Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/8a59db-5ad8-4f3f-97c2-f38bcbd93390/1/SrfcA3ifWGIbJejdDZJdyRtKWqI.mft
File: SrfcA3ifWGIbJejdDZJdyRtKWqI.mft (raw, json)
Hash identifier: jBkxE0+Sw3pw8U3gZWnroRJQJKdglhHXLIai/5eVtv8=
Subject key identifier: F8:88:95:32:E4:8F:C3:F0:89:0A:B4:BE:D6:DE:EB:6C:E2:1C:48:47
Authority key identifier: 4A:B7:DC:03:78:9F:58:62:1B:25:E8:DD:0D:92:5D:C9:1B:4A:5A:A2
Certificate issuer: /CN=4ab7dc03789f58621b25e8dd0d925dc91b4a5aa2
Certificate serial: 019D3940C2F969034F76DA5E9F0EA1E49C58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SrfcA3ifWGIbJejdDZJdyRtKWqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/8a59db-5ad8-4f3f-97c2-f38bcbd93390/1/SrfcA3ifWGIbJejdDZJdyRtKWqI.mft
Manifest number: 0D35
Signing time: Sun 29 Mar 2026 11:00:38 +0000
Manifest this update: Sun 29 Mar 2026 11:00:38 +0000
Manifest next update: Mon 30 Mar 2026 11:00:38 +0000
Files and hashes: 1: PsulLIoJ2K5yIXwpqDT_vBbetoI.roa (hash: g6k+9r2f7VE361y/QPPTNZq47JKvyoKEVsQ41jGm2AM=)
2: SrfcA3ifWGIbJejdDZJdyRtKWqI.crl (hash: S3Zi5ODXt7bceyYl5EEFDbx8QXQukUVqxSM9e4ZkUeA=)
3: xPJTQ1B0b58IM-swEMoKUaok-jY.roa (hash: 8WLFOKN87EOL1HNV9YM46I3DeHkcz7BwooQlJCjXH2s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/8a59db-5ad8-4f3f-97c2-f38bcbd93390/1/SrfcA3ifWGIbJejdDZJdyRtKWqI.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/8a59db-5ad8-4f3f-97c2-f38bcbd93390/1/SrfcA3ifWGIbJejdDZJdyRtKWqI.mft
rsync://rpki.ripe.net/repository/DEFAULT/SrfcA3ifWGIbJejdDZJdyRtKWqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:40:c2:f9:69:03:4f:76:da:5e:9f:0e:a1:e4:9c:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ab7dc03789f58621b25e8dd0d925dc91b4a5aa2
Validity
Not Before: Mar 29 11:00:38 2026 GMT
Not After : Mar 30 11:00:38 2026 GMT
Subject: CN=f8889532e48fc3f0890ab4bed6deeb6ce21c4847
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b4:76:a0:a2:d2:ad:1d:db:e7:20:c7:b0:95:
6c:d3:1b:19:bf:82:dd:49:cc:54:4a:0c:bb:8f:ce:
cf:ff:77:f1:5c:44:3a:0c:1b:d9:67:f5:45:e6:67:
db:d6:6e:ae:f4:2b:69:e2:5b:e0:99:66:83:a2:ee:
6d:7c:91:62:2a:2b:db:12:0e:94:21:e7:1d:01:01:
15:dd:91:2b:db:fc:bb:82:fc:4b:3c:0b:6b:2c:bf:
3d:8a:29:6f:dc:9e:c1:c4:b1:23:34:0c:3b:e8:93:
6d:6d:37:e0:a0:30:54:06:77:41:fc:fa:ef:7a:eb:
61:36:7b:2d:b4:88:58:a1:7c:aa:b8:13:6e:67:a7:
27:71:a8:aa:34:bb:ed:f2:f8:2f:d7:b1:5e:45:92:
fb:f2:06:2e:12:85:a1:7e:79:65:98:cf:d9:ce:7b:
1e:99:8d:d9:3e:65:b6:4f:08:a9:fe:04:60:53:27:
7c:f6:ad:d8:4f:3c:54:0b:5f:c4:a5:7c:81:26:1f:
c1:50:0f:b2:ad:ec:01:7d:3e:58:60:54:d9:ee:b2:
f5:3a:4e:71:a2:37:a1:b1:e8:fb:63:7e:8a:ef:c2:
fe:48:29:2a:09:c9:3b:83:36:c4:73:8d:70:5a:60:
2f:34:1c:03:fe:95:7e:72:c8:72:6a:12:5c:0d:3c:
1e:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:88:95:32:E4:8F:C3:F0:89:0A:B4:BE:D6:DE:EB:6C:E2:1C:48:47
X509v3 Authority Key Identifier:
keyid:4A:B7:DC:03:78:9F:58:62:1B:25:E8:DD:0D:92:5D:C9:1B:4A:5A:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SrfcA3ifWGIbJejdDZJdyRtKWqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/8a59db-5ad8-4f3f-97c2-f38bcbd93390/1/SrfcA3ifWGIbJejdDZJdyRtKWqI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/8a59db-5ad8-4f3f-97c2-f38bcbd93390/1/SrfcA3ifWGIbJejdDZJdyRtKWqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
af:ca:30:3b:c1:2f:0c:6e:f6:41:ca:db:84:f4:eb:87:8a:b0:
1b:8f:bc:85:5b:ca:17:cb:c4:2e:de:1d:88:98:ed:e1:91:a3:
9a:4d:c9:2d:0d:96:78:35:36:96:09:63:fa:b6:45:71:b7:42:
a9:54:86:06:14:46:ab:31:87:45:d0:72:df:68:ed:71:91:23:
f6:0c:42:68:1b:9c:d1:ec:6f:38:b7:98:29:79:09:53:30:5b:
93:8a:ef:a7:0a:ce:be:37:0e:d8:92:a9:2b:03:7b:b8:e8:c0:
b0:4e:a8:73:19:98:e9:29:ce:f6:da:c7:61:36:38:b9:f4:30:
da:84:df:fe:3a:43:55:17:86:65:a9:67:f8:55:1d:4f:c3:61:
2d:f5:77:6e:f9:35:6c:0c:55:4d:07:23:57:98:8d:fe:9d:a9:
61:8b:d5:02:5b:97:19:05:3a:34:ab:59:34:ac:b0:89:16:9d:
2f:78:04:32:7d:2d:21:12:d1:74:74:1b:e5:a4:79:21:63:92:
e6:df:71:98:29:31:cb:34:79:bd:47:6f:f5:da:7d:f5:44:16:
13:ca:12:aa:7d:d3:46:fb:d5:39:e3:b5:b8:91:ee:9f:d5:34:
bf:0e:c0:af:b2:f2:78:b4:20:a4:72:4a:50:84:ab:04:ca:1a:
70:d3:67:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QML5aQNPdtpenw6h5JxYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhYjdkYzAzNzg5ZjU4NjIxYjI1ZThkZDBkOTI1ZGM5MWI0
YTVhYTIwHhcNMjYwMzI5MTEwMDM4WhcNMjYwMzMwMTEwMDM4WjAzMTEwLwYDVQQD
EyhmODg4OTUzMmU0OGZjM2YwODkwYWI0YmVkNmRlZWI2Y2UyMWM0ODQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7R2oKLSrR3b5yDHsJVs0xsZv4Ld
ScxUSgy7j87P/3fxXEQ6DBvZZ/VF5mfb1m6u9Ctp4lvgmWaDou5tfJFiKivbEg6U
IecdAQEV3ZEr2/y7gvxLPAtrLL89iilv3J7BxLEjNAw76JNtbTfgoDBUBndB/Prv
euthNnsttIhYoXyquBNuZ6cncaiqNLvt8vgv17FeRZL78gYuEoWhfnllmM/Zznse
mY3ZPmW2Twip/gRgUyd89q3YTzxUC1/EpXyBJh/BUA+yrewBfT5YYFTZ7rL1Ok5x
ojehsej7Y36K78L+SCkqCck7gzbEc41wWmAvNBwD/pV+cshyahJcDTweMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPiIlTLkj8PwiQq0vtbe62ziHEhHMB8GA1UdIwQY
MBaAFEq33AN4n1hiGyXo3Q2SXckbSlqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3JmY0EzaWZXR0liSmVqZERaSmR5UnRLV3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC84YTU5ZGItNWFkOC00ZjNmLTk3YzIt
ZjM4YmNiZDkzMzkwLzEvU3JmY0EzaWZXR0liSmVqZERaSmR5UnRLV3FJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC84YTU5ZGItNWFkOC00ZjNmLTk3YzItZjM4YmNiZDkzMzkw
LzEvU3JmY0EzaWZXR0liSmVqZERaSmR5UnRLV3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr8owO8Ev
DG72QcrbhPTrh4qwG4+8hVvKF8vELt4diJjt4ZGjmk3JLQ2WeDU2lglj+rZFcbdC
qVSGBhRGqzGHRdBy32jtcZEj9gxCaBuc0exvOLeYKXkJUzBbk4rvpwrOvjcO2JKp
KwN7uOjAsE6ocxmY6SnO9trHYTY4ufQw2oTf/jpDVReGZaln+FUdT8NhLfV3bvk1
bAxVTQcjV5iN/p2pYYvVAluXGQU6NKtZNKywiRadL3gEMn0tIRLRdHQb5aR5IWOS
5t9xmCkxyzR5vUdv9dp99UQWE8oSqn3TRvvVOeO1uJHun9U0vw7Ar7LyeLQgpHJK
UISrBMoacNNnVw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:46:06 2026 by rpki-client