Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/6c3fa1-63b5-4bdc-94be-eb7b9590e303/1/EsqtEcXYmB2YPDAehqGs8tgRqsE.mft
File: EsqtEcXYmB2YPDAehqGs8tgRqsE.mft (raw, json)
Hash identifier: BxmXc2gqhoYVrq3dfCK5rSWnVOHFlqFcvnvHEqAzl6c=
Subject key identifier: DA:68:64:07:FC:91:5D:86:71:07:52:82:FD:BC:BA:4A:77:67:2C:C0
Authority key identifier: 12:CA:AD:11:C5:D8:98:1D:98:3C:30:1E:86:A1:AC:F2:D8:11:AA:C1
Certificate issuer: /CN=12caad11c5d8981d983c301e86a1acf2d811aac1
Certificate serial: 019D33E444108519C1EEDEA4A4099C19B371
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsqtEcXYmB2YPDAehqGs8tgRqsE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/6c3fa1-63b5-4bdc-94be-eb7b9590e303/1/EsqtEcXYmB2YPDAehqGs8tgRqsE.mft
Manifest number: 1289
Signing time: Sat 28 Mar 2026 10:01:30 +0000
Manifest this update: Sat 28 Mar 2026 10:01:30 +0000
Manifest next update: Sun 29 Mar 2026 10:01:30 +0000
Files and hashes: 1: EsqtEcXYmB2YPDAehqGs8tgRqsE.crl (hash: 3ax5tUblQvdp1E4vBx1nxIaKjSdBHVqbLfGVZn+LCdo=)
2: fWvJKSqx17IpwOZP-DnMdVD05bA.roa (hash: a2shhv3zQfZlWKQCMJwiD1YrWh6DtVIVP13FjzeqLCc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/6c3fa1-63b5-4bdc-94be-eb7b9590e303/1/EsqtEcXYmB2YPDAehqGs8tgRqsE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/6c3fa1-63b5-4bdc-94be-eb7b9590e303/1/EsqtEcXYmB2YPDAehqGs8tgRqsE.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsqtEcXYmB2YPDAehqGs8tgRqsE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:33:e4:44:10:85:19:c1:ee:de:a4:a4:09:9c:19:b3:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12caad11c5d8981d983c301e86a1acf2d811aac1
Validity
Not Before: Mar 28 10:01:30 2026 GMT
Not After : Mar 29 10:01:30 2026 GMT
Subject: CN=da686407fc915d8671075282fdbcba4a77672cc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:78:82:dd:23:e5:30:4f:5a:b8:41:99:e8:16:
3e:a3:b7:ec:54:da:f9:4e:74:b3:9a:ea:a0:4d:27:
cb:98:e3:e3:40:91:f3:e4:50:ff:54:60:f5:5c:13:
a6:22:d0:44:77:e8:24:4f:dc:61:a7:74:a6:6d:4c:
91:61:38:d5:15:28:d8:16:4a:4d:30:fb:d1:a4:9b:
78:61:21:18:85:de:bc:d1:84:33:56:82:5b:e7:cf:
a2:95:0f:73:3c:b5:33:e9:41:f1:09:40:5b:ed:11:
79:6d:c4:5f:81:9c:73:ee:27:98:5e:b8:65:0b:0f:
05:ca:19:78:10:66:5a:10:ae:1d:63:20:cd:7c:6e:
da:45:d6:1a:d2:40:4e:83:80:e6:39:44:63:a6:27:
47:ab:98:65:ae:cc:f9:1f:f5:3c:02:9e:37:5c:1e:
fd:e9:c0:54:71:b5:85:87:52:90:2f:61:6d:de:a6:
c4:72:f1:2c:f6:8b:31:60:4d:de:65:70:f3:6b:eb:
99:8e:bc:57:79:df:09:fe:b9:84:12:cd:25:f7:cd:
fa:25:77:75:7d:26:85:c9:57:bf:f1:f0:ff:5c:63:
67:ad:5c:82:13:e5:4d:40:27:09:ee:68:f9:24:ed:
63:65:b6:47:e6:65:c9:d0:39:51:b7:92:82:90:59:
b8:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:68:64:07:FC:91:5D:86:71:07:52:82:FD:BC:BA:4A:77:67:2C:C0
X509v3 Authority Key Identifier:
