Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.mft
File: S2T4wOGznYqO-OjItaD_7itTtYc.mft (raw, json)
Hash identifier: gfCI8TP7xRa2gOtFa0GB/yImRPHn3ptSrQjdF4hD0BM=
Subject key identifier: D5:99:82:64:99:0B:68:41:DE:CF:26:35:40:46:10:F5:59:7D:FA:5E
Authority key identifier: 4B:64:F8:C0:E1:B3:9D:8A:8E:F8:E8:C8:B5:A0:FF:EE:2B:53:B5:87
Certificate issuer: /CN=4b64f8c0e1b39d8a8ef8e8c8b5a0ffee2b53b587
Certificate serial: 019D389BF5DA7E543C8D27087AF228949760
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S2T4wOGznYqO-OjItaD_7itTtYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.mft
Manifest number: 09BB
Signing time: Sun 29 Mar 2026 08:00:38 +0000
Manifest this update: Sun 29 Mar 2026 08:00:38 +0000
Manifest next update: Mon 30 Mar 2026 08:00:38 +0000
Files and hashes: 1: 76Y2-HUPTiLdTCSIpYCkR2ZgGcQ.roa (hash: aIEXIJxpvH5c1txE7w8Ef9ChmAewpEGy4MTuP+uMjCA=)
2: S2T4wOGznYqO-OjItaD_7itTtYc.crl (hash: d7QiXuguwODdjU/T+6Arv0p0GMN8HtCUV5axgYotkA8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.mft
rsync://rpki.ripe.net/repository/DEFAULT/S2T4wOGznYqO-OjItaD_7itTtYc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9b:f5:da:7e:54:3c:8d:27:08:7a:f2:28:94:97:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b64f8c0e1b39d8a8ef8e8c8b5a0ffee2b53b587
Validity
Not Before: Mar 29 08:00:38 2026 GMT
Not After : Mar 30 08:00:38 2026 GMT
Subject: CN=d5998264990b6841decf2635404610f5597dfa5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f1:58:fd:91:44:d9:ed:f8:ce:72:ff:d7:f2:
fd:e2:25:dd:fc:51:87:ef:79:aa:a3:02:b7:86:61:
da:88:99:e1:b3:4c:2c:ac:a5:00:c3:d9:ea:81:f6:
49:06:8a:ed:99:11:c3:09:85:48:34:df:0b:6f:1c:
63:85:e5:c5:86:da:2b:82:9b:c5:03:7d:e5:44:37:
76:b6:d2:db:dc:9b:b7:70:c2:c5:f4:b0:9f:01:0b:
bb:0e:60:53:79:ab:48:b4:42:7f:44:0d:01:6b:55:
cd:d1:0f:03:de:c0:f3:45:ea:d8:ef:00:5c:f6:1f:
16:dd:e6:59:76:30:52:59:79:cf:67:32:85:0d:02:
71:8d:d5:a4:c0:92:fc:cc:1f:6d:99:a0:bd:36:17:
08:22:48:9e:2b:9c:1b:d0:c4:30:67:62:81:bc:1e:
6c:01:2e:74:d3:23:f9:e4:44:33:7b:4c:58:30:d5:
e0:71:a4:fe:13:a9:9f:cc:25:41:43:78:e4:d6:1e:
31:7e:03:2b:0e:e4:24:20:32:3d:13:72:9e:45:69:
15:40:5e:54:d8:1c:1b:c2:31:31:f5:a4:c3:19:ea:
1b:78:89:1d:95:16:73:a3:1a:e3:38:fd:08:b4:d1:
91:72:5c:0a:59:8c:59:b2:0e:9e:3c:c7:2d:9e:0b:
77:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:99:82:64:99:0B:68:41:DE:CF:26:35:40:46:10:F5:59:7D:FA:5E
X509v3 Authority Key Identifier:
keyid:4B:64:F8:C0:E1:B3:9D:8A:8E:F8:E8:C8:B5:A0:FF:EE:2B:53:B5:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S2T4wOGznYqO-OjItaD_7itTtYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
