Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft
File: JY8HU8Azwa8JGGbQlCZFEmlspos.mft (raw, json)
Hash identifier: 7THNK5pVOBcH5LrXnk4cMqqwEcl9yhbbAZAprFzmBaY=
Subject key identifier: 13:27:B3:5D:A6:83:00:7B:34:E7:5C:4C:A6:1C:2E:9E:B5:BE:E1:FC
Authority key identifier: 25:8F:07:53:C0:33:C1:AF:09:18:66:D0:94:26:45:12:69:6C:A6:8B
Certificate issuer: /CN=258f0753c033c1af091866d094264512696ca68b
Certificate serial: 019D36E4ABD0C65EBCCBCD728DCD5DE2DACB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JY8HU8Azwa8JGGbQlCZFEmlspos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft
Manifest number: 0BDA
Signing time: Sun 29 Mar 2026 00:00:48 +0000
Manifest this update: Sun 29 Mar 2026 00:00:48 +0000
Manifest next update: Mon 30 Mar 2026 00:00:48 +0000
Files and hashes: 1: Cpe2_Ojc_FZLY2oGHgVbMwJjk9A.roa (hash: QYPBK9tLe2NLf5ToJsGlVRXUrRctKZptQZU1FwtQfmU=)
2: JY8HU8Azwa8JGGbQlCZFEmlspos.crl (hash: cPVqg2QNsj2cRDBWewLzPgVl7r1fG80+KQiui6JylCI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft
rsync://rpki.ripe.net/repository/DEFAULT/JY8HU8Azwa8JGGbQlCZFEmlspos.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 00:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:36:e4:ab:d0:c6:5e:bc:cb:cd:72:8d:cd:5d:e2:da:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=258f0753c033c1af091866d094264512696ca68b
Validity
Not Before: Mar 29 00:00:48 2026 GMT
Not After : Mar 30 00:00:48 2026 GMT
Subject: CN=1327b35da683007b34e75c4ca61c2e9eb5bee1fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:73:55:9e:0e:eb:a3:1a:a4:bd:76:da:5b:86:
d3:5f:3b:15:97:8b:5e:c0:57:54:b6:8b:4a:42:d1:
33:1d:48:44:5f:38:f4:6a:7e:63:7c:0a:d6:c6:1f:
b0:b9:62:ca:35:54:25:02:45:ef:92:8c:73:1f:bb:
cb:35:02:50:ea:ff:b5:5a:1a:bb:53:a4:41:4d:55:
f0:14:09:29:76:fa:36:37:5c:5f:45:15:e4:da:c9:
77:71:b0:b6:ac:01:00:ee:25:86:d1:65:b5:13:f5:
10:35:82:4a:b5:7c:4c:d5:ce:b7:c7:20:d3:16:ea:
0e:e5:77:da:d1:51:c0:03:a1:55:bb:d9:2d:5f:5a:
d5:22:8e:dc:e7:39:31:cb:86:48:3c:a3:d9:27:d3:
b0:41:3d:a8:65:4a:7d:da:8e:a8:08:4f:ea:f1:10:
fa:c8:11:ac:d7:4e:da:48:34:23:86:b8:5c:ff:15:
d0:8c:1b:f8:87:d5:54:b0:af:19:92:38:f2:27:1f:
94:2b:82:85:d5:2b:f2:e3:68:30:a2:2d:11:9c:fd:
66:74:33:15:91:ad:34:4b:d8:31:64:45:18:2e:5a:
23:d6:bd:43:9c:31:fe:1d:c0:74:5f:7b:96:9e:db:
50:2f:10:ef:d6:47:0a:c0:5a:df:91:5a:4f:c2:41:
aa:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:27:B3:5D:A6:83:00:7B:34:E7:5C:4C:A6:1C:2E:9E:B5:BE:E1:FC
X509v3 Authority Key Identifier:
keyid:25:8F:07:53:C0:33:C1:AF:09:18:66:D0:94:26:45:12:69:6C:A6:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JY8HU8Azwa8JGGbQlCZFEmlspos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0a:ff:af:9e:4d:e3:34:59:16:23:9a:6f:a7:e8:ab:7c:e7:37:
b0:b5:5f:cb:90:64:da:e7:1c:cb:30:e4:b5:38:33:0d:ea:d4:
59:c6:3c:79:e3:95:91:0e:67:32:91:e7:10:d2:bf:1f:6c:de:
bc:66:ff:fa:a4:51:0a:9c:d6:fc:ce:f6:2b:be:53:26:b5:0a:
1f:cd:de:0e:26:a9:3b:eb:fc:5f:c4:47:27:86:04:d8:97:21:
d4:11:d7:2a:46:9c:9c:01:32:87:d0:a9:49:6a:d0:38:9f:7c:
13:7e:2a:c6:32:d0:3d:e6:ce:f9:a0:0b:07:96:0e:e8:9e:59:
cc:76:c2:fe:0d:e1:f3:44:79:11:09:41:78:ac:28:04:e1:53:
d0:22:02:6c:f6:56:6a:f6:9f:48:2a:a8:f5:91:de:8a:e9:04:
03:45:53:c6:a4:ab:df:cc:a8:0d:e4:aa:94:a1:b7:9f:68:21:
93:c3:94:3a:ca:43:95:9d:c2:6f:2f:29:af:a8:cb:1e:fe:ed:
e0:bd:fa:d4:ec:88:9a:c4:4d:a2:47:a6:a7:43:50:27:23:cb:
dd:4e:f2:a4:66:05:39:1f:e8:8c:35:7c:a0:05:b9:2a:27:8f:
d3:50:3e:12:0e:e0:14:e2:ef:3d:65:1c:1f:7c:bb:4d:4e:0e:
ab:92:b2:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ025KvQxl68y81yjc1d4trLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1OGYwNzUzYzAzM2MxYWYwOTE4NjZkMDk0MjY0NTEyNjk2
Y2E2OGIwHhcNMjYwMzI5MDAwMDQ4WhcNMjYwMzMwMDAwMDQ4WjAzMTEwLwYDVQQD
EygxMzI3YjM1ZGE2ODMwMDdiMzRlNzVjNGNhNjFjMmU5ZWI1YmVlMWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnNVng7roxqkvXbaW4bTXzsVl4te
wFdUtotKQtEzHUhEXzj0an5jfArWxh+wuWLKNVQlAkXvkoxzH7vLNQJQ6v+1Whq7
U6RBTVXwFAkpdvo2N1xfRRXk2sl3cbC2rAEA7iWG0WW1E/UQNYJKtXxM1c63xyDT
FuoO5Xfa0VHAA6FVu9ktX1rVIo7c5zkxy4ZIPKPZJ9OwQT2oZUp92o6oCE/q8RD6
yBGs107aSDQjhrhc/xXQjBv4h9VUsK8ZkjjyJx+UK4KF1Svy42gwoi0RnP1mdDMV
ka00S9gxZEUYLloj1r1DnDH+HcB0X3uWnttQLxDv1kcKwFrfkVpPwkGqBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBMns12mgwB7NOdcTKYcLp61vuH8MB8GA1UdIwQY
MBaAFCWPB1PAM8GvCRhm0JQmRRJpbKaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlk4SFU4QXp3YThKR0diUWxDWkZFbWxzcG9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8zYmFlODctODJlYi00NTFmLTgwNDQt
MmMyZjBkMjRmOTM2LzEvSlk4SFU4QXp3YThKR0diUWxDWkZFbWxzcG9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8zYmFlODctODJlYi00NTFmLTgwNDQtMmMyZjBkMjRmOTM2
LzEvSlk4SFU4QXp3YThKR0diUWxDWkZFbWxzcG9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACv+vnk3j
NFkWI5pvp+irfOc3sLVfy5Bk2uccyzDktTgzDerUWcY8eeOVkQ5nMpHnENK/H2ze
vGb/+qRRCpzW/M72K75TJrUKH83eDiapO+v8X8RHJ4YE2Jch1BHXKkacnAEyh9Cp
SWrQOJ98E34qxjLQPebO+aALB5YO6J5ZzHbC/g3h80R5EQlBeKwoBOFT0CICbPZW
avafSCqo9ZHeiukEA0VTxqSr38yoDeSqlKG3n2ghk8OUOspDlZ3Cby8pr6jLHv7t
4L361OyImsRNokemp0NQJyPL3U7ypGYFOR/ojDV8oAW5KieP01A+Eg7gFOLvPWUc
H3y7TU4Oq5Kyzw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:13:11 2026 by rpki-client