Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft
File: imgZHKtu8GsyKwsSSHhdSEpFJPM.mft (raw, json)
Hash identifier: YEND6Y96RiYbBV3ry2zhRRhMyxfie6JU9YrwOHwibF0=
Subject key identifier: 17:10:4D:FD:7C:2E:D7:AF:FC:93:40:CE:9A:FD:A2:85:61:B8:06:35
Authority key identifier: 8A:68:19:1C:AB:6E:F0:6B:32:2B:0B:12:48:78:5D:48:4A:45:24:F3
Certificate issuer: /CN=8a68191cab6ef06b322b0b1248785d484a4524f3
Certificate serial: 019D39AF559180377F267080CB86E0858819
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft
Manifest number: 12DF
Signing time: Sun 29 Mar 2026 13:01:25 +0000
Manifest this update: Sun 29 Mar 2026 13:01:25 +0000
Manifest next update: Mon 30 Mar 2026 13:01:25 +0000
Files and hashes: 1: YyRSnlrY6ZL2BY7kWgNKQn7ZABQ.roa (hash: XGF2A8hVRY8awHWUJiWHAMyAA173IB6zQJ6kuXsZFy4=)
2: imgZHKtu8GsyKwsSSHhdSEpFJPM.crl (hash: JX2S7SSPgwQg4a4c/gfQIER2hj4cx9gEawd7DSk38ZM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft
rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 13:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:af:55:91:80:37:7f:26:70:80:cb:86:e0:85:88:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a68191cab6ef06b322b0b1248785d484a4524f3
Validity
Not Before: Mar 29 13:01:25 2026 GMT
Not After : Mar 30 13:01:25 2026 GMT
Subject: CN=17104dfd7c2ed7affc9340ce9afda28561b80635
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4b:6a:d5:fe:db:ea:80:44:eb:84:e1:73:a6:
32:72:8b:99:e4:01:ec:68:89:ff:e9:bf:66:68:a1:
2d:89:93:0f:e0:6a:ae:92:dd:12:4d:1d:e9:53:0d:
5b:ea:d5:a3:b6:b1:74:2d:43:c5:57:5d:67:08:cc:
04:fb:f2:ab:7e:d7:ed:10:33:db:e3:06:2d:19:97:
f8:01:10:59:a8:f6:fc:b6:d2:5e:db:01:65:a4:fd:
cb:d5:31:55:72:72:4b:aa:37:9a:10:3c:96:3b:a9:
24:3a:80:cb:a6:09:9e:ac:3a:73:c9:b3:be:68:21:
f2:4c:3e:0d:29:3c:d3:7c:bc:a1:86:90:fa:6d:2d:
17:19:a4:08:66:f4:5f:fc:85:26:ee:af:3d:42:73:
7c:38:69:ca:d6:fb:72:d5:f2:82:0f:af:6c:77:cd:
43:0a:cd:cc:ee:d0:8e:21:0f:48:0e:70:1c:a7:0b:
ee:ac:95:68:ed:15:70:52:bf:09:fa:86:cc:31:c4:
70:d0:63:d7:aa:49:69:7c:d4:c2:16:1d:8e:5e:da:
2f:ef:3c:7e:21:f9:25:bf:4b:89:3b:75:bb:1d:76:
7d:80:c0:e8:2a:ee:a6:6b:f9:66:56:1d:dc:ca:f7:
62:b0:2e:c2:c7:59:a3:a1:74:81:17:8d:ca:4e:47:
8e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:10:4D:FD:7C:2E:D7:AF:FC:93:40:CE:9A:FD:A2:85:61:B8:06:35
X509v3 Authority Key Identifier:
keyid:8A:68:19:1C:AB:6E:F0:6B:32:2B:0B:12:48:78:5D:48:4A:45:24:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b0:22:01:b7:dd:ad:b7:b4:2b:6d:ba:81:b2:e0:06:07:f9:13:
61:e5:84:80:e6:eb:a5:72:8e:d5:6a:a9:e1:d5:26:3a:45:5a:
54:a8:9d:bb:c4:e0:81:ef:cb:2c:4f:5c:77:72:b9:7d:78:aa:
58:b7:47:ce:93:ad:c3:18:12:62:19:de:48:c5:26:d5:13:a0:
47:f5:51:e1:f3:b3:7f:c6:9c:dd:0b:8f:f6:f2:cf:d4:23:a9:
2f:63:d9:a7:5c:61:51:e0:55:12:55:92:e4:03:10:14:c9:e1:
18:18:d5:84:b2:19:c7:c5:e2:9a:ba:b0:85:02:cb:d4:da:ff:
17:1d:77:e8:86:7f:34:bd:d9:5e:0b:70:fe:02:53:c9:fc:11:
76:24:bc:2b:d8:ab:5b:16:34:33:28:a4:13:5e:e5:7c:c2:23:
84:f1:1a:43:45:25:5f:ee:b9:3b:0c:34:7b:6a:83:51:46:eb:
ab:28:ec:f6:9e:a9:40:c1:c8:39:e2:2b:d6:89:41:6e:43:89:
26:55:d6:20:97:36:f6:ff:e9:5a:9f:79:53:89:f3:c9:c1:73:
17:aa:e8:1f:00:84:17:1d:c3:83:f2:c1:9d:73:bc:f0:0e:0c:
83:1b:4d:73:90:30:5e:e7:e6:e0:a8:87:3a:a7:14:8f:41:19:
5d:12:d0:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05r1WRgDd/JnCAy4bghYgZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNjgxOTFjYWI2ZWYwNmIzMjJiMGIxMjQ4Nzg1ZDQ4NGE0
NTI0ZjMwHhcNMjYwMzI5MTMwMTI1WhcNMjYwMzMwMTMwMTI1WjAzMTEwLwYDVQQD
EygxNzEwNGRmZDdjMmVkN2FmZmM5MzQwY2U5YWZkYTI4NTYxYjgwNjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsktq1f7b6oBE64Thc6YycouZ5AHs
aIn/6b9maKEtiZMP4Gqukt0STR3pUw1b6tWjtrF0LUPFV11nCMwE+/KrftftEDPb
4wYtGZf4ARBZqPb8ttJe2wFlpP3L1TFVcnJLqjeaEDyWO6kkOoDLpgmerDpzybO+
aCHyTD4NKTzTfLyhhpD6bS0XGaQIZvRf/IUm7q89QnN8OGnK1vty1fKCD69sd81D
Cs3M7tCOIQ9IDnAcpwvurJVo7RVwUr8J+obMMcRw0GPXqklpfNTCFh2OXtov7zx+
Ifklv0uJO3W7HXZ9gMDoKu6ma/lmVh3cyvdisC7Cx1mjoXSBF43KTkeOIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBcQTf18Ltev/JNAzpr9ooVhuAY1MB8GA1UdIwQY
MBaAFIpoGRyrbvBrMisLEkh4XUhKRSTzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW1nWkhLdHU4R3N5S3dzU1NIaGRTRXBGSlBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lM2VlOGQtZTQ1OS00ZjQ3LWI3NWQt
OTcxMTdlZWI0ODkxLzEvaW1nWkhLdHU4R3N5S3dzU1NIaGRTRXBGSlBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lM2VlOGQtZTQ1OS00ZjQ3LWI3NWQtOTcxMTdlZWI0ODkx
LzEvaW1nWkhLdHU4R3N5S3dzU1NIaGRTRXBGSlBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsCIBt92t
t7QrbbqBsuAGB/kTYeWEgObrpXKO1Wqp4dUmOkVaVKidu8Tgge/LLE9cd3K5fXiq
WLdHzpOtwxgSYhneSMUm1ROgR/VR4fOzf8ac3QuP9vLP1COpL2PZp1xhUeBVElWS
5AMQFMnhGBjVhLIZx8XimrqwhQLL1Nr/Fx136IZ/NL3ZXgtw/gJTyfwRdiS8K9ir
WxY0MyikE17lfMIjhPEaQ0UlX+65Oww0e2qDUUbrqyjs9p6pQMHIOeIr1olBbkOJ
JlXWIJc29v/pWp95U4nzycFzF6roHwCEFx3Dg/LBnXO88A4MgxtNc5AwXufm4KiH
OqcUj0EZXRLQVA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 21:25:30 2026 by rpki-client