Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
File: ba7zApYp3gKduYq3tOm9IhwomRw.mft (raw, json)
Hash identifier: N+waWxIe4lOqSDTpX4ovsKLZVHx34WNnM6k51YK1sMg=
Subject key identifier: 29:6C:EE:C2:7A:10:72:0A:E1:E1:0B:16:1D:FF:43:48:11:97:3B:A7
Authority key identifier: 6D:AE:F3:02:96:29:DE:02:9D:B9:8A:B7:B4:E9:BD:22:1C:28:99:1C
Certificate issuer: /CN=6daef3029629de029db98ab7b4e9bd221c28991c
Certificate serial: 019D27041FCACC592ADBD08F8888320458DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
Manifest number: 0E6F
Signing time: Wed 25 Mar 2026 22:01:14 +0000
Manifest this update: Wed 25 Mar 2026 22:01:14 +0000
Manifest next update: Thu 26 Mar 2026 22:01:14 +0000
Files and hashes: 1: ba7zApYp3gKduYq3tOm9IhwomRw.crl (hash: KRlxvTUoSyzUV1lKhLxPsfFvTLBgfco67kXPf/ACPfo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:04:1f:ca:cc:59:2a:db:d0:8f:88:88:32:04:58:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6daef3029629de029db98ab7b4e9bd221c28991c
Validity
Not Before: Mar 25 22:01:14 2026 GMT
Not After : Mar 26 22:01:14 2026 GMT
Subject: CN=296ceec27a10720ae1e10b161dff434811973ba7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f9:bd:bd:c5:47:15:be:e8:f6:bc:80:ee:a1:
44:0f:2b:77:3f:d8:56:6c:ff:91:c2:1c:a2:88:6f:
a7:8a:6d:24:5a:75:f9:8a:e8:7f:4c:0d:f1:b3:5a:
b0:ab:a1:94:8a:27:06:66:03:91:c2:cd:b0:44:34:
7e:23:8c:b9:48:9e:72:61:7a:26:fd:17:9c:72:cd:
a0:86:98:69:be:83:24:bc:59:c0:ba:b5:2c:a5:f7:
d9:d1:50:d5:98:b5:2e:7b:f8:04:04:13:15:75:8f:
b4:bc:7b:87:fd:0e:a3:d9:fe:f6:e8:c1:3e:33:6e:
f6:61:8e:27:a0:0d:db:1f:1a:32:3f:15:a5:8f:3a:
52:d1:87:d1:fd:ec:c5:67:75:a5:73:45:e0:8d:d6:
de:28:80:a4:e1:42:ec:40:a6:a1:b8:d5:e2:25:82:
c9:80:0b:35:8c:62:4e:a3:38:9c:b9:8a:ce:49:ba:
a6:34:01:3c:e5:d5:6f:54:64:19:d7:c1:1c:3c:bb:
ae:7f:57:5a:f3:c6:fa:ae:56:5e:c7:2e:ea:81:e0:
f2:15:b2:f3:ca:57:47:a6:1b:d1:ab:ab:92:6c:f1:
58:1e:4f:3f:54:71:a7:87:a9:ba:5d:aa:81:9b:e2:
ef:fe:50:30:9e:7d:05:7f:6a:fc:ee:fb:38:bf:3d:
6b:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:6C:EE:C2:7A:10:72:0A:E1:E1:0B:16:1D:FF:43:48:11:97:3B:A7
X509v3 Authority Key Identifier:
keyid:6D:AE:F3:02:96:29:DE:02:9D:B9:8A:B7:B4:E9:BD:22:1C:28:99:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
79:53:7a:df:7d:ac:5a:24:2b:07:ec:0e:20:ab:cf:b6:a6:ee:
