Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/d279d3-947e-45c7-a890-3b84d79abdaf/1/A1hF-Gy8PPqeDnmHoDgtXQ3Xzj4.mft
File: A1hF-Gy8PPqeDnmHoDgtXQ3Xzj4.mft (raw, json)
Hash identifier: dqRDDVBbozH1zjdaPGCIuZkhVGMsXtK1+bOf8zkeyAY=
Subject key identifier: 0F:EE:C3:6E:93:8A:43:81:60:55:C9:B3:AB:D3:64:07:76:CC:45:BF
Authority key identifier: 03:58:45:F8:6C:BC:3C:FA:9E:0E:79:87:A0:38:2D:5D:0D:D7:CE:3E
Certificate issuer: /CN=035845f86cbc3cfa9e0e7987a0382d5d0dd7ce3e
Certificate serial: 019D382E6B4F31DCC2464B5C3F061BC1C4EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A1hF-Gy8PPqeDnmHoDgtXQ3Xzj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/d279d3-947e-45c7-a890-3b84d79abdaf/1/A1hF-Gy8PPqeDnmHoDgtXQ3Xzj4.mft
Manifest number: 0820
Signing time: Sun 29 Mar 2026 06:00:59 +0000
Manifest this update: Sun 29 Mar 2026 06:00:59 +0000
Manifest next update: Mon 30 Mar 2026 06:00:59 +0000
Files and hashes: 1: A1hF-Gy8PPqeDnmHoDgtXQ3Xzj4.crl (hash: Hv5spQAX+VmvyPk6JGcxIH110NHvkTSkMkjFZlqg+YI=)
2: fPatIQG_vn-KpCzLNpi1KmGZICQ.roa (hash: rt2SMboQCCIlzb5Lym5TzRN3RtHv+A8V2C5lF65IdPc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/d279d3-947e-45c7-a890-3b84d79abdaf/1/A1hF-Gy8PPqeDnmHoDgtXQ3Xzj4.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/d279d3-947e-45c7-a890-3b84d79abdaf/1/A1hF-Gy8PPqeDnmHoDgtXQ3Xzj4.mft
rsync://rpki.ripe.net/repository/DEFAULT/A1hF-Gy8PPqeDnmHoDgtXQ3Xzj4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2e:6b:4f:31:dc:c2:46:4b:5c:3f:06:1b:c1:c4:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=035845f86cbc3cfa9e0e7987a0382d5d0dd7ce3e
Validity
Not Before: Mar 29 06:00:59 2026 GMT
Not After : Mar 30 06:00:59 2026 GMT
Subject: CN=0feec36e938a43816055c9b3abd3640776cc45bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:cb:e3:4f:35:44:53:cc:64:da:a0:72:45:f4:
46:c8:af:b5:6d:ac:9a:2b:bc:cf:cc:66:4a:f5:25:
34:fe:91:26:dd:a8:c2:91:36:df:5a:df:9f:7b:58:
92:e8:49:bc:a7:2c:f5:bb:15:73:39:6d:28:f2:6e:
2c:8f:7e:6d:c6:59:b2:c5:c1:20:83:9b:be:f8:c3:
11:6b:98:52:81:4e:8f:22:56:8e:09:3e:e5:2c:65:
c3:9e:8f:56:21:86:02:b0:01:49:8a:b2:e6:e2:d8:
90:07:dc:40:3e:f9:36:3a:43:db:42:99:42:fa:eb:
9f:57:0f:c0:96:c4:82:2c:0b:ac:8f:6e:07:52:8f:
18:6f:b5:5d:da:22:a6:9d:1a:5d:f2:f3:2c:2c:20:
b4:c0:df:90:6f:c0:5c:b7:4e:5f:5a:93:72:0d:e0:
98:bf:e4:a5:80:68:de:30:b0:62:a5:b1:cd:97:67:
1e:5e:7a:ed:ee:69:c0:0d:bc:4d:0b:eb:bb:73:9a:
7a:3f:8c:28:b5:6a:a3:60:2e:16:37:4e:f5:f2:5e:
8d:0f:45:b4:e6:81:ca:9c:12:bc:12:7f:e8:4a:7d:
de:f3:7d:51:ab:05:92:df:65:5c:e0:ac:13:86:3b:
ae:1e:38:b4:38:25:95:5b:cd:d7:7d:02:88:e7:84:
e4:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:EE:C3:6E:93:8A:43:81:60:55:C9:B3:AB:D3:64:07:76:CC:45:BF
X509v3 Authority Key Identifier:
keyid:03:58:45:F8:6C:BC:3C:FA:9E:0E:79:87:A0:38:2D:5D:0D:D7:CE:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A1hF-Gy8PPqeDnmHoDgtXQ3Xzj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/d279d3-947e-45c7-a890-3b84d79abdaf/1/A1hF-Gy8PPqeDnmHoDgtXQ3Xzj4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/d279d3-947e-45c7-a890-3b84d79abdaf/1/A1hF-Gy8PPqeDnmHoDgtXQ3Xzj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8b:84:0d:54:1b:90:a5:c1:9d:64:47:c8:f5:69:02:7e:f2:05:
54:02:ef:99:6d:3a:71:2a:62:e5:82:36:c9:ac:73:24:68:c7:
5e:9a:ae:94:37:28:72:10:ee:dd:5a:7a:5e:ec:12:9e:42:3c:
b8:ae:5c:71:92:e0:67:fc:a0:1c:87:3a:7b:60:57:fc:f8:75:
df:ea:ab:a9:fb:3a:8a:cd:c3:7d:1a:31:c4:8e:08:f0:d4:4f:
0c:9b:a0:60:3e:82:5f:3c:45:3f:ac:90:86:ae:2f:aa:1e:4c:
4c:c5:b4:00:b7:a5:ab:8c:b1:e6:8e:aa:27:3f:b0:69:22:08:
74:92:e8:8f:3f:2e:01:ae:90:3e:cb:04:d7:71:d8:55:89:f1:
75:ee:03:a0:4f:d6:a7:a6:36:9d:f9:53:d5:b8:e0:d7:ea:27:
c7:b2:15:6f:87:17:dd:5a:d1:9a:23:31:71:99:67:fc:25:13:
aa:b0:81:42:f6:c3:b8:15:c9:4b:72:93:a0:7a:f0:d7:c3:4d:
c3:00:f2:e1:1a:27:35:c8:ca:da:fd:33:e6:d9:c4:97:51:6c:
af:d3:3a:f8:44:ac:9f:60:fd:0d:5b:ce:f1:b2:b9:c2:3c:3e:
bc:41:55:9f:8a:46:0b:da:84:02:6f:c6:2a:0b:35:e2:61:ab:
7d:5a:cb:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LmtPMdzCRktcPwYbwcTrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNTg0NWY4NmNiYzNjZmE5ZTBlNzk4N2EwMzgyZDVkMGRk
N2NlM2UwHhcNMjYwMzI5MDYwMDU5WhcNMjYwMzMwMDYwMDU5WjAzMTEwLwYDVQQD
EygwZmVlYzM2ZTkzOGE0MzgxNjA1NWM5YjNhYmQzNjQwNzc2Y2M0NWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsvjTzVEU8xk2qByRfRGyK+1baya
K7zPzGZK9SU0/pEm3ajCkTbfWt+fe1iS6Em8pyz1uxVzOW0o8m4sj35txlmyxcEg
g5u++MMRa5hSgU6PIlaOCT7lLGXDno9WIYYCsAFJirLm4tiQB9xAPvk2OkPbQplC
+uufVw/AlsSCLAusj24HUo8Yb7Vd2iKmnRpd8vMsLCC0wN+Qb8Bct05fWpNyDeCY
v+SlgGjeMLBipbHNl2ceXnrt7mnADbxNC+u7c5p6P4wotWqjYC4WN0718l6ND0W0
5oHKnBK8En/oSn3e831RqwWS32Vc4KwThjuuHji0OCWVW83XfQKI54TkZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA/uw26TikOBYFXJs6vTZAd2zEW/MB8GA1UdIwQY
MBaAFANYRfhsvDz6ng55h6A4LV0N184+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTFoRi1HeThQUHFlRG5tSG9EZ3RYUTNYemo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9kMjc5ZDMtOTQ3ZS00NWM3LWE4OTAt
M2I4NGQ3OWFiZGFmLzEvQTFoRi1HeThQUHFlRG5tSG9EZ3RYUTNYemo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9kMjc5ZDMtOTQ3ZS00NWM3LWE4OTAtM2I4NGQ3OWFiZGFm
LzEvQTFoRi1HeThQUHFlRG5tSG9EZ3RYUTNYemo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi4QNVBuQ
pcGdZEfI9WkCfvIFVALvmW06cSpi5YI2yaxzJGjHXpqulDcochDu3Vp6XuwSnkI8
uK5ccZLgZ/ygHIc6e2BX/Ph13+qrqfs6is3DfRoxxI4I8NRPDJugYD6CXzxFP6yQ
hq4vqh5MTMW0ALelq4yx5o6qJz+waSIIdJLojz8uAa6QPssE13HYVYnxde4DoE/W
p6Y2nflT1bjg1+onx7IVb4cX3VrRmiMxcZln/CUTqrCBQvbDuBXJS3KToHrw18NN
wwDy4RonNcjK2v0z5tnEl1Fsr9M6+ESsn2D9DVvO8bK5wjw+vEFVn4pGC9qEAm/G
Kgs14mGrfVrLAg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:44:47 2026 by rpki-client