Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/c4fb00-39c5-48a5-903b-252fd967bfcc/1/U3XfISulmO4KW_aAsh9QxPx9aOE.mft
File: U3XfISulmO4KW_aAsh9QxPx9aOE.mft (raw, json)
Hash identifier: +HmojJkqcim75Tmzo1+DDBznjUqV1D04M+nBWn2JjNc=
Subject key identifier: 4A:87:7C:BF:45:C9:90:D6:9B:A1:52:35:DA:68:CE:83:25:F3:C6:9C
Authority key identifier: 53:75:DF:21:2B:A5:98:EE:0A:5B:F6:80:B2:1F:50:C4:FC:7D:68:E1
Certificate issuer: /CN=5375df212ba598ee0a5bf680b21f50c4fc7d68e1
Certificate serial: 019BE4EF743EF3876A9D371B64BB8F53B523
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U3XfISulmO4KW_aAsh9QxPx9aOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/c4fb00-39c5-48a5-903b-252fd967bfcc/1/U3XfISulmO4KW_aAsh9QxPx9aOE.mft
Manifest number: 0F79
Signing time: Thu 22 Jan 2026 09:00:56 +0000
Manifest this update: Thu 22 Jan 2026 09:00:56 +0000
Manifest next update: Fri 23 Jan 2026 09:00:56 +0000
Files and hashes: 1: U3XfISulmO4KW_aAsh9QxPx9aOE.crl (hash: 8XNUu3uffXnkOzh3hjaDqfhgFJgKfUdXh5ErfuCpjLw=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:e4:ef:74:3e:f3:87:6a:9d:37:1b:64:bb:8f:53:b5:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5375df212ba598ee0a5bf680b21f50c4fc7d68e1
Validity
Not Before: Jan 22 09:00:56 2026 GMT
Not After : Jan 23 09:00:56 2026 GMT
Subject: CN=4a877cbf45c990d69ba15235da68ce8325f3c69c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ab:6c:fa:e0:b9:af:90:cd:65:41:e8:07:95:
5a:21:86:2c:9a:7f:a7:83:37:dd:23:a5:80:7f:6c:
70:c8:d2:dd:55:38:a4:1d:77:30:b5:ff:01:c8:93:
c0:97:b8:d4:26:07:e5:2d:c1:f0:b9:42:50:49:ea:
af:b2:49:d3:d1:e2:ce:00:43:94:25:cd:61:7b:13:
cb:e8:a0:ab:4e:c7:8d:b6:86:63:b8:16:74:0c:dc:
54:67:08:09:52:d9:6b:4a:24:37:44:56:c6:cb:c8:
4a:45:2b:be:73:82:80:9d:4f:44:d8:36:0e:e3:b7:
5b:90:08:50:e7:96:65:4c:df:1c:4a:96:2a:2e:81:
97:86:5c:95:a7:48:89:0c:78:97:22:be:29:ad:b4:
38:df:4c:b5:5f:5e:67:be:7d:71:78:3d:2a:1a:3b:
a4:9d:2c:43:ae:3c:4a:93:3d:21:86:f5:9e:82:05:
eb:af:50:94:bd:3b:f8:38:3d:ea:76:99:6f:c7:ff:
ad:0b:21:68:c6:f7:2a:4b:2d:3d:d4:9a:75:0a:ed:
a3:01:9e:3e:47:03:6a:c4:72:d6:96:85:73:66:66:
8a:da:2c:75:8d:ce:a2:7d:55:94:ac:ed:04:fe:10:
4d:dd:65:65:ce:86:b5:3b:30:be:1e:e3:78:2d:6b:
c3:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:87:7C:BF:45:C9:90:D6:9B:A1:52:35:DA:68:CE:83:25:F3:C6:9C
X509v3 Authority Key Identifier:
keyid:53:75:DF:21:2B:A5:98:EE:0A:5B:F6:80:B2:1F:50:C4:FC:7D:68:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U3XfISulmO4KW_aAsh9QxPx9aOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c4fb00-39c5-48a5-903b-252fd967bfcc/1/U3XfISulmO4KW_aAsh9QxPx9aOE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c4fb00-39c5-48a5-903b-252fd967bfcc/1/U3XfISulmO4KW_aAsh9QxPx9aOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
