Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.mft
File: ihZhi3H_yA4cP0HtDfyJq16WP9I.mft (raw, json)
Hash identifier: m0wqo3hgNxMc5SU4Rkhb6lEo+wmd1WCcx0veh+QP7xc=
Subject key identifier: A6:BC:2B:A6:D5:A7:CE:B3:1D:03:AF:B3:77:6B:03:1B:E0:E3:7E:90
Authority key identifier: 8A:16:61:8B:71:FF:C8:0E:1C:3F:41:ED:0D:FC:89:AB:5E:96:3F:D2
Certificate issuer: /CN=8a16618b71ffc80e1c3f41ed0dfc89ab5e963fd2
Certificate serial: 019D39099A493C3E52129FCE117CE80BFAAC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ihZhi3H_yA4cP0HtDfyJq16WP9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.mft
Manifest number: 1896
Signing time: Sun 29 Mar 2026 10:00:23 +0000
Manifest this update: Sun 29 Mar 2026 10:00:23 +0000
Manifest next update: Mon 30 Mar 2026 10:00:23 +0000
Files and hashes: 1: SheiKMejj2UlfePnEJK4YM6UYGQ.roa (hash: Ll9jhdHvmhGlynW15LRcU3rlqzasSbGuWZW11z3vQs0=)
2: auDg02aDw-Ng4UMnzRMAZPV_78A.roa (hash: A2MCkRQZ/VKnTqKHBJZ1hnIKYJGRR8Cd5N45/0b9lic=)
3: ihZhi3H_yA4cP0HtDfyJq16WP9I.crl (hash: /z0sScBJif2K4vsYTCKXPrBAQqG93BTSuGdc6+mV1mU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.mft
rsync://rpki.ripe.net/repository/DEFAULT/ihZhi3H_yA4cP0HtDfyJq16WP9I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:09:9a:49:3c:3e:52:12:9f:ce:11:7c:e8:0b:fa:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a16618b71ffc80e1c3f41ed0dfc89ab5e963fd2
Validity
Not Before: Mar 29 10:00:23 2026 GMT
Not After : Mar 30 10:00:23 2026 GMT
Subject: CN=a6bc2ba6d5a7ceb31d03afb3776b031be0e37e90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:94:36:3a:bc:36:70:2f:bc:d4:4b:f8:72:9f:
81:5d:9d:7f:2b:8c:d0:84:ae:13:19:0a:3d:68:1c:
f0:52:7d:ef:5f:11:ef:fb:52:aa:70:c9:7c:db:41:
1e:f9:5e:d3:61:dc:93:c6:f0:25:9e:e6:df:73:30:
ac:70:bd:00:1a:c4:70:f7:ed:80:2e:01:78:47:82:
25:f9:73:05:84:fb:01:21:c1:78:66:04:55:1f:b9:
db:c2:5f:63:8f:4e:26:f8:60:de:c0:ff:6b:37:8f:
6a:42:54:93:16:92:26:08:0e:a6:47:53:eb:24:3e:
21:4d:77:51:ec:56:c1:76:60:8c:05:2e:23:8d:f6:
8a:e5:26:9b:68:0c:ed:45:ec:72:f0:7b:ab:8a:bf:
20:8b:74:d0:3a:3b:d7:ee:6d:1a:81:1a:9b:ec:24:
46:5c:25:3f:b9:58:4f:52:19:e3:00:4c:3b:ba:5b:
d6:3d:55:6b:f7:4f:f6:9d:38:dc:e6:c3:7d:9e:c3:
48:5e:6c:4d:4c:10:14:38:5b:db:42:3a:7c:0c:11:
b9:c2:72:25:33:99:2f:b1:93:ef:ce:01:21:88:c2:
66:36:21:d1:a2:a2:eb:dd:a6:65:96:a9:a7:a2:da:
e7:51:9f:2a:f8:f9:1d:2d:62:1b:f0:40:90:00:7e:
64:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:BC:2B:A6:D5:A7:CE:B3:1D:03:AF:B3:77:6B:03:1B:E0:E3:7E:90
X509v3 Authority Key Identifier:
keyid:8A:16:61:8B:71:FF:C8:0E:1C:3F:41:ED:0D:FC:89:AB:5E:96:3F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ihZhi3H_yA4cP0HtDfyJq16WP9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ae:4c:fa:0b:d5:07:c3:87:d5:7d:33:5a:91:74:2a:4f:cd:de:
55:c3:1d:4d:3a:aa:2d:58:a8:5d:92:73:69:92:2c:8a:d8:f9:
57:95:ae:78:2f:73:4e:08:b1:ac:62:6a:26:6d:8b:bd:ae:99:
84:88:88:7d:5d:65:43:e9:2d:a0:5e:bd:5d:2e:a6:f5:df:6f:
51:a3:54:01:27:cf:26:4a:92:16:f8:27:15:ce:42:4b:94:54:
ad:7b:c5:54:0d:30:19:04:b2:66:2b:f2:b7:e0:c9:2d:b2:c7:
38:43:67:a5:66:94:7f:a2:05:0b:7b:be:72:e0:48:e2:fe:54:
62:e3:90:e1:31:4c:96:46:dd:b9:fd:5b:fb:69:74:44:14:70:
01:62:55:a8:fc:5a:13:5a:2d:ed:56:79:de:cd:ec:c6:96:75:
a1:65:90:51:88:3a:62:5f:74:0a:cf:04:11:a8:45:34:5e:42:
53:bb:cb:a8:8e:8c:a4:46:3d:d7:c9:90:bb:d7:4a:1e:1a:44:
46:cd:88:d7:1f:a4:1e:66:27:15:44:93:28:c0:87:40:87:7c:
88:69:46:b8:7c:1e:8a:e5:6b:5a:73:30:47:76:1b:ad:94:49:
51:84:0e:57:bb:8b:d8:9e:b5:80:d8:61:a1:bb:8e:2c:5f:6d:
de:98:d6:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CZpJPD5SEp/OEXzoC/qsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMTY2MThiNzFmZmM4MGUxYzNmNDFlZDBkZmM4OWFiNWU5
NjNmZDIwHhcNMjYwMzI5MTAwMDIzWhcNMjYwMzMwMTAwMDIzWjAzMTEwLwYDVQQD
EyhhNmJjMmJhNmQ1YTdjZWIzMWQwM2FmYjM3NzZiMDMxYmUwZTM3ZTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA35Q2Orw2cC+81Ev4cp+BXZ1/K4zQ
hK4TGQo9aBzwUn3vXxHv+1KqcMl820Ee+V7TYdyTxvAlnubfczCscL0AGsRw9+2A
LgF4R4Il+XMFhPsBIcF4ZgRVH7nbwl9jj04m+GDewP9rN49qQlSTFpImCA6mR1Pr
JD4hTXdR7FbBdmCMBS4jjfaK5SabaAztRexy8Hurir8gi3TQOjvX7m0agRqb7CRG
XCU/uVhPUhnjAEw7ulvWPVVr90/2nTjc5sN9nsNIXmxNTBAUOFvbQjp8DBG5wnIl
M5kvsZPvzgEhiMJmNiHRoqLr3aZllqmnotrnUZ8q+PkdLWIb8ECQAH5kNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKa8K6bVp86zHQOvs3drAxvg436QMB8GA1UdIwQY
MBaAFIoWYYtx/8gOHD9B7Q38iatelj/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWhaaGkzSF95QTRjUDBIdERmeUpxMTZXUDlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC81NWNmNzctNjM5NC00ODEyLTlmYjUt
MjkxYWFlZGQ1OGNjLzEvaWhaaGkzSF95QTRjUDBIdERmeUpxMTZXUDlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC81NWNmNzctNjM5NC00ODEyLTlmYjUtMjkxYWFlZGQ1OGNj
LzEvaWhaaGkzSF95QTRjUDBIdERmeUpxMTZXUDlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArkz6C9UH
w4fVfTNakXQqT83eVcMdTTqqLVioXZJzaZIsitj5V5WueC9zTgixrGJqJm2Lva6Z
hIiIfV1lQ+ktoF69XS6m9d9vUaNUASfPJkqSFvgnFc5CS5RUrXvFVA0wGQSyZivy
t+DJLbLHOENnpWaUf6IFC3u+cuBI4v5UYuOQ4TFMlkbduf1b+2l0RBRwAWJVqPxa
E1ot7VZ53s3sxpZ1oWWQUYg6Yl90Cs8EEahFNF5CU7vLqI6MpEY918mQu9dKHhpE
Rs2I1x+kHmYnFUSTKMCHQId8iGlGuHweiuVrWnMwR3YbrZRJUYQOV7uL2J61gNhh
obuOLF9t3pjWiQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:40:57 2026 by rpki-client