Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.mft
File: Brft72GFhyPErevj7lqJ9wBY1f4.mft (raw, json)
Hash identifier: XEm9eiAKgdNZSxPVutkc6CjvScJFhzlGEZYeWqf4JTc=
Subject key identifier: 02:4D:A8:BB:8B:4B:87:06:09:0B:FD:03:23:96:AF:AC:8F:3A:13:3F
Authority key identifier: 06:B7:ED:EF:61:85:87:23:C4:AD:EB:E3:EE:5A:89:F7:00:58:D5:FE
Certificate issuer: /CN=06b7edef61858723c4adebe3ee5a89f70058d5fe
Certificate serial: 019D26287DFF1E259422120732F8D011359D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Brft72GFhyPErevj7lqJ9wBY1f4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.mft
Manifest number: 1887
Signing time: Wed 25 Mar 2026 18:01:20 +0000
Manifest this update: Wed 25 Mar 2026 18:01:20 +0000
Manifest next update: Thu 26 Mar 2026 18:01:20 +0000
Files and hashes: 1: B923TTC0Df04C2WKB5eoCgT73fQ.roa (hash: u8SWrYqzCDPEqqAsY+pz5LjUeslP1zMGGkEQ+CEEG6g=)
2: Brft72GFhyPErevj7lqJ9wBY1f4.crl (hash: bHptp1d3gxQ1nTniDHXdIAzg0dwrafoRHZVQjjNfrNI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Brft72GFhyPErevj7lqJ9wBY1f4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:28:7d:ff:1e:25:94:22:12:07:32:f8:d0:11:35:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06b7edef61858723c4adebe3ee5a89f70058d5fe
Validity
Not Before: Mar 25 18:01:20 2026 GMT
Not After : Mar 26 18:01:20 2026 GMT
Subject: CN=024da8bb8b4b8706090bfd032396afac8f3a133f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:73:e8:12:dc:93:4e:00:b4:60:27:dd:2d:66:
e3:83:ca:c7:be:7e:16:33:61:84:a0:8c:01:e2:14:
c3:1b:14:93:6a:72:57:86:2b:36:6d:ae:3e:a0:1f:
e9:fe:4f:22:41:fc:90:fa:54:a7:a8:65:a8:30:cb:
1f:e4:f8:c5:ad:05:b2:fa:27:04:38:39:c7:b3:df:
45:9f:34:9b:15:22:24:77:16:1f:c8:49:65:9e:12:
80:19:78:62:c4:d8:65:62:c4:75:6c:fe:11:e9:24:
fa:64:fe:4c:c8:f0:0e:dc:96:22:f3:ce:71:18:0c:
84:a7:a4:43:d7:ea:15:c8:15:9b:65:49:86:76:da:
c3:eb:2e:2b:0e:7b:e2:1f:95:13:a6:56:ae:e9:22:
c0:cd:11:50:3d:1a:40:20:2f:e1:e2:f0:92:94:55:
e5:9c:cc:32:8a:45:ff:34:47:f1:55:c9:b7:66:52:
29:b4:64:ab:6a:9a:88:49:d8:54:63:6d:d3:28:0a:
29:aa:06:52:5d:42:63:02:bd:1d:81:ff:9a:c7:da:
ae:55:27:b6:0c:71:12:1b:e7:57:3d:27:dd:ce:76:
a9:e1:5f:94:39:5b:1c:20:75:f2:a8:3b:78:25:51:
f4:b6:02:ff:bb:3f:3e:90:36:31:48:b5:65:85:23:
4d:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:4D:A8:BB:8B:4B:87:06:09:0B:FD:03:23:96:AF:AC:8F:3A:13:3F
X509v3 Authority Key Identifier:
keyid:06:B7:ED:EF:61:85:87:23:C4:AD:EB:E3:EE:5A:89:F7:00:58:D5:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Brft72GFhyPErevj7lqJ9wBY1f4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b5:29:db:01:d7:ea:9e:4e:d8:7a:a9:5c:33:bb:1e:17:b8:35:
b8:17:cb:cc:93:e0:c4:cd:aa:e1:1e:9a:f6:ab:50:cb:3f:e4:
a8:68:21:a4:56:e2:8e:9b:92:e8:42:83:0b:f5:fc:fa:3a:2b:
2a:41:f2:33:87:58:ae:98:f0:d0:dd:b9:49:55:99:7e:0b:91:
66:00:e9:09:f9:24:cc:b1:71:90:58:ca:e6:38:97:c6:f3:ae:
53:f4:5f:26:50:a8:6d:f0:72:f9:fe:ef:75:a8:a9:f3:95:85:
6b:4f:35:ab:d0:3e:41:d1:56:b4:a6:45:db:42:32:44:d0:c0:
9a:bf:8a:5d:58:fb:6b:ad:cd:28:c8:ec:a9:7b:3a:14:f7:57:
3e:6e:b2:42:4d:ae:48:ae:89:af:ae:84:34:3a:82:c5:81:8f:
4a:d7:63:4f:e9:20:fd:d8:0e:93:ca:ad:b4:64:2b:fd:00:cc:
ef:bc:d8:6b:07:95:e0:cf:65:32:8a:10:52:6b:90:61:69:33:
e7:df:d3:33:02:91:6d:f5:99:5d:c9:ee:b5:55:5d:19:30:c0:
c8:71:fd:c0:7c:46:65:a4:8d:57:41:20:f2:e5:ce:0a:d6:d0:
97:20:e2:7a:ee:a9:35:31:5c:52:76:51:9a:de:cd:58:01:8c:
5b:ab:87:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mKH3/HiWUIhIHMvjQETWdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2YjdlZGVmNjE4NTg3MjNjNGFkZWJlM2VlNWE4OWY3MDA1
OGQ1ZmUwHhcNMjYwMzI1MTgwMTIwWhcNMjYwMzI2MTgwMTIwWjAzMTEwLwYDVQQD
EygwMjRkYThiYjhiNGI4NzA2MDkwYmZkMDMyMzk2YWZhYzhmM2ExMzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHPoEtyTTgC0YCfdLWbjg8rHvn4W
M2GEoIwB4hTDGxSTanJXhis2ba4+oB/p/k8iQfyQ+lSnqGWoMMsf5PjFrQWy+icE
ODnHs99FnzSbFSIkdxYfyEllnhKAGXhixNhlYsR1bP4R6ST6ZP5MyPAO3JYi885x
GAyEp6RD1+oVyBWbZUmGdtrD6y4rDnviH5UTplau6SLAzRFQPRpAIC/h4vCSlFXl
nMwyikX/NEfxVcm3ZlIptGSrapqISdhUY23TKAopqgZSXUJjAr0dgf+ax9quVSe2
DHESG+dXPSfdznap4V+UOVscIHXyqDt4JVH0tgL/uz8+kDYxSLVlhSNN5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAJNqLuLS4cGCQv9AyOWr6yPOhM/MB8GA1UdIwQY
MBaAFAa37e9hhYcjxK3r4+5aifcAWNX+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnJmdDcyR0ZoeVBFcmV2ajdscUo5d0JZMWY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8wMTBjYTEtNWIzMC00YmFmLTgzMWUt
ODk1NTFlOGNjZTEyLzEvQnJmdDcyR0ZoeVBFcmV2ajdscUo5d0JZMWY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8wMTBjYTEtNWIzMC00YmFmLTgzMWUtODk1NTFlOGNjZTEy
LzEvQnJmdDcyR0ZoeVBFcmV2ajdscUo5d0JZMWY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtSnbAdfq
nk7YeqlcM7seF7g1uBfLzJPgxM2q4R6a9qtQyz/kqGghpFbijpuS6EKDC/X8+jor
KkHyM4dYrpjw0N25SVWZfguRZgDpCfkkzLFxkFjK5jiXxvOuU/RfJlCobfBy+f7v
daip85WFa081q9A+QdFWtKZF20IyRNDAmr+KXVj7a63NKMjsqXs6FPdXPm6yQk2u
SK6Jr66ENDqCxYGPStdjT+kg/dgOk8qttGQr/QDM77zYaweV4M9lMooQUmuQYWkz
59/TMwKRbfWZXcnutVVdGTDAyHH9wHxGZaSNV0Eg8uXOCtbQlyDieu6pNTFcUnZR
mt7NWAGMW6uH4Q==
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:36:49 2026 by rpki-client