Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.mft
File: sdLmgf8j3d89UXhY4cZKHa0phyk.mft (raw, json)
Hash identifier: YnDFm7BKwPJRhPPkqiN/9+RzBgBBCT0JIU0d/+9+E3Q=
Subject key identifier: 8B:C3:C0:FC:6B:77:68:4E:BF:83:15:A2:BB:8A:48:3D:95:C1:CB:9B
Authority key identifier: B1:D2:E6:81:FF:23:DD:DF:3D:51:78:58:E1:C6:4A:1D:AD:29:87:29
Certificate issuer: /CN=b1d2e681ff23dddf3d517858e1c64a1dad298729
Certificate serial: 019D3909EE6E4CAD0C97722D84A89C0A6A10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sdLmgf8j3d89UXhY4cZKHa0phyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.mft
Manifest number: 16DD
Signing time: Sun 29 Mar 2026 10:00:45 +0000
Manifest this update: Sun 29 Mar 2026 10:00:45 +0000
Manifest next update: Mon 30 Mar 2026 10:00:45 +0000
Files and hashes: 1: bLRsbjwrHl85CS_7pV5-UUKmgDU.roa (hash: wRWPjMaqEtjkWAV9xCnB4Aq9mP2pz2n/Qg6SuBrxsSE=)
2: sdLmgf8j3d89UXhY4cZKHa0phyk.crl (hash: YGhODvNOlHXTiy41pQKF/8hj50W/U38EsjcWEJ0zg5Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.mft
rsync://rpki.ripe.net/repository/DEFAULT/sdLmgf8j3d89UXhY4cZKHa0phyk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:09:ee:6e:4c:ad:0c:97:72:2d:84:a8:9c:0a:6a:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1d2e681ff23dddf3d517858e1c64a1dad298729
Validity
Not Before: Mar 29 10:00:45 2026 GMT
Not After : Mar 30 10:00:45 2026 GMT
Subject: CN=8bc3c0fc6b77684ebf8315a2bb8a483d95c1cb9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e3:df:4e:ea:32:7c:b6:ba:03:44:62:f8:9e:
ab:a0:8e:e7:23:0c:b2:3e:d3:4c:c5:09:a7:08:58:
9f:64:55:69:5f:2f:68:5c:2c:90:19:bf:ef:c5:7d:
95:2a:56:dd:51:87:19:29:92:a2:6f:85:be:e9:5c:
62:e7:5c:9d:c7:01:2d:af:b0:b8:fd:bc:85:4d:51:
ab:85:b5:e7:90:6c:50:15:e6:3b:08:8f:7b:09:46:
8a:dc:53:a3:16:cf:f5:89:8f:e3:e5:38:71:be:76:
2b:2c:1d:5a:57:6f:4c:c8:97:3d:ce:ad:36:de:e7:
cb:fd:f3:af:d5:3b:a8:d7:57:7d:8b:68:5b:6b:fe:
89:76:e8:dd:a0:e1:29:6d:95:54:c1:f9:12:dc:85:
cb:99:73:bc:38:f6:8b:33:2c:6b:db:63:9c:c5:c3:
bb:9b:a6:6c:6f:ae:7a:62:65:5d:25:56:aa:c9:9c:
48:e5:1d:c1:4a:19:14:96:a3:df:d5:0f:f9:6d:e5:
94:39:1f:43:5b:ae:3c:07:17:f8:dc:30:49:b1:41:
52:61:36:89:00:77:45:81:d2:f7:45:7c:91:c1:42:
48:d1:6d:a7:ad:95:d4:4d:48:e5:40:64:8a:e9:fd:
bf:0c:d1:7b:69:b2:94:6c:89:77:56:71:93:aa:de:
c4:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:C3:C0:FC:6B:77:68:4E:BF:83:15:A2:BB:8A:48:3D:95:C1:CB:9B
X509v3 Authority Key Identifier:
keyid:B1:D2:E6:81:FF:23:DD:DF:3D:51:78:58:E1:C6:4A:1D:AD:29:87:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sdLmgf8j3d89UXhY4cZKHa0phyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
