Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/58a4e1-dfc1-4d81-b2c6-216597e03f11/1/MXBn6Bphoh_cFIWY72ull1f6A4A.mft
File: MXBn6Bphoh_cFIWY72ull1f6A4A.mft (raw, json)
Hash identifier: I4v+By8pj/jKW0ebp6DHf3fRGLq8ETkgwtcJsW1fXQo=
Subject key identifier: 3D:6F:B3:F9:3C:BB:D5:BA:62:59:8F:90:4D:93:2E:EE:15:05:39:EC
Authority key identifier: 31:70:67:E8:1A:61:A2:1F:DC:14:85:98:EF:6B:A5:97:57:FA:03:80
Certificate issuer: /CN=317067e81a61a21fdc148598ef6ba59757fa0380
Certificate serial: 019CAE3548D676BC79DEE17547D7B6C7C616
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MXBn6Bphoh_cFIWY72ull1f6A4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/58a4e1-dfc1-4d81-b2c6-216597e03f11/1/MXBn6Bphoh_cFIWY72ull1f6A4A.mft
Manifest number: 0ACF
Signing time: Mon 02 Mar 2026 11:00:53 +0000
Manifest this update: Mon 02 Mar 2026 11:00:53 +0000
Manifest next update: Tue 03 Mar 2026 11:00:53 +0000
Files and hashes: 1: BbwIiJ0dE-v7C232paq9FAoO3W4.roa (hash: WYFi/4LJa1Z0T8GMuSQAQGpR48GKoJ2nZUJN8YeKMtE=)
2: MXBn6Bphoh_cFIWY72ull1f6A4A.crl (hash: Ql+7grFQihrnEk0Fi/uag9+rwd4W/XLKzBrnUN4rWac=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/58a4e1-dfc1-4d81-b2c6-216597e03f11/1/MXBn6Bphoh_cFIWY72ull1f6A4A.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/58a4e1-dfc1-4d81-b2c6-216597e03f11/1/MXBn6Bphoh_cFIWY72ull1f6A4A.mft
rsync://rpki.ripe.net/repository/DEFAULT/MXBn6Bphoh_cFIWY72ull1f6A4A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 11:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:35:48:d6:76:bc:79:de:e1:75:47:d7:b6:c7:c6:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=317067e81a61a21fdc148598ef6ba59757fa0380
Validity
Not Before: Mar 2 11:00:53 2026 GMT
Not After : Mar 3 11:00:53 2026 GMT
Subject: CN=3d6fb3f93cbbd5ba62598f904d932eee150539ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:1b:01:e6:c5:80:ca:e1:e4:03:d9:49:7b:ed:
23:95:8c:ac:74:c9:60:d2:2f:3d:41:ec:b8:86:bb:
d0:ad:cd:66:07:9b:2e:f5:fd:eb:fa:2b:10:30:c9:
0d:37:6e:46:ea:5c:8c:32:10:87:02:5f:98:be:43:
55:3f:10:23:5a:94:18:1f:22:6d:67:ea:53:7c:97:
78:17:6e:e4:2c:5c:31:56:e5:75:3c:68:a4:cc:75:
4d:5d:64:ec:f3:00:8d:43:2e:ee:10:1d:13:69:91:
dc:2a:32:45:73:0b:fe:f4:aa:d7:a7:de:45:bb:7b:
13:8a:eb:73:34:2c:54:3c:32:76:b6:48:7c:00:da:
8a:0f:fc:d0:a5:1a:7c:34:eb:04:b0:c7:4b:7d:ee:
f6:99:c3:b4:17:94:a6:70:65:0b:95:fc:df:17:70:
3a:f2:bd:f9:5b:f0:64:10:10:08:68:79:0a:8a:1d:
3b:cd:63:d4:59:05:8c:b1:d8:ad:84:50:30:1b:26:
af:22:ab:76:c8:c3:90:26:ee:2f:b5:b1:56:92:4a:
d6:95:50:da:44:6e:a7:c8:91:61:c6:ce:b8:fd:a3:
0c:68:31:69:75:ea:84:42:cf:39:45:88:dc:93:f6:
e0:7c:7b:29:f0:fd:7b:e0:a5:77:26:12:57:d1:77:
f6:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:6F:B3:F9:3C:BB:D5:BA:62:59:8F:90:4D:93:2E:EE:15:05:39:EC
X509v3 Authority Key Identifier:
