Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/918245-7b50-4952-a3a7-a45916955e6f/1/sXtEkEx2lKVAig0pcsOf8LGwPqU.mft
File: sXtEkEx2lKVAig0pcsOf8LGwPqU.mft (raw, json)
Hash identifier: kdf3E+OToZ704iovcJZCwecuF3+qD2cpfEwpm7sJaLc=
Subject key identifier: 9B:02:0B:3B:63:37:6E:97:7E:0A:BE:C4:5B:B2:40:E6:FB:C9:40:34
Authority key identifier: B1:7B:44:90:4C:76:94:A5:40:8A:0D:29:72:C3:9F:F0:B1:B0:3E:A5
Certificate issuer: /CN=b17b44904c7694a5408a0d2972c39ff0b1b03ea5
Certificate serial: 019CE6A4767921FEFB8F7980B94D0530B588
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sXtEkEx2lKVAig0pcsOf8LGwPqU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/918245-7b50-4952-a3a7-a45916955e6f/1/sXtEkEx2lKVAig0pcsOf8LGwPqU.mft
Manifest number: 10AF
Signing time: Fri 13 Mar 2026 10:01:03 +0000
Manifest this update: Fri 13 Mar 2026 10:01:03 +0000
Manifest next update: Sat 14 Mar 2026 10:01:03 +0000
Files and hashes: 1: _RUk9FpS67FmhL3-cjuZddAmpdk.roa (hash: B9UAAuPL9bMWFoRGXof1Klm+Lwvuj9esb9qSVPpnlxw=)
2: sXtEkEx2lKVAig0pcsOf8LGwPqU.crl (hash: RzBJwLSdOCjyDUcL35kr4utv0MUsYIcGEDtnMxenXFg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/918245-7b50-4952-a3a7-a45916955e6f/1/sXtEkEx2lKVAig0pcsOf8LGwPqU.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/918245-7b50-4952-a3a7-a45916955e6f/1/sXtEkEx2lKVAig0pcsOf8LGwPqU.mft
rsync://rpki.ripe.net/repository/DEFAULT/sXtEkEx2lKVAig0pcsOf8LGwPqU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e6:a4:76:79:21:fe:fb:8f:79:80:b9:4d:05:30:b5:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b17b44904c7694a5408a0d2972c39ff0b1b03ea5
Validity
Not Before: Mar 13 10:01:03 2026 GMT
Not After : Mar 14 10:01:03 2026 GMT
Subject: CN=9b020b3b63376e977e0abec45bb240e6fbc94034
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:90:f9:81:12:89:43:13:8c:07:e9:08:1b:4a:
ba:46:ad:04:14:8f:10:85:59:4d:16:07:fb:60:73:
66:56:7e:e8:b2:b8:aa:7f:d4:33:6b:3d:05:2a:7d:
70:6d:67:7e:f1:0e:67:2b:20:7c:09:07:22:c9:08:
45:e6:71:08:e5:93:a9:5a:6c:e4:11:46:e2:5b:b8:
50:cd:3f:b2:4f:af:02:e9:e2:ec:f4:99:9e:0e:70:
8c:91:b0:d0:51:a4:3b:69:b1:c3:74:34:13:f2:8a:
be:1d:f4:62:26:7a:d6:22:3b:67:eb:23:58:7d:7d:
ef:f3:1a:1c:54:95:63:c9:c1:f1:01:1f:91:c1:a1:
56:ce:10:f7:07:cf:ad:8e:e4:4d:ff:6a:d3:6d:c6:
bf:a2:20:e9:e6:e4:6a:08:d8:61:a9:52:2d:5b:23:
cd:f5:8f:ed:48:2c:a0:b0:a6:68:28:a6:45:65:60:
d9:78:b7:68:7c:2c:d8:e6:07:97:f5:dd:31:cc:25:
5b:1f:be:fb:a5:af:66:a7:d9:54:82:15:bd:f4:6b:
17:8c:2c:ec:ba:70:80:1f:ca:bc:9e:6a:a4:4f:36:
5f:f5:1e:1b:ad:8d:8e:67:80:f8:c2:cb:58:c0:e0:
cb:ef:b3:73:4e:9a:d0:28:a5:64:1d:31:f0:c9:73:
ba:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:02:0B:3B:63:37:6E:97:7E:0A:BE:C4:5B:B2:40:E6:FB:C9:40:34
X509v3 Authority Key Identifier:
keyid:B1:7B:44:90:4C:76:94:A5:40:8A:0D:29:72:C3:9F:F0:B1:B0:3E:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sXtEkEx2lKVAig0pcsOf8LGwPqU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/918245-7b50-4952-a3a7-a45916955e6f/1/sXtEkEx2lKVAig0pcsOf8LGwPqU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/918245-7b50-4952-a3a7-a45916955e6f/1/sXtEkEx2lKVAig0pcsOf8LGwPqU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6c:22:c2:42:b5:96:9e:96:c1:5b:4f:94:88:e6:1f:7d:50:ac:
9c:41:ed:81:42:07:06:14:2e:da:a6:54:5c:b7:88:89:ea:d7:
40:50:5b:15:71:b9:bc:a9:5c:5e:fa:e5:b1:eb:98:aa:70:6b:
be:87:8a:bc:b5:c8:6b:a7:03:bb:39:15:d7:2c:cf:ef:de:55:
2c:d4:d7:07:5b:93:b3:4b:6c:96:f3:b7:2c:37:77:71:34:85:
72:69:4b:d8:98:fd:ec:1f:97:c4:b9:3d:4b:4b:b6:d9:00:8f:
d3:1f:05:5a:9c:68:df:03:dc:dc:66:76:94:ca:e0:ee:a3:38:
6a:1b:e4:bb:9f:d5:44:2e:3e:d9:9e:c1:32:03:08:d5:5e:0e:
62:a9:70:8d:d9:7b:13:8a:e5:ae:14:b7:4d:4c:10:71:c2:28:
67:5a:b5:81:ca:a9:f7:77:11:da:eb:80:bf:de:f0:13:4f:5c:
89:89:80:14:7a:aa:30:96:b6:c8:2a:ec:01:93:08:b3:1a:7f:
49:3a:6e:a6:69:5c:58:91:89:f0:a3:3d:d2:4e:ed:ae:5f:e0:
86:b7:60:58:2a:ef:da:e8:94:d9:22:a3:f9:9f:47:50:72:87:
b4:74:8c:00:77:4a:5c:93:24:3a:c1:ca:fc:6a:15:6b:f7:be:
ad:8b:cd:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZzmpHZ5If77j3mAuU0FMLWIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxN2I0NDkwNGM3Njk0YTU0MDhhMGQyOTcyYzM5ZmYwYjFi
MDNlYTUwHhcNMjYwMzEzMTAwMTAzWhcNMjYwMzE0MTAwMTAzWjAzMTEwLwYDVQQD
Eyg5YjAyMGIzYjYzMzc2ZTk3N2UwYWJlYzQ1YmIyNDBlNmZiYzk0MDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJD5gRKJQxOMB+kIG0q6Rq0EFI8Q
hVlNFgf7YHNmVn7osriqf9Qzaz0FKn1wbWd+8Q5nKyB8CQciyQhF5nEI5ZOpWmzk
EUbiW7hQzT+yT68C6eLs9JmeDnCMkbDQUaQ7abHDdDQT8oq+HfRiJnrWIjtn6yNY
fX3v8xocVJVjycHxAR+RwaFWzhD3B8+tjuRN/2rTbca/oiDp5uRqCNhhqVItWyPN
9Y/tSCygsKZoKKZFZWDZeLdofCzY5geX9d0xzCVbH777pa9mp9lUghW99GsXjCzs
unCAH8q8nmqkTzZf9R4brY2OZ4D4wstYwODL77NzTprQKKVkHTHwyXO6VQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJsCCztjN26Xfgq+xFuyQOb7yUA0MB8GA1UdIwQY
MBaAFLF7RJBMdpSlQIoNKXLDn/CxsD6lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1h0RWtFeDJsS1ZBaWcwcGNzT2Y4TEd3UHFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC85MTgyNDUtN2I1MC00OTUyLWEzYTct
YTQ1OTE2OTU1ZTZmLzEvc1h0RWtFeDJsS1ZBaWcwcGNzT2Y4TEd3UHFVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC85MTgyNDUtN2I1MC00OTUyLWEzYTctYTQ1OTE2OTU1ZTZm
LzEvc1h0RWtFeDJsS1ZBaWcwcGNzT2Y4TEd3UHFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbCLCQrWW
npbBW0+UiOYffVCsnEHtgUIHBhQu2qZUXLeIierXQFBbFXG5vKlcXvrlseuYqnBr
voeKvLXIa6cDuzkV1yzP795VLNTXB1uTs0tslvO3LDd3cTSFcmlL2Jj97B+XxLk9
S0u22QCP0x8FWpxo3wPc3GZ2lMrg7qM4ahvku5/VRC4+2Z7BMgMI1V4OYqlwjdl7
E4rlrhS3TUwQccIoZ1q1gcqp93cR2uuAv97wE09ciYmAFHqqMJa2yCrsAZMIsxp/
STpupmlcWJGJ8KM90k7trl/ghrdgWCrv2uiU2SKj+Z9HUHKHtHSMAHdKXJMkOsHK
/GoVa/e+rYvNQQ==
-----END CERTIFICATE-----
Generated at Fri Mar 13 11:58:26 2026 by rpki-client