Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/af5657-c8b2-4855-82a7-1dd57e3f3d97/1/U1UECuknhr8XJ7a07MEJO4p0Aes.mft
File: U1UECuknhr8XJ7a07MEJO4p0Aes.mft (raw, json)
Hash identifier: W2Fw+qBSvnjhmZ10JRIPPR9ViMhM4vKcrYjCGy3WlX0=
Subject key identifier: 2A:77:0D:0C:69:63:55:46:BA:1B:0C:58:0E:C2:2B:55:5A:CD:1E:2D
Authority key identifier: 53:55:04:0A:E9:27:86:BF:17:27:B6:B4:EC:C1:09:3B:8A:74:01:EB
Certificate issuer: /CN=5355040ae92786bf1727b6b4ecc1093b8a7401eb
Certificate serial: 019D273B0238CB055DA078245ECDADC263BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U1UECuknhr8XJ7a07MEJO4p0Aes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/af5657-c8b2-4855-82a7-1dd57e3f3d97/1/U1UECuknhr8XJ7a07MEJO4p0Aes.mft
Manifest number: 0CE9
Signing time: Wed 25 Mar 2026 23:01:11 +0000
Manifest this update: Wed 25 Mar 2026 23:01:11 +0000
Manifest next update: Thu 26 Mar 2026 23:01:11 +0000
Files and hashes: 1: U1UECuknhr8XJ7a07MEJO4p0Aes.crl (hash: GQT1sIxQANbxTYGv8VbQIw0Im0VElJnDVsEoxwRBf64=)
2: hb1tf1cv2DqeNoOeMed75lCHkr0.roa (hash: 2osj3Tca5M4y8jWIziarmiD4CXLpdYxZP6w7GJCWBu8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/af5657-c8b2-4855-82a7-1dd57e3f3d97/1/U1UECuknhr8XJ7a07MEJO4p0Aes.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/af5657-c8b2-4855-82a7-1dd57e3f3d97/1/U1UECuknhr8XJ7a07MEJO4p0Aes.mft
rsync://rpki.ripe.net/repository/DEFAULT/U1UECuknhr8XJ7a07MEJO4p0Aes.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:3b:02:38:cb:05:5d:a0:78:24:5e:cd:ad:c2:63:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5355040ae92786bf1727b6b4ecc1093b8a7401eb
Validity
Not Before: Mar 25 23:01:11 2026 GMT
Not After : Mar 26 23:01:11 2026 GMT
Subject: CN=2a770d0c69635546ba1b0c580ec22b555acd1e2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:72:ce:b5:d9:05:1c:36:26:69:8c:f6:0c:2d:
d5:a9:82:f7:8c:20:ca:7b:dd:31:f2:d3:7f:23:06:
dc:d1:17:35:b4:63:c6:83:cd:5c:f1:60:7c:39:e4:
96:45:67:0d:97:0e:66:95:22:47:8f:36:06:b2:b4:
c5:87:89:b5:ee:41:b4:80:70:da:94:98:52:0a:99:
b9:9a:11:b4:cf:c5:99:c8:94:56:11:d3:1a:60:f2:
96:02:53:db:b9:6e:32:b9:2d:a5:7a:53:cd:93:83:
69:c1:fe:33:59:ed:42:e2:95:f0:8b:1d:95:6a:9d:
a2:d0:ce:b5:69:5a:28:f6:a9:49:0c:25:77:8b:e2:
6c:3a:d0:e9:bf:cd:38:a7:a1:04:59:12:bc:e6:79:
e1:08:ac:a8:86:e6:2e:b5:f2:bc:52:e6:51:6b:bf:
f4:13:f9:d4:27:8d:9c:7b:cb:63:5d:44:48:d1:c3:
60:e1:7a:b7:c4:7c:57:d7:4e:b4:fd:26:50:40:de:
4a:9f:71:6b:bf:fe:d3:79:71:1a:d8:c7:c0:a8:c1:
21:7e:53:90:43:10:99:47:3e:5a:54:49:85:b6:85:
c9:06:95:79:f3:5e:03:22:c0:d5:b7:a3:fb:e1:97:
b6:ff:8b:9e:b6:aa:68:95:fd:42:f3:a6:1e:8c:e5:
3a:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:77:0D:0C:69:63:55:46:BA:1B:0C:58:0E:C2:2B:55:5A:CD:1E:2D
X509v3 Authority Key Identifier:
keyid:53:55:04:0A:E9:27:86:BF:17:27:B6:B4:EC:C1:09:3B:8A:74:01:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1UECuknhr8XJ7a07MEJO4p0Aes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/af5657-c8b2-4855-82a7-1dd57e3f3d97/1/U1UECuknhr8XJ7a07MEJO4p0Aes.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/af5657-c8b2-4855-82a7-1dd57e3f3d97/1/U1UECuknhr8XJ7a07MEJO4p0Aes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
81:b7:7c:5f:42:4e:c8:1f:c9:37:29:f7:ae:65:c4:10:c8:db:
9b:0b:1a:91:20:3d:73:46:fb:cc:c8:5e:a2:a7:42:68:02:fc:
2a:18:d3:26:e4:b5:c0:b8:a1:bd:b9:d3:de:3c:5e:d1:26:7b:
40:ba:f4:f9:73:cc:27:fe:25:e8:4a:93:5e:b1:7f:13:1e:17:
11:a0:9a:af:f4:6a:ea:f7:a4:68:af:e6:d7:6c:08:c1:70:7e:
2f:44:e2:da:d5:33:eb:99:d2:37:04:ac:66:5d:93:7a:ad:9a:
f5:97:42:77:29:af:e2:f1:2a:cc:84:77:80:89:ad:8d:17:61:
6d:08:26:bd:e7:c2:72:7f:7b:15:25:3b:89:96:b5:d6:92:16:
be:4d:d5:a9:1d:5d:d7:19:a0:5a:33:78:c5:47:52:e7:2b:1d:
8b:26:ab:c2:5e:aa:98:32:79:7c:73:56:0d:24:c5:94:02:14:
fe:4a:2e:0e:da:cb:6c:7c:62:41:33:ae:cc:51:29:28:01:66:
3f:e3:54:a8:52:2b:1a:69:ae:46:26:e5:32:27:1c:7e:64:f4:
ee:e6:7b:48:4a:7b:cb:79:f6:af:5c:7d:d1:97:92:00:4e:3b:
80:cb:24:d9:8f:25:16:f3:1e:00:d5:eb:c0:9b:42:31:c9:76:
32:d4:05:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nOwI4ywVdoHgkXs2twmO7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNTUwNDBhZTkyNzg2YmYxNzI3YjZiNGVjYzEwOTNiOGE3
NDAxZWIwHhcNMjYwMzI1MjMwMTExWhcNMjYwMzI2MjMwMTExWjAzMTEwLwYDVQQD
EygyYTc3MGQwYzY5NjM1NTQ2YmExYjBjNTgwZWMyMmI1NTVhY2QxZTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HLOtdkFHDYmaYz2DC3VqYL3jCDK
e90x8tN/Iwbc0Rc1tGPGg81c8WB8OeSWRWcNlw5mlSJHjzYGsrTFh4m17kG0gHDa
lJhSCpm5mhG0z8WZyJRWEdMaYPKWAlPbuW4yuS2lelPNk4Npwf4zWe1C4pXwix2V
ap2i0M61aVoo9qlJDCV3i+JsOtDpv804p6EEWRK85nnhCKyohuYutfK8UuZRa7/0
E/nUJ42ce8tjXURI0cNg4Xq3xHxX1060/SZQQN5Kn3Frv/7TeXEa2MfAqMEhflOQ
QxCZRz5aVEmFtoXJBpV5814DIsDVt6P74Ze2/4uetqpolf1C86YejOU6fQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCp3DQxpY1VGuhsMWA7CK1VazR4tMB8GA1UdIwQY
MBaAFFNVBArpJ4a/Fye2tOzBCTuKdAHrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTFVRUN1a25ocjhYSjdhMDdNRUpPNHAwQWVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9hZjU2NTctYzhiMi00ODU1LTgyYTct
MWRkNTdlM2YzZDk3LzEvVTFVRUN1a25ocjhYSjdhMDdNRUpPNHAwQWVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9hZjU2NTctYzhiMi00ODU1LTgyYTctMWRkNTdlM2YzZDk3
LzEvVTFVRUN1a25ocjhYSjdhMDdNRUpPNHAwQWVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgbd8X0JO
yB/JNyn3rmXEEMjbmwsakSA9c0b7zMheoqdCaAL8KhjTJuS1wLihvbnT3jxe0SZ7
QLr0+XPMJ/4l6EqTXrF/Ex4XEaCar/Rq6vekaK/m12wIwXB+L0Ti2tUz65nSNwSs
Zl2Teq2a9ZdCdymv4vEqzIR3gImtjRdhbQgmvefCcn97FSU7iZa11pIWvk3VqR1d
1xmgWjN4xUdS5ysdiyarwl6qmDJ5fHNWDSTFlAIU/kouDtrLbHxiQTOuzFEpKAFm
P+NUqFIrGmmuRiblMiccfmT07uZ7SEp7y3n2r1x90ZeSAE47gMsk2Y8lFvMeANXr
wJtCMcl2MtQFxw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:59:56 2026 by rpki-client