Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/40b2a9-b2c7-4223-8848-0d2e4205686f/1/67Ulb-PgcwKrcye3R7jfOCRcTt8.mft
File: 67Ulb-PgcwKrcye3R7jfOCRcTt8.mft (raw, json)
Hash identifier: oH7ljEj3lJHn2l19Hj2X5rYcBUSoV5AAigk8YferTTY=
Subject key identifier: 2E:02:62:2F:C4:7A:B0:8C:44:6D:8A:AD:05:37:2F:95:E1:C5:3C:87
Authority key identifier: EB:B5:25:6F:E3:E0:73:02:AB:73:27:B7:47:B8:DF:38:24:5C:4E:DF
Certificate issuer: /CN=ebb5256fe3e07302ab7327b747b8df38245c4edf
Certificate serial: 019CAE355EF39AE79F984CDBDA406AB428EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/67Ulb-PgcwKrcye3R7jfOCRcTt8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/40b2a9-b2c7-4223-8848-0d2e4205686f/1/67Ulb-PgcwKrcye3R7jfOCRcTt8.mft
Manifest number: 036C
Signing time: Mon 02 Mar 2026 11:00:59 +0000
Manifest this update: Mon 02 Mar 2026 11:00:59 +0000
Manifest next update: Tue 03 Mar 2026 11:00:59 +0000
Files and hashes: 1: 67Ulb-PgcwKrcye3R7jfOCRcTt8.crl (hash: DbTNXcAbWF/L9Mj5x7AT1K9059zWmNLuJYwl8KEAAgw=)
2: tz3awoZeBMuIdw8HRL7O9-b0MUY.roa (hash: a14NZqfBHqVj9Mn2LuS27VMbtbzXHlfv3zf5CSLerJI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/40b2a9-b2c7-4223-8848-0d2e4205686f/1/67Ulb-PgcwKrcye3R7jfOCRcTt8.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/40b2a9-b2c7-4223-8848-0d2e4205686f/1/67Ulb-PgcwKrcye3R7jfOCRcTt8.mft
rsync://rpki.ripe.net/repository/DEFAULT/67Ulb-PgcwKrcye3R7jfOCRcTt8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 11:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:35:5e:f3:9a:e7:9f:98:4c:db:da:40:6a:b4:28:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebb5256fe3e07302ab7327b747b8df38245c4edf
Validity
Not Before: Mar 2 11:00:59 2026 GMT
Not After : Mar 3 11:00:59 2026 GMT
Subject: CN=2e02622fc47ab08c446d8aad05372f95e1c53c87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:90:c3:4a:c3:f7:6e:c4:2e:ce:7d:d2:0e:37:
d0:38:c3:60:63:d2:d6:ed:db:d5:6e:ff:8a:8a:e0:
62:42:e0:f2:6f:2d:b7:e9:d7:3d:ab:95:f9:a4:84:
2f:8c:76:a2:08:6a:0b:7a:54:8c:1a:f2:b9:c6:9b:
d3:2b:8c:d4:57:07:5a:56:f9:06:80:b9:c9:1b:8a:
37:ea:21:da:5c:a2:47:dc:55:a0:9b:fd:c3:04:eb:
f5:d6:75:7a:58:b5:22:25:60:03:09:00:e1:17:0b:
6a:d5:06:fa:2c:2d:1a:78:04:4c:49:d3:0f:66:4a:
40:13:0c:12:9a:47:db:94:1d:d2:19:e9:26:40:b6:
fa:36:8c:62:de:c4:12:fe:21:e3:45:b0:90:99:28:
a7:81:18:a1:d6:a3:d0:4d:2c:35:ad:70:d6:14:b5:
21:ee:86:44:23:3c:93:a6:0b:27:55:81:4a:96:42:
5b:b2:98:94:83:eb:8a:ea:c5:76:ec:63:3e:d3:d5:
83:36:80:5c:e5:bb:b8:bf:36:e3:09:53:dd:73:99:
aa:28:f6:a8:9e:d5:31:60:7d:fc:4d:ba:8d:f3:45:
e9:83:96:3e:71:19:c0:f9:a2:cd:24:b6:27:e7:2e:
a1:00:4c:f2:3d:4f:6c:6b:83:ec:c9:2c:c2:fb:ad:
0b:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:02:62:2F:C4:7A:B0:8C:44:6D:8A:AD:05:37:2F:95:E1:C5:3C:87
X509v3 Authority Key Identifier:
