Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/b361ef-5f69-4bcb-983c-21128027255d/1/95d69YDIUMyL-QZJ-b2opqSL85Y.mft
File: 95d69YDIUMyL-QZJ-b2opqSL85Y.mft (raw, json)
Hash identifier: hZfMkGUj4TZxeGIHLoIektstrRtay024BYHTwTfxkjA=
Subject key identifier: 45:11:A2:AA:D6:20:37:F5:05:15:8F:ED:6E:8C:8A:8C:17:1C:9F:D5
Authority key identifier: F7:97:7A:F5:80:C8:50:CC:8B:F9:06:49:F9:BD:A8:A6:A4:8B:F3:96
Certificate issuer: /CN=f7977af580c850cc8bf90649f9bda8a6a48bf396
Certificate serial: 019CAAFD8295B4153B4FD3A493FFA786D8C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/95d69YDIUMyL-QZJ-b2opqSL85Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/b361ef-5f69-4bcb-983c-21128027255d/1/95d69YDIUMyL-QZJ-b2opqSL85Y.mft
Manifest number: 0ECA
Signing time: Sun 01 Mar 2026 20:01:06 +0000
Manifest this update: Sun 01 Mar 2026 20:01:06 +0000
Manifest next update: Mon 02 Mar 2026 20:01:06 +0000
Files and hashes: 1: 95d69YDIUMyL-QZJ-b2opqSL85Y.crl (hash: OT94zWLreR9fqGLeDy3A7y60ldlqKVunItgNxrtpGRo=)
2: HPRE78hg4t1aYjEQPZG29UT0QOA.roa (hash: A1oXXGq6GKY+VUtgixd06CMPLo5j1Dz220sTg4O4C18=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/b361ef-5f69-4bcb-983c-21128027255d/1/95d69YDIUMyL-QZJ-b2opqSL85Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/b361ef-5f69-4bcb-983c-21128027255d/1/95d69YDIUMyL-QZJ-b2opqSL85Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/95d69YDIUMyL-QZJ-b2opqSL85Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:fd:82:95:b4:15:3b:4f:d3:a4:93:ff:a7:86:d8:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7977af580c850cc8bf90649f9bda8a6a48bf396
Validity
Not Before: Mar 1 20:01:06 2026 GMT
Not After : Mar 2 20:01:06 2026 GMT
Subject: CN=4511a2aad62037f505158fed6e8c8a8c171c9fd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:53:9c:b2:03:cd:31:dd:27:2f:d6:dc:b4:fa:
b0:c5:a1:f1:31:38:d1:06:e6:f0:e1:37:dd:2b:b7:
e5:a4:8a:9d:3d:df:66:3f:3f:41:da:19:f8:ce:4f:
a5:dc:ff:03:ba:6a:7f:8f:fc:19:2b:9e:d9:ba:90:
ca:31:7c:79:8b:6a:fd:0f:8d:ef:90:7b:a6:a9:6d:
80:bc:d8:48:43:10:5c:3f:56:a9:d4:26:e2:c9:7e:
86:40:36:47:35:2f:07:63:d8:2f:c8:eb:57:1d:32:
fd:33:ed:6d:df:79:ca:08:f7:b9:a3:e4:d6:d8:41:
04:ba:3a:91:1a:dc:d9:4d:04:e8:96:e9:e4:3c:9d:
02:d0:3e:26:d7:c9:bc:ef:78:dc:da:c4:05:4c:a4:
1f:00:1c:91:be:51:13:6c:69:7d:79:27:50:3e:53:
a9:0e:0a:5b:e3:67:bc:c8:cf:e0:fc:29:cd:fc:40:
57:a3:17:30:84:51:e3:9c:1d:8f:a7:32:7c:ac:2e:
d3:2f:03:cb:95:bc:85:b8:59:46:19:0e:dc:af:06:
9f:41:09:f4:1d:30:44:2a:be:93:a5:5d:f1:ca:e6:
eb:85:29:16:b6:34:c4:12:53:24:a9:9b:7f:aa:dd:
ad:53:7f:25:a8:2b:78:0c:52:4b:f0:87:8f:5d:11:
59:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:11:A2:AA:D6:20:37:F5:05:15:8F:ED:6E:8C:8A:8C:17:1C:9F:D5
X509v3 Authority Key Identifier:
