Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/deebb8-ae86-4694-a972-827a0ac04a9d/1/4toj07kw1MHzrHMGXXGmB8NdKQA.mft
File: 4toj07kw1MHzrHMGXXGmB8NdKQA.mft (raw, json)
Hash identifier: Lub3ozkbCXSOw5me4UTcvNqwM0Bhby/lMKmIWhFz19s=
Subject key identifier: 08:6A:FC:A6:1E:EC:D7:89:D7:7D:01:0E:76:DC:5D:D0:BF:E2:4F:B2
Authority key identifier: E2:DA:23:D3:B9:30:D4:C1:F3:AC:73:06:5D:71:A6:07:C3:5D:29:00
Certificate issuer: /CN=e2da23d3b930d4c1f3ac73065d71a607c35d2900
Certificate serial: 019CED4B7262CCEC9E862F4CE89400DE7E8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4toj07kw1MHzrHMGXXGmB8NdKQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/deebb8-ae86-4694-a972-827a0ac04a9d/1/4toj07kw1MHzrHMGXXGmB8NdKQA.mft
Manifest number: 186C
Signing time: Sat 14 Mar 2026 17:01:10 +0000
Manifest this update: Sat 14 Mar 2026 17:01:10 +0000
Manifest next update: Sun 15 Mar 2026 17:01:10 +0000
Files and hashes: 1: 1-ZObGXZbr8QMqAx61fUCBd3oEIk.roa (hash: mNfBmy+QZavj44C/mg50P1ETt/knXxq4fEIaA8TAW1A=)
2: 4toj07kw1MHzrHMGXXGmB8NdKQA.crl (hash: /zQ7su9Ch0Pa/bVFeEuxJjb4ct7A/Te+AuPv2YXsRFk=)
3: 5aSu5rDgohcAcFRBlVeL4KQf-Bc.roa (hash: TBrAPV4bOwpXI3ikK/+R0NLpPd2CyHMsQiSsoHb0Hng=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/deebb8-ae86-4694-a972-827a0ac04a9d/1/4toj07kw1MHzrHMGXXGmB8NdKQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/deebb8-ae86-4694-a972-827a0ac04a9d/1/4toj07kw1MHzrHMGXXGmB8NdKQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/4toj07kw1MHzrHMGXXGmB8NdKQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ed:4b:72:62:cc:ec:9e:86:2f:4c:e8:94:00:de:7e:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2da23d3b930d4c1f3ac73065d71a607c35d2900
Validity
Not Before: Mar 14 17:01:10 2026 GMT
Not After : Mar 15 17:01:10 2026 GMT
Subject: CN=086afca61eecd789d77d010e76dc5dd0bfe24fb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:3f:a0:aa:51:d4:9c:ff:fd:bd:5a:3f:a6:4e:
d1:ed:d3:09:27:c1:92:33:47:9a:f3:79:9c:7e:1f:
92:64:7d:4e:45:1b:a2:d1:d4:f6:a8:8d:08:1a:3d:
99:cd:08:1b:d8:29:66:6d:81:07:5f:7b:38:4d:a1:
29:81:b0:f3:f8:e0:91:b4:aa:32:bc:a2:3a:44:27:
95:ac:90:0a:b8:3a:11:85:8f:3b:c4:8a:84:92:6f:
2e:46:ba:6b:35:cc:a1:0b:f6:3b:f0:8c:d4:9f:5f:
02:ea:f0:9c:c4:1d:44:ce:14:2b:3f:5d:fb:cf:4b:
10:4a:0e:c3:0d:c1:a9:c5:23:d3:03:12:08:f1:d1:
6e:d1:00:e3:06:88:b0:ef:56:85:db:8e:52:55:66:
77:66:d9:dd:dd:8b:94:41:fc:e5:cc:fc:d9:aa:ff:
b3:6e:5d:45:cc:ca:8a:03:64:ff:6b:e6:5c:26:81:
58:f3:c8:63:73:76:84:16:e4:21:a1:5f:77:24:09:
24:a3:17:5b:9f:e8:e6:8c:eb:5b:a9:c5:e8:7d:48:
d6:af:ba:eb:5d:88:69:90:91:8f:70:26:88:f1:28:
67:88:24:6d:b9:1e:92:67:2b:a4:38:0f:55:c2:9f:
1f:e5:9f:fd:07:cf:ba:19:a0:67:1b:79:77:6b:8b:
eb:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:6A:FC:A6:1E:EC:D7:89:D7:7D:01:0E:76:DC:5D:D0:BF:E2:4F:B2
X509v3 Authority Key Identifier:
keyid:E2:DA:23:D3:B9:30:D4:C1:F3:AC:73:06:5D:71:A6:07:C3:5D:29:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4toj07kw1MHzrHMGXXGmB8NdKQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/deebb8-ae86-4694-a972-827a0ac04a9d/1/4toj07kw1MHzrHMGXXGmB8NdKQA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/deebb8-ae86-4694-a972-827a0ac04a9d/1/4toj07kw1MHzrHMGXXGmB8NdKQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:14:1c:66:85:a3:b6:2d:32:f7:9a:8a:13:25:2c:f9:70:d8:
da:a8:3b:55:25:82:f0:c8:df:91:fa:8d:26:81:e8:02:a3:04:
9e:39:2e:b4:00:b4:78:29:29:c4:75:7e:90:78:a8:44:47:69:
16:ef:88:65:9b:b2:92:d6:d7:12:e0:5f:18:bf:97:30:59:6d:
2f:ef:b7:75:9e:2d:16:87:8c:50:9b:77:d0:e3:69:d9:31:f9:
8c:8e:29:ec:38:b4:34:8b:eb:6d:14:62:f0:31:43:00:08:c3:
a5:96:d2:5f:5c:20:3d:c6:0f:5f:d8:4c:a9:8b:15:e9:fd:2b:
2f:62:8e:35:7b:88:0f:0b:9b:bb:f0:d4:b3:ea:74:bd:4c:8d:
f6:a2:8b:d5:22:9e:c3:54:b6:a8:5f:9e:dc:f1:11:55:96:7d:
aa:52:b0:9b:ba:f5:90:1a:ad:d0:37:b4:f8:86:30:b1:e1:e7:
80:15:24:67:b1:8d:d0:7d:4d:b3:f2:4d:33:f1:90:8c:45:94:
85:54:80:3b:04:15:62:ab:bb:6a:17:9a:84:68:ae:4a:ad:80:
54:b0:1e:5d:a7:0b:e6:47:08:4e:4b:7a:b1:09:9c:89:bc:58:
ca:27:cc:47:fd:00:0d:22:48:54:54:94:4e:55:67:4e:dd:0c:
7a:71:ea:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZztS3JizOyehi9M6JQA3n6MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZGEyM2QzYjkzMGQ0YzFmM2FjNzMwNjVkNzFhNjA3YzM1
ZDI5MDAwHhcNMjYwMzE0MTcwMTEwWhcNMjYwMzE1MTcwMTEwWjAzMTEwLwYDVQQD
EygwODZhZmNhNjFlZWNkNzg5ZDc3ZDAxMGU3NmRjNWRkMGJmZTI0ZmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3j+gqlHUnP/9vVo/pk7R7dMJJ8GS
M0ea83mcfh+SZH1ORRui0dT2qI0IGj2ZzQgb2ClmbYEHX3s4TaEpgbDz+OCRtKoy
vKI6RCeVrJAKuDoRhY87xIqEkm8uRrprNcyhC/Y78IzUn18C6vCcxB1EzhQrP137
z0sQSg7DDcGpxSPTAxII8dFu0QDjBoiw71aF245SVWZ3Ztnd3YuUQfzlzPzZqv+z
bl1FzMqKA2T/a+ZcJoFY88hjc3aEFuQhoV93JAkkoxdbn+jmjOtbqcXofUjWr7rr
XYhpkJGPcCaI8ShniCRtuR6SZyukOA9Vwp8f5Z/9B8+6GaBnG3l3a4vrwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAhq/KYe7NeJ130BDnbcXdC/4k+yMB8GA1UdIwQY
MBaAFOLaI9O5MNTB86xzBl1xpgfDXSkAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRvajA3a3cxTUh6ckhNR1hYR21COE5kS1FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9kZWViYjgtYWU4Ni00Njk0LWE5NzIt
ODI3YTBhYzA0YTlkLzEvNHRvajA3a3cxTUh6ckhNR1hYR21COE5kS1FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9kZWViYjgtYWU4Ni00Njk0LWE5NzItODI3YTBhYzA0YTlk
LzEvNHRvajA3a3cxTUh6ckhNR1hYR21COE5kS1FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGhQcZoWj
ti0y95qKEyUs+XDY2qg7VSWC8MjfkfqNJoHoAqMEnjkutAC0eCkpxHV+kHioREdp
Fu+IZZuyktbXEuBfGL+XMFltL++3dZ4tFoeMUJt30ONp2TH5jI4p7Di0NIvrbRRi
8DFDAAjDpZbSX1wgPcYPX9hMqYsV6f0rL2KONXuIDwubu/DUs+p0vUyN9qKL1SKe
w1S2qF+e3PERVZZ9qlKwm7r1kBqt0De0+IYwseHngBUkZ7GN0H1Ns/JNM/GQjEWU
hVSAOwQVYqu7aheahGiuSq2AVLAeXacL5kcITkt6sQmcibxYyifMR/0ADSJIVFSU
TlVnTt0MenHq6Q==
-----END CERTIFICATE-----
Generated at Sat Mar 14 19:20:46 2026 by rpki-client