Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/f7308a-4108-4acc-b600-3630543b521b/1/bTi1QIMcnNXfSAhRpygGZ-181kc.mft
File: bTi1QIMcnNXfSAhRpygGZ-181kc.mft (raw, json)
Hash identifier: /VLpvnx50hF/36xUT5e7IXAZ5dIeF774/D2hrZC7q/4=
Subject key identifier: B2:5A:23:3A:5F:D8:20:FB:8F:79:42:23:30:AD:20:C7:0A:6C:B0:1F
Authority key identifier: 6D:38:B5:40:83:1C:9C:D5:DF:48:08:51:A7:28:06:67:ED:7C:D6:47
Certificate issuer: /CN=6d38b540831c9cd5df480851a7280667ed7cd647
Certificate serial: 019D3865BAF1926134196DD8252CA8CC11D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bTi1QIMcnNXfSAhRpygGZ-181kc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/f7308a-4108-4acc-b600-3630543b521b/1/bTi1QIMcnNXfSAhRpygGZ-181kc.mft
Manifest number: 0CAF
Signing time: Sun 29 Mar 2026 07:01:24 +0000
Manifest this update: Sun 29 Mar 2026 07:01:24 +0000
Manifest next update: Mon 30 Mar 2026 07:01:24 +0000
Files and hashes: 1: MHWk_6gkCFNzcpzPNNt2w891inE.roa (hash: uLAuY62U3N5zmg9Od7m47MwNBzxs39ToP7TJu3Dno1Y=)
2: bTi1QIMcnNXfSAhRpygGZ-181kc.crl (hash: fxn/ktoIOsQt1QWk9oTA8GjyqiBvIikARoZGEXbsTfQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/f7308a-4108-4acc-b600-3630543b521b/1/bTi1QIMcnNXfSAhRpygGZ-181kc.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/f7308a-4108-4acc-b600-3630543b521b/1/bTi1QIMcnNXfSAhRpygGZ-181kc.mft
rsync://rpki.ripe.net/repository/DEFAULT/bTi1QIMcnNXfSAhRpygGZ-181kc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:65:ba:f1:92:61:34:19:6d:d8:25:2c:a8:cc:11:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d38b540831c9cd5df480851a7280667ed7cd647
Validity
Not Before: Mar 29 07:01:24 2026 GMT
Not After : Mar 30 07:01:24 2026 GMT
Subject: CN=b25a233a5fd820fb8f79422330ad20c70a6cb01f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:86:31:40:7b:4c:0b:20:ba:a6:14:d0:e9:1a:
2a:7c:95:0c:3f:46:e5:76:4b:46:16:87:c6:73:6b:
20:08:c0:aa:3f:03:f0:97:5d:5f:af:17:2a:13:2a:
cf:bf:5b:ac:52:cd:60:71:3b:5c:15:c2:d2:7b:be:
b4:69:d3:1b:5e:ad:bb:f5:75:62:80:07:57:e2:26:
3a:07:4d:fa:4d:aa:f5:e4:c3:30:b3:a5:51:cf:35:
23:36:e8:db:36:3e:37:ed:53:8d:50:ee:33:c5:0c:
c7:f2:36:f8:c7:e5:87:43:0d:7d:5e:80:e4:2f:cc:
6f:bd:94:4e:14:11:b1:88:1b:2f:b7:6a:ba:7a:87:
69:d5:5a:b3:f8:e0:36:ec:35:7b:d3:f4:4f:11:16:
da:a7:65:10:6f:30:72:d9:3e:b6:5c:fc:ce:d2:28:
ee:d7:1a:fd:c1:ae:39:2a:22:4d:c6:d5:db:29:ab:
bc:d3:29:71:80:1e:ec:a4:9b:8b:20:a1:c6:47:5a:
24:59:d2:6d:c8:65:f2:a7:df:e7:15:e8:ad:fc:41:
64:de:9f:ff:8f:f2:a9:2d:c2:6b:6b:61:d0:e9:a7:
1e:0e:86:88:c3:aa:10:b7:54:4f:70:5d:1f:cb:5b:
91:ca:d8:b0:09:8f:83:9d:e0:ce:06:20:fa:a4:be:
fa:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:5A:23:3A:5F:D8:20:FB:8F:79:42:23:30:AD:20:C7:0A:6C:B0:1F
X509v3 Authority Key Identifier:
keyid:6D:38:B5:40:83:1C:9C:D5:DF:48:08:51:A7:28:06:67:ED:7C:D6:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bTi1QIMcnNXfSAhRpygGZ-181kc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f7308a-4108-4acc-b600-3630543b521b/1/bTi1QIMcnNXfSAhRpygGZ-181kc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f7308a-4108-4acc-b600-3630543b521b/1/bTi1QIMcnNXfSAhRpygGZ-181kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
14:4c:c6:cd:9d:ba:a3:a4:3b:c9:c8:04:e5:64:23:73:0a:93:
81:7b:3e:21:86:3e:53:61:62:b1:52:89:35:74:16:2b:09:12:
91:a3:09:40:e2:52:e5:85:18:9c:d9:05:e2:76:e7:c1:90:1e:
22:68:ba:76:ad:db:d0:b8:d6:56:ce:16:35:d8:2a:65:37:f0:
00:6f:e2:d1:36:1f:97:4f:58:67:4e:64:a7:be:7e:26:5b:11:
73:f1:3c:1e:1e:37:c6:dd:15:ce:4b:ad:55:16:07:e6:f3:b9:
8c:19:ee:7d:1b:2a:6f:37:c1:75:44:46:fc:bd:2a:e5:ac:76:
8a:ff:64:b3:a9:ff:c4:48:82:f7:2d:6f:33:9b:0e:05:69:5a:
d4:30:5f:e7:0d:95:2f:ce:9e:ea:0c:6d:7d:c4:7a:a3:16:ed:
80:7f:ee:2e:8d:e5:73:8f:f8:f0:cd:23:a7:c2:c6:95:75:5c:
c5:cc:44:a5:c5:60:18:43:39:27:12:c6:71:dd:2c:20:ae:0c:
eb:36:89:d9:f9:d6:84:7d:d5:25:ab:94:eb:12:37:e0:6c:d4:
73:03:5f:5a:74:9b:02:92:fc:8a:bc:a1:ba:98:71:0f:80:0c:
e5:14:23:4f:d4:71:27:eb:83:0b:7d:ca:e6:7b:eb:b7:16:8b:
98:ec:81:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZbrxkmE0GW3YJSyozBHRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMzhiNTQwODMxYzljZDVkZjQ4MDg1MWE3MjgwNjY3ZWQ3
Y2Q2NDcwHhcNMjYwMzI5MDcwMTI0WhcNMjYwMzMwMDcwMTI0WjAzMTEwLwYDVQQD
EyhiMjVhMjMzYTVmZDgyMGZiOGY3OTQyMjMzMGFkMjBjNzBhNmNiMDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoYxQHtMCyC6phTQ6RoqfJUMP0bl
dktGFofGc2sgCMCqPwPwl11frxcqEyrPv1usUs1gcTtcFcLSe760adMbXq279XVi
gAdX4iY6B036Tar15MMws6VRzzUjNujbNj437VONUO4zxQzH8jb4x+WHQw19XoDk
L8xvvZROFBGxiBsvt2q6eodp1Vqz+OA27DV70/RPERbap2UQbzBy2T62XPzO0iju
1xr9wa45KiJNxtXbKau80ylxgB7spJuLIKHGR1okWdJtyGXyp9/nFeit/EFk3p//
j/KpLcJra2HQ6aceDoaIw6oQt1RPcF0fy1uRytiwCY+DneDOBiD6pL761QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLJaIzpf2CD7j3lCIzCtIMcKbLAfMB8GA1UdIwQY
MBaAFG04tUCDHJzV30gIUacoBmftfNZHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlRpMVFJTWNuTlhmU0FoUnB5Z0daLTE4MWtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9mNzMwOGEtNDEwOC00YWNjLWI2MDAt
MzYzMDU0M2I1MjFiLzEvYlRpMVFJTWNuTlhmU0FoUnB5Z0daLTE4MWtjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9mNzMwOGEtNDEwOC00YWNjLWI2MDAtMzYzMDU0M2I1MjFi
LzEvYlRpMVFJTWNuTlhmU0FoUnB5Z0daLTE4MWtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFEzGzZ26
o6Q7ycgE5WQjcwqTgXs+IYY+U2FisVKJNXQWKwkSkaMJQOJS5YUYnNkF4nbnwZAe
Imi6dq3b0LjWVs4WNdgqZTfwAG/i0TYfl09YZ05kp75+JlsRc/E8Hh43xt0Vzkut
VRYH5vO5jBnufRsqbzfBdURG/L0q5ax2iv9ks6n/xEiC9y1vM5sOBWla1DBf5w2V
L86e6gxtfcR6oxbtgH/uLo3lc4/48M0jp8LGlXVcxcxEpcVgGEM5JxLGcd0sIK4M
6zaJ2fnWhH3VJauU6xI34GzUcwNfWnSbApL8iryhuphxD4AM5RQjT9RxJ+uDC33K
5nvrtxaLmOyBTA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:56:20 2026 by rpki-client