55:5b:03:16:c1:f0:a9:54:18:0f:61:69:26:d9:8e:20:d1:25:
d9:0e:4d:af:90:6d:47:ab:2f:c3:4d:7e:fe:d6:aa:a2:82:0c:
b3:aa:bb:4e:27:28:ca:a9:5d:10:3c:63:d9:8e:54:d8:de:9b:
55:cd:92:f2:14:61:6a:d7:ec:d0:0a:11:41:df:76:54:95:96:
82:76:94:b3:28:c2:b3:33:4f:a3:9e:c4:be:7a:16:a6:c4:59:
77:1b:d0:95:7c:68:1e:8d:73:c0:b4:50:fc:b2:15:3f:58:c6:
38:d1:94:bf:5d:26:64:b1:6c:45:75:7d:79:fa:1f:a7:3c:96:
4e:5a:39:a7:f9:d9:35:2d:68:5f:00:31:fa:ba:2c:c7:5f:47:
32:89:28:98:ed:dd:e5:55:ab:75:05:a2:ed:c0:d8:2b:27:62:
5a:ae:24:3e:68:3d:35:c2:40:eb:1d:62:4c:cb:c4:ee:99:db:
0b:02:c8:fc:92:90:02:78:fe:34:a1:d3:1a:1b:de:48:b6:2b:
5b:c2:b3:19:77:65:3b:d0:ae:bf:35:ac:43:63:ab:b5:76:65:
1f:4a:2b:8f:0e:c0:59:15:66:87:51:e2:30:67:a4:0a:b4:d1:
00:b8:69:d9:e6:80:0b:89:6d:56:b4:b7:e2:8c:69:02:dc:6c:
95:25:a2:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m/XaflQ8jScIevIolJdgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNjRmOGMwZTFiMzlkOGE4ZWY4ZThjOGI1YTBmZmVlMmI1
M2I1ODcwHhcNMjYwMzI5MDgwMDM4WhcNMjYwMzMwMDgwMDM4WjAzMTEwLwYDVQQD
EyhkNTk5ODI2NDk5MGI2ODQxZGVjZjI2MzU0MDQ2MTBmNTU5N2RmYTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPFY/ZFE2e34znL/1/L94iXd/FGH
73mqowK3hmHaiJnhs0wsrKUAw9nqgfZJBortmRHDCYVINN8LbxxjheXFhtorgpvF
A33lRDd2ttLb3Ju3cMLF9LCfAQu7DmBTeatItEJ/RA0Ba1XN0Q8D3sDzRerY7wBc
9h8W3eZZdjBSWXnPZzKFDQJxjdWkwJL8zB9tmaC9NhcIIkieK5wb0MQwZ2KBvB5s
AS500yP55EQze0xYMNXgcaT+E6mfzCVBQ3jk1h4xfgMrDuQkIDI9E3KeRWkVQF5U
2BwbwjEx9aTDGeobeIkdlRZzoxrjOP0ItNGRclwKWYxZsg6ePMctngt30wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNWZgmSZC2hB3s8mNUBGEPVZffpeMB8GA1UdIwQY
MBaAFEtk+MDhs52KjvjoyLWg/+4rU7WHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzJUNHdPR3puWXFPLU9qSXRhRF83aXRUdFljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9jNDk3YmUtZjNiMS00YzliLTg1OWUt
OTVkNWUxNmNkZGVmLzEvUzJUNHdPR3puWXFPLU9qSXRhRF83aXRUdFljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9jNDk3YmUtZjNiMS00YzliLTg1OWUtOTVkNWUxNmNkZGVm
LzEvUzJUNHdPR3puWXFPLU9qSXRhRF83aXRUdFljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVVsDFsHw
qVQYD2FpJtmOINEl2Q5Nr5BtR6svw01+/taqooIMs6q7TicoyqldEDxj2Y5U2N6b
Vc2S8hRhatfs0AoRQd92VJWWgnaUsyjCszNPo57EvnoWpsRZdxvQlXxoHo1zwLRQ
/LIVP1jGONGUv10mZLFsRXV9efofpzyWTlo5p/nZNS1oXwAx+rosx19HMokomO3d
5VWrdQWi7cDYKydiWq4kPmg9NcJA6x1iTMvE7pnbCwLI/JKQAnj+NKHTGhveSLYr
W8KzGXdlO9CuvzWsQ2OrtXZlH0orjw7AWRVmh1HiMGekCrTRALhp2eaAC4ltVrS3
4oxpAtxslSWixw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:33:33 2026 by rpki-client