Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/MAVrA3XYlLk8sOJtm01koIxYNx4.mft
File: MAVrA3XYlLk8sOJtm01koIxYNx4.mft (raw, json)
Hash identifier: XjKtRsILbLlUcS7+TAUrxtPY8bUnKRyaDEeT5aJa3S8=
Subject key identifier: DE:17:E0:9B:A4:57:4A:5B:C3:9C:7D:DC:19:65:DE:54:F1:14:60:B6
Authority key identifier: 30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
Certificate issuer: /CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Certificate serial: 019D0477F3AE4D150638DB2883B8249F1806
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/MAVrA3XYlLk8sOJtm01koIxYNx4.mft
Manifest number: 0DFE
Signing time: Thu 19 Mar 2026 05:01:03 +0000
Manifest this update: Thu 19 Mar 2026 05:01:03 +0000
Manifest next update: Fri 20 Mar 2026 05:01:03 +0000
Files and hashes: 1: GBkpxMzxrmyVPOC0jew5XJ8aWhY.roa (hash: 0vABW6RkwXsVeCWaOEjF8mfFrqV+hg0CI9slDlZi5Hs=)
2: MAVrA3XYlLk8sOJtm01koIxYNx4.crl (hash: 5bteTZw5U1RH8lgAVk1rm5g7SYA1wLLyQ48amlAWpoo=)
3: xKJGESGTjFwwHaYD9v272aHamsA.roa (hash: fgbTfswP5/p+4NfMt/CDHRQt2/uUSdoKPJJSPF2ke2k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/MAVrA3XYlLk8sOJtm01koIxYNx4.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/MAVrA3XYlLk8sOJtm01koIxYNx4.mft
rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Mar 2026 05:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:04:77:f3:ae:4d:15:06:38:db:28:83:b8:24:9f:18:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Validity
Not Before: Mar 19 05:01:03 2026 GMT
Not After : Mar 20 05:01:03 2026 GMT
Subject: CN=de17e09ba4574a5bc39c7ddc1965de54f11460b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f2:e5:12:ff:cc:eb:0a:43:89:57:dd:14:af:
bb:51:18:0c:f1:3b:41:7c:52:ff:9c:d6:ef:20:be:
cc:0b:a1:ea:90:aa:8f:26:5c:2a:15:f5:7e:41:ee:
2a:ee:eb:64:a9:d0:d0:14:33:98:9c:2e:c9:08:ac:
5c:5c:8d:30:2d:51:61:bc:ec:c8:40:f4:5e:c5:85:
49:e7:22:c0:3b:da:38:e9:f9:3a:1a:37:71:ab:6f:
7e:07:41:72:5d:eb:8d:d9:02:ac:71:cf:55:02:02:
fd:3f:e9:37:a1:d2:f0:25:77:0f:8d:c4:b4:a0:15:
f0:b9:67:38:21:74:86:be:05:91:9b:13:b9:0a:a5:
a0:55:67:de:55:2a:5e:29:55:f1:a4:5b:c0:4d:bf:
9e:ad:22:3f:5b:47:85:5e:30:52:00:34:eb:ff:58:
77:40:1c:ab:0e:cc:cb:ff:bf:ba:4c:7c:fd:a6:98:
6c:a2:39:68:ea:34:17:65:2c:0a:0c:fc:2a:2a:60:
2e:66:72:f2:14:64:62:c9:27:3f:95:d8:d9:f1:7d:
e1:86:dc:37:1d:01:ca:c7:57:41:dc:dc:b0:44:fb:
04:89:f6:cc:58:69:25:d6:49:3a:32:17:a2:98:fd:
bb:6e:38:81:e0:8d:b0:b5:e0:90:c4:25:7f:f9:42:
25:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:17:E0:9B:A4:57:4A:5B:C3:9C:7D:DC:19:65:DE:54:F1:14:60:B6