keyid:EB:B5:25:6F:E3:E0:73:02:AB:73:27:B7:47:B8:DF:38:24:5C:4E:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/67Ulb-PgcwKrcye3R7jfOCRcTt8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/40b2a9-b2c7-4223-8848-0d2e4205686f/1/67Ulb-PgcwKrcye3R7jfOCRcTt8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/40b2a9-b2c7-4223-8848-0d2e4205686f/1/67Ulb-PgcwKrcye3R7jfOCRcTt8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7e:58:af:af:eb:bb:26:7b:03:c1:c2:c2:20:56:90:5d:d7:89:
58:a2:8c:5c:d6:2a:bf:13:2a:2a:df:ca:fa:de:30:29:2a:c2:
25:bd:f1:13:fd:48:fa:6a:c5:e5:a6:74:1f:2f:fb:94:b1:ec:
e7:4f:3f:92:e0:ba:b1:ea:af:d6:d2:62:57:4d:b7:cd:54:f2:
f5:3b:83:66:c8:d4:82:63:a1:0f:4f:78:f6:fb:1a:90:ea:b0:
68:32:4c:ef:85:ee:56:09:65:e4:1f:32:c2:e0:69:5b:15:a2:
74:f8:74:d8:dd:f4:a3:83:89:72:1f:7a:03:72:cd:24:0c:c1:
42:75:95:bb:6f:31:8b:58:3f:56:8c:84:b1:b4:65:45:c6:bc:
ad:35:a2:1f:32:2d:62:13:c0:1f:d7:2e:84:17:1f:32:44:29:
89:30:c9:c0:b4:36:5a:33:ce:4e:28:fd:ff:32:06:df:a8:99:
8e:5f:34:6e:a3:d2:4d:fc:5f:38:b3:d4:35:5e:6e:c4:7c:a7:
51:cb:df:72:88:c0:64:5f:2f:99:8a:f1:a7:f0:a6:08:1b:37:
aa:58:e4:18:07:2b:be:6d:d2:77:2a:24:02:39:47:6d:4a:6b:
95:16:e0:4a:1b:d1:c2:32:ad:d3:52:46:c3:9b:5f:a3:24:8e:
16:8f:ac:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyuNV7zmuefmEzb2kBqtCjuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViYjUyNTZmZTNlMDczMDJhYjczMjdiNzQ3YjhkZjM4MjQ1
YzRlZGYwHhcNMjYwMzAyMTEwMDU5WhcNMjYwMzAzMTEwMDU5WjAzMTEwLwYDVQQD
EygyZTAyNjIyZmM0N2FiMDhjNDQ2ZDhhYWQwNTM3MmY5NWUxYzUzYzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3JDDSsP3bsQuzn3SDjfQOMNgY9LW
7dvVbv+KiuBiQuDyby236dc9q5X5pIQvjHaiCGoLelSMGvK5xpvTK4zUVwdaVvkG
gLnJG4o36iHaXKJH3FWgm/3DBOv11nV6WLUiJWADCQDhFwtq1Qb6LC0aeARMSdMP
ZkpAEwwSmkfblB3SGekmQLb6Noxi3sQS/iHjRbCQmSingRih1qPQTSw1rXDWFLUh
7oZEIzyTpgsnVYFKlkJbspiUg+uK6sV27GM+09WDNoBc5bu4vzbjCVPdc5mqKPao
ntUxYH38TbqN80Xpg5Y+cRnA+aLNJLYn5y6hAEzyPU9sa4PsySzC+60L1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC4CYi/EerCMRG2KrQU3L5XhxTyHMB8GA1UdIwQY
MBaAFOu1JW/j4HMCq3Mnt0e43zgkXE7fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjdVbGItUGdjd0tyY3llM1I3amZPQ1JjVHQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS80MGIyYTktYjJjNy00MjIzLTg4NDgt
MGQyZTQyMDU2ODZmLzEvNjdVbGItUGdjd0tyY3llM1I3amZPQ1JjVHQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS80MGIyYTktYjJjNy00MjIzLTg4NDgtMGQyZTQyMDU2ODZm
LzEvNjdVbGItUGdjd0tyY3llM1I3amZPQ1JjVHQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAflivr+u7
JnsDwcLCIFaQXdeJWKKMXNYqvxMqKt/K+t4wKSrCJb3xE/1I+mrF5aZ0Hy/7lLHs
508/kuC6seqv1tJiV023zVTy9TuDZsjUgmOhD0949vsakOqwaDJM74XuVgll5B8y
wuBpWxWidPh02N30o4OJch96A3LNJAzBQnWVu28xi1g/VoyEsbRlRca8rTWiHzIt
YhPAH9cuhBcfMkQpiTDJwLQ2WjPOTij9/zIG36iZjl80bqPSTfxfOLPUNV5uxHyn
UcvfcojAZF8vmYrxp/CmCBs3qljkGAcrvm3SdyokAjlHbUprlRbgShvRwjKt01JG
w5tfoySOFo+sEg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:55:48 2026 by rpki-client