Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft
File: ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft (raw, json)
Hash identifier: lD1yQ0J1S31H02Zn5gwbFEZgB4vsn1ghp6MnKfWzc7A=
Subject key identifier: C0:4A:6C:A6:0E:6A:E8:50:D7:13:9C:B8:83:84:36:E3:10:CF:D6:3E
Authority key identifier: B9:F1:D5:B0:6F:57:01:55:5F:F5:88:81:54:DD:14:1B:48:89:61:17
Certificate issuer: /CN=b9f1d5b06f5701555ff5888154dd141b48896117
Certificate serial: 019D2704D58CF6B028B332E1AA2FCE118526
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft
Manifest number: 189D
Signing time: Wed 25 Mar 2026 22:02:01 +0000
Manifest this update: Wed 25 Mar 2026 22:02:01 +0000
Manifest next update: Thu 26 Mar 2026 22:02:01 +0000
Files and hashes: 1: ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl (hash: LX9T3YM8pFfVLzKnEFJWVHWpX8ZgkO7u7ab+sGDOQuE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:02:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:04:d5:8c:f6:b0:28:b3:32:e1:aa:2f:ce:11:85:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9f1d5b06f5701555ff5888154dd141b48896117
Validity
Not Before: Mar 25 22:02:01 2026 GMT
Not After : Mar 26 22:02:01 2026 GMT
Subject: CN=c04a6ca60e6ae850d7139cb8838436e310cfd63e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3b:5e:45:e6:18:09:8a:14:c0:f0:de:44:13:
20:09:fb:dc:e1:48:07:38:e7:a9:72:ee:fe:47:d4:
89:a0:99:cb:2a:2c:c2:e2:8c:d8:9f:10:83:e5:b8:
f4:8e:ef:12:fc:10:ff:d1:18:37:84:04:49:cc:59:
02:66:66:7e:eb:78:75:78:54:2c:a7:fd:a6:14:84:
f5:c7:24:54:ea:11:0e:0c:fd:49:43:e5:b5:cb:56:
1e:c2:aa:d8:aa:3d:1b:c9:ed:df:23:c4:38:d5:9f:
f9:83:3f:7d:78:64:5c:12:94:87:ac:72:c0:16:87:
15:5f:b7:ba:38:24:2d:c8:e7:0a:d6:b7:3e:a0:38:
0c:7b:fe:49:4d:23:6f:00:76:38:a0:ec:b8:e5:eb:
22:82:67:e9:61:49:55:b2:5b:2f:42:51:db:1c:1e:
97:ae:00:71:58:72:8c:05:0e:ee:77:63:54:93:99:
08:60:f4:e8:80:f5:2f:56:e7:a6:57:b5:dc:01:e4:
37:3f:c7:c7:e8:37:f8:86:bb:a2:fb:5c:13:ed:e7:
f9:1c:11:ff:d4:43:22:c5:3f:1d:db:3d:b5:cf:e8:
7b:6e:8e:00:16:b5:91:64:86:2a:59:4c:4b:9c:99:
0b:06:f3:68:64:19:33:d4:1b:aa:d7:1a:31:27:ef:
1a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:4A:6C:A6:0E:6A:E8:50:D7:13:9C:B8:83:84:36:E3:10:CF:D6:3E
X509v3 Authority Key Identifier:
keyid:B9:F1:D5:B0:6F:57:01:55:5F:F5:88:81:54:DD:14:1B:48:89:61:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6b:a9:63:0f:4a:b5:da:ed:94:b5:ea:ce:1d:a0:b5:0c:f0:17:
02:97:8b:43:e0:8f:b5:32:6c:24:8f:25:b6:eb:d6:eb:bd:f7:
20:63:c7:5c:33:63:c8:be:22:5e:12:ac:ef:fe:a4:05:90:cc:
c4:a9:eb:6a:15:53:f6:44:97:3c:1e:f4:47:df:9a:98:3d:46:
06:75:63:8f:81:20:2d:00:ed:08:bd:6b:b3:e6:21:69:c1:aa:
a0:dd:5f:c8:8c:06:df:c7:b7:2d:5a:6e:7a:8f:a5:a7:3d:74:
03:fa:d8:7f:45:fc:3f:96:c9:e6:49:da:34:67:e4:57:0c:89:
b8:00:a6:16:7f:89:f5:db:fd:83:12:7c:77:46:57:52:93:aa:
45:83:77:45:5b:cb:c3:38:8e:5a:78:00:11:be:f7:71:8a:72:
b3:d9:29:03:00:04:29:a3:08:e9:2f:43:38:91:29:b3:8a:a3:
e9:d6:73:df:ad:1e:67:11:15:12:43:68:15:18:2e:99:a7:61:
60:47:e8:f5:49:2f:f1:28:6c:f4:90:6e:a1:a4:cb:80:f8:e6:
5d:d4:63:5e:06:c1:fd:2c:e0:88:76:3c:2f:7b:55:83:72:52:
4f:ad:ed:79:6d:3e:9f:ae:d9:22:ea:65:45:74:d8:09:c0:b6:
75:f1:05:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBNWM9rAoszLhqi/OEYUmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZjFkNWIwNmY1NzAxNTU1ZmY1ODg4MTU0ZGQxNDFiNDg4
OTYxMTcwHhcNMjYwMzI1MjIwMjAxWhcNMjYwMzI2MjIwMjAxWjAzMTEwLwYDVQQD
EyhjMDRhNmNhNjBlNmFlODUwZDcxMzljYjg4Mzg0MzZlMzEwY2ZkNjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDteReYYCYoUwPDeRBMgCfvc4UgH
OOepcu7+R9SJoJnLKizC4ozYnxCD5bj0ju8S/BD/0Rg3hARJzFkCZmZ+63h1eFQs
p/2mFIT1xyRU6hEODP1JQ+W1y1YewqrYqj0bye3fI8Q41Z/5gz99eGRcEpSHrHLA
FocVX7e6OCQtyOcK1rc+oDgMe/5JTSNvAHY4oOy45esigmfpYUlVslsvQlHbHB6X
rgBxWHKMBQ7ud2NUk5kIYPTogPUvVuemV7XcAeQ3P8fH6Df4hrui+1wT7ef5HBH/
1EMixT8d2z21z+h7bo4AFrWRZIYqWUxLnJkLBvNoZBkz1Buq1xoxJ+8a4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMBKbKYOauhQ1xOcuIOENuMQz9Y+MB8GA1UdIwQY
MBaAFLnx1bBvVwFVX/WIgVTdFBtIiWEXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9jYWY1ZWEtNjI2ZS00NTVhLTg3MDgt
ZjVjYThmYTcyNzBkLzEvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9jYWY1ZWEtNjI2ZS00NTVhLTg3MDgtZjVjYThmYTcyNzBk
LzEvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa6ljD0q1
2u2UterOHaC1DPAXApeLQ+CPtTJsJI8ltuvW6733IGPHXDNjyL4iXhKs7/6kBZDM
xKnrahVT9kSXPB70R9+amD1GBnVjj4EgLQDtCL1rs+YhacGqoN1fyIwG38e3LVpu
eo+lpz10A/rYf0X8P5bJ5knaNGfkVwyJuACmFn+J9dv9gxJ8d0ZXUpOqRYN3RVvL
wziOWngAEb73cYpys9kpAwAEKaMI6S9DOJEps4qj6dZz360eZxEVEkNoFRgumadh
YEfo9Ukv8Shs9JBuoaTLgPjmXdRjXgbB/SzgiHY8L3tVg3JST63teW0+n67ZIupl
RXTYCcC2dfEFkQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:04:21 2026 by rpki-client