Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.mft
File: ufdKR6bRoL9MIW5fq02R-xKd89Y.mft (raw, json)
Hash identifier: WQfYy8an2ZVrYu8wXW0lD7RnVEGukjWhZZENP1df8Vw=
Subject key identifier: 13:FC:3A:8A:25:40:35:A3:68:4B:71:A7:5A:14:61:EB:F5:42:6B:30
Authority key identifier: B9:F7:4A:47:A6:D1:A0:BF:4C:21:6E:5F:AB:4D:91:FB:12:9D:F3:D6
Certificate issuer: /CN=b9f74a47a6d1a0bf4c216e5fab4d91fb129df3d6
Certificate serial: 019D265F111A26F7D673F32F5CCFBE8966C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ufdKR6bRoL9MIW5fq02R-xKd89Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.mft
Manifest number: 0DBC
Signing time: Wed 25 Mar 2026 19:00:57 +0000
Manifest this update: Wed 25 Mar 2026 19:00:57 +0000
Manifest next update: Thu 26 Mar 2026 19:00:57 +0000
Files and hashes: 1: ufdKR6bRoL9MIW5fq02R-xKd89Y.crl (hash: t/rr2m3TG8LK3JqapGQjtbo0GFLDaTWWQGQ30KoRuMU=)
2: xthXgiM7QFg5g-QceY1y5f74Rds.roa (hash: ov8Kweo+Ul8Z/hCjsozR/vUEJ009cmFNJtAjb/mVhe8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/ufdKR6bRoL9MIW5fq02R-xKd89Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 19:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:5f:11:1a:26:f7:d6:73:f3:2f:5c:cf:be:89:66:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9f74a47a6d1a0bf4c216e5fab4d91fb129df3d6
Validity
Not Before: Mar 25 19:00:57 2026 GMT
Not After : Mar 26 19:00:57 2026 GMT
Subject: CN=13fc3a8a254035a3684b71a75a1461ebf5426b30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:51:b9:d5:94:7a:ab:e3:d5:c4:a9:81:78:f8:
62:04:4c:50:b3:b3:35:cb:c8:b0:4d:f3:a4:48:ed:
93:b8:bf:8a:0d:1c:99:4d:76:14:4b:d2:bb:a5:02:
bb:50:71:4c:01:37:26:b5:e8:fb:2a:be:4c:28:d4:
78:c8:ab:a5:6d:8e:96:26:74:b9:a1:1f:2c:bc:d2:
3b:1a:c2:2d:dd:de:08:f7:89:1c:1d:16:82:92:98:
2b:39:1c:67:ba:df:c9:68:dc:1a:6c:69:37:8c:ba:
8d:da:1e:1d:4e:86:84:c1:5d:ec:0e:37:c6:52:e4:
9d:d1:3f:aa:fc:89:d1:de:d6:da:b1:09:e4:2f:40:
7c:77:77:9d:ed:ce:fc:c7:49:53:06:62:8e:69:ea:
cb:13:eb:f4:90:00:1a:b5:ee:cc:4e:dc:20:4a:cb:
24:a1:80:95:07:14:ee:19:49:6f:ff:8a:e3:c0:71:
b1:c3:5a:6f:40:11:3d:07:d7:a2:47:30:ba:7a:67:
99:b6:d3:ab:50:c8:f6:2c:05:4b:79:3c:2c:e6:2d:
e7:0f:06:4e:8f:1e:10:92:07:c8:16:d4:61:7a:73:
34:00:91:5f:a2:00:99:ae:c6:34:4b:ad:20:e8:eb:
8f:dc:f2:54:6d:4d:73:04:ae:a1:64:76:54:ff:57:
28:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:FC:3A:8A:25:40:35:A3:68:4B:71:A7:5A:14:61:EB:F5:42:6B:30
X509v3 Authority Key Identifier:
keyid:B9:F7:4A:47:A6:D1:A0:BF:4C:21:6E:5F:AB:4D:91:FB:12:9D:F3:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ufdKR6bRoL9MIW5fq02R-xKd89Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b1:90:f2:47:b2:8f:4f:fb:1d:17:04:9a:3f:45:a9:5a:a1:7b:
d4:e2:45:5a:33:f7:23:4d:42:f2:b2:8b:d3:43:e9:d8:21:e2:
ec:c1:0b:83:13:7b:2b:28:c8:32:46:da:80:bc:f3:44:9a:57:
af:e4:d1:1f:ab:be:45:5f:08:28:6c:05:e7:3d:a0:b6:66:3f:
02:30:b9:d7:fa:f9:0a:cb:ec:27:56:1c:4e:d9:02:e4:08:a5:
c2:7b:aa:76:31:ce:9d:ce:30:86:e1:3c:ca:7f:4a:54:77:b9:
b4:e3:ec:77:33:4b:8f:0d:31:81:4a:e8:13:c3:a1:57:b1:f6:
4e:07:02:15:84:3c:e9:9a:1f:16:43:5c:b4:95:98:54:cd:6e:
2a:3c:ed:e4:bc:f7:27:6d:25:3c:2d:4f:1d:07:72:98:34:96:
cc:f4:75:87:6e:04:ef:9f:f3:31:a6:41:b2:f8:2d:8f:8e:d7:
d1:2f:a8:a7:3f:07:05:b4:fa:6a:7d:03:aa:4d:1c:90:86:69:
a0:46:c0:5b:8c:9f:c8:24:ed:ac:08:6b:06:67:03:40:65:89:
3e:c7:a5:0b:1b:c8:19:9c:2b:6f:92:e8:71:20:45:96:6b:7c:
4f:8b:42:5e:dc:d0:0e:71:7e:80:5b:94:18:aa:c1:df:f5:69:
dd:97:6c:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mXxEaJvfWc/MvXM++iWbEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5Zjc0YTQ3YTZkMWEwYmY0YzIxNmU1ZmFiNGQ5MWZiMTI5
ZGYzZDYwHhcNMjYwMzI1MTkwMDU3WhcNMjYwMzI2MTkwMDU3WjAzMTEwLwYDVQQD
EygxM2ZjM2E4YTI1NDAzNWEzNjg0YjcxYTc1YTE0NjFlYmY1NDI2YjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVG51ZR6q+PVxKmBePhiBExQs7M1
y8iwTfOkSO2TuL+KDRyZTXYUS9K7pQK7UHFMATcmtej7Kr5MKNR4yKulbY6WJnS5
oR8svNI7GsIt3d4I94kcHRaCkpgrORxnut/JaNwabGk3jLqN2h4dToaEwV3sDjfG
UuSd0T+q/InR3tbasQnkL0B8d3ed7c78x0lTBmKOaerLE+v0kAAate7MTtwgSssk
oYCVBxTuGUlv/4rjwHGxw1pvQBE9B9eiRzC6emeZttOrUMj2LAVLeTws5i3nDwZO
jx4QkgfIFtRhenM0AJFfogCZrsY0S60g6OuP3PJUbU1zBK6hZHZU/1co/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBP8OoolQDWjaEtxp1oUYev1QmswMB8GA1UdIwQY
MBaAFLn3Skem0aC/TCFuX6tNkfsSnfPWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWZkS1I2YlJvTDlNSVc1ZnEwMlIteEtkODlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8yNGEwYmQtMDgzOC00Yzk1LTljY2Qt
MzBmNjA4YWRlNDhkLzEvdWZkS1I2YlJvTDlNSVc1ZnEwMlIteEtkODlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8yNGEwYmQtMDgzOC00Yzk1LTljY2QtMzBmNjA4YWRlNDhk
LzEvdWZkS1I2YlJvTDlNSVc1ZnEwMlIteEtkODlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsZDyR7KP
T/sdFwSaP0WpWqF71OJFWjP3I01C8rKL00Pp2CHi7MELgxN7KyjIMkbagLzzRJpX
r+TRH6u+RV8IKGwF5z2gtmY/AjC51/r5CsvsJ1YcTtkC5AilwnuqdjHOnc4whuE8
yn9KVHe5tOPsdzNLjw0xgUroE8OhV7H2TgcCFYQ86ZofFkNctJWYVM1uKjzt5Lz3
J20lPC1PHQdymDSWzPR1h24E75/zMaZBsvgtj47X0S+opz8HBbT6an0Dqk0ckIZp
oEbAW4yfyCTtrAhrBmcDQGWJPselCxvIGZwrb5LocSBFlmt8T4tCXtzQDnF+gFuU
GKrB3/Vp3Zds3Q==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:52:08 2026 by rpki-client