Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
File: VmhcNSHqj-av5l1TOjsZno92UFs.mft (raw, json)
Hash identifier: ITG8XQ4rEvOdawoRGFmM9nl9gPIPqP+Oaz1moWoun9U=
Subject key identifier: 3A:3E:83:7E:9E:96:AA:45:F7:74:95:DB:60:C7:B8:4B:CA:E9:52:00
Authority key identifier: 56:68:5C:35:21:EA:8F:E6:AF:E6:5D:53:3A:3B:19:9E:8F:76:50:5B
Certificate issuer: /CN=56685c3521ea8fe6afe65d533a3b199e8f76505b
Certificate serial: 019B8D9A1EF6D01DF811D85493BAD7B60FFC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
Manifest number: 16B7
Signing time: Mon 05 Jan 2026 10:00:46 +0000
Manifest this update: Mon 05 Jan 2026 10:00:46 +0000
Manifest next update: Tue 06 Jan 2026 10:00:46 +0000
Files and hashes: 1: VmhcNSHqj-av5l1TOjsZno92UFs.crl (hash: Y2URyV5+IzsCVY230EqwW+lWjonj4mKK9CsSqj/H9ho=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:8d:9a:1e:f6:d0:1d:f8:11:d8:54:93:ba:d7:b6:0f:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56685c3521ea8fe6afe65d533a3b199e8f76505b
Validity
Not Before: Jan 5 10:00:46 2026 GMT
Not After : Jan 6 10:00:46 2026 GMT
Subject: CN=3a3e837e9e96aa45f77495db60c7b84bcae95200
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:92:8f:af:9f:95:43:92:03:d2:6c:14:81:f8:
f3:03:a9:6b:11:af:4b:d4:b2:e7:7b:e0:1e:0d:79:
94:69:70:ed:b7:0e:77:b0:f3:4b:cf:19:1a:c6:5a:
02:f1:47:a7:4c:be:39:5a:7e:eb:a2:36:24:e3:66:
5f:72:d3:de:e1:45:79:33:12:07:29:8d:12:b0:07:
51:4a:04:60:3d:64:85:ac:54:7c:34:6b:b0:40:2a:
f9:26:24:17:97:49:99:92:64:a0:ee:50:22:e3:82:
ad:fb:0b:06:74:6c:10:90:51:b0:1b:b5:06:f0:89:
b3:8c:ff:2b:74:19:b3:c2:c2:ee:bc:ff:5b:52:03:
66:e7:8d:6c:8a:73:48:4a:9f:2b:ca:33:ce:d7:bc:
6c:87:45:08:b4:8d:0a:3a:3d:7d:20:f1:11:ec:bf:
c2:83:59:09:a8:08:57:13:9e:eb:5d:ba:19:ab:ee:
fb:d2:ce:db:f7:94:97:b8:dc:6e:2b:6d:84:b5:31:
be:43:95:8d:53:2a:16:a4:d5:69:e4:57:f2:57:95:
69:28:1a:72:dd:44:4b:7d:9e:13:21:00:99:c5:7a:
5d:af:e6:ce:40:ed:2c:df:e5:ee:3b:74:b9:3b:28:
8e:89:7c:d1:3a:0e:f4:0e:e3:c6:b5:a5:a2:18:15:
29:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:3E:83:7E:9E:96:AA:45:F7:74:95:DB:60:C7:B8:4B:CA:E9:52:00
X509v3 Authority Key Identifier:
keyid:56:68:5C:35:21:EA:8F:E6:AF:E6:5D:53:3A:3B:19:9E:8F:76:50:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:e6:49:75:de:50:ea:25:56:95:45:be:ac:46:7b:89:7f:95:
3e:bd:76:01:37:98:9f:2e:d6:1a:b8:26:24:48:83:c3:e2:59:
63:63:64:1f:d6:c5:de:43:97:6f:17:14:16:74:a7:b0:95:1c:
1f:c0:76:30:e8:f8:76:40:77:c2:0e:65:74:dc:c4:50:a0:d1:
28:66:01:08:db:8d:36:d8:cd:98:36:d8:fc:68:eb:a6:ca:aa:
c2:29:e1:65:9f:9f:cf:e3:60:f1:88:8b:8b:e3:6f:8f:99:11:
24:a4:3b:65:09:c8:99:4a:3a:15:b7:0b:73:ea:39:fa:3d:e2:
87:10:7c:37:0a:fb:6b:57:4e:89:7c:ea:cf:90:5b:c7:21:29:
96:ca:02:f7:9f:46:12:b1:13:f2:3e:59:66:73:64:d5:4e:d0:
ef:f4:ce:ea:df:c4:e1:7c:80:72:b6:30:c3:de:bf:08:dd:aa:
39:c5:7a:d3:1e:ee:47:05:09:15:44:fa:cd:14:d0:ef:5d:bb:
fe:1e:11:4b:5c:d0:4b:50:8b:68:3b:0b:10:47:e6:0a:6e:c9:
79:6b:9e:36:d1:2f:a9:36:8e:e7:63:82:b7:d7:6e:10:9f:a9:
bb:e9:62:82:ce:49:56:b6:3d:32:db:f4:0f:74:39:a5:ec:e0:
d1:58:69:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZuNmh720B34EdhUk7rXtg/8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Njg1YzM1MjFlYThmZTZhZmU2NWQ1MzNhM2IxOTllOGY3
NjUwNWIwHhcNMjYwMTA1MTAwMDQ2WhcNMjYwMTA2MTAwMDQ2WjAzMTEwLwYDVQQD
EygzYTNlODM3ZTllOTZhYTQ1Zjc3NDk1ZGI2MGM3Yjg0YmNhZTk1MjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJKPr5+VQ5ID0mwUgfjzA6lrEa9L
1LLne+AeDXmUaXDttw53sPNLzxkaxloC8UenTL45Wn7rojYk42ZfctPe4UV5MxIH
KY0SsAdRSgRgPWSFrFR8NGuwQCr5JiQXl0mZkmSg7lAi44Kt+wsGdGwQkFGwG7UG
8ImzjP8rdBmzwsLuvP9bUgNm541sinNISp8ryjPO17xsh0UItI0KOj19IPER7L/C
g1kJqAhXE57rXboZq+770s7b95SXuNxuK22EtTG+Q5WNUyoWpNVp5FfyV5VpKBpy
3URLfZ4TIQCZxXpdr+bOQO0s3+XuO3S5OyiOiXzROg70DuPGtaWiGBUpiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDo+g36elqpF93SV22DHuEvK6VIAMB8GA1UdIwQY
MBaAFFZoXDUh6o/mr+ZdUzo7GZ6PdlBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8xNmZjZDItNWRlMy00MjE2LWE3NWMt
NThjMzI4OTVkY2RlLzEvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8xNmZjZDItNWRlMy00MjE2LWE3NWMtNThjMzI4OTVkY2Rl
LzEvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIeZJdd5Q
6iVWlUW+rEZ7iX+VPr12ATeYny7WGrgmJEiDw+JZY2NkH9bF3kOXbxcUFnSnsJUc
H8B2MOj4dkB3wg5ldNzEUKDRKGYBCNuNNtjNmDbY/GjrpsqqwinhZZ+fz+Ng8YiL
i+Nvj5kRJKQ7ZQnImUo6FbcLc+o5+j3ihxB8Nwr7a1dOiXzqz5BbxyEplsoC959G
ErET8j5ZZnNk1U7Q7/TO6t/E4XyAcrYww96/CN2qOcV60x7uRwUJFUT6zRTQ7127
/h4RS1zQS1CLaDsLEEfmCm7JeWueNtEvqTaO52OCt9duEJ+pu+ligs5JVrY9Mtv0
D3Q5pezg0VhpBg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:26:39 2026 by rpki-client