Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
File: StFxca6oV2xDHGN0GGkcnB9VdRY.mft (raw, json)
Hash identifier: +emGkQlqXeD29wJ6cFTP2SKx21j4aeQP91tudyc09NU=
Subject key identifier: 9E:BC:5E:33:07:11:57:68:44:6E:4A:CA:81:FA:D2:D0:22:46:2A:94
Authority key identifier: 4A:D1:71:71:AE:A8:57:6C:43:1C:63:74:18:69:1C:9C:1F:55:75:16
Certificate issuer: /CN=4ad17171aea8576c431c637418691c9c1f557516
Certificate serial: 019D37F714A4E41DE599241AC4081ED97A44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/StFxca6oV2xDHGN0GGkcnB9VdRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
Manifest number: 153C
Signing time: Sun 29 Mar 2026 05:00:32 +0000
Manifest this update: Sun 29 Mar 2026 05:00:32 +0000
Manifest next update: Mon 30 Mar 2026 05:00:32 +0000
Files and hashes: 1: StFxca6oV2xDHGN0GGkcnB9VdRY.crl (hash: aWMbMlB8co1NZgP3VWAW9sbBSERZhpY6Qk0U7+EX+cY=)
2: YW79Yef_XcQH-yQeSEH6dsBEV58.roa (hash: OnfUE3JgvIAolLyP0DJV9UMqit9OdFdesv9RsZ2Z4TI=)
3: qHkKc6qThO5LVCCZnqTx59tVQVQ.roa (hash: hYX8MCTn1ruNTten5OGMYptvMIuzTBWfYXGAUvW3g24=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
rsync://rpki.ripe.net/repository/DEFAULT/StFxca6oV2xDHGN0GGkcnB9VdRY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 05:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:f7:14:a4:e4:1d:e5:99:24:1a:c4:08:1e:d9:7a:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ad17171aea8576c431c637418691c9c1f557516
Validity
Not Before: Mar 29 05:00:32 2026 GMT
Not After : Mar 30 05:00:32 2026 GMT
Subject: CN=9ebc5e3307115768446e4aca81fad2d022462a94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:fa:0a:11:6e:64:1d:a8:83:29:b0:8f:82:bd:
6e:c2:dd:27:89:3e:68:be:57:76:21:54:28:d8:c5:
d4:b3:6b:cb:e4:ae:c4:55:d1:a0:f3:2d:90:6b:f7:
a8:e4:0f:bc:d0:99:70:cf:99:bd:93:4e:67:97:03:
17:cf:46:73:67:43:19:c0:cf:8e:0c:7c:36:26:d5:
47:28:49:d7:07:72:64:1f:82:98:9e:d1:fd:2e:96:
b8:38:71:c1:a3:5e:81:ba:54:45:22:20:ed:48:f4:
27:ef:15:f8:2e:5a:f7:63:cc:b9:e0:ae:6b:75:b3:
50:d9:a9:b1:8c:b6:56:ff:89:7c:f9:fa:6c:0f:77:
31:d5:b8:53:bc:78:f5:f2:57:e2:c4:56:94:8b:ef:
10:6b:b1:16:df:c8:c2:58:04:31:2a:1c:99:13:4d:
78:ca:fc:46:44:93:de:9d:3a:e3:b9:01:8e:54:8a:
ac:78:be:3e:80:5e:93:d3:4e:44:44:21:d9:d6:ba:
8a:46:fb:d8:73:dd:cc:c4:80:6e:3d:e7:05:7e:28:
b2:d5:38:db:4d:ea:06:c0:6b:a8:11:e7:93:73:fc:
9c:bf:5f:87:6b:e1:70:90:4f:ab:1b:d9:5d:c3:cf:
bb:60:24:25:65:77:65:e3:ab:04:5a:37:35:81:4c:
70:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:BC:5E:33:07:11:57:68:44:6E:4A:CA:81:FA:D2:D0:22:46:2A:94
X509v3 Authority Key Identifier:
keyid:4A:D1:71:71:AE:A8:57:6C:43:1C:63:74:18:69:1C:9C:1F:55:75:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/StFxca6oV2xDHGN0GGkcnB9VdRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:49:82:0c:54:ad:d5:7d:44:04:50:82:f2:2b:6c:ed:b1:6a:
9b:47:bb:d0:f7:d6:6e:b6:1d:8d:c6:b1:09:05:a6:01:24:ae:
d1:88:30:2f:ff:ea:23:5d:79:d8:a9:a6:29:61:d9:60:13:73:
d3:d2:06:91:53:ef:cb:52:83:be:30:af:59:3d:65:9c:b7:75:
78:98:5f:af:0a:73:a4:03:0d:0a:c8:0e:1a:92:11:0b:8e:c6:
11:c9:9e:c3:c1:13:8c:bc:64:98:d5:0b:40:06:87:99:49:d7:
18:cd:dc:27:1b:48:ae:ba:db:29:81:80:f3:a7:da:9f:4c:33:
ad:91:7c:38:45:89:af:55:99:38:3f:5d:f7:c3:90:71:22:8c:
49:e4:40:dc:02:95:0d:0e:b7:b9:72:23:c4:e6:4d:ed:d8:76:
81:04:87:21:ca:e4:c3:c3:27:dc:fe:50:5c:70:f4:88:7d:71:
61:27:b4:1c:43:6f:6c:09:6f:91:81:fe:6d:5b:c6:cf:df:64:
d0:b6:a0:10:c6:fb:92:aa:4f:a8:f8:3d:4d:c2:61:ba:8d:d3:
de:58:db:1e:fc:08:e0:28:06:aa:31:af:9c:85:b5:dd:bd:64:
8f:80:5f:6a:64:8e:a0:ac:96:ca:6e:d1:93:a5:4f:74:22:24:
66:b2:4a:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ039xSk5B3lmSQaxAge2XpEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZDE3MTcxYWVhODU3NmM0MzFjNjM3NDE4NjkxYzljMWY1
NTc1MTYwHhcNMjYwMzI5MDUwMDMyWhcNMjYwMzMwMDUwMDMyWjAzMTEwLwYDVQQD
Eyg5ZWJjNWUzMzA3MTE1NzY4NDQ2ZTRhY2E4MWZhZDJkMDIyNDYyYTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/oKEW5kHaiDKbCPgr1uwt0niT5o
vld2IVQo2MXUs2vL5K7EVdGg8y2Qa/eo5A+80Jlwz5m9k05nlwMXz0ZzZ0MZwM+O
DHw2JtVHKEnXB3JkH4KYntH9Lpa4OHHBo16BulRFIiDtSPQn7xX4Llr3Y8y54K5r
dbNQ2amxjLZW/4l8+fpsD3cx1bhTvHj18lfixFaUi+8Qa7EW38jCWAQxKhyZE014
yvxGRJPenTrjuQGOVIqseL4+gF6T005ERCHZ1rqKRvvYc93MxIBuPecFfiiy1Tjb
TeoGwGuoEeeTc/ycv1+Ha+FwkE+rG9ldw8+7YCQlZXdl46sEWjc1gUxwrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ68XjMHEVdoRG5KyoH60tAiRiqUMB8GA1UdIwQY
MBaAFErRcXGuqFdsQxxjdBhpHJwfVXUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3RGeGNhNm9WMnhESEdOMEdHa2NuQjlWZFJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81YTNjZDEtODEwOS00YzY2LTgzMjQt
NDgyOGQ2NTEwNGUxLzEvU3RGeGNhNm9WMnhESEdOMEdHa2NuQjlWZFJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81YTNjZDEtODEwOS00YzY2LTgzMjQtNDgyOGQ2NTEwNGUx
LzEvU3RGeGNhNm9WMnhESEdOMEdHa2NuQjlWZFJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN0mCDFSt
1X1EBFCC8its7bFqm0e70PfWbrYdjcaxCQWmASSu0YgwL//qI1152KmmKWHZYBNz
09IGkVPvy1KDvjCvWT1lnLd1eJhfrwpzpAMNCsgOGpIRC47GEcmew8ETjLxkmNUL
QAaHmUnXGM3cJxtIrrrbKYGA86fan0wzrZF8OEWJr1WZOD9d98OQcSKMSeRA3AKV
DQ63uXIjxOZN7dh2gQSHIcrkw8Mn3P5QXHD0iH1xYSe0HENvbAlvkYH+bVvGz99k
0LagEMb7kqpPqPg9TcJhuo3T3ljbHvwI4CgGqjGvnIW13b1kj4BfamSOoKyWym7R
k6VPdCIkZrJKcw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:34:48 2026 by rpki-client