Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/cfd7a3-4624-40be-bb23-d7bff119fd5d/1/ur8nIaXXgzW3uX22OuxDXJyji8c.mft
File: ur8nIaXXgzW3uX22OuxDXJyji8c.mft (raw, json)
Hash identifier: lYGWIxDFX0kqcXRUaFN7RsOLAexTo8PVJZCdV6Ht0vg=
Subject key identifier: D6:53:A9:37:46:E2:46:ED:04:AD:68:02:B1:45:46:2D:99:6B:65:02
Authority key identifier: BA:BF:27:21:A5:D7:83:35:B7:B9:7D:B6:3A:EC:43:5C:9C:A3:8B:C7
Certificate issuer: /CN=babf2721a5d78335b7b97db63aec435c9ca38bc7
Certificate serial: 019D9AE30FCEDEDCE90519DDDA31539D2C7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ur8nIaXXgzW3uX22OuxDXJyji8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/cfd7a3-4624-40be-bb23-d7bff119fd5d/1/ur8nIaXXgzW3uX22OuxDXJyji8c.mft
Manifest number: 0ABC
Signing time: Fri 17 Apr 2026 10:01:04 +0000
Manifest this update: Fri 17 Apr 2026 10:01:04 +0000
Manifest next update: Sat 18 Apr 2026 10:01:04 +0000
Files and hashes: 1: ur8nIaXXgzW3uX22OuxDXJyji8c.crl (hash: c9Un4PaybgDNa+Ni+mXcnY7mVhqMdyIfTxhZPgWlI8A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/cfd7a3-4624-40be-bb23-d7bff119fd5d/1/ur8nIaXXgzW3uX22OuxDXJyji8c.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/cfd7a3-4624-40be-bb23-d7bff119fd5d/1/ur8nIaXXgzW3uX22OuxDXJyji8c.mft
rsync://rpki.ripe.net/repository/DEFAULT/ur8nIaXXgzW3uX22OuxDXJyji8c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 10:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:e3:0f:ce:de:dc:e9:05:19:dd:da:31:53:9d:2c:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=babf2721a5d78335b7b97db63aec435c9ca38bc7
Validity
Not Before: Apr 17 10:01:04 2026 GMT
Not After : Apr 18 10:01:04 2026 GMT
Subject: CN=d653a93746e246ed04ad6802b145462d996b6502
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8e:dc:68:fc:55:f7:67:ca:83:b8:93:4f:b9:
f5:78:d0:c5:52:1e:e9:90:40:16:32:9f:fd:1e:62:
7d:1e:fe:77:70:df:bf:12:13:b4:f8:9d:64:5b:08:
30:30:2c:92:0c:48:62:c7:ae:7d:08:18:9b:90:45:
25:15:e7:83:69:16:cc:d1:ae:55:9b:07:f3:6b:5d:
ce:e2:38:84:60:d7:50:bd:0e:04:7f:e9:eb:41:cb:
b9:c4:4d:37:21:66:34:dc:a2:d0:76:86:7b:cf:ea:
fd:17:a8:11:dc:dd:97:4f:c9:21:25:b8:ac:b1:eb:
a9:97:73:97:fe:c3:c8:b4:5b:bd:b3:05:64:e3:2d:
9b:aa:2b:76:85:49:35:87:16:70:d1:d4:23:ee:3e:
0b:c1:5c:ed:24:25:1a:fd:43:34:26:ca:f2:0c:e1:
37:33:01:14:6f:6f:cb:7a:be:2c:f0:33:fd:f9:5c:
80:90:4d:73:1e:c6:d3:fe:04:51:59:5d:2d:fc:c6:
f2:8a:37:c2:fd:27:a6:59:93:2c:e2:8e:e7:3e:77:
37:35:bb:37:e4:54:69:8d:5b:d5:a7:db:c9:8f:82:
90:ed:af:d6:28:af:43:19:db:43:48:a5:5a:27:b0:
39:b7:b1:12:ef:01:08:b2:cc:e0:d9:21:77:e8:e3:
43:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:53:A9:37:46:E2:46:ED:04:AD:68:02:B1:45:46:2D:99:6B:65:02
X509v3 Authority Key Identifier:
keyid:BA:BF:27:21:A5:D7:83:35:B7:B9:7D:B6:3A:EC:43:5C:9C:A3:8B:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ur8nIaXXgzW3uX22OuxDXJyji8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/cfd7a3-4624-40be-bb23-d7bff119fd5d/1/ur8nIaXXgzW3uX22OuxDXJyji8c.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/cfd7a3-4624-40be-bb23-d7bff119fd5d/1/ur8nIaXXgzW3uX22OuxDXJyji8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:23:fb:bb:3c:1f:af:22:b2:2d:f0:41:62:ee:a0:b7:7e:53:
5d:7a:b3:d0:7c:0f:8d:03:83:67:ea:ed:c3:74:4d:b8:11:d6:
7b:d0:44:c2:92:1b:b9:5e:65:b0:ba:03:bd:e6:44:95:0a:21:
66:33:a5:2f:53:ca:82:b4:3d:55:f2:1d:37:e7:01:ec:d8:ec:
85:0f:1f:a5:92:35:1b:0f:e9:b9:74:19:a4:d0:d7:0d:2e:94:
3b:db:84:2d:04:62:4f:f2:29:67:d7:3d:28:70:e2:2d:91:7c:
f0:92:6b:9d:4d:87:f8:1a:3f:c6:6e:90:11:bc:83:e7:be:04:
3f:98:af:42:00:c1:8f:18:44:08:34:5f:1d:4d:e4:d9:a0:07:
8a:eb:df:9d:6d:b2:fa:0e:9c:9a:0f:a7:9b:54:15:2f:45:a9:
66:a2:05:0e:98:a5:e6:d7:20:46:10:02:39:7a:2f:43:69:bb:
c1:11:5b:30:47:d6:39:7d:ed:85:d3:b1:00:43:e9:95:e2:2f:
1c:a4:bf:88:b7:70:30:87:7d:6e:5d:8b:9f:85:be:5c:78:f5:
ca:34:6d:98:6b:12:24:31:ed:0e:e8:f5:af:4f:22:35:c7:58:
33:ca:42:f8:35:e5:52:9a:9a:e1:ed:72:d6:3b:3e:f4:5c:47:
06:0d:03:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4w/O3tzpBRnd2jFTnSx8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYmYyNzIxYTVkNzgzMzViN2I5N2RiNjNhZWM0MzVjOWNh
MzhiYzcwHhcNMjYwNDE3MTAwMTA0WhcNMjYwNDE4MTAwMTA0WjAzMTEwLwYDVQQD
EyhkNjUzYTkzNzQ2ZTI0NmVkMDRhZDY4MDJiMTQ1NDYyZDk5NmI2NTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuI7caPxV92fKg7iTT7n1eNDFUh7p
kEAWMp/9HmJ9Hv53cN+/EhO0+J1kWwgwMCySDEhix659CBibkEUlFeeDaRbM0a5V
mwfza13O4jiEYNdQvQ4Ef+nrQcu5xE03IWY03KLQdoZ7z+r9F6gR3N2XT8khJbis
seupl3OX/sPItFu9swVk4y2bqit2hUk1hxZw0dQj7j4LwVztJCUa/UM0JsryDOE3
MwEUb2/Ler4s8DP9+VyAkE1zHsbT/gRRWV0t/MbyijfC/SemWZMs4o7nPnc3Nbs3
5FRpjVvVp9vJj4KQ7a/WKK9DGdtDSKVaJ7A5t7ES7wEIsszg2SF36ONDrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNZTqTdG4kbtBK1oArFFRi2Za2UCMB8GA1UdIwQY
MBaAFLq/JyGl14M1t7l9tjrsQ1yco4vHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXI4bklhWFhnelczdVgyMk91eERYSnlqaThjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9jZmQ3YTMtNDYyNC00MGJlLWJiMjMt
ZDdiZmYxMTlmZDVkLzEvdXI4bklhWFhnelczdVgyMk91eERYSnlqaThjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9jZmQ3YTMtNDYyNC00MGJlLWJiMjMtZDdiZmYxMTlmZDVk
LzEvdXI4bklhWFhnelczdVgyMk91eERYSnlqaThjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWyP7uzwf
ryKyLfBBYu6gt35TXXqz0HwPjQODZ+rtw3RNuBHWe9BEwpIbuV5lsLoDveZElQoh
ZjOlL1PKgrQ9VfIdN+cB7NjshQ8fpZI1Gw/puXQZpNDXDS6UO9uELQRiT/IpZ9c9
KHDiLZF88JJrnU2H+Bo/xm6QEbyD574EP5ivQgDBjxhECDRfHU3k2aAHiuvfnW2y
+g6cmg+nm1QVL0WpZqIFDpil5tcgRhACOXovQ2m7wRFbMEfWOX3thdOxAEPpleIv
HKS/iLdwMId9bl2Ln4W+XHj1yjRtmGsSJDHtDuj1r08iNcdYM8pC+DXlUpqa4e1y
1js+9FxHBg0DLA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:03:06 2026 by rpki-client