Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/vmBP81opyRFWvkvSKbO693yDl70.mft
File: vmBP81opyRFWvkvSKbO693yDl70.mft (raw, json)
Hash identifier: olCcKDTs/CYoA0SoD3sTfaBdkLUqqnMzgAt4MyVArvA=
Subject key identifier: 64:34:A3:15:7E:94:11:16:72:19:C1:59:A4:C9:A5:63:99:68:D2:39
Authority key identifier: BE:60:4F:F3:5A:29:C9:11:56:BE:4B:D2:29:B3:BA:F7:7C:83:97:BD
Certificate issuer: /CN=be604ff35a29c91156be4bd229b3baf77c8397bd
Certificate serial: 019D390A4C324F4B5B393AD0117A87C01CA9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vmBP81opyRFWvkvSKbO693yDl70.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/vmBP81opyRFWvkvSKbO693yDl70.mft
Manifest number: 0ABC
Signing time: Sun 29 Mar 2026 10:01:09 +0000
Manifest this update: Sun 29 Mar 2026 10:01:09 +0000
Manifest next update: Mon 30 Mar 2026 10:01:09 +0000
Files and hashes: 1: HHjJ1Jx6EFiUg-5UQ5lbufk8Ptg.roa (hash: W0hfwWTjdZ4KxXq1ymHqcepaSyG/pOfrh8l71J5Jp1E=)
2: R5pzlcYLmm00OeDBY2AdET0Wb1k.roa (hash: xiJIdXt0KmJ/0CjuwN0kq1hka28S9GJuEKhJVLZ1i5s=)
3: vmBP81opyRFWvkvSKbO693yDl70.crl (hash: QXB4a80hEeyveWxQrsotUMxFyYGuv6+xKNFSP8n0/9Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/vmBP81opyRFWvkvSKbO693yDl70.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/vmBP81opyRFWvkvSKbO693yDl70.mft
rsync://rpki.ripe.net/repository/DEFAULT/vmBP81opyRFWvkvSKbO693yDl70.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:0a:4c:32:4f:4b:5b:39:3a:d0:11:7a:87:c0:1c:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be604ff35a29c91156be4bd229b3baf77c8397bd
Validity
Not Before: Mar 29 10:01:09 2026 GMT
Not After : Mar 30 10:01:09 2026 GMT
Subject: CN=6434a3157e9411167219c159a4c9a5639968d239
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d5:d1:03:33:d7:fa:45:fa:95:0e:a8:2b:36:
7d:57:ca:91:65:10:fa:fb:bf:e5:fc:a5:dd:97:5d:
af:65:2a:92:da:64:37:42:24:14:68:2d:d7:46:6c:
79:8f:76:66:e3:20:f3:7e:07:a2:06:4f:2b:54:fd:
60:f1:74:80:e3:56:5b:49:e3:ed:7d:23:57:e9:bb:
2e:3d:38:d9:ce:6d:22:51:5f:16:65:7b:5c:e6:25:
a7:d7:f7:fc:66:e3:03:17:c9:c4:17:f7:e0:cd:81:
6b:f6:be:c7:e4:83:55:d2:de:c8:b3:f3:5b:76:46:
a0:d4:45:7a:92:6a:a7:2a:91:28:6b:7b:d6:4f:14:
14:69:3c:01:00:90:ab:ef:13:fa:26:be:55:d6:4a:
7d:ed:d5:93:78:74:ac:a7:e0:ea:f4:a3:b2:75:d2:
2d:af:81:aa:61:54:35:03:fd:1c:2e:15:83:b6:2c:
94:90:10:64:cc:7f:a8:5f:f7:ee:c0:2a:c0:cb:49:
28:77:37:0a:b2:08:1d:8d:fa:64:39:84:a4:01:59:
4e:ca:d1:7d:e7:32:95:40:ac:ba:e2:c9:2f:74:88:
c1:7e:d2:49:fb:06:43:5a:4e:e6:6e:de:23:d9:8f:
9a:11:86:fd:8a:a0:7a:ba:1d:37:1c:71:b2:ae:0c:
fc:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:34:A3:15:7E:94:11:16:72:19:C1:59:A4:C9:A5:63:99:68:D2:39
X509v3 Authority Key Identifier:
keyid:BE:60:4F:F3:5A:29:C9:11:56:BE:4B:D2:29:B3:BA:F7:7C:83:97:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vmBP81opyRFWvkvSKbO693yDl70.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/vmBP81opyRFWvkvSKbO693yDl70.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/vmBP81opyRFWvkvSKbO693yDl70.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
af:5f:36:1d:5a:0a:17:42:0b:47:23:68:97:2a:6a:6f:e7:a3:
bb:75:dc:ee:af:3e:f4:2e:50:36:2e:f3:f3:89:bc:26:5a:49:
f6:eb:62:0b:8d:71:6a:7c:4f:1d:67:a3:6a:42:32:41:23:8c:
fc:db:7c:e8:f2:4e:7b:b4:77:fa:12:f8:44:ef:14:cb:15:a9:
a5:11:b3:f7:f9:54:52:06:79:49:9e:0d:c4:92:c3:66:15:25:
27:2e:d5:90:e3:b0:fa:f8:dc:2e:23:16:26:6d:ab:a4:10:f7:
d0:7d:e6:1d:59:20:b3:6d:32:e2:24:56:38:ce:8f:e9:81:70:
c9:92:48:7b:38:c9:f7:4a:0d:6c:74:9a:40:27:22:47:b0:64:
5f:77:62:49:bf:07:0c:54:a0:47:72:c1:8f:11:60:5d:fd:4c:
56:84:8f:f1:3c:04:47:4e:26:7f:fb:40:43:15:8f:0b:fe:5a:
7c:d6:23:f1:bf:f1:b9:3b:e8:8a:1c:0e:4d:5d:7f:61:df:6e:
1d:3e:76:c9:64:bf:12:48:f7:c6:36:22:16:a9:a5:d7:0f:05:
89:ec:13:69:59:ba:38:e3:c9:c1:62:e4:2c:59:2d:d0:1a:7f:
bb:b9:9d:6e:da:04:1e:cc:e8:9f:5d:b2:4d:36:bb:75:55:13:
3d:f7:1e:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CkwyT0tbOTrQEXqHwBypMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNjA0ZmYzNWEyOWM5MTE1NmJlNGJkMjI5YjNiYWY3N2M4
Mzk3YmQwHhcNMjYwMzI5MTAwMTA5WhcNMjYwMzMwMTAwMTA5WjAzMTEwLwYDVQQD
Eyg2NDM0YTMxNTdlOTQxMTE2NzIxOWMxNTlhNGM5YTU2Mzk5NjhkMjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9XRAzPX+kX6lQ6oKzZ9V8qRZRD6
+7/l/KXdl12vZSqS2mQ3QiQUaC3XRmx5j3Zm4yDzfgeiBk8rVP1g8XSA41ZbSePt
fSNX6bsuPTjZzm0iUV8WZXtc5iWn1/f8ZuMDF8nEF/fgzYFr9r7H5INV0t7Is/Nb
dkag1EV6kmqnKpEoa3vWTxQUaTwBAJCr7xP6Jr5V1kp97dWTeHSsp+Dq9KOyddIt
r4GqYVQ1A/0cLhWDtiyUkBBkzH+oX/fuwCrAy0kodzcKsggdjfpkOYSkAVlOytF9
5zKVQKy64skvdIjBftJJ+wZDWk7mbt4j2Y+aEYb9iqB6uh03HHGyrgz84wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGQ0oxV+lBEWchnBWaTJpWOZaNI5MB8GA1UdIwQY
MBaAFL5gT/NaKckRVr5L0imzuvd8g5e9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdm1CUDgxb3B5UkZXdmt2U0tiTzY5M3lEbDcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lODQ5YmItMTMwNC00NGVhLTgzOGYt
MWEzOWMzZDM0ZjA4LzEvdm1CUDgxb3B5UkZXdmt2U0tiTzY5M3lEbDcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lODQ5YmItMTMwNC00NGVhLTgzOGYtMWEzOWMzZDM0ZjA4
LzEvdm1CUDgxb3B5UkZXdmt2U0tiTzY5M3lEbDcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr182HVoK
F0ILRyNolypqb+eju3Xc7q8+9C5QNi7z84m8JlpJ9utiC41xanxPHWejakIyQSOM
/Nt86PJOe7R3+hL4RO8UyxWppRGz9/lUUgZ5SZ4NxJLDZhUlJy7VkOOw+vjcLiMW
Jm2rpBD30H3mHVkgs20y4iRWOM6P6YFwyZJIezjJ90oNbHSaQCciR7BkX3diSb8H
DFSgR3LBjxFgXf1MVoSP8TwER04mf/tAQxWPC/5afNYj8b/xuTvoihwOTV1/Yd9u
HT52yWS/Ekj3xjYiFqml1w8FiewTaVm6OOPJwWLkLFkt0Bp/u7mdbtoEHszon12y
TTa7dVUTPfcetQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:42:28 2026 by rpki-client