPko9f1UEQuCM8L0+vXwI5Vg6sr9CkE1VAGAsGiSVR8zi5y2g++l+nAX/MQcHa/S
wBuaNnn/39cTjM8YKWGWnnLOqCtD8zQJFn4S1mVqbguRW1AYSWLhi4RHwm9U3+/K
J06QBFRNQev2jQ==
-----END CERTIFICATE-----
Generated at Sat Mar 28 11:47:27 2026 by rpki-client