Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
File: r433xPeRM3MP4-aJR3enlgSly3k.mft (raw, json)
Hash identifier: hAtS9Tgp6BEI7HS/kbppltCcnBYoH5vKpbKWf9P7O1E=
Subject key identifier: 94:AC:7D:19:F1:AF:C9:77:D7:6E:5E:3E:4B:80:0A:7E:FC:2B:D8:34
Authority key identifier: AF:8D:F7:C4:F7:91:33:73:0F:E3:E6:89:47:77:A7:96:04:A5:CB:79
Certificate issuer: /CN=af8df7c4f79133730fe3e6894777a79604a5cb79
Certificate serial: 019D2B4E64C7E543DFAAD51C7EB52D43922F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
Manifest number: 1888
Signing time: Thu 26 Mar 2026 18:00:50 +0000
Manifest this update: Thu 26 Mar 2026 18:00:50 +0000
Manifest next update: Fri 27 Mar 2026 18:00:50 +0000
Files and hashes: 1: kuAD5Ak5tICpfFdRaA3UxwlGKQY.roa (hash: LrGV/66Vber5csiZnP6rnRq7f8Ux68WVAZ/WZeDwWRw=)
2: r433xPeRM3MP4-aJR3enlgSly3k.crl (hash: UBzvUOFzscXrxcBacgmmI/0hDXxhMCTMX8l52nXrOQk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2b:4e:64:c7:e5:43:df:aa:d5:1c:7e:b5:2d:43:92:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af8df7c4f79133730fe3e6894777a79604a5cb79
Validity
Not Before: Mar 26 18:00:50 2026 GMT
Not After : Mar 27 18:00:50 2026 GMT
Subject: CN=94ac7d19f1afc977d76e5e3e4b800a7efc2bd834
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:9c:9f:37:c0:91:46:30:9f:b1:05:f9:df:6f:
59:0d:e3:8a:32:13:7a:08:8c:69:86:02:c4:94:aa:
59:ca:a9:02:18:8a:58:b6:74:c3:65:01:0a:c6:bf:
4a:e6:34:47:c8:74:2e:b3:0c:48:c4:de:7a:72:fe:
cb:33:ec:ab:55:ab:47:68:d7:d5:c4:d6:f6:0a:15:
6f:77:6e:58:fc:e4:68:3d:c7:79:70:04:8a:e3:6f:
59:62:4e:33:14:de:84:37:0d:cd:42:1d:6d:73:e7:
ba:22:01:fa:94:ae:33:15:7b:4e:dd:45:60:d9:92:
c3:c0:9f:b7:d4:f0:9a:53:61:c4:0e:23:c3:d5:34:
16:23:a6:a0:cf:0a:ea:a4:f1:bd:f9:14:f4:f7:c5:
65:52:a1:2a:89:5c:b5:cf:ea:6a:b5:cf:02:da:98:
c1:80:28:f5:22:95:c4:88:58:85:a3:ca:ed:f8:76:
c4:c6:87:20:76:8a:23:f2:4b:87:9d:9d:f1:5e:88:
55:3c:de:6c:de:ca:a8:45:ad:5e:cb:c1:4d:8d:10:
30:9e:e3:3c:53:e1:66:2a:d2:13:c2:ee:3e:bf:2e:
ea:06:63:c9:ce:03:7f:44:77:fa:bd:60:eb:78:42:
cf:ff:e5:ea:02:7d:70:70:36:28:9e:38:ec:87:3c:
ca:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:AC:7D:19:F1:AF:C9:77:D7:6E:5E:3E:4B:80:0A:7E:FC:2B:D8:34
X509v3 Authority Key Identifier:
keyid:AF:8D:F7:C4:F7:91:33:73:0F:E3:E6:89:47:77:A7:96:04:A5:CB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
