Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/240780-8110-45d7-bd73-fdfd2d72b541/1/1-hToFTzT-RwzOX-bffkb8XPE0Ws.mft
File: 1-hToFTzT-RwzOX-bffkb8XPE0Ws.mft (raw, json)
Hash identifier: BQnQ6KykQx726afD1lQJnIoammjFdKkux4SQEoPqGY8=
Subject key identifier: D9:09:20:E1:C8:00:6E:34:5A:F3:89:30:AB:C5:40:45:BE:57:5B:14
Authority key identifier: FA:14:E8:15:3C:D3:F9:1C:33:39:7F:9B:7D:F9:1B:F1:73:C4:D1:6B
Certificate issuer: /CN=fa14e8153cd3f91c33397f9b7df91bf173c4d16b
Certificate serial: 019D1A5AF6F17768CD859FF3A1088B25F99E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-hToFTzT-RwzOX-bffkb8XPE0Ws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/240780-8110-45d7-bd73-fdfd2d72b541/1/1-hToFTzT-RwzOX-bffkb8XPE0Ws.mft
Manifest number: 028A
Signing time: Mon 23 Mar 2026 11:01:02 +0000
Manifest this update: Mon 23 Mar 2026 11:01:02 +0000
Manifest next update: Tue 24 Mar 2026 11:01:02 +0000
Files and hashes: 1: 1-hToFTzT-RwzOX-bffkb8XPE0Ws.crl (hash: M/N6QArE5ZWTXup6TwQGSHubcDDilIUkF5WByyLVWj0=)
2: FKy4QquWDiXsB6434vLtVQiZ1BI.roa (hash: E7KgcSUkFp282kfhM/A9rdhpcSBu+wYieQbkPSRtk8I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/240780-8110-45d7-bd73-fdfd2d72b541/1/1-hToFTzT-RwzOX-bffkb8XPE0Ws.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/240780-8110-45d7-bd73-fdfd2d72b541/1/1-hToFTzT-RwzOX-bffkb8XPE0Ws.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-hToFTzT-RwzOX-bffkb8XPE0Ws.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 24 Mar 2026 11:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1a:5a:f6:f1:77:68:cd:85:9f:f3:a1:08:8b:25:f9:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa14e8153cd3f91c33397f9b7df91bf173c4d16b
Validity
Not Before: Mar 23 11:01:02 2026 GMT
Not After : Mar 24 11:01:02 2026 GMT
Subject: CN=d90920e1c8006e345af38930abc54045be575b14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:4c:2e:7d:11:02:65:7d:0d:32:1b:d6:00:c5:
9d:96:71:8f:47:ca:24:8a:7d:cf:38:16:bc:e2:1a:
e7:04:ff:eb:d7:95:aa:5f:73:55:08:3f:6e:29:ae:
a4:cc:80:79:a3:5d:7c:52:b5:85:9c:9f:10:16:56:
b6:e1:3b:a3:76:fb:45:61:d9:b3:15:03:14:b5:78:
7f:db:75:b1:60:a2:8f:3b:c4:db:ea:0e:4e:21:e7:
d1:3c:b5:81:59:b0:f6:ef:d9:e9:70:79:31:07:53:
86:fd:b6:6d:c9:d0:de:44:49:a8:13:2e:58:08:3d:
42:96:df:ac:0f:c5:e7:46:f8:5a:19:08:82:73:7c:
82:50:e6:8b:0a:2a:e6:d9:0e:d3:dd:e8:63:23:18:
32:4a:a2:0a:22:b0:ab:87:c3:4b:9e:8f:3a:d3:bc:
8d:56:0e:2c:6c:16:f1:d1:16:2a:ac:ca:5f:1f:f8:
86:1a:19:05:b6:b6:1b:a3:d1:63:77:82:51:35:9d:
ff:73:13:34:02:99:09:79:9f:40:f9:d7:01:4a:05:
da:1f:c6:d4:e8:d9:af:be:38:cb:15:61:b7:06:db:
d2:ba:03:96:7b:16:51:c3:29:75:9a:36:ec:5b:a1:
22:42:69:fb:e2:fd:e7:77:1f:a6:2b:33:08:c1:80:
c4:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:09:20:E1:C8:00:6E:34:5A:F3:89:30:AB:C5:40:45:BE:57:5B:14
X509v3 Authority Key Identifier:
keyid:FA:14:E8:15:3C:D3:F9:1C:33:39:7F:9B:7D:F9:1B:F1:73:C4:D1:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-hToFTzT-RwzOX-bffkb8XPE0Ws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/240780-8110-45d7-bd73-fdfd2d72b541/1/1-hToFTzT-RwzOX-bffkb8XPE0Ws.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/240780-8110-45d7-bd73-fdfd2d72b541/1/1-hToFTzT-RwzOX-bffkb8XPE0Ws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8c:82:51:51:85:0b:19:ac:29:d4:ec:b3:5b:aa:0b:74:4a:27:
70:ec:a2:6e:8c:f5:bb:6e:d7:4c:83:78:84:69:9a:c3:8c:04:
1d:aa:f9:0e:29:f4:f1:c8:0f:b7:9d:4a:e4:89:ff:d3:57:8b:
79:91:9b:88:3a:4e:79:e3:3d:92:34:7f:b2:2e:b0:c4:e3:d6:
d7:8d:02:af:6e:23:52:db:38:f3:d3:77:80:1c:e1:39:6d:28:
36:78:36:c6:0f:a6:c8:56:8d:a8:9b:e2:bc:ae:3a:f0:4c:5d:
25:9e:91:72:5a:04:9b:23:99:ca:a4:f1:ad:c0:f2:a0:ec:1d:
f8:ee:a1:a2:52:55:82:96:10:08:e7:78:13:99:10:c2:0c:18:
6e:c7:78:49:4e:84:d2:f6:84:cc:fa:11:3b:9d:6f:e2:c8:ef:
34:0b:d2:56:a9:f1:bb:d5:0f:f4:e8:63:af:2a:cf:a5:97:43:
04:35:99:7b:47:22:1f:5f:59:b0:9f:d2:19:31:d0:97:5a:40:
6c:e9:7c:a7:e5:c7:c3:2e:56:7a:76:b6:2c:50:1a:0f:6f:d0:
40:24:f8:07:f8:6e:3c:4e:99:b6:d8:e8:be:07:cd:d4:ad:eb:
e1:cc:9b:05:d9:9b:eb:6e:ba:51:06:11:63:90:b0:e8:9a:76:
de:29:04:60
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZ0aWvbxd2jNhZ/zoQiLJfmeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhMTRlODE1M2NkM2Y5MWMzMzM5N2Y5YjdkZjkxYmYxNzNj
NGQxNmIwHhcNMjYwMzIzMTEwMTAyWhcNMjYwMzI0MTEwMTAyWjAzMTEwLwYDVQQD
EyhkOTA5MjBlMWM4MDA2ZTM0NWFmMzg5MzBhYmM1NDA0NWJlNTc1YjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkwufRECZX0NMhvWAMWdlnGPR8ok
in3POBa84hrnBP/r15WqX3NVCD9uKa6kzIB5o118UrWFnJ8QFla24TujdvtFYdmz
FQMUtXh/23WxYKKPO8Tb6g5OIefRPLWBWbD279npcHkxB1OG/bZtydDeREmoEy5Y
CD1Clt+sD8XnRvhaGQiCc3yCUOaLCirm2Q7T3ehjIxgySqIKIrCrh8NLno8607yN
Vg4sbBbx0RYqrMpfH/iGGhkFtrYbo9Fjd4JRNZ3/cxM0ApkJeZ9A+dcBSgXaH8bU
6NmvvjjLFWG3BtvSugOWexZRwyl1mjbsW6EiQmn74v3ndx+mKzMIwYDEUQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFNkJIOHIAG40WvOJMKvFQEW+V1sUMB8GA1UdIwQY
MBaAFPoU6BU80/kcMzl/m335G/FzxNFrMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1oVG9GVHpULVJ3ek9YLWJmZmtiOFhQRTBXcy5jZXIw
gY4GCCsGAQUFBwELBIGBMH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcvMjQwNzgwLTgxMTAtNDVkNy1iZDcz
LWZkZmQyZDcyYjU0MS8xLzEtaFRvRlR6VC1Sd3pPWC1iZmZrYjhYUEUwV3MubWZ0
MIGCBgNVHR8EezB5MHegdaBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3Np
dG9yeS9ERUZBVUxUL2M3LzI0MDc4MC04MTEwLTQ1ZDctYmQ3My1mZGZkMmQ3MmI1
NDEvMS8xLWhUb0ZUelQtUnd6T1gtYmZma2I4WFBFMFdzLmNybDAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgAC
BQAwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjIJR
UYULGawp1OyzW6oLdEoncOyiboz1u27XTIN4hGmaw4wEHar5Din08cgPt51K5In/
01eLeZGbiDpOeeM9kjR/si6wxOPW140Cr24jUts489N3gBzhOW0oNng2xg+myFaN
qJvivK468ExdJZ6RcloEmyOZyqTxrcDyoOwd+O6holJVgpYQCOd4E5kQwgwYbsd4
SU6E0vaEzPoRO51v4sjvNAvSVqnxu9UP9OhjryrPpZdDBDWZe0ciH19ZsJ/SGTHQ
l1pAbOl8p+XHwy5Wena2LFAaD2/QQCT4B/huPE6ZttjovgfN1K3r4cybBdmb6266
UQYRY5Cw6Jp23ikEYA==
-----END CERTIFICATE-----
Generated at Mon Mar 23 21:59:41 2026 by rpki-client