Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/bff1c3-0084-42bb-bcf7-2cb8877fd970/1/t1ELZRv73wnISGqBNiAABb77SX0.mft
File: t1ELZRv73wnISGqBNiAABb77SX0.mft (raw, json)
Hash identifier: Wm7oOzEndhDBDE1WO0Y0TBcTNow4ED8gDlB0znxliUM=
Subject key identifier: 9B:3E:C1:3A:05:83:18:38:00:88:EF:63:64:F3:BC:C0:42:1B:F5:F2
Authority key identifier: B7:51:0B:65:1B:FB:DF:09:C8:48:6A:81:36:20:00:05:BE:FB:49:7D
Certificate issuer: /CN=b7510b651bfbdf09c8486a8136200005befb497d
Certificate serial: 019D38D2DDFFEF3AAA4DE65D837CE0798D5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t1ELZRv73wnISGqBNiAABb77SX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/bff1c3-0084-42bb-bcf7-2cb8877fd970/1/t1ELZRv73wnISGqBNiAABb77SX0.mft
Manifest number: 0F0F
Signing time: Sun 29 Mar 2026 09:00:36 +0000
Manifest this update: Sun 29 Mar 2026 09:00:36 +0000
Manifest next update: Mon 30 Mar 2026 09:00:36 +0000
Files and hashes: 1: eXDqAVaIQyjrBekMkhiLLXazNGo.roa (hash: mx0bQziTxDdXw4zJxmPWo837bOwGLkOKhTyelVbdF1g=)
2: t1ELZRv73wnISGqBNiAABb77SX0.crl (hash: azQ0MRdPPvgvS3roFrvGRILJiANCsKjc7eRRkR8+Ts0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/bff1c3-0084-42bb-bcf7-2cb8877fd970/1/t1ELZRv73wnISGqBNiAABb77SX0.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/bff1c3-0084-42bb-bcf7-2cb8877fd970/1/t1ELZRv73wnISGqBNiAABb77SX0.mft
rsync://rpki.ripe.net/repository/DEFAULT/t1ELZRv73wnISGqBNiAABb77SX0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d2:dd:ff:ef:3a:aa:4d:e6:5d:83:7c:e0:79:8d:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7510b651bfbdf09c8486a8136200005befb497d
Validity
Not Before: Mar 29 09:00:36 2026 GMT
Not After : Mar 30 09:00:36 2026 GMT
Subject: CN=9b3ec13a058318380088ef6364f3bcc0421bf5f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:97:f9:97:b9:31:df:82:f0:3f:4d:b8:2f:be:
31:13:17:f2:7b:35:c6:e0:73:ee:5f:a1:dc:0c:a4:
ba:81:2e:e9:41:d0:dc:e8:db:a2:6c:88:a6:ef:19:
4b:d2:2d:e3:17:fa:a6:80:56:94:47:b0:a5:8f:7f:
6c:47:66:8b:84:3e:90:af:1b:1c:b6:c4:3a:a6:3c:
4c:7a:a8:6e:cd:91:94:9f:7e:1b:5c:5a:b7:95:fc:
32:92:7b:ca:ed:08:70:68:c4:45:4b:52:f4:0f:a5:
6c:e5:c3:74:f3:8f:c2:b7:a0:91:db:e9:a6:cd:4c:
d8:43:83:04:10:a0:d0:04:10:2c:55:2e:3c:48:fd:
92:db:37:a0:22:cf:0e:53:d8:0a:81:50:d2:58:ba:
ee:2c:32:7d:fc:44:18:5c:d9:85:62:68:e0:05:2a:
b9:73:7f:30:13:93:83:1e:34:e1:96:ad:10:fb:1a:
a8:02:4a:78:9d:f3:ec:2e:aa:7c:dd:49:da:77:51:
79:d9:d9:54:fe:fd:d9:80:eb:6e:cb:17:95:a7:cf:
4a:a2:4b:db:a4:19:df:62:16:ee:95:96:7f:19:e5:
26:1d:36:e6:c9:7b:98:37:8b:c4:48:2a:62:f7:0c:
3f:80:31:cb:9f:93:eb:1f:a2:26:52:d0:17:64:2b:
dc:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:3E:C1:3A:05:83:18:38:00:88:EF:63:64:F3:BC:C0:42:1B:F5:F2
X509v3 Authority Key Identifier:
