Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/is3dXDDVgOsP7soqFs9cWoslaP0.mft
File: is3dXDDVgOsP7soqFs9cWoslaP0.mft (raw, json)
Hash identifier: JZZ5Sc9Ct/uCIPS/d+tmWGvE+Zz8W1LDCUYV1sVi3po=
Subject key identifier: 0D:91:F9:6F:A3:F5:EC:FB:BE:C0:4D:CF:0E:5B:60:31:84:2B:1E:E0
Authority key identifier: 8A:CD:DD:5C:30:D5:80:EB:0F:EE:CA:2A:16:CF:5C:5A:8B:25:68:FD
Certificate issuer: /CN=8acddd5c30d580eb0feeca2a16cf5c5a8b2568fd
Certificate serial: 019D38D2D144FCBA35480FB4EFADDB1F0FBF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/is3dXDDVgOsP7soqFs9cWoslaP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/is3dXDDVgOsP7soqFs9cWoslaP0.mft
Manifest number: 1892
Signing time: Sun 29 Mar 2026 09:00:33 +0000
Manifest this update: Sun 29 Mar 2026 09:00:33 +0000
Manifest next update: Mon 30 Mar 2026 09:00:33 +0000
Files and hashes: 1: 9tcqRBW5dWCPlBmOmJEm6c--iDU.roa (hash: u8oO/RgVRYujIoxnuHbXuI4mqtgSWQD8/zpjHQZYwcI=)
2: is3dXDDVgOsP7soqFs9cWoslaP0.crl (hash: 6euFpn9fJYuuTztj8Yhp76UtALnvfGUhJo4z3ZCP8yI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/is3dXDDVgOsP7soqFs9cWoslaP0.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/is3dXDDVgOsP7soqFs9cWoslaP0.mft
rsync://rpki.ripe.net/repository/DEFAULT/is3dXDDVgOsP7soqFs9cWoslaP0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d2:d1:44:fc:ba:35:48:0f:b4:ef:ad:db:1f:0f:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8acddd5c30d580eb0feeca2a16cf5c5a8b2568fd
Validity
Not Before: Mar 29 09:00:33 2026 GMT
Not After : Mar 30 09:00:33 2026 GMT
Subject: CN=0d91f96fa3f5ecfbbec04dcf0e5b6031842b1ee0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:07:a6:e9:49:82:71:1a:e5:ac:eb:e0:78:d1:
af:29:b4:1e:3a:fd:11:f3:7a:44:f9:44:69:c8:34:
cb:79:44:d9:86:a9:22:80:21:ea:b9:54:b7:74:66:
b4:e9:71:6b:02:b0:1c:ea:af:6b:34:06:20:13:63:
bc:59:0e:4f:e0:86:de:8e:f7:a7:b0:b5:50:73:d4:
36:72:b8:8a:e0:02:5c:56:e7:72:91:1e:32:61:0a:
0b:ef:5e:54:2a:d5:cf:9a:6f:4a:cb:1d:bf:f5:74:
d6:15:37:9d:a5:c7:51:b5:91:6f:1d:c2:bf:f8:d1:
71:44:6e:d2:cb:e7:14:cc:c0:19:2f:b5:70:a8:21:
51:01:3c:4b:fa:86:3c:ea:5d:a6:e6:1f:50:cd:a9:
5e:16:1d:8f:9c:cd:25:ac:3b:f7:41:a0:bb:da:e2:
9d:3e:c1:0c:43:82:55:51:8d:92:84:77:90:d4:b5:
28:d9:86:4a:c5:18:07:77:da:52:a1:f3:8b:37:5a:
44:91:b8:2a:8a:18:6d:8f:c9:0b:58:91:92:91:bc:
cf:5c:31:63:fa:60:eb:93:b5:63:1e:9d:09:12:4f:
83:89:d3:7a:9d:64:a0:45:2b:c6:1c:96:af:a2:ad:
06:b4:c8:49:f0:9b:e3:29:88:82:4e:cf:0e:92:89:
dd:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:91:F9:6F:A3:F5:EC:FB:BE:C0:4D:CF:0E:5B:60:31:84:2B:1E:E0
X509v3 Authority Key Identifier:
keyid:8A:CD:DD:5C:30:D5:80:EB:0F:EE:CA:2A:16:CF:5C:5A:8B:25:68:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/is3dXDDVgOsP7soqFs9cWoslaP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/is3dXDDVgOsP7soqFs9cWoslaP0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/is3dXDDVgOsP7soqFs9cWoslaP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
14:15:cd:ef:ca:00:06:11:d6:d0:40:2b:05:d8:8b:46:e5:dc:
87:34:58:e2:21:bc:b6:83:e9:a8:05:de:50:15:9c:34:43:8d:
10:ee:f5:d0:cf:3b:b9:e8:42:02:5d:b8:ce:ac:4e:be:77:7a:
4f:07:81:66:4e:bd:ff:75:e1:42:ac:27:b6:48:81:18:86:a1:
4f:a5:85:df:6f:ac:51:4f:8d:c6:bc:1f:eb:1b:f5:71:b9:4c:
31:92:42:9b:b5:0b:01:cb:d3:69:6f:5d:8d:1a:89:8f:f4:cc:
4e:e4:72:05:fb:44:3a:11:41:87:46:db:31:ac:30:2f:32:30:
aa:51:43:ac:78:76:9d:73:70:79:95:c1:55:ce:58:7e:98:5c:
e4:b7:b2:75:40:04:d2:fd:23:2e:b8:79:3b:ad:fc:37:a8:8e:
a5:c0:72:20:bc:27:03:2e:5c:1e:34:39:56:0b:86:e2:3b:7d:
a6:8f:a4:8a:fb:8e:e2:42:0c:0b:ba:ce:35:ec:dd:46:98:74:
00:9e:99:a1:48:84:eb:68:9b:33:15:df:70:c7:de:ad:43:a9:
7c:b5:8b:ef:ab:be:52:95:c0:97:93:3b:93:62:5f:91:ef:b4:
12:06:82:a0:97:7c:da:5b:f6:26:28:b8:9e:37:9e:0f:33:e3:
7e:97:11:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040tFE/Lo1SA+0763bHw+/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhY2RkZDVjMzBkNTgwZWIwZmVlY2EyYTE2Y2Y1YzVhOGIy
NTY4ZmQwHhcNMjYwMzI5MDkwMDMzWhcNMjYwMzMwMDkwMDMzWjAzMTEwLwYDVQQD
EygwZDkxZjk2ZmEzZjVlY2ZiYmVjMDRkY2YwZTViNjAzMTg0MmIxZWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgem6UmCcRrlrOvgeNGvKbQeOv0R
83pE+URpyDTLeUTZhqkigCHquVS3dGa06XFrArAc6q9rNAYgE2O8WQ5P4Ibejven
sLVQc9Q2criK4AJcVudykR4yYQoL715UKtXPmm9Kyx2/9XTWFTedpcdRtZFvHcK/
+NFxRG7Sy+cUzMAZL7VwqCFRATxL+oY86l2m5h9QzaleFh2PnM0lrDv3QaC72uKd
PsEMQ4JVUY2ShHeQ1LUo2YZKxRgHd9pSofOLN1pEkbgqihhtj8kLWJGSkbzPXDFj
+mDrk7VjHp0JEk+DidN6nWSgRSvGHJavoq0GtMhJ8JvjKYiCTs8OkondEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA2R+W+j9ez7vsBNzw5bYDGEKx7gMB8GA1UdIwQY
MBaAFIrN3Vww1YDrD+7KKhbPXFqLJWj9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXMzZFhERFZnT3NQN3NvcUZzOWNXb3NsYVAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yNWFjYTctN2UyOC00ODdjLTg2ZDIt
MTdiMWM3Mzc5MzAwLzEvaXMzZFhERFZnT3NQN3NvcUZzOWNXb3NsYVAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yNWFjYTctN2UyOC00ODdjLTg2ZDItMTdiMWM3Mzc5MzAw
LzEvaXMzZFhERFZnT3NQN3NvcUZzOWNXb3NsYVAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFBXN78oA
BhHW0EArBdiLRuXchzRY4iG8toPpqAXeUBWcNEONEO710M87uehCAl24zqxOvnd6
TweBZk69/3XhQqwntkiBGIahT6WF32+sUU+Nxrwf6xv1cblMMZJCm7ULAcvTaW9d
jRqJj/TMTuRyBftEOhFBh0bbMawwLzIwqlFDrHh2nXNweZXBVc5Yfphc5LeydUAE
0v0jLrh5O638N6iOpcByILwnAy5cHjQ5VguG4jt9po+kivuO4kIMC7rONezdRph0
AJ6ZoUiE62ibMxXfcMferUOpfLWL76u+UpXAl5M7k2Jfke+0EgaCoJd82lv2Jii4
njeeDzPjfpcRXA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:25:22 2026 by rpki-client