04:ab:6a:ae:17:b0:9d:d9:00:25:dc:db:98:cf:d8:f0:81:e5:
2a:db:5a:73:c2:1a:a0:bb:d8:e2:73:16:17:07:ff:c6:c7:98:
27:46:55:51:d0:6f:a7:82:d4:f3:19:2f:9f:f1:89:9d:c3:f8:
85:0d:2f:a8:50:61:60:80:3d:33:65:7f:d7:4a:60:18:7d:7d:
b3:f4:a7:7a:2b:c8:9d:72:36:63:b4:88:42:b8:06:c6:e6:4b:
c2:8f:fa:2a:95:74:6d:10:02:ba:35:e1:d4:d3:cc:8f:5f:e5:
22:31:24:f5:7c:1c:81:a8:d8:6d:47:16:c4:e0:cb:b9:be:ff:
92:22:7f:89:f4:9e:bd:d1:15:3b:6c:e4:66:b0:ba:f4:24:ce:
b0:0c:45:6f:36:f0:55:cc:04:95:0f:bb:27:39:f7:20:e9:18:
9e:2a:6a:50:01:37:15:a6:d8:75:3a:ff:20:d4:42:b7:6f:ea:
90:ab:51:22:aa:db:fd:3d:5b:ac:1e:ea:21:1b:82:c5:a0:3e:
2f:34:13:14:60:6f:49:c1:3b:74:a7:ca:4a:8b:f4:68:d5:8d:
f3:7b:6a:ef:75:c2:d4:0a:06:b8:6f:e5:a6:2e:20:84:43:1a:
ff:1c:9d:91:06:eb:f9:57:ef:7d:d8:b5:2a:62:db:4e:11:df:
f3:37:d8:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05Ce5uTK0Ml3IthKicCmoQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZDJlNjgxZmYyM2RkZGYzZDUxNzg1OGUxYzY0YTFkYWQy
OTg3MjkwHhcNMjYwMzI5MTAwMDQ1WhcNMjYwMzMwMTAwMDQ1WjAzMTEwLwYDVQQD
Eyg4YmMzYzBmYzZiNzc2ODRlYmY4MzE1YTJiYjhhNDgzZDk1YzFjYjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuPfTuoyfLa6A0Ri+J6roI7nIwyy
PtNMxQmnCFifZFVpXy9oXCyQGb/vxX2VKlbdUYcZKZKib4W+6Vxi51ydxwEtr7C4
/byFTVGrhbXnkGxQFeY7CI97CUaK3FOjFs/1iY/j5ThxvnYrLB1aV29MyJc9zq02
3ufL/fOv1Tuo11d9i2hba/6JdujdoOEpbZVUwfkS3IXLmXO8OPaLMyxr22OcxcO7
m6Zsb656YmVdJVaqyZxI5R3BShkUlqPf1Q/5beWUOR9DW648Bxf43DBJsUFSYTaJ
AHdFgdL3RXyRwUJI0W2nrZXUTUjlQGSK6f2/DNF7abKUbIl3VnGTqt7EXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIvDwPxrd2hOv4MVoruKSD2VwcubMB8GA1UdIwQY
MBaAFLHS5oH/I93fPVF4WOHGSh2tKYcpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2RMbWdmOGozZDg5VVhoWTRjWktIYTBwaHlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9kNTY4ZWQtMTc4MC00ZDYwLWE2Zjct
NWE4MzYwZGVhM2EzLzEvc2RMbWdmOGozZDg5VVhoWTRjWktIYTBwaHlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9kNTY4ZWQtMTc4MC00ZDYwLWE2ZjctNWE4MzYwZGVhM2Ez
LzEvc2RMbWdmOGozZDg5VVhoWTRjWktIYTBwaHlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABKtqrhew
ndkAJdzbmM/Y8IHlKttac8IaoLvY4nMWFwf/xseYJ0ZVUdBvp4LU8xkvn/GJncP4
hQ0vqFBhYIA9M2V/10pgGH19s/SneivInXI2Y7SIQrgGxuZLwo/6KpV0bRACujXh
1NPMj1/lIjEk9XwcgajYbUcWxODLub7/kiJ/ifSevdEVO2zkZrC69CTOsAxFbzbw
VcwElQ+7Jzn3IOkYnipqUAE3FabYdTr/INRCt2/qkKtRIqrb/T1brB7qIRuCxaA+
LzQTFGBvScE7dKfKSov0aNWN83tq73XC1AoGuG/lpi4ghEMa/xydkQbr+Vfvfdi1
KmLbThHf8zfYMg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:31:06 2026 by rpki-client