keyid:31:70:67:E8:1A:61:A2:1F:DC:14:85:98:EF:6B:A5:97:57:FA:03:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MXBn6Bphoh_cFIWY72ull1f6A4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/58a4e1-dfc1-4d81-b2c6-216597e03f11/1/MXBn6Bphoh_cFIWY72ull1f6A4A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/58a4e1-dfc1-4d81-b2c6-216597e03f11/1/MXBn6Bphoh_cFIWY72ull1f6A4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a1:18:06:ff:b0:fb:82:79:a7:fd:ab:74:7d:a3:b4:7f:42:e0:
df:b3:70:7c:64:31:f2:f2:df:89:3a:3a:87:b3:90:cb:43:2f:
fc:a2:3f:83:10:79:30:65:25:ea:37:89:5e:29:df:a0:c1:bc:
af:78:b0:96:0f:1f:ba:1a:4e:bc:78:7b:d5:da:4b:42:1b:6b:
12:89:8a:4d:67:2b:97:6e:7e:9f:ef:b1:65:3f:f7:71:47:20:
40:e8:35:e8:54:59:b8:5d:ab:86:f2:39:00:60:a1:5e:71:4e:
7c:a2:15:5e:68:f3:81:91:6a:8d:ce:4e:ce:1d:41:71:e7:82:
0f:9a:aa:87:00:e0:e9:f9:62:fa:29:b7:54:f1:a2:29:d4:36:
db:4a:ed:39:e4:be:d0:aa:ad:f6:1e:49:fe:7d:17:a7:17:29:
8e:9c:09:24:44:dc:f1:dd:b3:b8:a9:e7:9b:78:57:9f:2e:cc:
e1:ba:7d:b8:33:b0:41:76:9d:f7:61:ab:6f:3f:22:b9:c7:34:
c6:8a:f3:31:b5:69:c9:ae:41:d1:d6:f9:13:d7:dd:a0:98:e6:
a2:8c:d8:ed:57:fd:e0:3c:31:ce:eb:5e:7b:ef:a6:f5:91:e7:
19:53:b7:dd:0e:6f:54:d5:d1:9d:62:5a:1e:cf:cd:55:b8:62:
05:e5:96:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyuNUjWdrx53uF1R9e2x8YWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNzA2N2U4MWE2MWEyMWZkYzE0ODU5OGVmNmJhNTk3NTdm
YTAzODAwHhcNMjYwMzAyMTEwMDUzWhcNMjYwMzAzMTEwMDUzWjAzMTEwLwYDVQQD
EygzZDZmYjNmOTNjYmJkNWJhNjI1OThmOTA0ZDkzMmVlZTE1MDUzOWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhsB5sWAyuHkA9lJe+0jlYysdMlg
0i89Qey4hrvQrc1mB5su9f3r+isQMMkNN25G6lyMMhCHAl+YvkNVPxAjWpQYHyJt
Z+pTfJd4F27kLFwxVuV1PGikzHVNXWTs8wCNQy7uEB0TaZHcKjJFcwv+9KrXp95F
u3sTiutzNCxUPDJ2tkh8ANqKD/zQpRp8NOsEsMdLfe72mcO0F5SmcGULlfzfF3A6
8r35W/BkEBAIaHkKih07zWPUWQWMsdithFAwGyavIqt2yMOQJu4vtbFWkkrWlVDa
RG6nyJFhxs64/aMMaDFpdeqEQs85RYjck/bgfHsp8P174KV3JhJX0Xf27wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD1vs/k8u9W6YlmPkE2TLu4VBTnsMB8GA1UdIwQY
MBaAFDFwZ+gaYaIf3BSFmO9rpZdX+gOAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVhCbjZCcGhvaF9jRklXWTcydWxsMWY2QTRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi81OGE0ZTEtZGZjMS00ZDgxLWIyYzYt
MjE2NTk3ZTAzZjExLzEvTVhCbjZCcGhvaF9jRklXWTcydWxsMWY2QTRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi81OGE0ZTEtZGZjMS00ZDgxLWIyYzYtMjE2NTk3ZTAzZjEx
LzEvTVhCbjZCcGhvaF9jRklXWTcydWxsMWY2QTRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoRgG/7D7
gnmn/at0faO0f0Lg37NwfGQx8vLfiTo6h7OQy0Mv/KI/gxB5MGUl6jeJXinfoMG8
r3iwlg8fuhpOvHh71dpLQhtrEomKTWcrl25+n++xZT/3cUcgQOg16FRZuF2rhvI5
AGChXnFOfKIVXmjzgZFqjc5Ozh1BceeCD5qqhwDg6fli+im3VPGiKdQ220rtOeS+
0Kqt9h5J/n0XpxcpjpwJJETc8d2zuKnnm3hXny7M4bp9uDOwQXad92Grbz8iucc0
xorzMbVpya5B0db5E9fdoJjmoozY7Vf94Dwxzutee++m9ZHnGVO33Q5vVNXRnWJa
Hs/NVbhiBeWWXA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:24:42 2026 by rpki-client