Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.mft
File: ufdKR6bRoL9MIW5fq02R-xKd89Y.mft (raw, json)
Hash identifier: txX1c4B1JmjBhXiDuyBNcwkka6Cjalw6aMdKMHiLDs0=
Subject key identifier: D2:08:74:4E:23:DC:AB:CA:9D:05:85:7E:97:36:38:F1:D0:EA:D1:F3
Authority key identifier: B9:F7:4A:47:A6:D1:A0:BF:4C:21:6E:5F:AB:4D:91:FB:12:9D:F3:D6
Certificate issuer: /CN=b9f74a47a6d1a0bf4c216e5fab4d91fb129df3d6
Certificate serial: 019CAAC6D53050E72681B2301F6A8EFACCD1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ufdKR6bRoL9MIW5fq02R-xKd89Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.mft
Manifest number: 0D7C
Signing time: Sun 01 Mar 2026 19:01:23 +0000
Manifest this update: Sun 01 Mar 2026 19:01:23 +0000
Manifest next update: Mon 02 Mar 2026 19:01:23 +0000
Files and hashes: 1: ufdKR6bRoL9MIW5fq02R-xKd89Y.crl (hash: 8XfnuVut0SWqN49oOzYANnDJgBheAN89UGP9JFiFnx4=)
2: xthXgiM7QFg5g-QceY1y5f74Rds.roa (hash: ov8Kweo+Ul8Z/hCjsozR/vUEJ009cmFNJtAjb/mVhe8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/ufdKR6bRoL9MIW5fq02R-xKd89Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:c6:d5:30:50:e7:26:81:b2:30:1f:6a:8e:fa:cc:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9f74a47a6d1a0bf4c216e5fab4d91fb129df3d6
Validity
Not Before: Mar 1 19:01:23 2026 GMT
Not After : Mar 2 19:01:23 2026 GMT
Subject: CN=d208744e23dcabca9d05857e973638f1d0ead1f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:3c:77:dc:99:f5:d0:45:91:63:d2:3a:72:26:
31:3d:b5:db:8c:3d:0a:68:d8:ff:cb:ae:52:3c:68:
a1:07:77:af:42:ce:a6:d1:cf:fb:cb:47:be:d2:80:
08:a6:e6:44:ed:33:54:47:de:75:00:e1:89:73:25:
d1:47:ea:b5:45:fc:e2:66:2d:e9:b9:d6:14:e3:60:
80:22:9f:bc:11:3e:b4:ef:90:b2:f3:71:e2:e0:be:
39:da:92:1e:7d:a1:6d:f9:bf:6c:55:1b:ff:ce:9b:
56:7c:5f:98:22:72:9e:df:91:49:61:25:ae:d2:3d:
53:03:53:3c:29:d0:bc:68:b7:f7:5f:73:c2:2b:52:
68:35:6f:84:b9:a6:27:a5:31:45:6a:5f:5e:31:8e:
3a:19:ac:81:86:ae:30:d9:89:ec:55:d3:38:56:f1:
4f:7a:2a:1d:29:62:56:68:71:be:6e:1e:49:d0:e2:
f3:73:fb:c3:73:38:f8:fa:77:03:cc:eb:4e:d1:14:
c9:e9:2f:76:34:68:d0:57:92:1b:f8:96:af:8b:2b:
30:7a:02:3b:c6:bd:16:da:53:7f:70:85:fd:37:76:
a2:9c:1a:92:79:ea:28:3a:75:23:68:8e:a8:0d:b3:
b9:d6:8d:42:92:e5:75:1a:51:7e:e7:83:4e:ec:ff:
34:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:08:74:4E:23:DC:AB:CA:9D:05:85:7E:97:36:38:F1:D0:EA:D1:F3
X509v3 Authority Key Identifier:
keyid:B9:F7:4A:47:A6:D1:A0:BF:4C:21:6E:5F:AB:4D:91:FB:12:9D:F3:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ufdKR6bRoL9MIW5fq02R-xKd89Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:1e:b4:a8:ba:b0:5e:f2:54:bb:82:07:21:22:19:fa:73:f3:
10:ac:93:5c:e6:b9:63:3b:23:c4:d0:62:98:61:74:59:88:18:
34:0b:98:63:24:f0:8b:ea:a4:79:f9:57:d1:66:33:b1:0b:21:
36:0b:1b:0f:70:ce:4d:d7:c3:78:48:e1:27:b9:83:8c:88:3f:
2a:80:9d:d5:25:eb:1b:46:82:b4:e5:8c:de:58:fe:5d:e1:7d:
1d:f6:79:e8:c5:ee:6d:88:f6:c2:3e:47:94:d0:0d:db:e3:3e:
2d:ce:87:48:d0:8a:ed:79:85:75:f9:77:58:ec:1e:4a:c9:d7:
f1:9f:93:12:89:06:6b:1e:d8:4e:e1:71:40:c0:3d:f9:bb:b5:
fd:06:05:68:84:65:13:07:55:ec:92:bb:27:5a:ba:82:5b:6f:
4d:36:4b:28:0f:19:96:25:96:34:6c:9b:68:3c:ef:8d:24:93:
c4:09:6e:61:f2:52:87:72:16:ab:1a:a1:f5:de:5a:32:01:1e:
5a:22:b6:59:e0:1c:cb:da:88:22:e3:6e:28:2e:9c:ac:aa:97:
1c:ae:44:2d:be:26:9c:0e:3f:12:a8:a2:8e:af:1f:3f:17:98:
99:ca:c7:c8:ba:42:fd:13:76:3f:cd:78:47:41:8b:5a:a7:45:
29:df:8f:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxtUwUOcmgbIwH2qO+szRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5Zjc0YTQ3YTZkMWEwYmY0YzIxNmU1ZmFiNGQ5MWZiMTI5
ZGYzZDYwHhcNMjYwMzAxMTkwMTIzWhcNMjYwMzAyMTkwMTIzWjAzMTEwLwYDVQQD
EyhkMjA4NzQ0ZTIzZGNhYmNhOWQwNTg1N2U5NzM2MzhmMWQwZWFkMWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDx33Jn10EWRY9I6ciYxPbXbjD0K
aNj/y65SPGihB3evQs6m0c/7y0e+0oAIpuZE7TNUR951AOGJcyXRR+q1RfziZi3p
udYU42CAIp+8ET6075Cy83Hi4L452pIefaFt+b9sVRv/zptWfF+YInKe35FJYSWu
0j1TA1M8KdC8aLf3X3PCK1JoNW+EuaYnpTFFal9eMY46GayBhq4w2YnsVdM4VvFP
eiodKWJWaHG+bh5J0OLzc/vDczj4+ncDzOtO0RTJ6S92NGjQV5Ib+JaviyswegI7
xr0W2lN/cIX9N3ainBqSeeooOnUjaI6oDbO51o1CkuV1GlF+54NO7P80AQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNIIdE4j3KvKnQWFfpc2OPHQ6tHzMB8GA1UdIwQY
MBaAFLn3Skem0aC/TCFuX6tNkfsSnfPWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWZkS1I2YlJvTDlNSVc1ZnEwMlIteEtkODlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8yNGEwYmQtMDgzOC00Yzk1LTljY2Qt
MzBmNjA4YWRlNDhkLzEvdWZkS1I2YlJvTDlNSVc1ZnEwMlIteEtkODlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8yNGEwYmQtMDgzOC00Yzk1LTljY2QtMzBmNjA4YWRlNDhk
LzEvdWZkS1I2YlJvTDlNSVc1ZnEwMlIteEtkODlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADh60qLqw
XvJUu4IHISIZ+nPzEKyTXOa5YzsjxNBimGF0WYgYNAuYYyTwi+qkeflX0WYzsQsh
NgsbD3DOTdfDeEjhJ7mDjIg/KoCd1SXrG0aCtOWM3lj+XeF9HfZ56MXubYj2wj5H
lNAN2+M+Lc6HSNCK7XmFdfl3WOweSsnX8Z+TEokGax7YTuFxQMA9+bu1/QYFaIRl
EwdV7JK7J1q6gltvTTZLKA8ZliWWNGybaDzvjSSTxAluYfJSh3IWqxqh9d5aMgEe
WiK2WeAcy9qIIuNuKC6crKqXHK5ELb4mnA4/Eqiijq8fPxeYmcrHyLpC/RN2P814
R0GLWqdFKd+PVw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:44:00 2026 by rpki-client