Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/9700c8-f9ab-42a7-b1fa-e68a08d9e54f/1/SFk-QNpaUvMi21oEwg-0htThVQI.mft
File: SFk-QNpaUvMi21oEwg-0htThVQI.mft (raw, json)
Hash identifier: ZuDBwC1rHfO91j4VwBRgfPybkAOve+Ua2791cPVWITk=
Subject key identifier: B5:43:CB:84:A2:59:9D:E1:3E:B4:EB:CF:75:C3:C1:7E:F3:EE:DB:E3
Authority key identifier: 48:59:3E:40:DA:5A:52:F3:22:DB:5A:04:C2:0F:B4:86:D4:E1:55:02
Certificate issuer: /CN=48593e40da5a52f322db5a04c20fb486d4e15502
Certificate serial: 019D3940B665409DBBA4FE2ACD1C0A186DC1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SFk-QNpaUvMi21oEwg-0htThVQI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/9700c8-f9ab-42a7-b1fa-e68a08d9e54f/1/SFk-QNpaUvMi21oEwg-0htThVQI.mft
Manifest number: 154B
Signing time: Sun 29 Mar 2026 11:00:35 +0000
Manifest this update: Sun 29 Mar 2026 11:00:35 +0000
Manifest next update: Mon 30 Mar 2026 11:00:35 +0000
Files and hashes: 1: SFk-QNpaUvMi21oEwg-0htThVQI.crl (hash: VIsJflQj/AAPKdtvzvA9z9odYAuVNy45KjDcwBkSKoY=)
2: VFzP0FGh0SQzSyAC9MEO9bnaqZU.roa (hash: DwjrXgZVVBQjvwjFMKe9t4mZj6kib5GRnctDIksFE5w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/9700c8-f9ab-42a7-b1fa-e68a08d9e54f/1/SFk-QNpaUvMi21oEwg-0htThVQI.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/9700c8-f9ab-42a7-b1fa-e68a08d9e54f/1/SFk-QNpaUvMi21oEwg-0htThVQI.mft
rsync://rpki.ripe.net/repository/DEFAULT/SFk-QNpaUvMi21oEwg-0htThVQI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 08:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:40:b6:65:40:9d:bb:a4:fe:2a:cd:1c:0a:18:6d:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48593e40da5a52f322db5a04c20fb486d4e15502
Validity
Not Before: Mar 29 11:00:35 2026 GMT
Not After : Mar 30 11:00:35 2026 GMT
Subject: CN=b543cb84a2599de13eb4ebcf75c3c17ef3eedbe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:bc:d7:ab:c3:bb:29:b2:4b:d0:bb:95:bc:c2:
d5:7a:07:1b:1e:50:68:3f:ae:49:04:b6:8a:7a:68:
9e:37:f4:0c:67:52:ec:a4:d5:22:49:10:d3:25:28:
e2:2f:70:d2:7e:2f:72:43:f3:71:54:9a:1e:c1:8a:
ac:3b:32:bd:65:ad:60:07:d8:07:23:9d:de:97:a9:
9f:20:8b:8a:2b:bd:1f:6e:c0:3b:73:46:96:1e:d6:
16:1d:7e:ce:87:5d:ca:56:d0:9c:13:85:b7:24:6b:
3a:f8:e8:47:ea:21:ab:57:e3:f9:6e:5c:a2:f9:52:
19:90:dd:46:7a:bf:64:56:62:90:1d:ce:69:4b:a2:
c1:ca:e1:ec:d4:00:36:4d:bc:89:68:99:b9:59:27:
70:a5:53:0b:74:a5:1e:4a:87:8b:82:b8:e4:ee:1b:
fb:e0:67:68:df:bb:1d:50:79:58:c9:79:32:d9:12:
5e:72:b2:f1:85:6c:92:84:e4:2c:9f:63:81:d9:ca:
39:b9:4d:18:1b:13:43:7f:5b:b9:2e:08:e6:06:21:
20:09:f8:9c:77:60:66:2e:b5:87:15:75:f5:5e:09:
63:3f:1e:82:44:cb:11:28:92:fc:57:ba:ac:65:5e:
60:b0:67:ca:91:b3:bf:77:4a:7e:09:c6:c3:7f:a6:
8d:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:43:CB:84:A2:59:9D:E1:3E:B4:EB:CF:75:C3:C1:7E:F3:EE:DB:E3
X509v3 Authority Key Identifier:
keyid:48:59:3E:40:DA:5A:52:F3:22:DB:5A:04:C2:0F:B4:86:D4:E1:55:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SFk-QNpaUvMi21oEwg-0htThVQI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/9700c8-f9ab-42a7-b1fa-e68a08d9e54f/1/SFk-QNpaUvMi21oEwg-0htThVQI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/9700c8-f9ab-42a7-b1fa-e68a08d9e54f/1/SFk-QNpaUvMi21oEwg-0htThVQI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3b:40:e0:3b:1e:03:85:a2:59:f4:f9:a2:f9:77:b9:ac:61:23:
ea:dd:44:56:d2:7a:9c:78:c2:fd:f6:e8:b2:88:f3:34:04:54:
42:65:89:92:17:36:8d:61:90:e7:de:90:39:73:5e:6d:7a:a7:
29:8e:1c:7e:48:65:57:80:23:f1:ad:83:5d:c2:6a:d1:bd:6e:
92:6a:b7:b2:e4:93:96:93:d5:0b:29:f8:8c:5a:e7:55:8e:75:
04:d3:1b:06:55:bf:43:d5:5c:63:a6:7b:5e:8e:86:7b:6f:62:
ac:71:0f:8a:61:ad:f7:41:bc:1c:00:14:f1:bf:38:92:b3:d8:
09:11:7a:02:fd:2b:3c:2d:24:0d:ef:4d:71:2b:61:34:84:59:
02:d6:18:02:0c:57:29:d9:69:05:c0:2b:90:ee:1b:d7:dd:70:
80:70:18:52:5f:cd:79:5c:23:32:35:bb:e5:99:d6:2b:5d:ad:
16:72:85:52:11:49:f4:04:84:a9:46:08:d3:9a:2a:84:7f:8a:
f6:81:54:47:59:ea:9c:9e:22:94:2f:30:f7:41:e8:39:21:34:
b0:3b:f2:c1:d5:97:62:18:ef:d3:16:03:fc:03:7d:57:9a:78:
4b:a7:9b:99:38:a4:1b:25:a8:00:d5:db:74:7d:17:ab:37:f1:
b3:56:fc:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QLZlQJ27pP4qzRwKGG3BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NTkzZTQwZGE1YTUyZjMyMmRiNWEwNGMyMGZiNDg2ZDRl
MTU1MDIwHhcNMjYwMzI5MTEwMDM1WhcNMjYwMzMwMTEwMDM1WjAzMTEwLwYDVQQD
EyhiNTQzY2I4NGEyNTk5ZGUxM2ViNGViY2Y3NWMzYzE3ZWYzZWVkYmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3rzXq8O7KbJL0LuVvMLVegcbHlBo
P65JBLaKemieN/QMZ1LspNUiSRDTJSjiL3DSfi9yQ/NxVJoewYqsOzK9Za1gB9gH
I53el6mfIIuKK70fbsA7c0aWHtYWHX7Oh13KVtCcE4W3JGs6+OhH6iGrV+P5blyi
+VIZkN1Ger9kVmKQHc5pS6LByuHs1AA2TbyJaJm5WSdwpVMLdKUeSoeLgrjk7hv7
4Gdo37sdUHlYyXky2RJecrLxhWyShOQsn2OB2co5uU0YGxNDf1u5LgjmBiEgCfic
d2BmLrWHFXX1XgljPx6CRMsRKJL8V7qsZV5gsGfKkbO/d0p+CcbDf6aNeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLVDy4SiWZ3hPrTrz3XDwX7z7tvjMB8GA1UdIwQY
MBaAFEhZPkDaWlLzIttaBMIPtIbU4VUCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0ZrLVFOcGFVdk1pMjFvRXdnLTBodFRoVlFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi85NzAwYzgtZjlhYi00MmE3LWIxZmEt
ZTY4YTA4ZDllNTRmLzEvU0ZrLVFOcGFVdk1pMjFvRXdnLTBodFRoVlFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi85NzAwYzgtZjlhYi00MmE3LWIxZmEtZTY4YTA4ZDllNTRm
LzEvU0ZrLVFOcGFVdk1pMjFvRXdnLTBodFRoVlFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO0DgOx4D
haJZ9Pmi+Xe5rGEj6t1EVtJ6nHjC/fbosojzNARUQmWJkhc2jWGQ596QOXNebXqn
KY4cfkhlV4Aj8a2DXcJq0b1ukmq3suSTlpPVCyn4jFrnVY51BNMbBlW/Q9VcY6Z7
Xo6Ge29irHEPimGt90G8HAAU8b84krPYCRF6Av0rPC0kDe9NcSthNIRZAtYYAgxX
KdlpBcArkO4b191wgHAYUl/NeVwjMjW75ZnWK12tFnKFUhFJ9ASEqUYI05oqhH+K
9oFUR1nqnJ4ilC8w90HoOSE0sDvywdWXYhjv0xYD/AN9V5p4S6ebmTikGyWoANXb
dH0Xqzfxs1b8xw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 18:35:52 2026 by rpki-client