Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/75b838-4ece-4998-8ad8-17d31dee8e12/1/up78qG3qcNPukBgWeMjrMOaRbR0.mft
File: up78qG3qcNPukBgWeMjrMOaRbR0.mft (raw, json)
Hash identifier: lKoTHHrYKTq/S4/l0KRIWMvN6GkhFh0Axn1nGjpwT8U=
Subject key identifier: 53:43:90:A1:BB:87:F7:62:6D:A3:73:9F:35:46:08:9B:92:AF:7F:AA
Authority key identifier: BA:9E:FC:A8:6D:EA:70:D3:EE:90:18:16:78:C8:EB:30:E6:91:6D:1D
Certificate issuer: /CN=ba9efca86dea70d3ee90181678c8eb30e6916d1d
Certificate serial: 019CABD91FCF21231D2688F7FAA3FF8B8CBA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/up78qG3qcNPukBgWeMjrMOaRbR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/75b838-4ece-4998-8ad8-17d31dee8e12/1/up78qG3qcNPukBgWeMjrMOaRbR0.mft
Manifest number: 17BC
Signing time: Mon 02 Mar 2026 00:00:59 +0000
Manifest this update: Mon 02 Mar 2026 00:00:59 +0000
Manifest next update: Tue 03 Mar 2026 00:00:59 +0000
Files and hashes: 1: o0Ar2DETFlUxLEOkeVUWjGR8WPc.roa (hash: opuyTRQFWnU43wU694s8uEjDvDG+GMKf+lea5jnxMmc=)
2: up78qG3qcNPukBgWeMjrMOaRbR0.crl (hash: RRGpU9Z9mAcAr3DSaVpKZl6MRrPhxnwNucT5XCGH+B0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/75b838-4ece-4998-8ad8-17d31dee8e12/1/up78qG3qcNPukBgWeMjrMOaRbR0.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/75b838-4ece-4998-8ad8-17d31dee8e12/1/up78qG3qcNPukBgWeMjrMOaRbR0.mft
rsync://rpki.ripe.net/repository/DEFAULT/up78qG3qcNPukBgWeMjrMOaRbR0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:d9:1f:cf:21:23:1d:26:88:f7:fa:a3:ff:8b:8c:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba9efca86dea70d3ee90181678c8eb30e6916d1d
Validity
Not Before: Mar 2 00:00:59 2026 GMT
Not After : Mar 3 00:00:59 2026 GMT
Subject: CN=534390a1bb87f7626da3739f3546089b92af7faa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a7:97:22:bc:a2:81:34:67:64:4f:ca:ab:23:
53:3e:24:b5:7d:61:50:01:8c:65:b5:a8:15:72:6f:
c5:29:79:e7:c8:a6:4f:69:e1:cc:5b:94:df:4b:57:
dc:59:67:89:f3:a0:af:28:5f:9a:25:c8:a3:83:21:
33:74:f7:b4:ea:06:7c:f1:33:f5:f8:0e:b2:e9:21:
65:d5:b8:b5:c3:43:0f:1b:15:64:8b:cc:f0:87:c7:
93:70:0f:b4:19:9c:eb:97:e3:b8:02:34:c1:ba:1e:
24:52:cc:89:95:e1:7f:8c:82:76:4d:27:8f:b2:6b:
a3:1c:4c:3d:d1:52:d7:7e:97:65:a0:0c:df:a0:89:
1a:27:d3:d5:a0:b6:b8:88:7d:1c:f6:17:f7:81:87:
a6:3f:f7:99:f6:f0:e9:c6:29:07:75:24:05:d3:95:
e8:56:a8:ac:dd:4a:75:6e:f8:fe:f2:a0:c9:49:42:
20:48:8e:e2:8b:71:79:e9:af:e4:e9:41:7a:03:a5:
18:88:2b:63:a8:21:28:99:32:b3:2f:6c:20:af:95:
41:ac:a7:26:f9:9d:b0:22:f2:c8:11:0f:1c:62:5f:
ca:db:48:da:0b:12:b4:35:2f:bd:55:2e:74:7e:fc:
8a:f3:d4:60:89:a9:1f:18:76:f8:22:04:c1:2a:cd:
96:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:43:90:A1:BB:87:F7:62:6D:A3:73:9F:35:46:08:9B:92:AF:7F:AA
X509v3 Authority Key Identifier:
keyid:BA:9E:FC:A8:6D:EA:70:D3:EE:90:18:16:78:C8:EB:30:E6:91:6D:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/up78qG3qcNPukBgWeMjrMOaRbR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/75b838-4ece-4998-8ad8-17d31dee8e12/1/up78qG3qcNPukBgWeMjrMOaRbR0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/75b838-4ece-4998-8ad8-17d31dee8e12/1/up78qG3qcNPukBgWeMjrMOaRbR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
09:92:15:c7:99:d0:8b:54:0b:86:7d:4f:aa:af:71:dc:d1:cc:
95:1c:8f:26:4f:65:26:ce:f8:b2:ec:c7:78:5b:0b:0d:e3:c9:
e8:b7:a6:3b:c5:44:62:fc:ec:b7:d2:6d:8b:97:69:56:02:32:
3c:55:77:77:dd:96:dc:8f:e8:ab:c5:cb:6e:3d:ba:9c:58:9c:
5c:2a:54:6d:10:9e:a8:d7:06:d3:f0:34:83:0a:17:1f:fb:ef:
3f:2b:43:b6:22:89:a6:37:e8:86:d4:7d:4c:a3:4f:b9:52:ab:
47:e9:97:4b:87:86:5c:f5:ff:c0:1b:cb:a8:46:4b:a4:ad:d2:
7f:76:25:ee:0f:b1:5b:95:5b:c8:01:17:d9:8a:45:20:4f:57:
34:af:ad:f2:93:86:d3:a0:6e:ab:42:4f:8f:aa:ff:1e:cf:c2:
1d:33:f8:9c:a1:99:a6:b9:a3:d2:26:1b:71:93:4c:f2:95:f5:
21:2f:1f:0c:62:dc:6e:d2:63:9e:4b:80:6a:a6:a4:d8:a8:47:
35:d4:a5:7f:9d:9d:8b:0e:14:ce:53:49:94:3e:6f:4f:e7:33:
d9:39:b9:fc:0d:0c:18:14:b7:db:fc:bb:c7:34:bd:e9:9b:fc:
e0:b9:52:5e:1e:3c:fa:98:e2:0e:92:ca:c6:b0:cb:11:38:11:
86:1f:c3:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2R/PISMdJoj3+qP/i4y6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOWVmY2E4NmRlYTcwZDNlZTkwMTgxNjc4YzhlYjMwZTY5
MTZkMWQwHhcNMjYwMzAyMDAwMDU5WhcNMjYwMzAzMDAwMDU5WjAzMTEwLwYDVQQD
Eyg1MzQzOTBhMWJiODdmNzYyNmRhMzczOWYzNTQ2MDg5YjkyYWY3ZmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaeXIryigTRnZE/KqyNTPiS1fWFQ
AYxltagVcm/FKXnnyKZPaeHMW5TfS1fcWWeJ86CvKF+aJcijgyEzdPe06gZ88TP1
+A6y6SFl1bi1w0MPGxVki8zwh8eTcA+0GZzrl+O4AjTBuh4kUsyJleF/jIJ2TSeP
smujHEw90VLXfpdloAzfoIkaJ9PVoLa4iH0c9hf3gYemP/eZ9vDpxikHdSQF05Xo
Vqis3Up1bvj+8qDJSUIgSI7ii3F56a/k6UF6A6UYiCtjqCEomTKzL2wgr5VBrKcm
+Z2wIvLIEQ8cYl/K20jaCxK0NS+9VS50fvyK89RgiakfGHb4IgTBKs2WGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFNDkKG7h/dibaNznzVGCJuSr3+qMB8GA1UdIwQY
MBaAFLqe/Kht6nDT7pAYFnjI6zDmkW0dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXA3OHFHM3FjTlB1a0JnV2VNanJNT2FSYlIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi83NWI4MzgtNGVjZS00OTk4LThhZDgt
MTdkMzFkZWU4ZTEyLzEvdXA3OHFHM3FjTlB1a0JnV2VNanJNT2FSYlIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi83NWI4MzgtNGVjZS00OTk4LThhZDgtMTdkMzFkZWU4ZTEy
LzEvdXA3OHFHM3FjTlB1a0JnV2VNanJNT2FSYlIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACZIVx5nQ
i1QLhn1Pqq9x3NHMlRyPJk9lJs74suzHeFsLDePJ6LemO8VEYvzst9Jti5dpVgIy
PFV3d92W3I/oq8XLbj26nFicXCpUbRCeqNcG0/A0gwoXH/vvPytDtiKJpjfohtR9
TKNPuVKrR+mXS4eGXPX/wBvLqEZLpK3Sf3Yl7g+xW5VbyAEX2YpFIE9XNK+t8pOG
06Buq0JPj6r/Hs/CHTP4nKGZprmj0iYbcZNM8pX1IS8fDGLcbtJjnkuAaqak2KhH
NdSlf52diw4UzlNJlD5vT+cz2Tm5/A0MGBS32/y7xzS96Zv84LlSXh48+pjiDpLK
xrDLETgRhh/D9w==
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:51:34 2026 by rpki-client