Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/a037b1-133a-4639-8c7f-636857ee1792/1/ES1lq7x-8AUScohER5KrhvsVwu4.mft
File: ES1lq7x-8AUScohER5KrhvsVwu4.mft (raw, json)
Hash identifier: hrRE5d56SSqUKv6YtpP9cHEPtks12SXBRwZpyA9VO2M=
Subject key identifier: 63:79:2A:B8:2B:69:0C:C4:CB:91:FD:B9:7E:46:C9:D2:AF:4A:75:A3
Authority key identifier: 11:2D:65:AB:BC:7E:F0:05:12:72:88:44:47:92:AB:86:FB:15:C2:EE
Certificate issuer: /CN=112d65abbc7ef005127288444792ab86fb15c2ee
Certificate serial: 019D29612D181E79AAE2EE04005D7471D2B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ES1lq7x-8AUScohER5KrhvsVwu4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/a037b1-133a-4639-8c7f-636857ee1792/1/ES1lq7x-8AUScohER5KrhvsVwu4.mft
Manifest number: 0A0A
Signing time: Thu 26 Mar 2026 09:02:07 +0000
Manifest this update: Thu 26 Mar 2026 09:02:07 +0000
Manifest next update: Fri 27 Mar 2026 09:02:07 +0000
Files and hashes: 1: ES1lq7x-8AUScohER5KrhvsVwu4.crl (hash: gmRUpDhCVcodYKv5QykN4/Cu4itTof+frhezvruqDBE=)
2: NyqJ3HcC-3DqTRjPEZHaf1vVpmk.roa (hash: kzMbI7FhKbCR9OfECdQk1NAYRQo9Ic9dt4s+QetZXtQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/a037b1-133a-4639-8c7f-636857ee1792/1/ES1lq7x-8AUScohER5KrhvsVwu4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/a037b1-133a-4639-8c7f-636857ee1792/1/ES1lq7x-8AUScohER5KrhvsVwu4.mft
rsync://rpki.ripe.net/repository/DEFAULT/ES1lq7x-8AUScohER5KrhvsVwu4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:61:2d:18:1e:79:aa:e2:ee:04:00:5d:74:71:d2:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=112d65abbc7ef005127288444792ab86fb15c2ee
Validity
Not Before: Mar 26 09:02:07 2026 GMT
Not After : Mar 27 09:02:07 2026 GMT
Subject: CN=63792ab82b690cc4cb91fdb97e46c9d2af4a75a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b9:07:fd:11:ce:eb:3c:7b:dc:24:9f:e5:87:
5d:95:5e:24:be:e0:b3:67:c7:57:81:62:ea:d5:e9:
94:fe:c1:7b:f4:5a:47:5c:67:70:a9:bc:eb:35:42:
c2:b8:10:d1:6d:72:f2:c2:41:ee:1e:84:ff:2c:d9:
68:3f:a6:6c:36:bb:d6:31:86:1a:73:74:ad:9f:e5:
b4:b3:66:7e:e1:8a:ee:b1:f2:c1:d6:93:7f:7f:a2:
3c:8c:5f:47:6b:74:db:d1:50:0c:ee:62:e0:68:20:
55:24:75:60:75:4c:23:a2:64:95:be:24:b0:ef:5c:
21:0b:43:47:41:bc:94:7b:03:00:c1:e2:89:15:50:
23:bc:cc:81:fb:ee:fe:47:ce:f7:06:89:d5:fa:6a:
73:04:89:7e:5a:bb:3a:b0:76:6f:4d:5c:d8:12:59:
34:a5:27:c7:e4:cd:16:cd:58:d4:a7:b0:3b:18:52:
b4:dd:ef:2a:db:23:c8:b7:5a:5a:0a:90:f1:d9:20:
ad:50:38:d5:c5:e6:53:a8:09:74:7b:2c:10:4d:b4:
91:64:07:dd:61:b0:2d:c3:55:5c:0c:76:77:ea:78:
a5:e6:ed:3b:89:e7:4f:70:26:0f:31:60:55:fa:3d:
b8:1c:35:72:58:b8:99:c2:ce:58:29:e7:bc:53:4d:
61:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:79:2A:B8:2B:69:0C:C4:CB:91:FD:B9:7E:46:C9:D2:AF:4A:75:A3
X509v3 Authority Key Identifier:
keyid:11:2D:65:AB:BC:7E:F0:05:12:72:88:44:47:92:AB:86:FB:15:C2:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ES1lq7x-8AUScohER5KrhvsVwu4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a037b1-133a-4639-8c7f-636857ee1792/1/ES1lq7x-8AUScohER5KrhvsVwu4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a037b1-133a-4639-8c7f-636857ee1792/1/ES1lq7x-8AUScohER5KrhvsVwu4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
04:07:97:85:ed:e9:0e:12:5a:d0:4e:03:7f:8c:05:f5:b7:80:
3c:78:6d:90:12:d0:2a:4f:66:94:65:8d:0c:86:e7:2f:96:4f:
11:44:46:d6:6e:e3:d3:4f:a7:99:83:d7:60:c8:68:48:41:c1:
06:0f:17:ad:f6:28:32:7d:ce:9f:d8:5a:ee:64:91:ea:bd:b2:
98:63:a2:1b:bc:78:c2:71:4c:97:9e:d9:7b:21:26:d4:af:3f:
eb:2e:de:3a:1e:48:72:ec:3e:61:fe:76:e0:b7:a6:9d:de:6a:
68:44:bc:53:17:88:35:20:c4:d1:77:93:b4:f9:3b:69:ff:51:
96:e9:c5:fa:fb:14:ca:4f:8e:25:b2:d6:86:5c:bc:48:98:86:
bc:32:2d:83:39:2e:de:f5:db:71:42:26:69:fd:10:88:22:8e:
7b:ad:0c:d3:1a:d3:2a:7c:7f:e7:da:2c:3d:d4:d5:9b:ae:8f:
54:3e:c1:09:9d:b9:1c:cc:96:63:85:78:cd:c2:2f:47:65:cb:
f1:23:fe:15:ca:76:13:c7:5a:bb:44:a3:1a:f2:89:83:2d:3c:
3c:a4:c6:13:57:2c:3d:a8:fb:fa:77:ad:a9:b3:98:8c:99:b5:
66:d5:fd:c4:f1:58:2d:13:5b:fd:78:fe:48:93:65:09:5a:ff:
55:c5:c4:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYS0YHnmq4u4EAF10cdKxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMmQ2NWFiYmM3ZWYwMDUxMjcyODg0NDQ3OTJhYjg2ZmIx
NWMyZWUwHhcNMjYwMzI2MDkwMjA3WhcNMjYwMzI3MDkwMjA3WjAzMTEwLwYDVQQD
Eyg2Mzc5MmFiODJiNjkwY2M0Y2I5MWZkYjk3ZTQ2YzlkMmFmNGE3NWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7kH/RHO6zx73CSf5YddlV4kvuCz
Z8dXgWLq1emU/sF79FpHXGdwqbzrNULCuBDRbXLywkHuHoT/LNloP6ZsNrvWMYYa
c3Stn+W0s2Z+4YrusfLB1pN/f6I8jF9Ha3Tb0VAM7mLgaCBVJHVgdUwjomSVviSw
71whC0NHQbyUewMAweKJFVAjvMyB++7+R873BonV+mpzBIl+Wrs6sHZvTVzYElk0
pSfH5M0WzVjUp7A7GFK03e8q2yPIt1paCpDx2SCtUDjVxeZTqAl0eywQTbSRZAfd
YbAtw1VcDHZ36nil5u07iedPcCYPMWBV+j24HDVyWLiZws5YKee8U01hMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGN5KrgraQzEy5H9uX5GydKvSnWjMB8GA1UdIwQY
MBaAFBEtZau8fvAFEnKIREeSq4b7FcLuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVMxbHE3eC04QVVTY29oRVI1S3JodnNWd3U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9hMDM3YjEtMTMzYS00NjM5LThjN2Yt
NjM2ODU3ZWUxNzkyLzEvRVMxbHE3eC04QVVTY29oRVI1S3JodnNWd3U0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9hMDM3YjEtMTMzYS00NjM5LThjN2YtNjM2ODU3ZWUxNzky
LzEvRVMxbHE3eC04QVVTY29oRVI1S3JodnNWd3U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABAeXhe3p
DhJa0E4Df4wF9beAPHhtkBLQKk9mlGWNDIbnL5ZPEURG1m7j00+nmYPXYMhoSEHB
Bg8XrfYoMn3On9ha7mSR6r2ymGOiG7x4wnFMl57ZeyEm1K8/6y7eOh5Icuw+Yf52
4Lemnd5qaES8UxeINSDE0XeTtPk7af9RlunF+vsUyk+OJbLWhly8SJiGvDItgzku
3vXbcUImaf0QiCKOe60M0xrTKnx/59osPdTVm66PVD7BCZ25HMyWY4V4zcIvR2XL
8SP+Fcp2E8dau0SjGvKJgy08PKTGE1csPaj7+netqbOYjJm1ZtX9xPFYLRNb/Xj+
SJNlCVr/VcXEqQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 18:50:23 2026 by rpki-client