Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/b2990d-4c52-42fa-b6b7-e0a4a4f9cabc/1/AlY31IiO4AWN6a06cMQtxGmWmpk.mft
File: AlY31IiO4AWN6a06cMQtxGmWmpk.mft (raw, json)
Hash identifier: bF2j+WGSHiZFKko7qbcqcaE5pkmQ8eU0Hta4qwN1Kek=
Subject key identifier: 4A:B2:FC:6B:A0:5D:52:BC:D0:1B:DB:58:99:A6:F7:B7:81:AB:21:0B
Authority key identifier: 02:56:37:D4:88:8E:E0:05:8D:E9:AD:3A:70:C4:2D:C4:69:96:9A:99
Certificate issuer: /CN=025637d4888ee0058de9ad3a70c42dc469969a99
Certificate serial: 019CABD9B6FA2F12BE1D7FFA2795133F2C54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AlY31IiO4AWN6a06cMQtxGmWmpk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/b2990d-4c52-42fa-b6b7-e0a4a4f9cabc/1/AlY31IiO4AWN6a06cMQtxGmWmpk.mft
Manifest number: 0CBC
Signing time: Mon 02 Mar 2026 00:01:37 +0000
Manifest this update: Mon 02 Mar 2026 00:01:37 +0000
Manifest next update: Tue 03 Mar 2026 00:01:37 +0000
Files and hashes: 1: AlY31IiO4AWN6a06cMQtxGmWmpk.crl (hash: FzB2K6mUGx0dl2ZmhrPgCtWg+l6S9i/yiCYOqYwFcMI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/b2990d-4c52-42fa-b6b7-e0a4a4f9cabc/1/AlY31IiO4AWN6a06cMQtxGmWmpk.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/b2990d-4c52-42fa-b6b7-e0a4a4f9cabc/1/AlY31IiO4AWN6a06cMQtxGmWmpk.mft
rsync://rpki.ripe.net/repository/DEFAULT/AlY31IiO4AWN6a06cMQtxGmWmpk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:d9:b6:fa:2f:12:be:1d:7f:fa:27:95:13:3f:2c:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=025637d4888ee0058de9ad3a70c42dc469969a99
Validity
Not Before: Mar 2 00:01:37 2026 GMT
Not After : Mar 3 00:01:37 2026 GMT
Subject: CN=4ab2fc6ba05d52bcd01bdb5899a6f7b781ab210b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d5:80:e4:2d:8d:c2:53:3a:87:34:ae:cd:30:
f3:c3:0c:61:a0:de:30:4e:b0:02:5f:23:df:a9:e1:
11:fe:5a:ae:6b:cd:1f:d0:61:8a:17:09:64:25:03:
44:f3:62:b5:ba:42:e8:98:a1:16:fa:c5:68:df:ab:
02:8a:57:69:88:f5:b4:27:b1:f7:0b:c3:88:6d:f1:
dc:77:bd:a4:7a:95:30:03:75:ef:87:96:5d:db:80:
5d:68:a3:3e:ed:27:6f:1e:85:50:2f:20:93:1d:51:
fd:e3:7f:11:bc:5b:90:ee:92:6b:60:fa:93:7d:ca:
5f:ed:01:e6:09:f9:ee:1d:be:da:af:39:e7:b9:6c:
b0:94:3e:d7:d5:c9:c4:46:f8:a2:d6:4f:b5:0f:ef:
39:f6:ec:e5:6f:6f:df:c2:1e:47:5a:31:b9:d5:82:
a6:e8:b0:31:bc:f2:aa:99:98:a5:f1:62:34:a8:4c:
c6:c5:41:e8:0c:5c:ac:f2:d3:0b:c5:86:4a:97:6b:
62:2a:01:a0:86:2e:91:4b:fc:97:cf:c8:eb:c0:ce:
f1:04:27:9f:d6:c4:73:70:47:38:d0:cd:13:07:96:
51:c8:9f:dc:aa:b5:cd:1d:3a:69:3b:a7:4a:6c:10:
87:49:c1:96:aa:aa:b9:cf:0a:84:b5:4b:7a:9c:42:
88:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:B2:FC:6B:A0:5D:52:BC:D0:1B:DB:58:99:A6:F7:B7:81:AB:21:0B
X509v3 Authority Key Identifier:
keyid:02:56:37:D4:88:8E:E0:05:8D:E9:AD:3A:70:C4:2D:C4:69:96:9A:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AlY31IiO4AWN6a06cMQtxGmWmpk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/b2990d-4c52-42fa-b6b7-e0a4a4f9cabc/1/AlY31IiO4AWN6a06cMQtxGmWmpk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/b2990d-4c52-42fa-b6b7-e0a4a4f9cabc/1/AlY31IiO4AWN6a06cMQtxGmWmpk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
69:ef:1b:d4:25:f9:39:2f:6d:d4:25:98:f2:64:73:85:59:a8:
4e:2d:79:04:c8:93:4d:42:db:dc:53:d2:5f:ce:b7:e4:a6:d7:
cc:9e:72:1c:46:86:d8:0b:86:59:2f:7f:df:d6:83:6d:e8:b2:
df:4a:ef:9f:b2:ac:1a:b6:21:b6:25:d2:0e:b8:b1:75:91:8e:
dd:5f:95:5e:df:40:3d:89:9d:95:8c:ac:82:a6:17:7a:07:d7:
ac:a9:10:ce:0d:b4:9f:b6:4f:6b:d2:aa:4a:6d:6e:10:e2:c3:
de:10:e4:a3:c0:be:dd:db:95:36:72:33:29:57:28:a6:22:86:
21:9c:48:e7:19:34:b2:0d:e5:df:d1:72:1e:b0:c7:6c:2d:ce:
c4:e6:29:c6:89:5c:b4:8e:32:38:38:8d:5a:7b:63:92:25:cc:
36:c0:06:a4:4e:88:b9:81:3f:8d:f5:fc:c5:aa:89:03:be:1c:
c3:c9:a9:43:b8:17:b1:9f:6c:25:53:a4:1d:23:10:15:2b:84:
8b:42:78:1b:c7:12:b0:2b:22:48:18:80:4c:61:0a:b9:02:8c:
ad:0f:4b:50:b0:01:23:4e:8d:e4:4e:27:d1:5f:62:25:ac:73:
80:83:e4:c2:51:9f:97:f7:18:69:ad:1a:f6:b2:47:5b:92:5e:
3f:c2:84:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2bb6LxK+HX/6J5UTPyxUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNTYzN2Q0ODg4ZWUwMDU4ZGU5YWQzYTcwYzQyZGM0Njk5
NjlhOTkwHhcNMjYwMzAyMDAwMTM3WhcNMjYwMzAzMDAwMTM3WjAzMTEwLwYDVQQD
Eyg0YWIyZmM2YmEwNWQ1MmJjZDAxYmRiNTg5OWE2ZjdiNzgxYWIyMTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdWA5C2NwlM6hzSuzTDzwwxhoN4w
TrACXyPfqeER/lqua80f0GGKFwlkJQNE82K1ukLomKEW+sVo36sCildpiPW0J7H3
C8OIbfHcd72kepUwA3Xvh5Zd24BdaKM+7SdvHoVQLyCTHVH9438RvFuQ7pJrYPqT
fcpf7QHmCfnuHb7arznnuWywlD7X1cnERvii1k+1D+859uzlb2/fwh5HWjG51YKm
6LAxvPKqmZil8WI0qEzGxUHoDFys8tMLxYZKl2tiKgGghi6RS/yXz8jrwM7xBCef
1sRzcEc40M0TB5ZRyJ/cqrXNHTppO6dKbBCHScGWqqq5zwqEtUt6nEKIZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEqy/GugXVK80BvbWJmm97eBqyELMB8GA1UdIwQY
MBaAFAJWN9SIjuAFjemtOnDELcRplpqZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWxZMzFJaU80QVdONmEwNmNNUXR4R21XbXBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9iMjk5MGQtNGM1Mi00MmZhLWI2Yjct
ZTBhNGE0ZjljYWJjLzEvQWxZMzFJaU80QVdONmEwNmNNUXR4R21XbXBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9iMjk5MGQtNGM1Mi00MmZhLWI2YjctZTBhNGE0ZjljYWJj
LzEvQWxZMzFJaU80QVdONmEwNmNNUXR4R21XbXBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAae8b1CX5
OS9t1CWY8mRzhVmoTi15BMiTTULb3FPSX8635KbXzJ5yHEaG2AuGWS9/39aDbeiy
30rvn7KsGrYhtiXSDrixdZGO3V+VXt9APYmdlYysgqYXegfXrKkQzg20n7ZPa9Kq
Sm1uEOLD3hDko8C+3duVNnIzKVcopiKGIZxI5xk0sg3l39FyHrDHbC3OxOYpxolc
tI4yODiNWntjkiXMNsAGpE6IuYE/jfX8xaqJA74cw8mpQ7gXsZ9sJVOkHSMQFSuE
i0J4G8cSsCsiSBiATGEKuQKMrQ9LULABI06N5E4n0V9iJaxzgIPkwlGfl/cYaa0a
9rJHW5JeP8KEsA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:52:18 2026 by rpki-client