Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/1bdbf8-395f-4a85-a44a-b51adffc6eec/1/vh89wilTBsx9-HLO7M1olNDg6uY.mft
File: vh89wilTBsx9-HLO7M1olNDg6uY.mft (raw, json)
Hash identifier: iHs/JGHCuWd0XI50rupkYrfhtgyQNlVTpxNrVkFNJuM=
Subject key identifier: 18:8A:FF:27:4F:AE:4F:97:10:E0:D2:61:28:B0:F7:E1:90:90:86:B3
Authority key identifier: BE:1F:3D:C2:29:53:06:CC:7D:F8:72:CE:EC:CD:68:94:D0:E0:EA:E6
Certificate issuer: /CN=be1f3dc2295306cc7df872ceeccd6894d0e0eae6
Certificate serial: 019D25F159036809522EE8922F9CCBBCDFC0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vh89wilTBsx9-HLO7M1olNDg6uY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/1bdbf8-395f-4a85-a44a-b51adffc6eec/1/vh89wilTBsx9-HLO7M1olNDg6uY.mft
Manifest number: 09A4
Signing time: Wed 25 Mar 2026 17:01:07 +0000
Manifest this update: Wed 25 Mar 2026 17:01:07 +0000
Manifest next update: Thu 26 Mar 2026 17:01:07 +0000
Files and hashes: 1: 2BE8OL8UUysTCY2ZZS0Z-hyf26U.roa (hash: FNDNGh9+uGviPmZxVI3wwzrMpVPUZPSayc/06tScadg=)
2: RUhDge75ZRg2jm6GkiDeW_q_9R4.roa (hash: 1Rm1MMHk+9+hgPs8tOVkUq4dP1nGXvpDaYqmiRr/RDc=)
3: vh89wilTBsx9-HLO7M1olNDg6uY.crl (hash: f/gEBqQObOxyn8Hk6zgWO4ENh0a3lAlE270tNI4MPnQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/1bdbf8-395f-4a85-a44a-b51adffc6eec/1/vh89wilTBsx9-HLO7M1olNDg6uY.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/1bdbf8-395f-4a85-a44a-b51adffc6eec/1/vh89wilTBsx9-HLO7M1olNDg6uY.mft
rsync://rpki.ripe.net/repository/DEFAULT/vh89wilTBsx9-HLO7M1olNDg6uY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 17:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:f1:59:03:68:09:52:2e:e8:92:2f:9c:cb:bc:df:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be1f3dc2295306cc7df872ceeccd6894d0e0eae6
Validity
Not Before: Mar 25 17:01:07 2026 GMT
Not After : Mar 26 17:01:07 2026 GMT
Subject: CN=188aff274fae4f9710e0d26128b0f7e1909086b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f7:71:8b:20:c0:14:fc:a6:db:f6:a2:8f:2b:
6b:9f:72:37:9c:fb:09:df:88:62:f0:2c:bb:0f:9d:
56:2b:67:63:75:ad:a9:dd:33:53:58:9e:2b:c8:fd:
c5:79:9d:a6:08:38:c6:2b:99:6c:c2:6d:e8:de:27:
68:da:4e:c1:35:e4:0f:16:8e:45:b6:46:aa:a8:f9:
92:b0:2f:1c:da:59:ac:79:64:f0:81:f6:e8:08:cc:
69:01:2d:bd:e9:c1:df:1c:db:03:5b:d8:19:90:fd:
21:b7:eb:d5:cd:bd:93:75:05:94:40:7d:b5:88:0e:
17:2a:a3:11:73:13:15:29:38:dc:8f:10:aa:e5:f2:
93:bb:52:6d:ca:52:ca:1c:8c:b5:c8:1d:34:a2:19:
35:31:d8:99:e6:92:34:2b:ec:b5:a4:71:87:26:60:
79:ed:01:cb:9d:c6:4d:45:73:ad:04:34:63:8b:a1:
a4:55:cf:91:33:52:f7:ee:04:7f:12:7e:44:cd:35:
46:76:7d:e1:71:a6:ba:08:88:a9:64:19:42:c2:ef:
33:61:a0:36:42:98:0e:43:25:31:1e:cb:71:83:fd:
c7:61:fd:4e:92:d5:7b:ab:50:6b:63:a6:a6:8d:25:
b9:4a:a8:5f:0b:24:46:97:be:7a:35:db:0a:3e:20:
50:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:8A:FF:27:4F:AE:4F:97:10:E0:D2:61:28:B0:F7:E1:90:90:86:B3
X509v3 Authority Key Identifier:
keyid:BE:1F:3D:C2:29:53:06:CC:7D:F8:72:CE:EC:CD:68:94:D0:E0:EA:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vh89wilTBsx9-HLO7M1olNDg6uY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/1bdbf8-395f-4a85-a44a-b51adffc6eec/1/vh89wilTBsx9-HLO7M1olNDg6uY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/1bdbf8-395f-4a85-a44a-b51adffc6eec/1/vh89wilTBsx9-HLO7M1olNDg6uY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6c:9b:22:3d:e7:dc:90:df:46:07:fc:9a:c9:a6:df:1a:39:d3:
85:9b:56:94:19:2f:5b:55:e2:bc:4f:6c:ea:31:31:73:92:9f:
6c:96:4b:0e:01:ec:28:c9:39:61:fc:16:a1:e6:00:fa:4b:f7:
48:32:32:dc:e7:43:06:44:42:ed:39:af:0c:22:cf:95:52:73:
d9:fe:55:03:1f:ae:74:72:d9:e3:51:a8:6e:6b:bd:48:24:53:
57:be:7c:e2:9c:d5:5e:19:70:82:34:26:ed:42:2a:d6:a6:6e:
f8:85:6e:ac:89:a0:35:47:61:75:f7:47:52:b9:a5:cc:3d:e1:
85:3b:96:3c:5b:25:98:26:99:9a:ab:69:68:43:df:be:a6:40:
fb:21:ea:b3:ba:7e:bc:9f:2b:09:cc:38:8d:df:83:95:10:12:
e8:7d:ed:cd:8e:af:94:de:d1:55:45:27:ad:df:08:05:4e:7a:
ee:56:4d:2f:5f:fd:39:56:05:95:e6:6f:38:7c:1d:e1:ad:e8:
bb:54:24:8c:d6:1f:8c:6c:7a:94:37:73:b9:72:d9:5f:7e:9e:
b3:bd:2e:92:31:e5:16:25:e7:ac:ca:38:52:8d:49:87:75:2a:
c2:0b:ff:aa:3f:2c:f6:1b:25:2a:eb:72:1e:50:47:c5:09:91:
dd:71:63:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0l8VkDaAlSLuiSL5zLvN/AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlMWYzZGMyMjk1MzA2Y2M3ZGY4NzJjZWVjY2Q2ODk0ZDBl
MGVhZTYwHhcNMjYwMzI1MTcwMTA3WhcNMjYwMzI2MTcwMTA3WjAzMTEwLwYDVQQD
EygxODhhZmYyNzRmYWU0Zjk3MTBlMGQyNjEyOGIwZjdlMTkwOTA4NmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvdxiyDAFPym2/aijytrn3I3nPsJ
34hi8Cy7D51WK2djda2p3TNTWJ4ryP3FeZ2mCDjGK5lswm3o3ido2k7BNeQPFo5F
tkaqqPmSsC8c2lmseWTwgfboCMxpAS296cHfHNsDW9gZkP0ht+vVzb2TdQWUQH21
iA4XKqMRcxMVKTjcjxCq5fKTu1JtylLKHIy1yB00ohk1MdiZ5pI0K+y1pHGHJmB5
7QHLncZNRXOtBDRji6GkVc+RM1L37gR/En5EzTVGdn3hcaa6CIipZBlCwu8zYaA2
QpgOQyUxHstxg/3HYf1OktV7q1BrY6amjSW5SqhfCyRGl756NdsKPiBQhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBiK/ydPrk+XEODSYSiw9+GQkIazMB8GA1UdIwQY
MBaAFL4fPcIpUwbMffhyzuzNaJTQ4OrmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmg4OXdpbFRCc3g5LUhMTzdNMW9sTkRnNnVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8xYmRiZjgtMzk1Zi00YTg1LWE0NGEt
YjUxYWRmZmM2ZWVjLzEvdmg4OXdpbFRCc3g5LUhMTzdNMW9sTkRnNnVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8xYmRiZjgtMzk1Zi00YTg1LWE0NGEtYjUxYWRmZmM2ZWVj
LzEvdmg4OXdpbFRCc3g5LUhMTzdNMW9sTkRnNnVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbJsiPefc
kN9GB/yayabfGjnThZtWlBkvW1XivE9s6jExc5KfbJZLDgHsKMk5YfwWoeYA+kv3
SDIy3OdDBkRC7TmvDCLPlVJz2f5VAx+udHLZ41Gobmu9SCRTV7584pzVXhlwgjQm
7UIq1qZu+IVurImgNUdhdfdHUrmlzD3hhTuWPFslmCaZmqtpaEPfvqZA+yHqs7p+
vJ8rCcw4jd+DlRAS6H3tzY6vlN7RVUUnrd8IBU567lZNL1/9OVYFleZvOHwd4a3o
u1QkjNYfjGx6lDdzuXLZX36es70ukjHlFiXnrMo4Uo1Jh3Uqwgv/qj8s9hslKuty
HlBHxQmR3XFjrg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:46:01 2026 by rpki-client