keyid:F7:97:7A:F5:80:C8:50:CC:8B:F9:06:49:F9:BD:A8:A6:A4:8B:F3:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/95d69YDIUMyL-QZJ-b2opqSL85Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/b361ef-5f69-4bcb-983c-21128027255d/1/95d69YDIUMyL-QZJ-b2opqSL85Y.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/b361ef-5f69-4bcb-983c-21128027255d/1/95d69YDIUMyL-QZJ-b2opqSL85Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
29:01:bb:93:db:98:a8:cd:46:4f:a4:ff:eb:ed:15:f9:ba:4f:
db:7e:36:31:dc:69:2f:e6:e6:5d:70:f7:ee:20:24:b9:03:84:
34:fa:e8:60:99:57:85:3f:10:75:68:d0:fd:38:a4:55:c2:bd:
a9:69:a1:c3:50:88:15:aa:c8:99:77:29:62:e7:f0:06:c0:f2:
2f:56:3c:91:9e:12:9f:08:47:62:93:50:3a:31:fd:45:bd:eb:
ce:68:77:e4:50:cf:14:a1:1e:79:c8:91:ef:81:0e:d2:db:35:
aa:1f:4c:ee:ae:9f:83:fc:54:48:88:3a:60:84:2b:e5:96:b5:
ed:3e:d2:da:08:a8:9e:5b:29:23:59:99:49:0c:44:06:c1:d2:
c8:4b:2a:b9:1c:bf:33:2a:f5:d9:62:01:b4:cf:09:25:e1:96:
49:af:4f:98:4f:4b:11:ad:00:04:21:b8:e7:cb:8a:84:23:e3:
26:3d:8e:48:5a:a0:86:1c:97:2d:23:eb:f2:87:ba:74:20:43:
e5:64:30:9e:b6:36:ce:f5:6c:e2:ee:1d:ca:b8:01:ff:65:cf:
66:4e:8c:1b:4b:19:e4:ea:b7:6c:6a:7e:1c:74:e3:03:d1:d6:
ff:99:44:6e:78:77:7c:32:07:4f:d9:04:70:8f:03:ba:a7:2a:
49:d4:c3:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyq/YKVtBU7T9Okk/+nhtjBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3OTc3YWY1ODBjODUwY2M4YmY5MDY0OWY5YmRhOGE2YTQ4
YmYzOTYwHhcNMjYwMzAxMjAwMTA2WhcNMjYwMzAyMjAwMTA2WjAzMTEwLwYDVQQD
Eyg0NTExYTJhYWQ2MjAzN2Y1MDUxNThmZWQ2ZThjOGE4YzE3MWM5ZmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVOcsgPNMd0nL9bctPqwxaHxMTjR
Bubw4TfdK7flpIqdPd9mPz9B2hn4zk+l3P8Dump/j/wZK57ZupDKMXx5i2r9D43v
kHumqW2AvNhIQxBcP1ap1CbiyX6GQDZHNS8HY9gvyOtXHTL9M+1t33nKCPe5o+TW
2EEEujqRGtzZTQTolunkPJ0C0D4m18m873jc2sQFTKQfAByRvlETbGl9eSdQPlOp
Dgpb42e8yM/g/CnN/EBXoxcwhFHjnB2PpzJ8rC7TLwPLlbyFuFlGGQ7crwafQQn0
HTBEKr6TpV3xyubrhSkWtjTEElMkqZt/qt2tU38lqCt4DFJL8IePXRFZMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEURoqrWIDf1BRWP7W6MiowXHJ/VMB8GA1UdIwQY
MBaAFPeXevWAyFDMi/kGSfm9qKaki/OWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTVkNjlZRElVTXlMLVFaSi1iMm9wcVNMODVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9iMzYxZWYtNWY2OS00YmNiLTk4M2Mt
MjExMjgwMjcyNTVkLzEvOTVkNjlZRElVTXlMLVFaSi1iMm9wcVNMODVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9iMzYxZWYtNWY2OS00YmNiLTk4M2MtMjExMjgwMjcyNTVk
LzEvOTVkNjlZRElVTXlMLVFaSi1iMm9wcVNMODVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKQG7k9uY
qM1GT6T/6+0V+bpP2342MdxpL+bmXXD37iAkuQOENProYJlXhT8QdWjQ/TikVcK9
qWmhw1CIFarImXcpYufwBsDyL1Y8kZ4SnwhHYpNQOjH9Rb3rzmh35FDPFKEeeciR
74EO0ts1qh9M7q6fg/xUSIg6YIQr5Za17T7S2gionlspI1mZSQxEBsHSyEsquRy/
Myr12WIBtM8JJeGWSa9PmE9LEa0ABCG458uKhCPjJj2OSFqghhyXLSPr8oe6dCBD
5WQwnrY2zvVs4u4dyrgB/2XPZk6MG0sZ5Oq3bGp+HHTjA9HW/5lEbnh3fDIHT9kE
cI8DuqcqSdTD8A==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:21:17 2026 by rpki-client