Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/cbebe4-afa6-4a1c-961b-4431f89384a3/1/d9Vhc4owymkonMhFMN5d73SjqYI.mft
File: d9Vhc4owymkonMhFMN5d73SjqYI.mft (raw, json)
Hash identifier: d2GyoFr/DyMhT/UHqCHvi+pftoAPFJSetfgjXphdizQ=
Subject key identifier: 20:F1:94:81:ED:06:EF:4B:A5:6B:14:C0:79:3B:E1:C7:28:C9:38:EA
Authority key identifier: 77:D5:61:73:8A:30:CA:69:28:9C:C8:45:30:DE:5D:EF:74:A3:A9:82
Certificate issuer: /CN=77d561738a30ca69289cc84530de5def74a3a982
Certificate serial: 019CE55B29768089AD5EAB9480CE0AFE32F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d9Vhc4owymkonMhFMN5d73SjqYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/cbebe4-afa6-4a1c-961b-4431f89384a3/1/d9Vhc4owymkonMhFMN5d73SjqYI.mft
Manifest number: 3D
Signing time: Fri 13 Mar 2026 04:01:22 +0000
Manifest this update: Fri 13 Mar 2026 04:01:22 +0000
Manifest next update: Sat 14 Mar 2026 04:01:22 +0000
Files and hashes: 1: d9Vhc4owymkonMhFMN5d73SjqYI.crl (hash: CyS/MVZtdmfAeRBu7JGYT0G0FId4TzZmbQUTUfPOIEQ=)
2: wBGjgdfu_nLRR4DjOBdo0PtKJMM.roa (hash: PPK9ixZ6Q7KuFLEJo2Wk9bDSxb6ZvTbGERhmOzUiZuU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/cbebe4-afa6-4a1c-961b-4431f89384a3/1/d9Vhc4owymkonMhFMN5d73SjqYI.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/cbebe4-afa6-4a1c-961b-4431f89384a3/1/d9Vhc4owymkonMhFMN5d73SjqYI.mft
rsync://rpki.ripe.net/repository/DEFAULT/d9Vhc4owymkonMhFMN5d73SjqYI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e5:5b:29:76:80:89:ad:5e:ab:94:80:ce:0a:fe:32:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77d561738a30ca69289cc84530de5def74a3a982
Validity
Not Before: Mar 13 04:01:22 2026 GMT
Not After : Mar 14 04:01:22 2026 GMT
Subject: CN=20f19481ed06ef4ba56b14c0793be1c728c938ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:6b:5a:55:df:f1:08:37:e1:2c:ec:1f:97:ba:
4d:f5:74:2e:69:71:94:39:ba:c5:ae:fb:f4:4d:12:
3f:da:74:90:91:b4:2f:a6:a3:37:8b:90:94:3b:c2:
ee:dc:93:d8:0c:db:6d:ec:07:74:6b:04:ba:a7:9a:
4f:84:7c:a0:f1:2c:12:77:bd:78:5b:49:b0:92:e3:
a4:43:2d:50:e3:f4:78:df:9b:cb:29:f1:41:c4:96:
1f:c2:ab:a2:c8:09:c3:59:9c:a2:2c:9b:3f:2b:59:
98:92:4f:f2:4a:0e:5a:ac:9e:f2:66:59:87:04:0f:
1e:75:fc:f6:d9:c2:4d:f4:c4:8d:a7:18:fc:a8:0f:
8e:ae:e9:4e:dc:36:c9:88:a7:72:3b:a4:c2:1f:a1:
c9:5e:c2:d0:28:a2:e5:a5:53:ea:3c:dc:4c:53:b5:
9b:b4:fb:c9:80:63:45:64:a2:88:6b:74:d3:52:40:
f0:6d:82:7b:a4:37:22:eb:f4:44:6a:54:54:c0:ed:
63:17:62:b6:90:fa:e5:ae:77:68:00:a6:bd:cf:56:
98:f2:d8:dc:4d:52:b3:16:0d:0c:a8:00:19:80:4a:
b1:1b:ef:74:de:f7:a5:2c:c0:db:90:7e:b3:c5:cf:
05:51:e2:d8:79:6b:53:e0:d0:55:1a:9d:0c:f3:10:
ce:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:F1:94:81:ED:06:EF:4B:A5:6B:14:C0:79:3B:E1:C7:28:C9:38:EA
X509v3 Authority Key Identifier:
keyid:77:D5:61:73:8A:30:CA:69:28:9C:C8:45:30:DE:5D:EF:74:A3:A9:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9Vhc4owymkonMhFMN5d73SjqYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/cbebe4-afa6-4a1c-961b-4431f89384a3/1/d9Vhc4owymkonMhFMN5d73SjqYI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/cbebe4-afa6-4a1c-961b-4431f89384a3/1/d9Vhc4owymkonMhFMN5d73SjqYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
cb:28:3a:18:bf:7d:1b:34:a1:90:ba:92:9c:ab:94:bb:c2:37:
3a:b6:cc:79:be:e7:9c:ec:79:84:21:76:86:25:8b:cc:cb:69:
32:fd:dd:3c:76:ca:64:8f:c7:46:02:74:15:db:37:e2:f2:e4:
de:f6:37:50:c2:40:4d:e7:1e:ca:a4:60:11:9e:06:72:22:bc:
3c:56:bd:3e:b5:63:f5:6f:c4:ca:21:b4:7c:a2:83:b5:ed:59:
14:c0:93:65:aa:a9:01:c7:43:6f:de:bf:3f:77:1f:d2:22:2e:
d8:2a:60:d2:d0:4d:81:61:1c:e7:af:43:54:71:a9:f0:d0:84:
be:e3:59:28:1f:55:3e:70:70:78:94:b5:43:e4:ca:23:17:82:
10:e2:2f:a1:c0:c1:c6:ff:83:20:5b:50:43:cc:ae:c1:69:7a:
ec:04:20:61:e2:89:43:0b:d4:fb:98:a3:e8:c7:ad:a9:7f:ec:
68:78:82:8a:a1:dc:cc:60:ce:3f:ec:54:8c:1f:92:db:4f:49:
4b:39:84:0a:31:76:53:b4:f2:ba:98:a8:de:a6:29:22:0c:3a:
b5:2b:69:e1:7b:89:fc:e5:2d:e9:d3:61:5e:9a:e8:e5:27:aa:
fb:cc:5f:38:6b:50:72:4a:84:96:41:fb:a6:4d:27:cb:6e:ce:
9c:30:c2:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZzlWyl2gImtXquUgM4K/jLyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZDU2MTczOGEzMGNhNjkyODljYzg0NTMwZGU1ZGVmNzRh
M2E5ODIwHhcNMjYwMzEzMDQwMTIyWhcNMjYwMzE0MDQwMTIyWjAzMTEwLwYDVQQD
EygyMGYxOTQ4MWVkMDZlZjRiYTU2YjE0YzA3OTNiZTFjNzI4YzkzOGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWtaVd/xCDfhLOwfl7pN9XQuaXGU
ObrFrvv0TRI/2nSQkbQvpqM3i5CUO8Lu3JPYDNtt7Ad0awS6p5pPhHyg8SwSd714
W0mwkuOkQy1Q4/R435vLKfFBxJYfwquiyAnDWZyiLJs/K1mYkk/ySg5arJ7yZlmH
BA8edfz22cJN9MSNpxj8qA+OrulO3DbJiKdyO6TCH6HJXsLQKKLlpVPqPNxMU7Wb
tPvJgGNFZKKIa3TTUkDwbYJ7pDci6/REalRUwO1jF2K2kPrlrndoAKa9z1aY8tjc
TVKzFg0MqAAZgEqxG+903velLMDbkH6zxc8FUeLYeWtT4NBVGp0M8xDOTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCDxlIHtBu9LpWsUwHk74ccoyTjqMB8GA1UdIwQY
MBaAFHfVYXOKMMppKJzIRTDeXe90o6mCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDlWaGM0b3d5bWtvbk1oRk1ONWQ3M1NqcVlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jYmViZTQtYWZhNi00YTFjLTk2MWIt
NDQzMWY4OTM4NGEzLzEvZDlWaGM0b3d5bWtvbk1oRk1ONWQ3M1NqcVlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9jYmViZTQtYWZhNi00YTFjLTk2MWItNDQzMWY4OTM4NGEz
LzEvZDlWaGM0b3d5bWtvbk1oRk1ONWQ3M1NqcVlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyyg6GL99
GzShkLqSnKuUu8I3OrbMeb7nnOx5hCF2hiWLzMtpMv3dPHbKZI/HRgJ0Fds34vLk
3vY3UMJATeceyqRgEZ4GciK8PFa9PrVj9W/EyiG0fKKDte1ZFMCTZaqpAcdDb96/
P3cf0iIu2Cpg0tBNgWEc569DVHGp8NCEvuNZKB9VPnBweJS1Q+TKIxeCEOIvocDB
xv+DIFtQQ8yuwWl67AQgYeKJQwvU+5ij6MetqX/saHiCiqHczGDOP+xUjB+S209J
SzmECjF2U7Tyupio3qYpIgw6tStp4XuJ/OUt6dNhXpro5Seq+8xfOGtQckqElkH7
pk0ny27OnDDCyA==
-----END CERTIFICATE-----
Generated at Fri Mar 13 11:20:40 2026 by rpki-client