Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/deef22-2624-49b6-a23b-aa01dcd3dfa7/1/B9oDycgmha5taz0h1oS7z0aL91s.mft
File: B9oDycgmha5taz0h1oS7z0aL91s.mft (raw, json)
Hash identifier: 2rPGyV43QhLP/K82OgMWQL6Xwr4NGTH2Lx9X1w7KXUw=
Subject key identifier: 1F:7F:7D:B6:F8:2D:AE:F6:DF:C3:F9:85:ED:B8:50:65:2F:D2:68:49
Authority key identifier: 07:DA:03:C9:C8:26:85:AE:6D:6B:3D:21:D6:84:BB:CF:46:8B:F7:5B
Certificate issuer: /CN=07da03c9c82685ae6d6b3d21d684bbcf468bf75b
Certificate serial: 019D419F862FB3FEC9FD0A54527B1D023963
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B9oDycgmha5taz0h1oS7z0aL91s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/deef22-2624-49b6-a23b-aa01dcd3dfa7/1/B9oDycgmha5taz0h1oS7z0aL91s.mft
Manifest number: 1894
Signing time: Tue 31 Mar 2026 02:01:06 +0000
Manifest this update: Tue 31 Mar 2026 02:01:06 +0000
Manifest next update: Wed 01 Apr 2026 02:01:06 +0000
Files and hashes: 1: B9oDycgmha5taz0h1oS7z0aL91s.crl (hash: d6x/lvfEkQM9dZWFTAO/ipRkak6MOuBnfh147kzssyQ=)
2: Syb092w3bd2oaQmW0hCkBeEn6RU.roa (hash: mb8QxEtZKShJ4BbZE89JSkmaplhcEQtWMF/0Fv1cDnU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/deef22-2624-49b6-a23b-aa01dcd3dfa7/1/B9oDycgmha5taz0h1oS7z0aL91s.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/deef22-2624-49b6-a23b-aa01dcd3dfa7/1/B9oDycgmha5taz0h1oS7z0aL91s.mft
rsync://rpki.ripe.net/repository/DEFAULT/B9oDycgmha5taz0h1oS7z0aL91s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 31 Mar 2026 23:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:41:9f:86:2f:b3:fe:c9:fd:0a:54:52:7b:1d:02:39:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07da03c9c82685ae6d6b3d21d684bbcf468bf75b
Validity
Not Before: Mar 31 02:01:06 2026 GMT
Not After : Apr 1 02:01:06 2026 GMT
Subject: CN=1f7f7db6f82daef6dfc3f985edb850652fd26849
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:6f:f0:fd:f9:9b:cf:55:39:2e:24:0e:9b:2a:
31:4d:12:40:76:27:ff:c9:0e:76:f5:3f:b2:04:c1:
e6:62:5d:64:22:de:4d:b0:b3:67:02:c1:52:f3:6f:
56:43:0b:a4:2e:8f:d9:d7:de:41:7c:a4:56:ba:e1:
c3:88:14:18:fa:7f:1a:80:36:ce:f5:a5:cc:90:14:
a1:d0:29:59:d9:fc:4e:78:7b:e1:52:df:60:b1:71:
84:5a:46:a4:e0:7e:fb:f8:74:9b:52:a7:bf:b1:28:
84:2b:dc:c7:ff:f9:10:aa:77:f5:2e:93:54:56:a9:
35:be:f8:61:e3:64:3d:bb:e8:e0:95:f4:3b:1f:fb:
3d:56:4e:01:d9:02:fe:46:1e:ba:29:bb:35:e2:2b:
91:be:b0:8f:cc:49:7d:89:8b:48:fa:f0:04:20:ae:
5f:65:ff:88:4c:6e:93:a1:a7:43:51:e4:72:2a:f6:
8b:ee:bc:64:fe:31:54:fa:db:e1:ab:e8:ec:b1:20:
7a:aa:b4:0c:c3:62:44:97:92:30:2d:b4:83:8a:6e:
05:23:02:06:de:d3:de:d1:3d:6e:26:6b:82:78:fe:
d4:52:b7:14:06:48:fc:37:10:e9:64:7d:63:a8:3b:
45:0f:4a:95:05:5d:0d:73:b7:a4:7b:04:00:4a:25:
37:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:7F:7D:B6:F8:2D:AE:F6:DF:C3:F9:85:ED:B8:50:65:2F:D2:68:49
X509v3 Authority Key Identifier:
keyid:07:DA:03:C9:C8:26:85:AE:6D:6B:3D:21:D6:84:BB:CF:46:8B:F7:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B9oDycgmha5taz0h1oS7z0aL91s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/deef22-2624-49b6-a23b-aa01dcd3dfa7/1/B9oDycgmha5taz0h1oS7z0aL91s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/deef22-2624-49b6-a23b-aa01dcd3dfa7/1/B9oDycgmha5taz0h1oS7z0aL91s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1e:c2:9e:26:92:cc:99:78:9c:98:67:0b:45:1f:55:3b:93:d0:
e4:c4:f8:f2:00:a5:1a:50:f1:4f:d5:ff:53:e5:79:22:5d:05:
74:60:ff:f4:93:28:37:9f:89:bd:b7:f0:ae:6d:3a:0a:a4:5f:
98:76:fe:1a:37:84:77:c8:0b:87:bd:09:f0:d7:08:00:c9:d6:
7f:4c:7f:79:f2:5a:5b:0e:37:9e:92:30:d0:fd:0f:ec:ea:d0:
29:37:aa:03:11:ec:70:f1:cc:10:46:ad:f8:d2:6d:b2:33:8b:
ae:7a:3c:51:3b:dc:4f:95:1b:af:63:30:51:90:7b:e6:ab:ae:
48:43:b7:97:f5:fb:2e:4f:cf:e3:bc:a3:b4:5e:51:9b:35:f3:
be:20:7a:97:8b:b7:1b:88:99:3e:7c:34:12:e3:ad:44:74:ae:
1b:ef:20:95:18:81:98:42:7f:c1:a1:c4:e8:51:fd:4b:ec:b9:
6c:d0:d8:12:2f:ad:7d:ae:b5:75:f0:01:6d:eb:38:0a:19:18:
dc:68:a7:72:73:f3:24:01:9a:bd:00:7a:3d:2f:26:e3:14:6d:
eb:e0:de:67:76:9d:71:2e:da:40:59:95:56:d7:97:29:2e:c3:
b0:3e:bf:da:a3:3a:1e:4c:a4:e4:51:0a:cc:f8:c9:71:d4:32:
12:ff:4f:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ1Bn4Yvs/7J/QpUUnsdAjljMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZGEwM2M5YzgyNjg1YWU2ZDZiM2QyMWQ2ODRiYmNmNDY4
YmY3NWIwHhcNMjYwMzMxMDIwMTA2WhcNMjYwNDAxMDIwMTA2WjAzMTEwLwYDVQQD
EygxZjdmN2RiNmY4MmRhZWY2ZGZjM2Y5ODVlZGI4NTA2NTJmZDI2ODQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2W/w/fmbz1U5LiQOmyoxTRJAdif/
yQ529T+yBMHmYl1kIt5NsLNnAsFS829WQwukLo/Z195BfKRWuuHDiBQY+n8agDbO
9aXMkBSh0ClZ2fxOeHvhUt9gsXGEWkak4H77+HSbUqe/sSiEK9zH//kQqnf1LpNU
Vqk1vvhh42Q9u+jglfQ7H/s9Vk4B2QL+Rh66Kbs14iuRvrCPzEl9iYtI+vAEIK5f
Zf+ITG6ToadDUeRyKvaL7rxk/jFU+tvhq+jssSB6qrQMw2JEl5IwLbSDim4FIwIG
3tPe0T1uJmuCeP7UUrcUBkj8NxDpZH1jqDtFD0qVBV0Nc7ekewQASiU3jQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB9/fbb4La7238P5he24UGUv0mhJMB8GA1UdIwQY
MBaAFAfaA8nIJoWubWs9IdaEu89Gi/dbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjlvRHljZ21oYTV0YXowaDFvUzd6MGFMOTFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9kZWVmMjItMjYyNC00OWI2LWEyM2It
YWEwMWRjZDNkZmE3LzEvQjlvRHljZ21oYTV0YXowaDFvUzd6MGFMOTFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9kZWVmMjItMjYyNC00OWI2LWEyM2ItYWEwMWRjZDNkZmE3
LzEvQjlvRHljZ21oYTV0YXowaDFvUzd6MGFMOTFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHsKeJpLM
mXicmGcLRR9VO5PQ5MT48gClGlDxT9X/U+V5Il0FdGD/9JMoN5+Jvbfwrm06CqRf
mHb+GjeEd8gLh70J8NcIAMnWf0x/efJaWw43npIw0P0P7OrQKTeqAxHscPHMEEat
+NJtsjOLrno8UTvcT5Ubr2MwUZB75quuSEO3l/X7Lk/P47yjtF5RmzXzviB6l4u3
G4iZPnw0EuOtRHSuG+8glRiBmEJ/waHE6FH9S+y5bNDYEi+tfa61dfABbes4ChkY
3GincnPzJAGavQB6PS8m4xRt6+DeZ3adcS7aQFmVVteXKS7DsD6/2qM6Hkyk5FEK
zPjJcdQyEv9PQg==
-----END CERTIFICATE-----
Generated at Tue Mar 31 09:16:01 2026 by rpki-client