Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/0f2eb8-9800-4621-b674-3b4d02a61ec2/1/roNVKZN0KXkz0oH1HrdLpcLJHME.mft
File: roNVKZN0KXkz0oH1HrdLpcLJHME.mft (raw, json)
Hash identifier: I2B4OhrYLSrRiFjUr1K3JiODIVjyAP8MhbPT2tjhCCs=
Subject key identifier: 97:F4:0E:74:C3:4C:FD:92:F9:F5:8D:6F:83:48:15:42:0B:0E:16:36
Authority key identifier: AE:83:55:29:93:74:29:79:33:D2:81:F5:1E:B7:4B:A5:C2:C9:1C:C1
Certificate issuer: /CN=ae8355299374297933d281f51eb74ba5c2c91cc1
Certificate serial: 019D37C001980222BD09BF79B01901DF7177
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/roNVKZN0KXkz0oH1HrdLpcLJHME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/0f2eb8-9800-4621-b674-3b4d02a61ec2/1/roNVKZN0KXkz0oH1HrdLpcLJHME.mft
Manifest number: 13E2
Signing time: Sun 29 Mar 2026 04:00:23 +0000
Manifest this update: Sun 29 Mar 2026 04:00:23 +0000
Manifest next update: Mon 30 Mar 2026 04:00:23 +0000
Files and hashes: 1: luvzxOrHEfm-oTNUE5I96OhB6uA.roa (hash: v1k8+jSnmhy9x9cDTWQEao/543k2k6aoV/oRZ1O120I=)
2: roNVKZN0KXkz0oH1HrdLpcLJHME.crl (hash: QTp2bfSonliI2ibj4FRMT4my4u2hnx85T2hDtjP2xww=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/0f2eb8-9800-4621-b674-3b4d02a61ec2/1/roNVKZN0KXkz0oH1HrdLpcLJHME.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/0f2eb8-9800-4621-b674-3b4d02a61ec2/1/roNVKZN0KXkz0oH1HrdLpcLJHME.mft
rsync://rpki.ripe.net/repository/DEFAULT/roNVKZN0KXkz0oH1HrdLpcLJHME.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:01:98:02:22:bd:09:bf:79:b0:19:01:df:71:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae8355299374297933d281f51eb74ba5c2c91cc1
Validity
Not Before: Mar 29 04:00:23 2026 GMT
Not After : Mar 30 04:00:23 2026 GMT
Subject: CN=97f40e74c34cfd92f9f58d6f834815420b0e1636
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:fb:b2:3c:0a:5e:08:8d:31:ad:77:5f:9c:49:
23:5d:cb:66:d4:61:80:54:c9:4f:2d:2c:a4:24:5f:
f8:6d:ad:c6:d4:4c:59:99:09:a7:6d:f2:94:12:62:
9f:3f:af:cf:f5:1b:05:34:66:cd:66:b4:f6:12:3b:
22:d9:b7:3f:08:f3:7d:9d:11:a5:55:b2:f9:06:d6:
92:74:d5:76:3b:52:71:9c:f3:e7:a0:50:a6:3a:54:
9e:80:21:9b:ac:2c:03:f4:f7:86:22:be:65:a3:ed:
fa:49:b5:4a:8a:1e:d1:9f:90:bf:f1:be:91:48:6b:
58:de:fe:6e:8b:3e:c8:3a:bf:53:db:b1:49:7a:25:
9c:82:a5:c6:96:ed:f4:d1:f2:06:24:75:44:4b:77:
a5:ed:81:b7:5f:5c:57:77:d4:eb:91:5e:8f:cc:01:
2c:51:20:e3:cd:92:d1:10:51:1d:01:86:c9:48:d0:
01:93:57:0f:d4:ee:17:11:c0:fe:4d:5e:a2:89:29:
cb:ad:bc:f7:06:72:8d:2c:55:85:5a:41:3e:ab:77:
ca:28:24:66:8d:07:54:10:8e:a9:f9:8b:9a:f9:a0:
07:33:8e:10:a2:36:9b:ea:61:88:8a:3f:17:25:0d:
e2:9e:07:89:30:6a:70:41:d4:eb:95:a9:32:2a:d0:
f8:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:F4:0E:74:C3:4C:FD:92:F9:F5:8D:6F:83:48:15:42:0B:0E:16:36
X509v3 Authority Key Identifier:
keyid:AE:83:55:29:93:74:29:79:33:D2:81:F5:1E:B7:4B:A5:C2:C9:1C:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/roNVKZN0KXkz0oH1HrdLpcLJHME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/0f2eb8-9800-4621-b674-3b4d02a61ec2/1/roNVKZN0KXkz0oH1HrdLpcLJHME.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/0f2eb8-9800-4621-b674-3b4d02a61ec2/1/roNVKZN0KXkz0oH1HrdLpcLJHME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
42:2b:af:4e:f7:aa:b9:e6:d3:28:62:f7:a9:23:60:07:f1:fe:
9c:0b:0b:41:b6:54:a0:40:5d:a3:8e:16:fa:0d:fd:10:2f:6f:
7e:91:76:16:87:98:a6:46:3d:15:2c:35:5b:fe:a4:09:7f:e4:
25:8b:cb:14:fa:f3:36:4f:09:7c:03:4f:56:c8:40:b9:b6:d5:
f1:2c:c3:cf:76:a4:1b:06:01:9e:c2:9d:da:91:b4:d7:6d:88:
8b:d8:74:2b:a9:44:27:83:88:3d:13:20:92:53:a8:e2:58:4f:
cb:79:94:fd:be:7c:1f:71:d2:66:98:a2:a6:48:3e:b1:73:c5:
18:ec:b3:f8:0b:15:f6:ce:45:26:05:fb:7b:23:cd:6a:2d:31:
1f:a1:21:cd:97:44:d8:b4:c2:a0:34:40:bf:d8:37:d5:d0:56:
f5:9b:d3:0f:e3:20:a0:87:fc:89:87:89:54:3a:9c:26:f6:94:
65:bb:b9:03:34:d6:2c:9c:23:e5:c8:85:00:05:36:20:c6:1b:
88:d3:71:60:24:43:21:03:40:e4:1b:ab:af:e5:a6:67:af:11:
52:12:c7:5b:dd:f7:b3:ac:57:7a:69:b2:0d:95:27:2e:f3:fd:
fa:11:c4:58:d8:0d:2d:cb:72:fe:8a:aa:80:30:38:e5:15:98:
59:2d:55:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wAGYAiK9Cb95sBkB33F3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlODM1NTI5OTM3NDI5NzkzM2QyODFmNTFlYjc0YmE1YzJj
OTFjYzEwHhcNMjYwMzI5MDQwMDIzWhcNMjYwMzMwMDQwMDIzWjAzMTEwLwYDVQQD
Eyg5N2Y0MGU3NGMzNGNmZDkyZjlmNThkNmY4MzQ4MTU0MjBiMGUxNjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/uyPApeCI0xrXdfnEkjXctm1GGA
VMlPLSykJF/4ba3G1ExZmQmnbfKUEmKfP6/P9RsFNGbNZrT2Ejsi2bc/CPN9nRGl
VbL5BtaSdNV2O1JxnPPnoFCmOlSegCGbrCwD9PeGIr5lo+36SbVKih7Rn5C/8b6R
SGtY3v5uiz7IOr9T27FJeiWcgqXGlu300fIGJHVES3el7YG3X1xXd9TrkV6PzAEs
USDjzZLREFEdAYbJSNABk1cP1O4XEcD+TV6iiSnLrbz3BnKNLFWFWkE+q3fKKCRm
jQdUEI6p+Yua+aAHM44Qojab6mGIij8XJQ3ingeJMGpwQdTrlakyKtD4vwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJf0DnTDTP2S+fWNb4NIFUILDhY2MB8GA1UdIwQY
MBaAFK6DVSmTdCl5M9KB9R63S6XCyRzBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm9OVktaTjBLWGt6MG9IMUhyZExwY0xKSE1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8wZjJlYjgtOTgwMC00NjIxLWI2NzQt
M2I0ZDAyYTYxZWMyLzEvcm9OVktaTjBLWGt6MG9IMUhyZExwY0xKSE1FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8wZjJlYjgtOTgwMC00NjIxLWI2NzQtM2I0ZDAyYTYxZWMy
LzEvcm9OVktaTjBLWGt6MG9IMUhyZExwY0xKSE1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQiuvTveq
uebTKGL3qSNgB/H+nAsLQbZUoEBdo44W+g39EC9vfpF2FoeYpkY9FSw1W/6kCX/k
JYvLFPrzNk8JfANPVshAubbV8SzDz3akGwYBnsKd2pG0122Ii9h0K6lEJ4OIPRMg
klOo4lhPy3mU/b58H3HSZpiipkg+sXPFGOyz+AsV9s5FJgX7eyPNai0xH6EhzZdE
2LTCoDRAv9g31dBW9ZvTD+MgoIf8iYeJVDqcJvaUZbu5AzTWLJwj5ciFAAU2IMYb
iNNxYCRDIQNA5Burr+WmZ68RUhLHW933s6xXemmyDZUnLvP9+hHEWNgNLcty/oqq
gDA45RWYWS1Vhg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:52:27 2026 by rpki-client