Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/2d7946-db8b-4a57-a70b-2071546b70f9/1/s7a21-XdDDKPbOr36enA0cuMHSI.mft
File: s7a21-XdDDKPbOr36enA0cuMHSI.mft (raw, json)
Hash identifier: sScTrpP0jThlSFciqdYUjG2uwWwv5LAC4EsaNi1Y1Rw=
Subject key identifier: DD:F9:6D:5F:F2:BF:8E:D1:4C:FC:02:61:86:8D:3B:28:C2:1C:BD:13
Authority key identifier: B3:B6:B6:D7:E5:DD:0C:32:8F:6C:EA:F7:E9:E9:C0:D1:CB:8C:1D:22
Certificate issuer: /CN=b3b6b6d7e5dd0c328f6ceaf7e9e9c0d1cb8c1d22
Certificate serial: 019D37524C88F570893F05A4DE655C377309
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s7a21-XdDDKPbOr36enA0cuMHSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/2d7946-db8b-4a57-a70b-2071546b70f9/1/s7a21-XdDDKPbOr36enA0cuMHSI.mft
Manifest number: 1652
Signing time: Sun 29 Mar 2026 02:00:33 +0000
Manifest this update: Sun 29 Mar 2026 02:00:33 +0000
Manifest next update: Mon 30 Mar 2026 02:00:33 +0000
Files and hashes: 1: 8vMvZJ6S4wIvSeidLWIqXdB2xEU.roa (hash: YSfZ6yHjbJE8NoHQ6iqadOGUmWSZLkJjEKtjGtKNsbU=)
2: s7a21-XdDDKPbOr36enA0cuMHSI.crl (hash: 5agPmL5YZFJ4yKTfBpsx+hamUk1ku4hQzHqQZ5DR+AI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/2d7946-db8b-4a57-a70b-2071546b70f9/1/s7a21-XdDDKPbOr36enA0cuMHSI.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/2d7946-db8b-4a57-a70b-2071546b70f9/1/s7a21-XdDDKPbOr36enA0cuMHSI.mft
rsync://rpki.ripe.net/repository/DEFAULT/s7a21-XdDDKPbOr36enA0cuMHSI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 02:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:52:4c:88:f5:70:89:3f:05:a4:de:65:5c:37:73:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3b6b6d7e5dd0c328f6ceaf7e9e9c0d1cb8c1d22
Validity
Not Before: Mar 29 02:00:33 2026 GMT
Not After : Mar 30 02:00:33 2026 GMT
Subject: CN=ddf96d5ff2bf8ed14cfc0261868d3b28c21cbd13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:bd:53:a9:d6:e1:1b:da:8b:b4:56:fd:67:a7:
4c:0e:90:70:51:63:4f:c7:31:12:90:a4:3b:17:06:
7c:77:e4:ba:d9:a2:43:51:7e:46:89:01:eb:69:18:
f3:5a:ea:c5:03:0f:ff:ba:c7:ad:64:c0:f5:c1:04:
59:13:19:22:6d:0d:e1:bc:96:26:4d:40:10:57:17:
d8:76:c2:15:d0:d1:d3:24:ff:67:cf:d8:a2:ce:53:
da:50:18:24:c4:07:03:33:c3:87:8a:06:88:ba:5a:
c6:7a:b2:d5:ed:f7:51:27:c4:d3:2c:1d:14:6f:57:
75:9d:25:f4:f5:1a:1c:9f:32:1c:55:4c:c7:a4:90:
5b:52:ba:66:2b:49:d2:23:67:4f:cb:2b:52:e1:c9:
1a:f2:bf:1a:83:56:b8:58:7f:b5:35:b0:a3:f0:1c:
17:e7:75:7b:1a:8e:39:df:55:d9:a9:2a:b4:d9:43:
f8:e5:d1:89:bb:07:39:86:5d:54:0f:be:3a:46:7f:
d1:10:48:92:60:77:80:b5:23:eb:1e:a3:4f:26:53:
dd:bd:94:72:81:9d:47:61:36:35:94:82:36:ae:d4:
0c:5f:f6:82:d9:cd:a4:6c:90:58:bb:fb:4a:23:67:
4a:57:c6:a1:5d:73:11:8c:63:80:fb:2e:6b:b5:7d:
c3:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:F9:6D:5F:F2:BF:8E:D1:4C:FC:02:61:86:8D:3B:28:C2:1C:BD:13
X509v3 Authority Key Identifier:
keyid:B3:B6:B6:D7:E5:DD:0C:32:8F:6C:EA:F7:E9:E9:C0:D1:CB:8C:1D:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s7a21-XdDDKPbOr36enA0cuMHSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2d7946-db8b-4a57-a70b-2071546b70f9/1/s7a21-XdDDKPbOr36enA0cuMHSI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2d7946-db8b-4a57-a70b-2071546b70f9/1/s7a21-XdDDKPbOr36enA0cuMHSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
78:31:96:c6:2b:ef:21:eb:17:fe:82:b9:3d:b7:64:13:ee:de:
78:3a:f7:1a:79:02:b9:d6:74:83:70:bd:a9:ed:29:0f:15:41:
1c:33:5a:22:2e:7f:83:cc:82:c2:ab:cc:f7:a2:d0:bf:f0:5f:
b6:4f:15:03:30:05:b1:29:38:18:23:f5:54:cd:91:10:6c:13:
47:89:a8:dc:14:3f:2c:61:0e:f1:01:c3:60:56:1d:b0:13:81:
26:ee:e7:91:23:9a:ca:85:ff:03:77:98:f5:01:ff:f2:0a:a5:
7d:93:91:3c:d8:27:51:86:f4:24:81:de:57:cd:98:8d:97:15:
39:4a:6f:2e:de:d9:0d:ae:93:c7:fb:44:13:41:e4:e9:95:86:
2e:df:b8:cc:a9:a4:aa:7b:ad:79:55:54:4d:c3:a0:45:07:38:
f5:18:78:c7:53:0c:f6:03:f6:99:10:f3:7b:3c:7a:06:e8:aa:
29:01:bc:8b:f2:2a:4f:12:fe:7d:55:18:33:37:ab:ff:73:59:
ab:be:71:5e:64:83:83:1f:c8:14:f8:fa:2d:e3:c7:3e:8a:d4:
22:2a:12:a3:e2:59:0c:a6:3e:9d:4f:ca:3f:23:8a:d7:a6:4c:
c8:1b:0e:f9:a5:83:ff:df:98:e4:98:c0:88:c1:7d:31:9a:aa:
a7:cb:be:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UkyI9XCJPwWk3mVcN3MJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYjZiNmQ3ZTVkZDBjMzI4ZjZjZWFmN2U5ZTljMGQxY2I4
YzFkMjIwHhcNMjYwMzI5MDIwMDMzWhcNMjYwMzMwMDIwMDMzWjAzMTEwLwYDVQQD
EyhkZGY5NmQ1ZmYyYmY4ZWQxNGNmYzAyNjE4NjhkM2IyOGMyMWNiZDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1r1TqdbhG9qLtFb9Z6dMDpBwUWNP
xzESkKQ7FwZ8d+S62aJDUX5GiQHraRjzWurFAw//usetZMD1wQRZExkibQ3hvJYm
TUAQVxfYdsIV0NHTJP9nz9iizlPaUBgkxAcDM8OHigaIulrGerLV7fdRJ8TTLB0U
b1d1nSX09RocnzIcVUzHpJBbUrpmK0nSI2dPyytS4cka8r8ag1a4WH+1NbCj8BwX
53V7Go4531XZqSq02UP45dGJuwc5hl1UD746Rn/REEiSYHeAtSPrHqNPJlPdvZRy
gZ1HYTY1lII2rtQMX/aC2c2kbJBYu/tKI2dKV8ahXXMRjGOA+y5rtX3DHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN35bV/yv47RTPwCYYaNOyjCHL0TMB8GA1UdIwQY
MBaAFLO2ttfl3Qwyj2zq9+npwNHLjB0iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczdhMjEtWGREREtQYk9yMzZlbkEwY3VNSFNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8yZDc5NDYtZGI4Yi00YTU3LWE3MGIt
MjA3MTU0NmI3MGY5LzEvczdhMjEtWGREREtQYk9yMzZlbkEwY3VNSFNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8yZDc5NDYtZGI4Yi00YTU3LWE3MGItMjA3MTU0NmI3MGY5
LzEvczdhMjEtWGREREtQYk9yMzZlbkEwY3VNSFNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeDGWxivv
IesX/oK5PbdkE+7eeDr3GnkCudZ0g3C9qe0pDxVBHDNaIi5/g8yCwqvM96LQv/Bf
tk8VAzAFsSk4GCP1VM2REGwTR4mo3BQ/LGEO8QHDYFYdsBOBJu7nkSOayoX/A3eY
9QH/8gqlfZORPNgnUYb0JIHeV82YjZcVOUpvLt7ZDa6Tx/tEE0Hk6ZWGLt+4zKmk
qnuteVVUTcOgRQc49Rh4x1MM9gP2mRDzezx6BuiqKQG8i/IqTxL+fVUYMzer/3NZ
q75xXmSDgx/IFPj6LePHPorUIioSo+JZDKY+nU/KPyOK16ZMyBsO+aWD/9+Y5JjA
iMF9MZqqp8u+pg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:17:39 2026 by rpki-client