08:bf:30:79:3d:2e:14:e5:cf:44:ce:6d:fa:f2:41:26:2e:f6:
9c:eb:0d:f2:d2:f4:77:91:6f:26:91:7e:8d:12:05:e8:82:07:
fe:b2:fb:90:d7:f1:c9:a5:25:65:e8:7c:8e:0d:04:0e:de:d1:
98:c8:c5:ae:9d:4d:00:94:50:40:53:cc:08:ec:07:85:c0:e0:
31:d0:c4:de:06:65:86:77:0a:6f:db:bd:4c:15:05:49:c6:3e:
3a:f4:ac:0f:06:ee:9f:90:86:67:13:f1:0d:c8:09:8d:39:3a:
85:4c:a3:fe:77:01:bd:4d:b0:6b:c3:1a:5b:86:0e:a3:ad:d7:
3b:79:78:62:4c:04:8d:89:3f:ca:19:3c:b5:7b:af:e7:fa:af:
bd:26:62:4b:cf:dc:97:a9:9d:e2:bd:56:fc:4b:42:6f:4c:97:
9f:60:62:2d:67:fe:cd:33:fa:17:fa:40:18:51:9a:5b:e1:0a:
a2:9b:1a:83:16:14:0a:ed:6e:47:c5:85:c4:fa:03:8f:ea:9c:
78:9e:9c:f9:90:78:61:80:e9:fc:0d:2e:be:fe:83:06:05:c2:
a3:52:99:d2:26:14:62:23:74:cd:21:44:77:19:8c:83:ba:eb:
b4:fd:4b:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBB/KzFkq29CPiIgyBFjdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkYWVmMzAyOTYyOWRlMDI5ZGI5OGFiN2I0ZTliZDIyMWMy
ODk5MWMwHhcNMjYwMzI1MjIwMTE0WhcNMjYwMzI2MjIwMTE0WjAzMTEwLwYDVQQD
EygyOTZjZWVjMjdhMTA3MjBhZTFlMTBiMTYxZGZmNDM0ODExOTczYmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvm9vcVHFb7o9ryA7qFEDyt3P9hW
bP+RwhyiiG+nim0kWnX5iuh/TA3xs1qwq6GUiicGZgORws2wRDR+I4y5SJ5yYXom
/Reccs2ghphpvoMkvFnAurUspffZ0VDVmLUue/gEBBMVdY+0vHuH/Q6j2f726ME+
M272YY4noA3bHxoyPxWljzpS0YfR/ezFZ3Wlc0XgjdbeKICk4ULsQKahuNXiJYLJ
gAs1jGJOozicuYrOSbqmNAE85dVvVGQZ18EcPLuuf1da88b6rlZexy7qgeDyFbLz
yldHphvRq6uSbPFYHk8/VHGnh6m6XaqBm+Lv/lAwnn0Ff2r87vs4vz1rjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCls7sJ6EHIK4eELFh3/Q0gRlzunMB8GA1UdIwQY
MBaAFG2u8wKWKd4CnbmKt7TpvSIcKJkcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iNzM0MTEtY2Y0ZS00OTk5LTlmNDIt
Y2RlNDA0ODA1YjEwLzEvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iNzM0MTEtY2Y0ZS00OTk5LTlmNDItY2RlNDA0ODA1YjEw
LzEvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeVN6332s
WiQrB+wOIKvPtqbuCL8weT0uFOXPRM5t+vJBJi72nOsN8tL0d5FvJpF+jRIF6IIH
/rL7kNfxyaUlZeh8jg0EDt7RmMjFrp1NAJRQQFPMCOwHhcDgMdDE3gZlhncKb9u9
TBUFScY+OvSsDwbun5CGZxPxDcgJjTk6hUyj/ncBvU2wa8MaW4YOo63XO3l4YkwE
jYk/yhk8tXuv5/qvvSZiS8/cl6md4r1W/EtCb0yXn2BiLWf+zTP6F/pAGFGaW+EK
opsagxYUCu1uR8WFxPoDj+qceJ6c+ZB4YYDp/A0uvv6DBgXCo1KZ0iYUYiN0zSFE
dxmMg7rrtP1LNg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:10:37 2026 by rpki-client