X509v3 Authority Key Identifier:
keyid:30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/MAVrA3XYlLk8sOJtm01koIxYNx4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/MAVrA3XYlLk8sOJtm01koIxYNx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
cc:0d:3e:de:5a:43:8e:9f:6e:05:df:e6:8c:64:67:ef:0f:2a:
5f:7a:02:9b:e5:4d:cc:9a:37:db:f4:87:32:c5:3a:6a:1a:73:
cf:ba:fc:7d:e8:52:42:d6:bb:c5:6c:55:5d:ea:08:8a:e8:29:
00:f2:19:5f:93:9c:3f:3c:b2:b4:57:a3:96:8d:2b:fc:26:29:
a8:51:83:9b:cb:e4:20:49:83:ff:2b:3b:50:cf:f2:8a:cf:b3:
e0:5c:e2:f8:8e:88:86:a4:f1:4a:3f:85:25:15:e5:2c:3e:7c:
f3:f2:28:0b:36:b7:44:ae:c5:0d:d9:97:05:a0:79:32:75:73:
3b:ff:09:c4:9c:62:dc:b5:4c:de:f3:42:0c:ca:57:ec:c7:9d:
5f:61:da:0f:87:17:56:39:2c:3a:1f:3d:91:31:89:ca:f9:40:
c5:ad:b9:f3:c7:47:64:e1:0d:7a:94:31:bc:e8:29:41:5d:3c:
52:e4:38:81:a7:54:6b:50:d6:7c:df:e2:c5:d2:fd:d6:20:28:
5d:a3:97:af:db:83:d8:ee:23:02:69:75:e3:ed:f9:af:71:ad:
e6:54:e6:b2:dc:c0:67:00:f3:47:10:7a:00:87:c4:b3:9b:c8:
63:f3:92:27:a8:e8:46:d3:b2:1c:d4:8e:bd:d7:49:95:c2:50:
87:59:f0:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0Ed/OuTRUGONsog7gknxgGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMDU2YjAzNzVkODk0YjkzY2IwZTI2ZDliNGQ2NGEwOGM1
ODM3MWUwHhcNMjYwMzE5MDUwMTAzWhcNMjYwMzIwMDUwMTAzWjAzMTEwLwYDVQQD
EyhkZTE3ZTA5YmE0NTc0YTViYzM5YzdkZGMxOTY1ZGU1NGYxMTQ2MGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyvLlEv/M6wpDiVfdFK+7URgM8TtB
fFL/nNbvIL7MC6HqkKqPJlwqFfV+Qe4q7utkqdDQFDOYnC7JCKxcXI0wLVFhvOzI
QPRexYVJ5yLAO9o46fk6Gjdxq29+B0FyXeuN2QKscc9VAgL9P+k3odLwJXcPjcS0
oBXwuWc4IXSGvgWRmxO5CqWgVWfeVSpeKVXxpFvATb+erSI/W0eFXjBSADTr/1h3
QByrDszL/7+6THz9pphsojlo6jQXZSwKDPwqKmAuZnLyFGRiySc/ldjZ8X3hhtw3
HQHKx1dB3NywRPsEifbMWGkl1kk6MheimP27bjiB4I2wteCQxCV/+UIlFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN4X4JukV0pbw5x93Bll3lTxFGC2MB8GA1UdIwQY
MBaAFDAFawN12JS5PLDibZtNZKCMWDceMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEt
MTFiNGFmYmVkZTE5LzEvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEtMTFiNGFmYmVkZTE5
LzEvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzA0+3lpD
jp9uBd/mjGRn7w8qX3oCm+VNzJo32/SHMsU6ahpzz7r8fehSQta7xWxVXeoIiugp
APIZX5OcPzyytFejlo0r/CYpqFGDm8vkIEmD/ys7UM/yis+z4Fzi+I6IhqTxSj+F
JRXlLD588/IoCza3RK7FDdmXBaB5MnVzO/8JxJxi3LVM3vNCDMpX7MedX2HaD4cX
VjksOh89kTGJyvlAxa2588dHZOENepQxvOgpQV08UuQ4gadUa1DWfN/ixdL91iAo
XaOXr9uD2O4jAml14+35r3Gt5lTmstzAZwDzRxB6AIfEs5vIY/OSJ6joRtOyHNSO
vddJlcJQh1nwng==
-----END CERTIFICATE-----
Generated at Thu Mar 19 14:01:25 2026 by rpki-client