Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/1e9621-626e-4032-9b54-76e3349c97c2/1/9Y3yxGnJeIlfhFgCTFBugByPsho.mft
File: 9Y3yxGnJeIlfhFgCTFBugByPsho.mft (raw, json)
Hash identifier: 5kmc27DHo93oYB1MFBk7wG/NgTlrj1iWfXkWCtUEc5k=
Subject key identifier: A3:F8:5D:DF:23:BE:3A:72:C6:EB:96:E2:0B:BD:88:0E:86:5E:B2:1C
Authority key identifier: F5:8D:F2:C4:69:C9:78:89:5F:84:58:02:4C:50:6E:80:1C:8F:B2:1A
Certificate issuer: /CN=f58df2c469c978895f8458024c506e801c8fb21a
Certificate serial: 019D389C534AA0B2E195773CA57CA2441749
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Y3yxGnJeIlfhFgCTFBugByPsho.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/1e9621-626e-4032-9b54-76e3349c97c2/1/9Y3yxGnJeIlfhFgCTFBugByPsho.mft
Manifest number: 1617
Signing time: Sun 29 Mar 2026 08:01:02 +0000
Manifest this update: Sun 29 Mar 2026 08:01:02 +0000
Manifest next update: Mon 30 Mar 2026 08:01:02 +0000
Files and hashes: 1: 9Y3yxGnJeIlfhFgCTFBugByPsho.crl (hash: tq4BUKYxelYGJZ+02xmoT5xxxsFOqtW7dTZ+WEoCXXQ=)
2: ipd84dEDEe7cj4KStBVIlQrMGyg.roa (hash: Sbm22JKwRV49kiJvKoySC0PxR1MmmHGGM53bqn3Gb1c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/1e9621-626e-4032-9b54-76e3349c97c2/1/9Y3yxGnJeIlfhFgCTFBugByPsho.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/1e9621-626e-4032-9b54-76e3349c97c2/1/9Y3yxGnJeIlfhFgCTFBugByPsho.mft
rsync://rpki.ripe.net/repository/DEFAULT/9Y3yxGnJeIlfhFgCTFBugByPsho.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9c:53:4a:a0:b2:e1:95:77:3c:a5:7c:a2:44:17:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f58df2c469c978895f8458024c506e801c8fb21a
Validity
Not Before: Mar 29 08:01:02 2026 GMT
Not After : Mar 30 08:01:02 2026 GMT
Subject: CN=a3f85ddf23be3a72c6eb96e20bbd880e865eb21c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:a9:32:cc:25:03:66:9b:cf:9d:04:ba:74:27:
2c:ff:b5:e8:59:67:13:3d:11:cb:8b:f1:f5:a6:e9:
29:2b:a2:4d:5b:2d:b6:de:88:e0:62:16:11:ba:da:
8f:af:bb:be:c1:da:9c:06:95:47:5f:cd:c8:39:2f:
3f:af:cd:d7:2d:68:44:e4:a1:04:e3:2f:47:18:3d:
b4:c0:bc:b4:ac:44:43:ea:36:d1:69:ce:78:ae:5f:
07:ac:48:ee:c9:c1:75:41:f7:aa:0d:2d:60:f6:e1:
89:ad:e0:57:f5:f3:01:e6:65:cb:6d:db:85:ae:f6:
dd:9f:c9:95:f3:c5:96:bd:d8:5e:6b:f8:96:b0:c0:
3f:2c:08:2a:ba:6b:4b:4c:67:35:04:eb:94:24:41:
98:5d:c8:9f:44:2f:4d:41:0c:3c:ea:3a:d4:29:63:
13:7e:d7:70:c9:d1:27:6b:02:8e:93:a9:ee:e9:b1:
1a:24:ff:eb:df:42:2e:53:f5:20:ff:28:90:ec:26:
6d:78:7e:dc:7c:d8:6e:77:6f:be:0f:fb:1f:5c:ae:
1b:d6:b5:1f:12:29:18:aa:83:29:7b:c2:c8:f6:f6:
10:a1:05:da:26:9b:4a:66:68:e7:a6:f0:fc:2d:48:
75:ef:ce:3a:2f:39:d1:db:50:0c:78:73:d9:14:b4:
bd:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:F8:5D:DF:23:BE:3A:72:C6:EB:96:E2:0B:BD:88:0E:86:5E:B2:1C
X509v3 Authority Key Identifier:
keyid:F5:8D:F2:C4:69:C9:78:89:5F:84:58:02:4C:50:6E:80:1C:8F:B2:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Y3yxGnJeIlfhFgCTFBugByPsho.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/1e9621-626e-4032-9b54-76e3349c97c2/1/9Y3yxGnJeIlfhFgCTFBugByPsho.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/1e9621-626e-4032-9b54-76e3349c97c2/1/9Y3yxGnJeIlfhFgCTFBugByPsho.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
66:64:11:60:60:15:b2:cc:7d:ac:27:e9:97:a5:65:b2:86:f3:
4c:85:56:c5:ba:d2:b7:e8:54:aa:98:e4:e4:bb:55:fb:9f:47:
b7:84:2f:36:ce:97:04:9f:07:8f:a2:9b:a1:b0:b1:91:dd:0f:
81:8e:a0:17:ee:62:9d:43:d1:18:83:c2:e1:88:60:c3:9d:c2:
5f:46:7b:00:33:e4:2b:1f:ba:1d:b7:e4:71:41:6a:66:9c:29:
8f:cb:26:82:1f:fe:e1:8e:d4:0e:df:dd:9b:2c:40:58:d8:df:
0c:a7:ca:e6:ec:c0:72:e2:35:54:2c:17:11:e1:de:aa:2a:ab:
92:92:fc:6f:7b:3c:e0:f3:eb:9f:a5:1f:d8:5b:a2:8d:83:41:
28:d2:10:9d:5e:3b:f3:12:cd:bd:89:8c:03:25:62:51:17:05:
bc:2b:ea:f1:6d:1c:89:82:8f:10:57:2b:c1:5e:22:e8:6c:78:
0a:42:48:68:bc:82:2c:72:3f:f9:9e:02:0e:ef:28:7b:c5:74:
40:dd:c4:05:56:47:c5:86:e1:84:a5:29:d2:5f:00:4b:8c:cc:
3d:2a:93:20:db:e1:14:18:b8:a8:07:3d:d8:c5:09:10:91:56:
bc:13:03:24:c8:6d:57:2e:58:3b:eb:01:90:8c:6e:ff:65:01:
20:12:60:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nFNKoLLhlXc8pXyiRBdJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1OGRmMmM0NjljOTc4ODk1Zjg0NTgwMjRjNTA2ZTgwMWM4
ZmIyMWEwHhcNMjYwMzI5MDgwMTAyWhcNMjYwMzMwMDgwMTAyWjAzMTEwLwYDVQQD
EyhhM2Y4NWRkZjIzYmUzYTcyYzZlYjk2ZTIwYmJkODgwZTg2NWViMjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5qkyzCUDZpvPnQS6dCcs/7XoWWcT
PRHLi/H1pukpK6JNWy223ojgYhYRutqPr7u+wdqcBpVHX83IOS8/r83XLWhE5KEE
4y9HGD20wLy0rERD6jbRac54rl8HrEjuycF1QfeqDS1g9uGJreBX9fMB5mXLbduF
rvbdn8mV88WWvdhea/iWsMA/LAgqumtLTGc1BOuUJEGYXcifRC9NQQw86jrUKWMT
ftdwydEnawKOk6nu6bEaJP/r30IuU/Ug/yiQ7CZteH7cfNhud2++D/sfXK4b1rUf
EikYqoMpe8LI9vYQoQXaJptKZmjnpvD8LUh17846LznR21AMeHPZFLS9nQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKP4Xd8jvjpyxuuW4gu9iA6GXrIcMB8GA1UdIwQY
MBaAFPWN8sRpyXiJX4RYAkxQboAcj7IaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVkzeXhHbkplSWxmaEZnQ1RGQnVnQnlQc2hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy8xZTk2MjEtNjI2ZS00MDMyLTliNTQt
NzZlMzM0OWM5N2MyLzEvOVkzeXhHbkplSWxmaEZnQ1RGQnVnQnlQc2hvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy8xZTk2MjEtNjI2ZS00MDMyLTliNTQtNzZlMzM0OWM5N2My
LzEvOVkzeXhHbkplSWxmaEZnQ1RGQnVnQnlQc2hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZmQRYGAV
ssx9rCfpl6VlsobzTIVWxbrSt+hUqpjk5LtV+59Ht4QvNs6XBJ8Hj6KbobCxkd0P
gY6gF+5inUPRGIPC4Yhgw53CX0Z7ADPkKx+6HbfkcUFqZpwpj8smgh/+4Y7UDt/d
myxAWNjfDKfK5uzAcuI1VCwXEeHeqiqrkpL8b3s84PPrn6Uf2FuijYNBKNIQnV47
8xLNvYmMAyViURcFvCvq8W0ciYKPEFcrwV4i6Gx4CkJIaLyCLHI/+Z4CDu8oe8V0
QN3EBVZHxYbhhKUp0l8AS4zMPSqTINvhFBi4qAc92MUJEJFWvBMDJMhtVy5YO+sB
kIxu/2UBIBJgFw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:03:18 2026 by rpki-client