Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/1d0681-fe20-47a3-94df-5ee8721c1cfc/1/S21-pBAzg38IwoxHQphLgrj0Q98.mft
File: S21-pBAzg38IwoxHQphLgrj0Q98.mft (raw, json)
Hash identifier: P13/ok81x1SknNFC5E7pXTKQl8A61Vz8r2D6+B+9oHo=
Subject key identifier: 8B:6B:BE:EA:A5:40:36:3B:B6:F5:D7:CB:E6:FE:E0:6C:4E:84:BE:BE
Authority key identifier: 4B:6D:7E:A4:10:33:83:7F:08:C2:8C:47:42:98:4B:82:B8:F4:43:DF
Certificate issuer: /CN=4b6d7ea41033837f08c28c4742984b82b8f443df
Certificate serial: 019D371BBCF5E2BB38824E5591A0DCAAAD6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S21-pBAzg38IwoxHQphLgrj0Q98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/1d0681-fe20-47a3-94df-5ee8721c1cfc/1/S21-pBAzg38IwoxHQphLgrj0Q98.mft
Manifest number: 14BF
Signing time: Sun 29 Mar 2026 01:00:57 +0000
Manifest this update: Sun 29 Mar 2026 01:00:57 +0000
Manifest next update: Mon 30 Mar 2026 01:00:57 +0000
Files and hashes: 1: 4y1EBk6dbLscu7TuubVQpj3p-s8.roa (hash: TBvo1eP+imsTzppJhBpYDx8zDpINfxOs1/vehmwqpe0=)
2: S21-pBAzg38IwoxHQphLgrj0Q98.crl (hash: ZEsE13BASUS0ea/p9Alc16PrK/MoXEsCycCIfmQsxkg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/1d0681-fe20-47a3-94df-5ee8721c1cfc/1/S21-pBAzg38IwoxHQphLgrj0Q98.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/1d0681-fe20-47a3-94df-5ee8721c1cfc/1/S21-pBAzg38IwoxHQphLgrj0Q98.mft
rsync://rpki.ripe.net/repository/DEFAULT/S21-pBAzg38IwoxHQphLgrj0Q98.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 01:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:1b:bc:f5:e2:bb:38:82:4e:55:91:a0:dc:aa:ad:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b6d7ea41033837f08c28c4742984b82b8f443df
Validity
Not Before: Mar 29 01:00:57 2026 GMT
Not After : Mar 30 01:00:57 2026 GMT
Subject: CN=8b6bbeeaa540363bb6f5d7cbe6fee06c4e84bebe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:3b:d1:c8:aa:42:85:0a:15:8d:e6:f3:d0:58:
e8:4b:f8:ee:d0:90:ed:76:30:52:64:f3:0c:e0:2f:
62:fd:83:26:83:78:4d:6d:aa:79:2e:e8:65:f6:28:
2b:24:af:86:6f:ec:1b:c8:00:36:7c:63:08:a9:20:
9b:78:25:37:9e:4e:8f:3e:13:84:b6:37:b9:47:f3:
a8:57:4a:9f:35:cd:0e:79:8e:5c:9c:b1:a0:65:28:
b8:31:4f:db:8a:83:b7:64:9a:78:30:8b:31:2c:1e:
8c:2b:be:11:71:c8:a4:04:a8:fc:d1:27:fb:29:c8:
20:fb:34:fc:35:78:db:79:73:39:6d:39:13:5a:ae:
12:12:b7:5d:4f:d5:a1:c2:37:ea:2e:a7:1d:39:04:
12:ca:76:fc:fa:ae:7a:7c:38:a9:7a:71:2a:a8:c6:
b4:38:dc:9c:f0:2f:0b:2d:80:69:1e:15:27:2e:f5:
a8:ad:fe:bd:2b:1f:61:05:f2:e9:f7:3b:33:fd:dc:
80:97:93:b5:9e:0a:be:72:ed:04:54:de:64:50:d6:
b8:eb:40:fd:10:41:42:ff:3f:a7:3e:14:ff:4f:f3:
81:9f:c4:80:83:9c:e2:9a:e4:6e:ff:3c:40:f1:e5:
aa:e7:67:11:0e:78:3b:8e:ed:b9:97:52:6f:a0:f6:
ab:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:6B:BE:EA:A5:40:36:3B:B6:F5:D7:CB:E6:FE:E0:6C:4E:84:BE:BE
X509v3 Authority Key Identifier:
keyid:4B:6D:7E:A4:10:33:83:7F:08:C2:8C:47:42:98:4B:82:B8:F4:43:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S21-pBAzg38IwoxHQphLgrj0Q98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/1d0681-fe20-47a3-94df-5ee8721c1cfc/1/S21-pBAzg38IwoxHQphLgrj0Q98.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/1d0681-fe20-47a3-94df-5ee8721c1cfc/1/S21-pBAzg38IwoxHQphLgrj0Q98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8f:4d:74:ca:88:67:a4:fd:23:5e:eb:1e:72:a2:05:c8:4b:1d:
bd:f1:b7:27:30:b6:d3:b0:29:cf:1f:3f:40:c6:16:d1:e8:67:
c0:cf:e0:e2:38:0c:77:bf:e1:70:5a:40:af:7c:a1:7b:a7:1c:
4d:66:36:66:15:9d:e7:1a:89:dd:99:dd:2c:e8:2c:f2:5f:07:
b6:20:14:b5:50:b2:89:92:ff:fd:f6:af:35:42:c8:97:ac:1c:
55:88:75:6a:ca:95:32:6c:fd:21:1b:9e:a4:2f:14:cf:06:91:
93:f9:ab:bb:43:31:ba:bb:9d:fc:a2:f1:13:61:e5:b4:79:74:
2c:8e:38:43:83:aa:09:1f:ae:29:44:de:b1:19:74:f4:53:c0:
35:94:52:aa:d1:94:59:c2:36:8c:44:fe:20:32:9e:2e:65:ca:
21:f5:39:46:7a:3a:6f:c6:25:fb:71:60:d9:da:93:9e:65:dd:
ed:8e:23:db:2b:f6:30:7a:a8:dc:10:04:12:10:d0:1e:e6:e6:
10:eb:44:38:78:a4:cb:d6:43:f6:2b:0f:af:e6:1c:fd:01:7e:
c3:d4:f1:bc:c6:a3:ce:66:d8:1c:a3:d3:ad:de:98:70:0f:fd:
1a:7d:eb:05:77:60:2d:bf:33:b1:f8:04:e9:70:d6:9d:1a:32:
57:09:0b:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03G7z14rs4gk5VkaDcqq1uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNmQ3ZWE0MTAzMzgzN2YwOGMyOGM0NzQyOTg0YjgyYjhm
NDQzZGYwHhcNMjYwMzI5MDEwMDU3WhcNMjYwMzMwMDEwMDU3WjAzMTEwLwYDVQQD
Eyg4YjZiYmVlYWE1NDAzNjNiYjZmNWQ3Y2JlNmZlZTA2YzRlODRiZWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojvRyKpChQoVjebz0FjoS/ju0JDt
djBSZPMM4C9i/YMmg3hNbap5Luhl9igrJK+Gb+wbyAA2fGMIqSCbeCU3nk6PPhOE
tje5R/OoV0qfNc0OeY5cnLGgZSi4MU/bioO3ZJp4MIsxLB6MK74RccikBKj80Sf7
Kcgg+zT8NXjbeXM5bTkTWq4SErddT9WhwjfqLqcdOQQSynb8+q56fDipenEqqMa0
ONyc8C8LLYBpHhUnLvWorf69Kx9hBfLp9zsz/dyAl5O1ngq+cu0EVN5kUNa460D9
EEFC/z+nPhT/T/OBn8SAg5zimuRu/zxA8eWq52cRDng7ju25l1JvoParewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFItrvuqlQDY7tvXXy+b+4GxOhL6+MB8GA1UdIwQY
MBaAFEttfqQQM4N/CMKMR0KYS4K49EPfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzIxLXBCQXpnMzhJd294SFFwaExncmowUTk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8xZDA2ODEtZmUyMC00N2EzLTk0ZGYt
NWVlODcyMWMxY2ZjLzEvUzIxLXBCQXpnMzhJd294SFFwaExncmowUTk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8xZDA2ODEtZmUyMC00N2EzLTk0ZGYtNWVlODcyMWMxY2Zj
LzEvUzIxLXBCQXpnMzhJd294SFFwaExncmowUTk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj010yohn
pP0jXusecqIFyEsdvfG3JzC207Apzx8/QMYW0ehnwM/g4jgMd7/hcFpAr3yhe6cc
TWY2ZhWd5xqJ3ZndLOgs8l8HtiAUtVCyiZL//favNULIl6wcVYh1asqVMmz9IRue
pC8UzwaRk/mru0Mxurud/KLxE2HltHl0LI44Q4OqCR+uKUTesRl09FPANZRSqtGU
WcI2jET+IDKeLmXKIfU5Rno6b8Yl+3Fg2dqTnmXd7Y4j2yv2MHqo3BAEEhDQHubm
EOtEOHiky9ZD9isPr+Yc/QF+w9TxvMajzmbYHKPTrd6YcA/9Gn3rBXdgLb8zsfgE
6XDWnRoyVwkLfA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:29:16 2026 by rpki-client