75:06:3a:3b:c7:3d:7b:40:f7:b2:fa:d8:52:e2:42:75:bd:d3:
fd:28:6f:bd:45:7e:62:e1:37:02:bf:f3:0e:23:ed:f0:15:f9:
f4:d6:f7:90:25:94:0d:3b:fe:d1:81:03:40:b7:39:d7:62:cd:
9a:3d:b1:3d:b6:c2:b1:f1:09:f0:56:80:2f:eb:db:3c:9e:26:
51:3b:0d:96:30:74:ad:9b:aa:63:f1:7d:84:6e:6a:05:9c:81:
74:cb:a5:7a:d5:9b:73:88:6e:af:5d:33:ea:44:18:19:3c:06:
cb:4d:66:47:81:58:33:50:13:ae:bb:1c:75:4a:06:62:9c:75:
40:9b:37:c8:da:0b:b1:ad:60:45:2d:7b:15:1f:37:0d:a8:1b:
1f:74:33:f1:53:29:26:bb:63:7e:91:26:33:72:97:07:72:5a:
cd:1c:46:33:28:b7:92:7e:ec:1c:5f:46:6e:42:00:7f:04:3d:
11:d5:28:84:27:b6:26:22:14:a7:45:ae:3f:95:54:f1:d5:c2:
48:8c:d6:e3:6a:a7:d5:69:5b:c9:4c:3a:b5:e4:49:47:74:17:
d4:76:bc:bc:d8:b4:f9:d5:5a:ef:17:78:04:ba:ff:23:2c:3c:
ce:df:c5:a8:57:06:ab:d2:7b:33:48:32:74:50:31:45:99:20:
f4:40:74:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZvk73Q+84dqnTcbZLuPU7UjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNzVkZjIxMmJhNTk4ZWUwYTViZjY4MGIyMWY1MGM0ZmM3
ZDY4ZTEwHhcNMjYwMTIyMDkwMDU2WhcNMjYwMTIzMDkwMDU2WjAzMTEwLwYDVQQD
Eyg0YTg3N2NiZjQ1Yzk5MGQ2OWJhMTUyMzVkYTY4Y2U4MzI1ZjNjNjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqts+uC5r5DNZUHoB5VaIYYsmn+n
gzfdI6WAf2xwyNLdVTikHXcwtf8ByJPAl7jUJgflLcHwuUJQSeqvsknT0eLOAEOU
Jc1hexPL6KCrTseNtoZjuBZ0DNxUZwgJUtlrSiQ3RFbGy8hKRSu+c4KAnU9E2DYO
47dbkAhQ55ZlTN8cSpYqLoGXhlyVp0iJDHiXIr4prbQ430y1X15nvn1xeD0qGjuk
nSxDrjxKkz0hhvWeggXrr1CUvTv4OD3qdplvx/+tCyFoxvcqSy091Jp1Cu2jAZ4+
RwNqxHLWloVzZmaK2ix1jc6ifVWUrO0E/hBN3WVlzoa1OzC+HuN4LWvD0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEqHfL9FyZDWm6FSNdpozoMl88acMB8GA1UdIwQY
MBaAFFN13yErpZjuClv2gLIfUMT8fWjhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTNYZklTdWxtTzRLV19hQXNoOVF4UHg5YU9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jNGZiMDAtMzljNS00OGE1LTkwM2It
MjUyZmQ5NjdiZmNjLzEvVTNYZklTdWxtTzRLV19hQXNoOVF4UHg5YU9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jNGZiMDAtMzljNS00OGE1LTkwM2ItMjUyZmQ5NjdiZmNj
LzEvVTNYZklTdWxtTzRLV19hQXNoOVF4UHg5YU9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdQY6O8c9
e0D3svrYUuJCdb3T/ShvvUV+YuE3Ar/zDiPt8BX59Nb3kCWUDTv+0YEDQLc512LN
mj2xPbbCsfEJ8FaAL+vbPJ4mUTsNljB0rZuqY/F9hG5qBZyBdMuletWbc4hur10z
6kQYGTwGy01mR4FYM1ATrrscdUoGYpx1QJs3yNoLsa1gRS17FR83DagbH3Qz8VMp
JrtjfpEmM3KXB3JazRxGMyi3kn7sHF9GbkIAfwQ9EdUohCe2JiIUp0WuP5VU8dXC
SIzW42qn1WlbyUw6teRJR3QX1Ha8vNi0+dVa7xd4BLr/Iyw8zt/FqFcGq9J7M0gy
dFAxRZkg9EB0Qw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:58:43 2026 by rpki-client