48:dc:e4:c2:b5:3e:5a:20:aa:05:4c:94:de:24:01:75:97:30:
2a:f9:09:91:68:11:a4:11:64:7f:b7:b2:8a:a4:6b:24:30:e4:
2b:a7:81:81:54:6e:22:79:18:29:60:16:8c:28:14:05:48:9d:
b1:05:21:41:7d:4b:19:dc:53:f0:cf:9f:b0:66:44:96:fc:7e:
0a:df:00:98:5a:3b:82:b7:0a:a9:cb:72:ec:06:6f:69:33:71:
c1:46:19:77:b1:c6:b2:a3:da:d4:90:a9:44:74:7c:93:c3:63:
05:5d:34:93:70:a9:65:c7:2e:b2:35:30:95:40:94:ae:68:41:
f3:f9:d9:de:ca:99:c9:41:1e:6d:f4:fa:5b:e2:37:95:24:00:
4c:6d:39:bf:fa:05:f8:f6:b2:a9:e4:c4:2d:e9:1f:cd:4b:7b:
82:55:dc:f9:1b:4c:e0:52:35:5a:14:55:55:88:3f:66:0b:5c:
27:a1:7d:f8:79:c3:70:79:08:df:53:e5:e1:a8:95:1f:4e:a9:
37:fa:0e:43:ec:37:53:f4:5a:98:04:70:ff:dd:2f:d8:89:c7:
35:09:4f:47:9f:d6:5a:85:5b:b2:36:8b:c0:e0:8e:53:d1:4e:
3a:fc:e1:1e:e4:b4:b4:a8:7a:4f:c3:71:3b:30:b0:a2:88:0e:
ba:c1:28:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0rTmTH5UPfqtUcfrUtQ5IvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOGRmN2M0Zjc5MTMzNzMwZmUzZTY4OTQ3NzdhNzk2MDRh
NWNiNzkwHhcNMjYwMzI2MTgwMDUwWhcNMjYwMzI3MTgwMDUwWjAzMTEwLwYDVQQD
Eyg5NGFjN2QxOWYxYWZjOTc3ZDc2ZTVlM2U0YjgwMGE3ZWZjMmJkODM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4JyfN8CRRjCfsQX5329ZDeOKMhN6
CIxphgLElKpZyqkCGIpYtnTDZQEKxr9K5jRHyHQuswxIxN56cv7LM+yrVatHaNfV
xNb2ChVvd25Y/ORoPcd5cASK429ZYk4zFN6ENw3NQh1tc+e6IgH6lK4zFXtO3UVg
2ZLDwJ+31PCaU2HEDiPD1TQWI6agzwrqpPG9+RT098VlUqEqiVy1z+pqtc8C2pjB
gCj1IpXEiFiFo8rt+HbExocgdooj8kuHnZ3xXohVPN5s3sqoRa1ey8FNjRAwnuM8
U+FmKtITwu4+vy7qBmPJzgN/RHf6vWDreELP/+XqAn1wcDYonjjshzzKwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJSsfRnxr8l3125ePkuACn78K9g0MB8GA1UdIwQY
MBaAFK+N98T3kTNzD+PmiUd3p5YEpct5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC81MGZmMDAtNzc3YS00MTFkLTkzOGIt
ZjRkNjBlY2RmMmIyLzEvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC81MGZmMDAtNzc3YS00MTFkLTkzOGItZjRkNjBlY2RmMmIy
LzEvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASNzkwrU+
WiCqBUyU3iQBdZcwKvkJkWgRpBFkf7eyiqRrJDDkK6eBgVRuInkYKWAWjCgUBUid
sQUhQX1LGdxT8M+fsGZElvx+Ct8AmFo7grcKqcty7AZvaTNxwUYZd7HGsqPa1JCp
RHR8k8NjBV00k3CpZccusjUwlUCUrmhB8/nZ3sqZyUEebfT6W+I3lSQATG05v/oF
+PayqeTELekfzUt7glXc+RtM4FI1WhRVVYg/ZgtcJ6F9+HnDcHkI31Pl4aiVH06p
N/oOQ+w3U/RamARw/90v2InHNQlPR5/WWoVbsjaLwOCOU9FOOvzhHuS0tKh6T8Nx
OzCwoogOusEotg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 21:13:44 2026 by rpki-client