Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/sgTq-NsT70M8-YIp0jLTMKX14lY.mft
File: sgTq-NsT70M8-YIp0jLTMKX14lY.mft (raw, json)
Hash identifier: xkC7JGQfcMbFWdYAeOoNuaNqx6r+bhMgt7MTAJdzJwU=
Subject key identifier: 77:4E:DB:47:2E:E0:04:4C:C9:FB:EA:1B:23:1B:22:ED:1A:52:B8:C8
Authority key identifier: B2:04:EA:F8:DB:13:EF:43:3C:F9:82:29:D2:32:D3:30:A5:F5:E2:56
Certificate issuer: /CN=b204eaf8db13ef433cf98229d232d330a5f5e256
Certificate serial: 019D389C1BDA8FAFCB14E54E86617E50AB98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sgTq-NsT70M8-YIp0jLTMKX14lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/sgTq-NsT70M8-YIp0jLTMKX14lY.mft
Manifest number: 1890
Signing time: Sun 29 Mar 2026 08:00:48 +0000
Manifest this update: Sun 29 Mar 2026 08:00:48 +0000
Manifest next update: Mon 30 Mar 2026 08:00:48 +0000
Files and hashes: 1: _7FUJXfD4Ngly6FguO7Icv3bnRs.roa (hash: uIw7fcvWe1lM1UlpZ2C4ZV/RLkNGSXf/iL61npEiJKw=)
2: sgTq-NsT70M8-YIp0jLTMKX14lY.crl (hash: rg3kDfOeUsYA9VRTRtIueX2yM1LiAP6Ipr6GRJpQriw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/sgTq-NsT70M8-YIp0jLTMKX14lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/sgTq-NsT70M8-YIp0jLTMKX14lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sgTq-NsT70M8-YIp0jLTMKX14lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9c:1b:da:8f:af:cb:14:e5:4e:86:61:7e:50:ab:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b204eaf8db13ef433cf98229d232d330a5f5e256
Validity
Not Before: Mar 29 08:00:48 2026 GMT
Not After : Mar 30 08:00:48 2026 GMT
Subject: CN=774edb472ee0044cc9fbea1b231b22ed1a52b8c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:bb:fd:ea:c4:53:88:d1:f4:bf:fe:ed:a7:94:
1a:3f:44:09:0b:7a:b3:a6:d5:26:bb:23:e2:f9:df:
4e:9f:8e:80:7a:d7:76:8a:8e:84:c8:d3:2a:0a:2a:
af:d7:45:a7:6e:f3:ba:5c:b0:bc:24:d4:80:d0:d5:
63:39:02:12:c1:4c:03:cd:e9:a5:86:e7:7a:4b:b2:
58:8a:24:17:ed:f0:62:57:7d:12:df:f1:83:6f:6c:
7f:49:66:22:62:fc:74:84:9e:b3:da:7f:3e:30:91:
d1:11:d4:6c:43:d1:2c:71:0f:a3:9e:38:b7:79:4b:
95:98:9d:c0:b4:84:14:75:8f:96:27:e8:99:68:ac:
8e:b7:72:71:6a:e8:d6:48:10:0c:68:31:de:c8:23:
af:87:77:43:4f:3f:6f:c3:ac:59:a2:d6:c5:7c:68:
52:2d:9c:0e:b6:bc:8e:14:11:fd:d1:f9:96:5b:c1:
57:f0:77:e0:37:dd:f8:68:de:08:e0:24:d9:a9:be:
52:ca:d5:d6:f2:84:4f:08:01:a2:bc:64:14:c3:8d:
63:c1:87:6b:ee:30:50:3a:8e:c7:0c:e8:26:42:49:
3f:a0:81:63:d8:79:95:15:6c:ec:68:b3:d6:71:d0:
ea:3d:62:bb:8f:15:76:77:97:0b:3a:3b:ef:4a:e7:
61:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:4E:DB:47:2E:E0:04:4C:C9:FB:EA:1B:23:1B:22:ED:1A:52:B8:C8
X509v3 Authority Key Identifier:
keyid:B2:04:EA:F8:DB:13:EF:43:3C:F9:82:29:D2:32:D3:30:A5:F5:E2:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sgTq-NsT70M8-YIp0jLTMKX14lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/sgTq-NsT70M8-YIp0jLTMKX14lY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/sgTq-NsT70M8-YIp0jLTMKX14lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
69:03:dc:2a:ad:ef:0e:df:22:fe:0a:09:11:05:40:f7:31:b0:
15:4e:94:79:96:68:31:f5:29:c4:aa:ec:01:c4:f3:ad:c8:50:
70:2e:ab:19:8c:8c:57:0d:51:4f:ad:de:14:51:8d:eb:91:65:
c8:3c:54:5b:67:e5:2a:e2:3c:ed:94:66:4f:7e:05:29:70:20:
60:26:ca:63:bd:d8:97:79:fd:31:f1:92:d3:ed:a9:86:1f:d8:
0e:0f:3a:5c:19:27:b7:10:a2:26:09:f3:4e:13:2d:76:d5:02:
0e:29:ef:02:0d:e9:3d:6a:b9:de:65:78:54:1d:e0:61:b6:66:
d2:87:dc:2c:d3:2a:72:0f:36:6a:47:11:f9:28:8b:f7:1f:ce:
ed:93:f9:29:21:ff:a4:18:5d:3c:ba:74:6a:d0:ef:b9:e1:d5:
ad:5e:b8:29:2e:9f:6c:93:36:27:5f:35:c9:64:e2:4f:21:22:
7c:45:b8:07:ca:51:ba:b5:5e:26:35:94:1c:e6:27:20:73:2e:
df:ce:37:57:23:b4:09:0b:a4:cc:f9:6b:c4:02:dc:0b:72:9f:
e8:b6:e8:d6:ac:59:51:18:a9:3d:53:aa:47:ad:3e:37:ba:fe:
70:a8:67:26:72:4e:a8:4c:a9:f3:a8:03:f7:96:01:f4:c5:8a:
92:62:72:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nBvaj6/LFOVOhmF+UKuYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMDRlYWY4ZGIxM2VmNDMzY2Y5ODIyOWQyMzJkMzMwYTVm
NWUyNTYwHhcNMjYwMzI5MDgwMDQ4WhcNMjYwMzMwMDgwMDQ4WjAzMTEwLwYDVQQD
Eyg3NzRlZGI0NzJlZTAwNDRjYzlmYmVhMWIyMzFiMjJlZDFhNTJiOGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLv96sRTiNH0v/7tp5QaP0QJC3qz
ptUmuyPi+d9On46Aetd2io6EyNMqCiqv10WnbvO6XLC8JNSA0NVjOQISwUwDzeml
hud6S7JYiiQX7fBiV30S3/GDb2x/SWYiYvx0hJ6z2n8+MJHREdRsQ9EscQ+jnji3
eUuVmJ3AtIQUdY+WJ+iZaKyOt3JxaujWSBAMaDHeyCOvh3dDTz9vw6xZotbFfGhS
LZwOtryOFBH90fmWW8FX8HfgN934aN4I4CTZqb5SytXW8oRPCAGivGQUw41jwYdr
7jBQOo7HDOgmQkk/oIFj2HmVFWzsaLPWcdDqPWK7jxV2d5cLOjvvSudhXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHdO20cu4ARMyfvqGyMbIu0aUrjIMB8GA1UdIwQY
MBaAFLIE6vjbE+9DPPmCKdIy0zCl9eJWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2dUcS1Oc1Q3ME04LVlJcDBqTFRNS1gxNGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC81OTc2MzgtNzEzYy00NGI3LTliNzAt
MjUwMTdlYzk0MDk1LzEvc2dUcS1Oc1Q3ME04LVlJcDBqTFRNS1gxNGxZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC81OTc2MzgtNzEzYy00NGI3LTliNzAtMjUwMTdlYzk0MDk1
LzEvc2dUcS1Oc1Q3ME04LVlJcDBqTFRNS1gxNGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaQPcKq3v
Dt8i/goJEQVA9zGwFU6UeZZoMfUpxKrsAcTzrchQcC6rGYyMVw1RT63eFFGN65Fl
yDxUW2flKuI87ZRmT34FKXAgYCbKY73Yl3n9MfGS0+2phh/YDg86XBkntxCiJgnz
ThMtdtUCDinvAg3pPWq53mV4VB3gYbZm0ofcLNMqcg82akcR+SiL9x/O7ZP5KSH/
pBhdPLp0atDvueHVrV64KS6fbJM2J181yWTiTyEifEW4B8pRurVeJjWUHOYnIHMu
3843VyO0CQukzPlrxALcC3Kf6Lbo1qxZURipPVOqR60+N7r+cKhnJnJOqEyp86gD
95YB9MWKkmJyZw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:05:31 2026 by rpki-client