Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/be7894-0ccc-4fbd-880b-9758cb2b844e/1/itKTDR_h3UMEkf17gx3pxhaSreQ.mft
File: itKTDR_h3UMEkf17gx3pxhaSreQ.mft (raw, json)
Hash identifier: iAsTGhNhZnx2Ci7PZ+30/RdiaiqrX9ae+SkywlTHIj8=
Subject key identifier: 30:E6:E7:AF:04:A4:82:FD:E0:C7:EE:31:90:56:FA:24:B6:7F:0E:25
Authority key identifier: 8A:D2:93:0D:1F:E1:DD:43:04:91:FD:7B:83:1D:E9:C6:16:92:AD:E4
Certificate issuer: /CN=8ad2930d1fe1dd430491fd7b831de9c61692ade4
Certificate serial: 019D390A2229DF0784B32A670B371CC381D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/itKTDR_h3UMEkf17gx3pxhaSreQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/be7894-0ccc-4fbd-880b-9758cb2b844e/1/itKTDR_h3UMEkf17gx3pxhaSreQ.mft
Manifest number: 15BF
Signing time: Sun 29 Mar 2026 10:00:58 +0000
Manifest this update: Sun 29 Mar 2026 10:00:58 +0000
Manifest next update: Mon 30 Mar 2026 10:00:58 +0000
Files and hashes: 1: 7IHoFTom1ovbc32ROfwOsVohnOY.roa (hash: QxYm3BEgI8MopzvcjZkVuxTvAcrTlamB8ZE+JEtn02I=)
2: dlxBkhDBp6NSs-TK_Z6erdMzQTo.roa (hash: PbGDghsUx2VuV/Qi655kVWVON4S8LLL9qUjVO61ngtg=)
3: itKTDR_h3UMEkf17gx3pxhaSreQ.crl (hash: ISXbVVWSIWgVrouUoil1CZXhMWHvATxhpMMJI3PKRF0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/be7894-0ccc-4fbd-880b-9758cb2b844e/1/itKTDR_h3UMEkf17gx3pxhaSreQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/be7894-0ccc-4fbd-880b-9758cb2b844e/1/itKTDR_h3UMEkf17gx3pxhaSreQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/itKTDR_h3UMEkf17gx3pxhaSreQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:0a:22:29:df:07:84:b3:2a:67:0b:37:1c:c3:81:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ad2930d1fe1dd430491fd7b831de9c61692ade4
Validity
Not Before: Mar 29 10:00:58 2026 GMT
Not After : Mar 30 10:00:58 2026 GMT
Subject: CN=30e6e7af04a482fde0c7ee319056fa24b67f0e25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:1e:3f:f8:da:4c:88:39:9f:6a:0a:0c:2b:1e:
de:83:c6:06:76:61:5e:04:3d:4c:13:94:c6:7b:91:
6c:00:e7:4d:05:b4:65:06:56:70:36:2c:46:3a:b8:
9f:35:3b:00:05:c1:c8:52:22:15:1b:0c:14:e6:bb:
ab:07:5a:d8:e5:2b:ac:00:d8:d4:84:1d:90:3f:5e:
2b:96:6f:ca:e7:78:22:d2:b8:58:6e:58:11:b0:c1:
70:37:44:ed:7a:6d:3e:a6:a2:f0:08:ef:a0:8e:87:
3a:6f:6f:ff:1a:62:b9:1a:2c:44:99:df:a8:d6:d1:
a6:e6:ee:70:c7:56:c6:23:c4:a7:5b:60:6d:b0:5e:
8e:b4:24:5f:19:13:56:b2:a9:70:2b:7d:dc:d4:2c:
c4:cc:46:53:a7:84:53:ef:84:09:49:14:2e:d0:af:
33:06:08:16:d9:6a:78:e8:bc:54:54:63:fb:0c:ad:
59:18:fa:52:9d:1c:b2:77:69:b8:c1:90:27:f5:0d:
1e:11:de:d3:ba:f0:fb:c5:f4:d5:c2:8e:6a:a7:6b:
b3:7b:ba:a9:e6:c1:b9:ff:4b:9a:bb:a7:08:8e:57:
f8:9e:57:a5:88:9b:40:7a:08:34:11:79:c1:f6:7a:
d4:8b:07:90:11:b1:1b:7d:4f:77:3c:4c:5a:30:0f:
66:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:E6:E7:AF:04:A4:82:FD:E0:C7:EE:31:90:56:FA:24:B6:7F:0E:25
X509v3 Authority Key Identifier:
keyid:8A:D2:93:0D:1F:E1:DD:43:04:91:FD:7B:83:1D:E9:C6:16:92:AD:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itKTDR_h3UMEkf17gx3pxhaSreQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/be7894-0ccc-4fbd-880b-9758cb2b844e/1/itKTDR_h3UMEkf17gx3pxhaSreQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/be7894-0ccc-4fbd-880b-9758cb2b844e/1/itKTDR_h3UMEkf17gx3pxhaSreQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
95:1b:b3:1a:1b:2a:63:ad:0a:da:fb:78:79:b5:aa:7c:fc:a6:
d8:84:ee:61:66:bb:0e:af:12:ea:6c:fd:e5:f5:8e:99:ef:76:
78:0f:38:18:ed:4c:6a:39:48:d0:cb:c6:4d:14:81:84:8b:0a:
62:88:a0:dc:6a:4c:9f:80:9d:b4:1c:8a:e6:f6:91:ce:a4:cb:
9e:ce:bf:c7:d7:72:13:7c:3b:d1:32:7f:68:6a:86:5a:b5:58:
f1:59:72:7b:33:03:14:a0:ee:13:75:c7:1b:a6:7f:ae:04:df:
da:b8:96:6d:4a:08:5d:b7:b0:09:9f:a5:6d:b4:6b:5d:04:49:
97:bb:1d:0f:81:78:39:49:31:b3:5e:69:30:a5:f2:4c:46:5d:
02:b3:98:cb:f1:97:6f:2b:a3:08:85:b0:ec:24:fe:2f:42:47:
01:bb:b6:0b:91:a0:86:c5:5f:18:bc:a6:4b:f8:57:b7:ad:15:
4d:a7:ec:c4:c6:d5:37:62:88:2b:74:8e:b4:08:fd:33:84:37:
1a:80:83:dd:51:79:a0:32:cb:61:56:38:f3:f3:21:28:b5:45:
45:30:a4:a1:7e:44:8a:36:a1:89:7a:9c:10:fa:f2:87:06:e2:
b9:5a:a9:dd:89:0a:4e:af:c0:69:5d:9a:d4:50:8f:d2:fe:9f:
7d:d0:02:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CiIp3weEsypnCzccw4HRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDI5MzBkMWZlMWRkNDMwNDkxZmQ3YjgzMWRlOWM2MTY5
MmFkZTQwHhcNMjYwMzI5MTAwMDU4WhcNMjYwMzMwMTAwMDU4WjAzMTEwLwYDVQQD
EygzMGU2ZTdhZjA0YTQ4MmZkZTBjN2VlMzE5MDU2ZmEyNGI2N2YwZTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuh4/+NpMiDmfagoMKx7eg8YGdmFe
BD1ME5TGe5FsAOdNBbRlBlZwNixGOrifNTsABcHIUiIVGwwU5rurB1rY5SusANjU
hB2QP14rlm/K53gi0rhYblgRsMFwN0Ttem0+pqLwCO+gjoc6b2//GmK5GixEmd+o
1tGm5u5wx1bGI8SnW2BtsF6OtCRfGRNWsqlwK33c1CzEzEZTp4RT74QJSRQu0K8z
BggW2Wp46LxUVGP7DK1ZGPpSnRyyd2m4wZAn9Q0eEd7TuvD7xfTVwo5qp2uze7qp
5sG5/0uau6cIjlf4nleliJtAegg0EXnB9nrUiweQEbEbfU93PExaMA9myQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDDm568EpIL94MfuMZBW+iS2fw4lMB8GA1UdIwQY
MBaAFIrSkw0f4d1DBJH9e4Md6cYWkq3kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRLVERSX2gzVU1Fa2YxN2d4M3B4aGFTcmVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9iZTc4OTQtMGNjYy00ZmJkLTg4MGIt
OTc1OGNiMmI4NDRlLzEvaXRLVERSX2gzVU1Fa2YxN2d4M3B4aGFTcmVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9iZTc4OTQtMGNjYy00ZmJkLTg4MGItOTc1OGNiMmI4NDRl
LzEvaXRLVERSX2gzVU1Fa2YxN2d4M3B4aGFTcmVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlRuzGhsq
Y60K2vt4ebWqfPym2ITuYWa7Dq8S6mz95fWOme92eA84GO1MajlI0MvGTRSBhIsK
Yoig3GpMn4CdtByK5vaRzqTLns6/x9dyE3w70TJ/aGqGWrVY8VlyezMDFKDuE3XH
G6Z/rgTf2riWbUoIXbewCZ+lbbRrXQRJl7sdD4F4OUkxs15pMKXyTEZdArOYy/GX
byujCIWw7CT+L0JHAbu2C5GghsVfGLymS/hXt60VTafsxMbVN2KIK3SOtAj9M4Q3
GoCD3VF5oDLLYVY48/MhKLVFRTCkoX5EijahiXqcEPryhwbiuVqp3YkKTq/AaV2a
1FCP0v6ffdAC7w==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:02:26 2026 by rpki-client