Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/1cdbb1-e265-44c5-b980-4a566add54b2/1/MxpRr9TLZoLCMN7WQGWMETxWL9I.mft
File: MxpRr9TLZoLCMN7WQGWMETxWL9I.mft (raw, json)
Hash identifier: 1xEUdC+efoXZ+KXrtOI0AWycIFoY/q2E7vz9/pzLcPQ=
Subject key identifier: EC:8B:50:2F:8C:54:16:C4:7B:74:4C:EA:46:E1:AB:81:7E:CC:30:03
Authority key identifier: 33:1A:51:AF:D4:CB:66:82:C2:30:DE:D6:40:65:8C:11:3C:56:2F:D2
Certificate issuer: /CN=331a51afd4cb6682c230ded640658c113c562fd2
Certificate serial: 019D265FCFA95B4B93886C5A63827A09BCC7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MxpRr9TLZoLCMN7WQGWMETxWL9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/1cdbb1-e265-44c5-b980-4a566add54b2/1/MxpRr9TLZoLCMN7WQGWMETxWL9I.mft
Manifest number: 0AD4
Signing time: Wed 25 Mar 2026 19:01:46 +0000
Manifest this update: Wed 25 Mar 2026 19:01:46 +0000
Manifest next update: Thu 26 Mar 2026 19:01:46 +0000
Files and hashes: 1: MxpRr9TLZoLCMN7WQGWMETxWL9I.crl (hash: HG9J55nZurQfvhv0Kk/eI+10OQLDaLjggJVd9i4P64c=)
2: _2CCeE-Uv7qfwwVfdf-mFwT5gbc.roa (hash: TYooW/gUsVFWHXthOPEQi5a4rd+m2KssG9xszmHlKRY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/1cdbb1-e265-44c5-b980-4a566add54b2/1/MxpRr9TLZoLCMN7WQGWMETxWL9I.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/1cdbb1-e265-44c5-b980-4a566add54b2/1/MxpRr9TLZoLCMN7WQGWMETxWL9I.mft
rsync://rpki.ripe.net/repository/DEFAULT/MxpRr9TLZoLCMN7WQGWMETxWL9I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:5f:cf:a9:5b:4b:93:88:6c:5a:63:82:7a:09:bc:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=331a51afd4cb6682c230ded640658c113c562fd2
Validity
Not Before: Mar 25 19:01:46 2026 GMT
Not After : Mar 26 19:01:46 2026 GMT
Subject: CN=ec8b502f8c5416c47b744cea46e1ab817ecc3003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a1:2f:47:18:08:57:ab:44:79:0f:f1:e9:cd:
65:e1:be:73:ea:d6:48:d1:3f:2c:2d:fe:cc:59:c6:
52:f7:8b:30:03:c8:5a:d5:b4:da:14:ea:84:99:38:
84:cf:90:ef:2a:93:fd:0d:27:c3:73:58:5a:79:c0:
38:d0:68:0e:ee:e3:8b:fd:07:7b:0c:2c:25:0c:fc:
fe:87:a0:1c:62:fa:a8:50:99:0f:b3:d1:f2:f1:21:
61:5d:a5:63:d4:41:20:0d:b6:f6:27:9d:fa:d7:c4:
8d:73:bf:93:3d:d3:24:45:eb:b3:4e:b3:9d:da:a9:
41:01:b9:12:75:dc:ae:14:bd:e7:eb:08:a2:d0:3f:
fb:db:24:44:c1:5e:6b:ce:ce:8f:d5:29:4a:26:9e:
22:64:41:22:5b:2f:70:f3:5e:ba:2f:03:63:bb:55:
0c:4b:e7:d1:a3:df:0d:aa:77:98:b8:a2:57:39:cb:
4b:f6:de:bf:20:23:44:14:0b:18:90:26:db:a0:53:
5b:c2:51:6f:be:68:7e:83:fc:b1:26:e4:53:a1:cf:
f0:47:80:1d:e6:1a:5e:99:14:04:f7:37:2a:a9:44:
f8:b8:a2:34:2b:e5:58:ad:c8:ed:9d:a9:41:7e:e4:
48:b8:74:33:dd:25:a6:5b:d8:ba:96:2a:3d:c2:c9:
0d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:8B:50:2F:8C:54:16:C4:7B:74:4C:EA:46:E1:AB:81:7E:CC:30:03
X509v3 Authority Key Identifier:
keyid:33:1A:51:AF:D4:CB:66:82:C2:30:DE:D6:40:65:8C:11:3C:56:2F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MxpRr9TLZoLCMN7WQGWMETxWL9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/1cdbb1-e265-44c5-b980-4a566add54b2/1/MxpRr9TLZoLCMN7WQGWMETxWL9I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/1cdbb1-e265-44c5-b980-4a566add54b2/1/MxpRr9TLZoLCMN7WQGWMETxWL9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
13:c5:89:fe:8b:d3:49:b2:33:08:76:90:1f:16:44:db:e4:8e:
df:3b:1e:85:d5:7e:d8:40:0e:f8:f5:63:a5:a3:19:27:22:fe:
dd:28:64:4b:fc:af:f7:77:71:27:55:70:38:00:21:68:d9:87:
4a:46:f3:75:48:3c:16:e9:54:91:fa:9a:aa:f1:b8:65:e0:4c:
bb:1f:e3:d4:44:ff:58:12:c9:73:b3:94:1d:c9:22:43:3e:bd:
5b:35:ff:01:da:be:d0:f5:14:6f:d8:78:76:c5:27:d4:fb:20:
15:71:eb:24:67:94:45:97:29:f3:5d:c1:31:e3:74:28:71:3b:
ed:a1:22:3c:9b:55:05:0e:85:3a:84:38:f6:c6:5d:d7:6f:df:
24:e8:df:3f:2d:c7:6e:65:26:31:e2:aa:cc:40:3e:70:26:86:
d8:b1:a0:aa:fb:2a:e1:62:45:5a:1e:79:42:56:eb:55:f9:e0:
01:56:4a:56:61:86:4c:25:f9:6d:97:db:b4:27:17:4c:96:14:
cc:ce:55:92:2f:f3:b2:52:56:03:64:a4:8c:50:e1:36:5b:f4:
cf:ad:b5:28:5f:93:43:e8:6f:a5:aa:38:f9:a2:2a:54:e7:cd:
13:3e:86:8a:62:f2:e0:00:ae:b4:81:06:ed:9e:78:23:3f:e8:
08:58:16:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mX8+pW0uTiGxaY4J6CbzHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMWE1MWFmZDRjYjY2ODJjMjMwZGVkNjQwNjU4YzExM2M1
NjJmZDIwHhcNMjYwMzI1MTkwMTQ2WhcNMjYwMzI2MTkwMTQ2WjAzMTEwLwYDVQQD
EyhlYzhiNTAyZjhjNTQxNmM0N2I3NDRjZWE0NmUxYWI4MTdlY2MzMDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqEvRxgIV6tEeQ/x6c1l4b5z6tZI
0T8sLf7MWcZS94swA8ha1bTaFOqEmTiEz5DvKpP9DSfDc1haecA40GgO7uOL/Qd7
DCwlDPz+h6AcYvqoUJkPs9Hy8SFhXaVj1EEgDbb2J53618SNc7+TPdMkReuzTrOd
2qlBAbkSddyuFL3n6wii0D/72yREwV5rzs6P1SlKJp4iZEEiWy9w8166LwNju1UM
S+fRo98NqneYuKJXOctL9t6/ICNEFAsYkCbboFNbwlFvvmh+g/yxJuRToc/wR4Ad
5hpemRQE9zcqqUT4uKI0K+VYrcjtnalBfuRIuHQz3SWmW9i6lio9wskN2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOyLUC+MVBbEe3RM6kbhq4F+zDADMB8GA1UdIwQY
MBaAFDMaUa/Uy2aCwjDe1kBljBE8Vi/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXhwUnI5VExab0xDTU43V1FHV01FVHhXTDlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8xY2RiYjEtZTI2NS00NGM1LWI5ODAt
NGE1NjZhZGQ1NGIyLzEvTXhwUnI5VExab0xDTU43V1FHV01FVHhXTDlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8xY2RiYjEtZTI2NS00NGM1LWI5ODAtNGE1NjZhZGQ1NGIy
LzEvTXhwUnI5VExab0xDTU43V1FHV01FVHhXTDlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE8WJ/ovT
SbIzCHaQHxZE2+SO3zsehdV+2EAO+PVjpaMZJyL+3ShkS/yv93dxJ1VwOAAhaNmH
SkbzdUg8FulUkfqaqvG4ZeBMux/j1ET/WBLJc7OUHckiQz69WzX/Adq+0PUUb9h4
dsUn1PsgFXHrJGeURZcp813BMeN0KHE77aEiPJtVBQ6FOoQ49sZd12/fJOjfPy3H
bmUmMeKqzEA+cCaG2LGgqvsq4WJFWh55QlbrVfngAVZKVmGGTCX5bZfbtCcXTJYU
zM5Vki/zslJWA2SkjFDhNlv0z621KF+TQ+hvpao4+aIqVOfNEz6GimLy4ACutIEG
7Z54Iz/oCFgW2g==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:19:43 2026 by rpki-client