Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/0eb852-af34-4cb9-872e-4b5d5d5f8699/1/dNfaY5KZmWAzlYd0SM5QrG4CE6k.mft
File: dNfaY5KZmWAzlYd0SM5QrG4CE6k.mft (raw, json)
Hash identifier: Cvfy0aUFSRWoR7fa/ncTWOQ54NmfBcwjOfjqJd2aALc=
Subject key identifier: 8A:F1:74:AA:B8:0C:D7:A1:67:F0:B1:E1:4A:35:64:32:76:F5:89:38
Authority key identifier: 74:D7:DA:63:92:99:99:60:33:95:87:74:48:CE:50:AC:6E:02:13:A9
Certificate issuer: /CN=74d7da63929999603395877448ce50ac6e0213a9
Certificate serial: 019CC7BDF9A4B999C3E59CF41F88A6A36272
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dNfaY5KZmWAzlYd0SM5QrG4CE6k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/0eb852-af34-4cb9-872e-4b5d5d5f8699/1/dNfaY5KZmWAzlYd0SM5QrG4CE6k.mft
Manifest number: 10BC
Signing time: Sat 07 Mar 2026 10:00:41 +0000
Manifest this update: Sat 07 Mar 2026 10:00:41 +0000
Manifest next update: Sun 08 Mar 2026 10:00:41 +0000
Files and hashes: 1: SwOC6LWRUnc-Ogb7u3vxF_0mea4.roa (hash: /q8N1XNG3IXyW6BA6haLHv1Ug3hcBfXRJEVoULv8zlE=)
2: dNfaY5KZmWAzlYd0SM5QrG4CE6k.crl (hash: EQsI/jmrJTJHKzKRRjKY6lyw9JGahV6m2f2oociX2+o=)
3: iGjEi-RetR317ng4nZLQERiyp5Y.roa (hash: VlJirjJKzaqO+FqHC1L2a0e5Ten97AODI8Xgtdno6FA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/0eb852-af34-4cb9-872e-4b5d5d5f8699/1/dNfaY5KZmWAzlYd0SM5QrG4CE6k.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/0eb852-af34-4cb9-872e-4b5d5d5f8699/1/dNfaY5KZmWAzlYd0SM5QrG4CE6k.mft
rsync://rpki.ripe.net/repository/DEFAULT/dNfaY5KZmWAzlYd0SM5QrG4CE6k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Mar 2026 10:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:c7:bd:f9:a4:b9:99:c3:e5:9c:f4:1f:88:a6:a3:62:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74d7da63929999603395877448ce50ac6e0213a9
Validity
Not Before: Mar 7 10:00:41 2026 GMT
Not After : Mar 8 10:00:41 2026 GMT
Subject: CN=8af174aab80cd7a167f0b1e14a35643276f58938
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a5:63:f0:27:23:89:15:26:44:e7:41:b2:96:
67:d5:6c:b9:de:97:9f:ca:1f:13:aa:af:7c:cf:1b:
35:fb:c1:d7:ac:d8:f0:7c:b8:89:99:ce:a0:12:a9:
c3:c9:74:02:18:42:be:14:c9:ce:9d:96:fc:9b:69:
da:c6:61:1f:99:fb:28:da:09:ad:a3:13:33:b2:12:
a7:a7:f2:2b:4e:f6:2e:3f:99:2a:a2:59:9a:c6:d2:
a5:de:34:53:a4:9e:a7:bc:a3:ef:e0:ec:05:e7:03:
3c:7c:33:64:8c:e9:b5:93:a3:47:c3:8f:d0:ca:08:
ec:ca:a3:07:ed:d4:c8:65:38:77:64:53:e2:f5:70:
74:cd:d1:88:c3:82:72:d2:de:ae:24:52:71:c2:c7:
bc:17:ef:b8:62:20:24:ba:e0:da:8a:e5:52:97:d4:
0c:61:36:ca:10:e6:5e:6f:e2:a8:c8:85:17:f6:39:
e0:99:e9:c9:dc:74:42:1f:2b:82:47:cf:a8:c6:80:
17:9a:70:ce:55:cc:f6:a1:17:55:bc:18:40:21:7e:
be:c4:d3:28:45:ad:b6:95:4f:e6:80:f5:24:5c:3e:
d4:ec:c5:e8:40:51:91:8a:d1:56:30:a6:5d:ae:cc:
91:13:48:00:99:96:33:b6:49:c8:b0:fa:40:fd:95:
d7:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:F1:74:AA:B8:0C:D7:A1:67:F0:B1:E1:4A:35:64:32:76:F5:89:38
X509v3 Authority Key Identifier:
keyid:74:D7:DA:63:92:99:99:60:33:95:87:74:48:CE:50:AC:6E:02:13:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dNfaY5KZmWAzlYd0SM5QrG4CE6k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/0eb852-af34-4cb9-872e-4b5d5d5f8699/1/dNfaY5KZmWAzlYd0SM5QrG4CE6k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/0eb852-af34-4cb9-872e-4b5d5d5f8699/1/dNfaY5KZmWAzlYd0SM5QrG4CE6k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1d:bc:e1:dc:10:a4:36:c9:63:07:29:da:f2:b9:17:89:16:be:
e9:5e:63:12:60:7c:d3:3a:63:1f:84:e5:3b:a1:80:e7:85:9c:
ad:7e:cc:84:4b:f7:58:0b:64:93:5a:e5:bb:f5:4d:43:8a:8e:
5d:42:1f:61:a5:c5:63:91:36:8c:04:38:9c:9e:72:68:ad:7d:
4e:c9:93:c1:e0:97:ad:ac:0a:47:7b:c3:0f:39:4e:74:32:0d:
10:27:7b:3d:d3:ca:98:d8:09:90:14:a8:a2:5e:22:7d:f0:2a:
28:57:90:d5:89:b8:c5:ab:31:80:32:db:2d:33:c0:95:64:4e:
53:7d:ac:47:c0:51:fd:40:79:b0:91:ca:a9:7b:c8:25:ad:31:
87:fe:28:21:70:31:2f:a2:2a:49:2e:16:1f:d8:95:50:20:38:
da:76:02:e9:c7:cf:f7:92:92:c9:a8:73:69:60:ba:51:d7:37:
0f:57:3b:67:44:28:35:25:70:5f:96:ae:c9:27:30:da:82:d6:
3f:52:94:19:42:84:f5:cb:e0:01:f6:d6:00:3c:c2:59:69:31:
a2:ff:2b:88:31:b8:31:24:2a:77:70:68:25:5d:26:85:23:ff:
cc:25:0a:a9:d4:de:42:19:73:d2:8a:e4:26:3f:fb:65:ad:1e:
c8:c9:6a:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZzHvfmkuZnD5Zz0H4imo2JyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZDdkYTYzOTI5OTk5NjAzMzk1ODc3NDQ4Y2U1MGFjNmUw
MjEzYTkwHhcNMjYwMzA3MTAwMDQxWhcNMjYwMzA4MTAwMDQxWjAzMTEwLwYDVQQD
Eyg4YWYxNzRhYWI4MGNkN2ExNjdmMGIxZTE0YTM1NjQzMjc2ZjU4OTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKVj8CcjiRUmROdBspZn1Wy53pef
yh8Tqq98zxs1+8HXrNjwfLiJmc6gEqnDyXQCGEK+FMnOnZb8m2naxmEfmfso2gmt
oxMzshKnp/IrTvYuP5kqolmaxtKl3jRTpJ6nvKPv4OwF5wM8fDNkjOm1k6NHw4/Q
ygjsyqMH7dTIZTh3ZFPi9XB0zdGIw4Jy0t6uJFJxwse8F++4YiAkuuDaiuVSl9QM
YTbKEOZeb+KoyIUX9jngmenJ3HRCHyuCR8+oxoAXmnDOVcz2oRdVvBhAIX6+xNMo
Ra22lU/mgPUkXD7U7MXoQFGRitFWMKZdrsyRE0gAmZYztknIsPpA/ZXXxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIrxdKq4DNehZ/Cx4Uo1ZDJ29Yk4MB8GA1UdIwQY
MBaAFHTX2mOSmZlgM5WHdEjOUKxuAhOpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE5mYVk1S1ptV0F6bFlkMFNNNVFyRzRDRTZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8wZWI4NTItYWYzNC00Y2I5LTg3MmUt
NGI1ZDVkNWY4Njk5LzEvZE5mYVk1S1ptV0F6bFlkMFNNNVFyRzRDRTZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8wZWI4NTItYWYzNC00Y2I5LTg3MmUtNGI1ZDVkNWY4Njk5
LzEvZE5mYVk1S1ptV0F6bFlkMFNNNVFyRzRDRTZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHbzh3BCk
NsljByna8rkXiRa+6V5jEmB80zpjH4TlO6GA54WcrX7MhEv3WAtkk1rlu/VNQ4qO
XUIfYaXFY5E2jAQ4nJ5yaK19TsmTweCXrawKR3vDDzlOdDINECd7PdPKmNgJkBSo
ol4iffAqKFeQ1Ym4xasxgDLbLTPAlWROU32sR8BR/UB5sJHKqXvIJa0xh/4oIXAx
L6IqSS4WH9iVUCA42nYC6cfP95KSyahzaWC6Udc3D1c7Z0QoNSVwX5auyScw2oLW
P1KUGUKE9cvgAfbWADzCWWkxov8riDG4MSQqd3BoJV0mhSP/zCUKqdTeQhlz0ork
Jj/7Za0eyMlqrQ==
-----END CERTIFICATE-----
Generated at Sat Mar 7 21:04:28 2026 by rpki-client