Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/bd680c-4a50-4f52-98f8-4bae62896c4f/1/rIt3HiV7ryfdoQoIq1iybPj3Xgk.mft
File: rIt3HiV7ryfdoQoIq1iybPj3Xgk.mft (raw, json)
Hash identifier: SOmEySXGgqjXb1kcDbnnsEGwL9Rblfw4zZ3xWPbZ+4Q=
Subject key identifier: 2E:2B:9C:06:0F:1C:8D:4D:DE:2C:1C:B6:E5:16:D7:6C:A4:BF:30:FA
Authority key identifier: AC:8B:77:1E:25:7B:AF:27:DD:A1:0A:08:AB:58:B2:6C:F8:F7:5E:09
Certificate issuer: /CN=ac8b771e257baf27dda10a08ab58b26cf8f75e09
Certificate serial: 019D38D2D5D273B57633EA88C88F1B11C44B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rIt3HiV7ryfdoQoIq1iybPj3Xgk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/bd680c-4a50-4f52-98f8-4bae62896c4f/1/rIt3HiV7ryfdoQoIq1iybPj3Xgk.mft
Manifest number: 1D
Signing time: Sun 29 Mar 2026 09:00:34 +0000
Manifest this update: Sun 29 Mar 2026 09:00:34 +0000
Manifest next update: Mon 30 Mar 2026 09:00:34 +0000
Files and hashes: 1: rIt3HiV7ryfdoQoIq1iybPj3Xgk.crl (hash: J/NH85SFcoaF8tZGgP5+idRy9Zz0Ht2b95wkdkWt50U=)
2: rcclP2fW2M9d6FzhFGpcIug6Slw.roa (hash: Ah4o3LwYLB7WSaBBzcrCq3rn0s5Unn57tKa0V6nN2u0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/bd680c-4a50-4f52-98f8-4bae62896c4f/1/rIt3HiV7ryfdoQoIq1iybPj3Xgk.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/bd680c-4a50-4f52-98f8-4bae62896c4f/1/rIt3HiV7ryfdoQoIq1iybPj3Xgk.mft
rsync://rpki.ripe.net/repository/DEFAULT/rIt3HiV7ryfdoQoIq1iybPj3Xgk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d2:d5:d2:73:b5:76:33:ea:88:c8:8f:1b:11:c4:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac8b771e257baf27dda10a08ab58b26cf8f75e09
Validity
Not Before: Mar 29 09:00:34 2026 GMT
Not After : Mar 30 09:00:34 2026 GMT
Subject: CN=2e2b9c060f1c8d4dde2c1cb6e516d76ca4bf30fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:57:cb:85:bc:ad:bd:80:c4:9b:1f:3e:2f:c1:
1b:2b:8c:5b:82:42:b2:d8:c6:68:4d:57:dc:11:e5:
de:6d:af:9d:28:a7:d2:3e:4e:8f:e8:b6:aa:ee:45:
a6:6d:fa:77:34:2f:e3:20:a1:7d:a6:f2:71:64:a3:
ec:0d:56:b4:fc:bf:e4:37:b9:2b:2d:f7:66:4d:78:
51:20:0b:59:dd:90:04:43:8f:c8:e3:68:04:a5:3f:
9f:13:35:41:ea:7e:ef:af:f3:1e:4e:6a:20:8c:8b:
11:bb:fb:82:1c:18:e9:03:7c:95:17:46:3c:04:2d:
0b:28:74:7c:b2:20:fa:79:10:1f:ce:56:3b:39:55:
71:6e:95:76:7c:21:cf:27:a8:5d:71:b1:5e:d5:5c:
96:1e:1e:6f:21:d3:9c:29:61:a6:d1:c4:d0:b7:fb:
e2:d4:73:3d:ce:0b:9c:7c:c2:29:0a:dd:a8:1c:b2:
88:72:12:e1:c5:1c:f6:78:84:96:db:4c:02:19:83:
d7:6d:64:9a:4a:5c:00:74:f4:36:ca:5e:a2:e9:7a:
29:64:df:4e:98:96:0e:45:74:05:84:a8:57:b7:a7:
9c:38:88:36:12:b8:66:58:b6:77:6a:d6:95:38:97:
82:ea:67:41:83:27:02:1c:71:54:9b:c2:c4:41:ab:
a3:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:2B:9C:06:0F:1C:8D:4D:DE:2C:1C:B6:E5:16:D7:6C:A4:BF:30:FA
X509v3 Authority Key Identifier:
keyid:AC:8B:77:1E:25:7B:AF:27:DD:A1:0A:08:AB:58:B2:6C:F8:F7:5E:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rIt3HiV7ryfdoQoIq1iybPj3Xgk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/bd680c-4a50-4f52-98f8-4bae62896c4f/1/rIt3HiV7ryfdoQoIq1iybPj3Xgk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/bd680c-4a50-4f52-98f8-4bae62896c4f/1/rIt3HiV7ryfdoQoIq1iybPj3Xgk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4d:20:a9:61:ef:1b:7e:02:a8:bd:5c:7f:c0:9c:32:0a:38:f1:
e1:96:87:87:c3:98:fd:ef:93:f3:b6:16:94:f1:81:80:0c:d0:
5d:d4:0a:96:3c:cd:85:49:6f:00:5f:f0:bb:ba:87:20:07:74:
07:d5:b8:3a:18:02:ef:8d:2d:69:9b:3a:ac:6e:80:bf:3a:e5:
bd:b8:41:50:d5:e7:c3:8e:8e:c0:f5:e1:78:d3:ab:2b:fe:e4:
ed:e5:18:c2:f8:bd:93:6b:74:8a:ba:28:b8:1d:99:82:7c:82:
bf:4b:53:67:57:48:19:73:f6:7b:02:68:27:0b:7d:6c:d4:4c:
95:24:73:0b:48:17:46:f1:a3:09:17:f6:de:0a:55:9c:59:91:
01:55:65:5c:bf:0e:5d:48:d9:e4:af:49:b7:0b:0c:b6:d1:14:
79:86:b5:15:a1:5b:31:55:a9:18:22:fb:60:ba:a2:8e:7f:60:
81:fc:f3:a0:05:17:e5:e5:5a:23:e3:f8:8c:6d:3d:89:16:6e:
c5:4f:a0:53:55:a5:08:95:28:9d:e3:4a:6b:08:ec:67:39:9a:
63:22:34:95:95:7d:52:4a:43:00:62:f2:ca:f4:d5:c3:8d:26:
4e:2b:f7:78:28:71:36:b2:86:ea:14:fc:30:0c:a7:86:05:78:
92:d7:90:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040tXSc7V2M+qIyI8bEcRLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOGI3NzFlMjU3YmFmMjdkZGExMGEwOGFiNThiMjZjZjhm
NzVlMDkwHhcNMjYwMzI5MDkwMDM0WhcNMjYwMzMwMDkwMDM0WjAzMTEwLwYDVQQD
EygyZTJiOWMwNjBmMWM4ZDRkZGUyYzFjYjZlNTE2ZDc2Y2E0YmYzMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplfLhbytvYDEmx8+L8EbK4xbgkKy
2MZoTVfcEeXeba+dKKfSPk6P6Laq7kWmbfp3NC/jIKF9pvJxZKPsDVa0/L/kN7kr
LfdmTXhRIAtZ3ZAEQ4/I42gEpT+fEzVB6n7vr/MeTmogjIsRu/uCHBjpA3yVF0Y8
BC0LKHR8siD6eRAfzlY7OVVxbpV2fCHPJ6hdcbFe1VyWHh5vIdOcKWGm0cTQt/vi
1HM9zgucfMIpCt2oHLKIchLhxRz2eISW20wCGYPXbWSaSlwAdPQ2yl6i6XopZN9O
mJYORXQFhKhXt6ecOIg2ErhmWLZ3ataVOJeC6mdBgycCHHFUm8LEQaujBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC4rnAYPHI1N3iwctuUW12ykvzD6MB8GA1UdIwQY
MBaAFKyLdx4le68n3aEKCKtYsmz4914JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckl0M0hpVjdyeWZkb1FvSXExaXliUGozWGdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9iZDY4MGMtNGE1MC00ZjUyLTk4Zjgt
NGJhZTYyODk2YzRmLzEvckl0M0hpVjdyeWZkb1FvSXExaXliUGozWGdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9iZDY4MGMtNGE1MC00ZjUyLTk4ZjgtNGJhZTYyODk2YzRm
LzEvckl0M0hpVjdyeWZkb1FvSXExaXliUGozWGdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATSCpYe8b
fgKovVx/wJwyCjjx4ZaHh8OY/e+T87YWlPGBgAzQXdQKljzNhUlvAF/wu7qHIAd0
B9W4OhgC740taZs6rG6AvzrlvbhBUNXnw46OwPXheNOrK/7k7eUYwvi9k2t0iroo
uB2ZgnyCv0tTZ1dIGXP2ewJoJwt9bNRMlSRzC0gXRvGjCRf23gpVnFmRAVVlXL8O
XUjZ5K9JtwsMttEUeYa1FaFbMVWpGCL7YLqijn9ggfzzoAUX5eVaI+P4jG09iRZu
xU+gU1WlCJUoneNKawjsZzmaYyI0lZV9UkpDAGLyyvTVw40mTiv3eChxNrKG6hT8
MAynhgV4kteQBw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:38:54 2026 by rpki-client