keyid:12:CA:AD:11:C5:D8:98:1D:98:3C:30:1E:86:A1:AC:F2:D8:11:AA:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsqtEcXYmB2YPDAehqGs8tgRqsE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/6c3fa1-63b5-4bdc-94be-eb7b9590e303/1/EsqtEcXYmB2YPDAehqGs8tgRqsE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/6c3fa1-63b5-4bdc-94be-eb7b9590e303/1/EsqtEcXYmB2YPDAehqGs8tgRqsE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9b:df:04:49:eb:d2:d2:95:59:08:6c:e4:99:20:05:de:47:12:
67:13:92:1a:da:ef:4b:5c:4f:86:f1:0d:6a:6d:60:c7:18:1f:
9a:43:10:cf:45:8b:23:ed:18:e3:2f:0d:c4:b4:40:3e:0f:3b:
06:47:44:71:ff:01:e8:5b:82:97:fb:85:d0:5e:13:ac:81:9f:
1b:f9:9d:64:a8:82:68:fb:e8:41:3d:8f:c8:9b:82:55:35:ba:
6c:74:d5:41:f0:54:7a:76:35:b4:c1:c2:ae:0c:72:b1:ae:e9:
fd:48:cf:49:f8:d4:a1:d6:11:f5:99:0f:42:c9:ab:dc:96:f2:
bf:46:d4:e4:7b:da:71:cf:aa:1f:57:c2:31:e8:14:05:e5:20:
95:47:7b:f1:87:a8:94:d5:13:07:5a:43:af:27:98:f2:73:49:
cd:8e:7e:6a:e9:33:1b:77:95:37:10:3c:b9:82:73:15:5f:ca:
7f:eb:23:dd:60:3a:0f:a7:fe:2c:23:57:01:8e:d3:ea:ef:40:
6f:6d:6e:ca:76:0a:be:c3:49:e9:9f:32:e4:a8:11:21:33:82:
ae:b3:eb:90:e2:5a:eb:ac:04:4d:b7:46:30:48:87:96:5e:1f:
49:7a:6f:f4:71:6c:42:31:14:b4:21:fe:29:3d:f3:44:36:69:
1c:d4:aa:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0z5EQQhRnB7t6kpAmcGbNxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyY2FhZDExYzVkODk4MWQ5ODNjMzAxZTg2YTFhY2YyZDgx
MWFhYzEwHhcNMjYwMzI4MTAwMTMwWhcNMjYwMzI5MTAwMTMwWjAzMTEwLwYDVQQD
EyhkYTY4NjQwN2ZjOTE1ZDg2NzEwNzUyODJmZGJjYmE0YTc3NjcyY2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy3iC3SPlME9auEGZ6BY+o7fsVNr5
TnSzmuqgTSfLmOPjQJHz5FD/VGD1XBOmItBEd+gkT9xhp3SmbUyRYTjVFSjYFkpN
MPvRpJt4YSEYhd680YQzVoJb58+ilQ9zPLUz6UHxCUBb7RF5bcRfgZxz7ieYXrhl
Cw8Fyhl4EGZaEK4dYyDNfG7aRdYa0kBOg4DmOURjpidHq5hlrsz5H/U8Ap43XB79
6cBUcbWFh1KQL2Ft3qbEcvEs9osxYE3eZXDza+uZjrxXed8J/rmEEs0l9836JXd1
fSaFyVe/8fD/XGNnrVyCE+VNQCcJ7mj5JO1jZbZH5mXJ0DlRt5KCkFm4RQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNpoZAf8kV2GcQdSgv28ukp3ZyzAMB8GA1UdIwQY
MBaAFBLKrRHF2JgdmDwwHoahrPLYEarBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXNxdEVjWFltQjJZUERBZWhxR3M4dGdScXNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS82YzNmYTEtNjNiNS00YmRjLTk0YmUt
ZWI3Yjk1OTBlMzAzLzEvRXNxdEVjWFltQjJZUERBZWhxR3M4dGdScXNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS82YzNmYTEtNjNiNS00YmRjLTk0YmUtZWI3Yjk1OTBlMzAz
LzEvRXNxdEVjWFltQjJZUERBZWhxR3M4dGdScXNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm98ESevS
0pVZCGzkmSAF3kcSZxOSGtrvS1xPhvENam1gxxgfmkMQz0WLI+0Y4y8NxLRAPg87
BkdEcf8B6FuCl/uF0F4TrIGfG/mdZKiCaPvoQT2PyJuCVTW6bHTVQfBUenY1tMHC
rgxysa7p/UjPSfjUodYR9ZkPQsmr3Jbyv0bU5Hvacc+qH1fCMegUBeUglUd78Yeo
lNUTB1pDryeY8nNJzY5+aukzG3eVNxA8uYJzFV/Kf+sj3WA6D6f+LCNXAY7T6u9A
b21uynYKvsNJ6Z8y5KgRITOCrrPrkOJa66wETbdGMEiHll4fSXpv9HFsQjEUtCH+
KT3zRDZpHNSqug==
-----END CERTIFICATE-----
Generated at Sat Mar 28 12:17:38 2026 by rpki-client