Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/a408fb-5c80-4dca-8428-73669ba63f7c/1/28sc89PzzcNCb7SfCgwz3ATIaBw.mft
File: 28sc89PzzcNCb7SfCgwz3ATIaBw.mft (raw, json)
Hash identifier: 7Lh2O3fxF+Ju8+VyOj/WC3oHZsCYHmELu4OuJwvZX8o=
Subject key identifier: FA:07:25:F3:D0:7B:79:92:EA:56:12:E4:73:92:CE:C0:4A:45:0E:90
Authority key identifier: DB:CB:1C:F3:D3:F3:CD:C3:42:6F:B4:9F:0A:0C:33:DC:04:C8:68:1C
Certificate issuer: /CN=dbcb1cf3d3f3cdc3426fb49f0a0c33dc04c8681c
Certificate serial: 019D265F72BAEC74D0F35F1F5FBD47F7E29D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/28sc89PzzcNCb7SfCgwz3ATIaBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/a408fb-5c80-4dca-8428-73669ba63f7c/1/28sc89PzzcNCb7SfCgwz3ATIaBw.mft
Manifest number: 121C
Signing time: Wed 25 Mar 2026 19:01:22 +0000
Manifest this update: Wed 25 Mar 2026 19:01:22 +0000
Manifest next update: Thu 26 Mar 2026 19:01:22 +0000
Files and hashes: 1: 28sc89PzzcNCb7SfCgwz3ATIaBw.crl (hash: JMx7755glXvrvvkgjRzxwRF9GVC8xyDai9UgwU2DPb0=)
2: MZXVTiNksKGTLq9u4L9cUwgb3IA.roa (hash: 2+1QbFKQ4zkEeb7PjYF9N7gyfg92zYXucG3hxOSuoJk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/a408fb-5c80-4dca-8428-73669ba63f7c/1/28sc89PzzcNCb7SfCgwz3ATIaBw.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/a408fb-5c80-4dca-8428-73669ba63f7c/1/28sc89PzzcNCb7SfCgwz3ATIaBw.mft
rsync://rpki.ripe.net/repository/DEFAULT/28sc89PzzcNCb7SfCgwz3ATIaBw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:5f:72:ba:ec:74:d0:f3:5f:1f:5f:bd:47:f7:e2:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbcb1cf3d3f3cdc3426fb49f0a0c33dc04c8681c
Validity
Not Before: Mar 25 19:01:22 2026 GMT
Not After : Mar 26 19:01:22 2026 GMT
Subject: CN=fa0725f3d07b7992ea5612e47392cec04a450e90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:98:f9:d1:e6:6d:96:88:b2:b3:e3:28:09:e5:
a8:15:c8:43:d5:66:37:9c:ae:e0:ff:93:82:e0:23:
f5:29:b7:34:ba:92:49:3e:1c:b9:ab:64:cc:ad:d0:
79:40:f5:c9:e4:eb:10:3e:ce:07:db:d0:4c:45:f3:
6d:6e:dd:fe:6b:d1:b3:8e:01:8e:0e:46:28:23:6f:
c4:fe:a3:ba:f5:db:2d:37:8b:2b:e4:cb:39:13:99:
68:3d:c6:8d:cb:ec:d8:d6:cb:ef:87:e6:38:88:dd:
f6:c3:45:74:93:09:ca:a0:a2:86:65:0f:36:fe:bc:
5b:74:03:66:24:6c:7f:4a:f6:a8:f2:32:85:30:9c:
15:cc:d6:a8:e2:69:d6:f3:2d:ce:4e:83:f4:2c:c2:
e7:0a:41:78:5b:b8:5b:3a:d4:f1:84:8b:58:3c:3f:
40:18:a7:6f:ee:8a:ae:8b:76:76:35:a3:be:1d:1d:
c1:52:28:04:d4:8d:46:a9:db:2e:54:f5:37:aa:e8:
d9:25:73:26:74:f8:56:6e:fc:8b:10:b5:79:ba:c9:
e0:f6:02:39:3e:90:ea:76:17:ad:67:ed:2e:10:45:
7c:13:61:66:5a:05:6f:a4:ed:6d:54:32:a1:65:55:
bf:5e:a4:b6:14:4e:ce:14:87:b0:1f:56:d8:d4:a2:
a1:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:07:25:F3:D0:7B:79:92:EA:56:12:E4:73:92:CE:C0:4A:45:0E:90
X509v3 Authority Key Identifier:
keyid:DB:CB:1C:F3:D3:F3:CD:C3:42:6F:B4:9F:0A:0C:33:DC:04:C8:68:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/28sc89PzzcNCb7SfCgwz3ATIaBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a408fb-5c80-4dca-8428-73669ba63f7c/1/28sc89PzzcNCb7SfCgwz3ATIaBw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a408fb-5c80-4dca-8428-73669ba63f7c/1/28sc89PzzcNCb7SfCgwz3ATIaBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a0:9a:01:fb:b6:33:0f:ab:53:36:fa:43:eb:a3:d4:4c:62:43:
a7:b5:da:73:15:9d:9d:2b:cd:14:80:f0:d0:5b:60:86:3b:f1:
e6:4e:67:03:99:48:21:4b:ce:06:e7:18:91:41:33:60:60:d2:
a5:c3:3a:36:2a:98:6e:1b:c3:9e:cd:cb:a9:a9:d2:06:05:3f:
7e:1a:15:f9:8d:3a:d1:03:78:d7:6b:be:55:dc:ab:25:17:7d:
20:da:0e:f3:97:33:ac:b4:5e:66:41:8c:b5:6c:a6:0f:57:74:
c2:8c:11:9a:ca:c4:41:8b:38:31:34:60:d9:0f:ab:71:0a:cf:
14:65:a7:d9:99:30:1d:17:11:80:a9:e7:73:c0:de:43:c9:27:
75:1b:ad:88:bc:f3:c7:a7:09:15:12:06:1f:0b:66:25:33:1f:
9e:b0:d2:fc:c2:f8:4f:76:62:db:88:d1:96:b4:7d:b3:66:54:
ea:72:de:4d:57:6b:51:8c:b2:7c:c5:f9:8b:3e:81:0e:44:8e:
5b:f8:94:16:6f:7c:f9:91:24:58:1d:b0:90:8e:29:95:ce:a6:
38:e4:9c:83:71:53:2d:94:15:d2:d0:c5:32:1d:29:40:aa:1d:
3f:9f:17:0c:d8:1e:71:1a:fd:33:0d:53:f4:48:12:a0:6a:df:
e2:33:64:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mX3K67HTQ818fX71H9+KdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiY2IxY2YzZDNmM2NkYzM0MjZmYjQ5ZjBhMGMzM2RjMDRj
ODY4MWMwHhcNMjYwMzI1MTkwMTIyWhcNMjYwMzI2MTkwMTIyWjAzMTEwLwYDVQQD
EyhmYTA3MjVmM2QwN2I3OTkyZWE1NjEyZTQ3MzkyY2VjMDRhNDUwZTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJj50eZtloiys+MoCeWoFchD1WY3
nK7g/5OC4CP1Kbc0upJJPhy5q2TMrdB5QPXJ5OsQPs4H29BMRfNtbt3+a9GzjgGO
DkYoI2/E/qO69dstN4sr5Ms5E5loPcaNy+zY1svvh+Y4iN32w0V0kwnKoKKGZQ82
/rxbdANmJGx/Svao8jKFMJwVzNao4mnW8y3OToP0LMLnCkF4W7hbOtTxhItYPD9A
GKdv7oqui3Z2NaO+HR3BUigE1I1GqdsuVPU3qujZJXMmdPhWbvyLELV5usng9gI5
PpDqdhetZ+0uEEV8E2FmWgVvpO1tVDKhZVW/XqS2FE7OFIewH1bY1KKhxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPoHJfPQe3mS6lYS5HOSzsBKRQ6QMB8GA1UdIwQY
MBaAFNvLHPPT883DQm+0nwoMM9wEyGgcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjhzYzg5UHp6Y05DYjdTZkNnd3ozQVRJYUJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9hNDA4ZmItNWM4MC00ZGNhLTg0Mjgt
NzM2NjliYTYzZjdjLzEvMjhzYzg5UHp6Y05DYjdTZkNnd3ozQVRJYUJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9hNDA4ZmItNWM4MC00ZGNhLTg0MjgtNzM2NjliYTYzZjdj
LzEvMjhzYzg5UHp6Y05DYjdTZkNnd3ozQVRJYUJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoJoB+7Yz
D6tTNvpD66PUTGJDp7XacxWdnSvNFIDw0Ftghjvx5k5nA5lIIUvOBucYkUEzYGDS
pcM6NiqYbhvDns3LqanSBgU/fhoV+Y060QN412u+VdyrJRd9INoO85czrLReZkGM
tWymD1d0wowRmsrEQYs4MTRg2Q+rcQrPFGWn2ZkwHRcRgKnnc8DeQ8kndRutiLzz
x6cJFRIGHwtmJTMfnrDS/ML4T3Zi24jRlrR9s2ZU6nLeTVdrUYyyfMX5iz6BDkSO
W/iUFm98+ZEkWB2wkI4plc6mOOScg3FTLZQV0tDFMh0pQKodP58XDNgecRr9Mw1T
9EgSoGrf4jNkzA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:23:53 2026 by rpki-client