keyid:B7:51:0B:65:1B:FB:DF:09:C8:48:6A:81:36:20:00:05:BE:FB:49:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t1ELZRv73wnISGqBNiAABb77SX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/bff1c3-0084-42bb-bcf7-2cb8877fd970/1/t1ELZRv73wnISGqBNiAABb77SX0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/bff1c3-0084-42bb-bcf7-2cb8877fd970/1/t1ELZRv73wnISGqBNiAABb77SX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4a:f7:87:95:dd:65:d8:12:84:3c:19:2e:26:06:7f:78:b9:fd:
5e:4b:ee:e8:9a:b0:e2:a5:d7:68:8e:b6:a3:51:ef:b3:a2:98:
3e:95:99:e3:a0:95:14:45:bf:8b:fe:c6:94:fd:d9:6d:0b:5e:
b1:01:29:65:0d:b2:0f:e4:01:21:54:c8:f7:2d:38:41:e7:eb:
95:5c:db:6b:d0:7d:68:b8:f7:83:a1:c6:49:b5:ac:64:ce:30:
a6:49:49:77:ba:86:e7:e2:09:47:6a:d1:0d:41:c2:3b:0e:bd:
b3:c0:ab:47:30:19:40:bf:12:03:8f:6b:55:5a:6e:fb:6b:ab:
d3:6f:bf:5e:7d:67:81:af:5b:1e:02:bc:cb:08:78:32:a1:6e:
3f:b3:5b:2e:5b:77:b0:a6:a5:51:3f:4e:22:8c:d2:17:8e:a9:
0e:02:39:a0:08:c1:b8:eb:c2:32:ce:60:0e:36:77:c7:70:60:
d5:27:2c:94:c3:d8:09:e9:31:93:82:e4:a3:b8:7a:56:a4:8e:
0d:48:43:e0:07:9f:e9:a8:33:45:57:10:bb:d7:37:b8:4f:42:
be:8b:ff:da:65:44:39:87:54:71:69:b8:c9:90:0a:f5:23:3b:
7f:21:fe:8b:12:92:3c:e9:3d:4f:ea:80:c6:1e:55:14:7a:49:
4c:30:f6:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040t3/7zqqTeZdg3zgeY1dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NTEwYjY1MWJmYmRmMDljODQ4NmE4MTM2MjAwMDA1YmVm
YjQ5N2QwHhcNMjYwMzI5MDkwMDM2WhcNMjYwMzMwMDkwMDM2WjAzMTEwLwYDVQQD
Eyg5YjNlYzEzYTA1ODMxODM4MDA4OGVmNjM2NGYzYmNjMDQyMWJmNWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5f5l7kx34LwP024L74xExfyezXG
4HPuX6HcDKS6gS7pQdDc6NuibIim7xlL0i3jF/qmgFaUR7Clj39sR2aLhD6Qrxsc
tsQ6pjxMeqhuzZGUn34bXFq3lfwyknvK7QhwaMRFS1L0D6Vs5cN084/Ct6CR2+mm
zUzYQ4MEEKDQBBAsVS48SP2S2zegIs8OU9gKgVDSWLruLDJ9/EQYXNmFYmjgBSq5
c38wE5ODHjThlq0Q+xqoAkp4nfPsLqp83Unad1F52dlU/v3ZgOtuyxeVp89Kokvb
pBnfYhbulZZ/GeUmHTbmyXuYN4vESCpi9ww/gDHLn5PrH6ImUtAXZCvcZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJs+wToFgxg4AIjvY2TzvMBCG/XyMB8GA1UdIwQY
MBaAFLdRC2Ub+98JyEhqgTYgAAW++0l9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDFFTFpSdjczd25JU0dxQk5pQUFCYjc3U1gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9iZmYxYzMtMDA4NC00MmJiLWJjZjct
MmNiODg3N2ZkOTcwLzEvdDFFTFpSdjczd25JU0dxQk5pQUFCYjc3U1gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9iZmYxYzMtMDA4NC00MmJiLWJjZjctMmNiODg3N2ZkOTcw
LzEvdDFFTFpSdjczd25JU0dxQk5pQUFCYjc3U1gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASveHld1l
2BKEPBkuJgZ/eLn9Xkvu6Jqw4qXXaI62o1Hvs6KYPpWZ46CVFEW/i/7GlP3ZbQte
sQEpZQ2yD+QBIVTI9y04QefrlVzba9B9aLj3g6HGSbWsZM4wpklJd7qG5+IJR2rR
DUHCOw69s8CrRzAZQL8SA49rVVpu+2ur02+/Xn1nga9bHgK8ywh4MqFuP7NbLlt3
sKalUT9OIozSF46pDgI5oAjBuOvCMs5gDjZ3x3Bg1ScslMPYCekxk4Lko7h6VqSO
DUhD4Aef6agzRVcQu9c3uE9Cvov/2mVEOYdUcWm4yZAK9SM7fyH+ixKSPOk9T+qA
xh5VFHpJTDD2jg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 16:26:20 2026 by rpki-client