Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/deebb8-ae86-4694-a972-827a0ac04a9d/1/4toj07kw1MHzrHMGXXGmB8NdKQA.mft
File: 4toj07kw1MHzrHMGXXGmB8NdKQA.mft (raw, json)
Hash identifier: pNIBJcfJ1joMWhtlKLX+PTp9YmMquUXXYU22MeJ1YDI=
Subject key identifier: 3D:B9:2D:40:35:27:45:B1:4D:A6:3B:DC:4E:B9:5E:7A:A5:67:C4:9D
Authority key identifier: E2:DA:23:D3:B9:30:D4:C1:F3:AC:73:06:5D:71:A6:07:C3:5D:29:00
Certificate issuer: /CN=e2da23d3b930d4c1f3ac73065d71a607c35d2900
Certificate serial: 019D273B3B1000B89DDC233E79BB6AC096A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4toj07kw1MHzrHMGXXGmB8NdKQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/deebb8-ae86-4694-a972-827a0ac04a9d/1/4toj07kw1MHzrHMGXXGmB8NdKQA.mft
Manifest number: 188A
Signing time: Wed 25 Mar 2026 23:01:26 +0000
Manifest this update: Wed 25 Mar 2026 23:01:26 +0000
Manifest next update: Thu 26 Mar 2026 23:01:26 +0000
Files and hashes: 1: 1-ZObGXZbr8QMqAx61fUCBd3oEIk.roa (hash: mNfBmy+QZavj44C/mg50P1ETt/knXxq4fEIaA8TAW1A=)
2: 4toj07kw1MHzrHMGXXGmB8NdKQA.crl (hash: yn57pCKePV9/78UnY5t3VwkxLdtcNHTUdq8OIKlMxsE=)
3: 5aSu5rDgohcAcFRBlVeL4KQf-Bc.roa (hash: TBrAPV4bOwpXI3ikK/+R0NLpPd2CyHMsQiSsoHb0Hng=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/deebb8-ae86-4694-a972-827a0ac04a9d/1/4toj07kw1MHzrHMGXXGmB8NdKQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/deebb8-ae86-4694-a972-827a0ac04a9d/1/4toj07kw1MHzrHMGXXGmB8NdKQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/4toj07kw1MHzrHMGXXGmB8NdKQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:3b:3b:10:00:b8:9d:dc:23:3e:79:bb:6a:c0:96:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2da23d3b930d4c1f3ac73065d71a607c35d2900
Validity
Not Before: Mar 25 23:01:26 2026 GMT
Not After : Mar 26 23:01:26 2026 GMT
Subject: CN=3db92d40352745b14da63bdc4eb95e7aa567c49d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:82:f5:f6:a6:45:9c:2c:47:40:14:4e:7b:b9:
27:d6:81:8e:16:c4:09:67:6b:92:65:8b:45:4f:85:
d6:ed:82:a5:b1:a7:db:c1:e8:12:27:cb:8d:77:5c:
b0:f3:5a:28:6e:4f:71:9a:90:a8:37:8a:09:21:52:
b9:fd:72:a1:dc:18:2a:64:2e:05:b1:a4:c0:7d:56:
0d:26:36:49:41:45:18:be:c2:ee:1a:cd:f6:ed:49:
c2:14:9f:64:e8:15:47:72:3c:02:16:7b:f5:a7:e8:
10:35:f3:21:d1:4d:54:df:63:98:e4:33:a9:b1:dd:
ff:17:f8:90:e0:42:b5:25:aa:eb:e0:5d:c5:b6:f4:
a4:2d:d7:10:ff:75:b3:5a:10:c4:46:e6:0d:99:c4:
9a:3f:92:0d:88:3e:e6:98:a3:da:00:6d:70:40:cc:
41:09:4a:17:bb:59:df:4b:66:32:01:61:7c:27:b6:
db:d6:38:10:28:f7:89:02:b1:8a:d8:9c:c1:9f:69:
71:4e:94:6d:2f:cb:04:6b:29:69:1d:2b:ec:ca:59:
38:ff:ce:01:d1:60:1f:c3:27:34:88:7c:98:6d:15:
16:19:85:a1:38:de:f4:24:24:8e:74:dd:21:d9:1c:
64:3f:9c:4f:94:b5:45:2a:3c:24:ef:b9:68:8b:92:
93:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:B9:2D:40:35:27:45:B1:4D:A6:3B:DC:4E:B9:5E:7A:A5:67:C4:9D
X509v3 Authority Key Identifier:
keyid:E2:DA:23:D3:B9:30:D4:C1:F3:AC:73:06:5D:71:A6:07:C3:5D:29:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4toj07kw1MHzrHMGXXGmB8NdKQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/deebb8-ae86-4694-a972-827a0ac04a9d/1/4toj07kw1MHzrHMGXXGmB8NdKQA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/deebb8-ae86-4694-a972-827a0ac04a9d/1/4toj07kw1MHzrHMGXXGmB8NdKQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:74:1e:2d:12:e9:bf:c3:49:ab:d7:cf:e2:84:de:f4:41:2f:
a8:91:f0:bd:97:7d:d3:48:4d:a5:f2:c4:a6:52:81:de:b7:72:
16:26:b4:b6:ba:28:d1:c5:4c:4a:36:ab:99:9e:1e:c3:4b:53:
a9:b6:b9:96:fe:79:ec:fa:0e:ee:39:dc:20:ff:2a:2a:b7:39:
25:58:2f:71:d0:bc:cc:32:52:f9:71:13:bf:9d:b7:08:47:ff:
d3:ac:f3:89:00:e3:fc:2a:82:ca:25:88:10:8b:ed:90:84:3b:
b9:b5:91:3c:82:f2:15:a3:4d:19:3d:cd:72:a6:78:ce:90:5a:
29:f1:65:8e:02:d9:a3:3a:19:3a:3f:21:4e:a6:c4:ee:1f:a4:
c2:f6:60:03:32:af:91:04:5a:00:e6:26:ec:6c:4e:e7:74:c3:
f2:24:d3:78:d3:8e:28:fc:05:05:89:8b:5a:55:42:34:8b:48:
80:b3:a9:d5:ee:38:0f:64:bc:d1:6a:d8:d8:41:e0:83:20:4b:
0e:92:29:4e:34:0e:2d:7f:69:3c:a0:c7:b3:db:46:43:58:60:
84:f7:37:b4:09:c8:72:2a:d4:38:3b:e5:48:c0:dc:9c:ee:c7:
a9:0c:5c:ad:f8:fb:49:50:ee:f6:cc:1e:a5:55:d4:b9:e6:a6:
b4:e1:d5:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nOzsQALid3CM+ebtqwJamMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZGEyM2QzYjkzMGQ0YzFmM2FjNzMwNjVkNzFhNjA3YzM1
ZDI5MDAwHhcNMjYwMzI1MjMwMTI2WhcNMjYwMzI2MjMwMTI2WjAzMTEwLwYDVQQD
EygzZGI5MmQ0MDM1Mjc0NWIxNGRhNjNiZGM0ZWI5NWU3YWE1NjdjNDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4L19qZFnCxHQBROe7kn1oGOFsQJ
Z2uSZYtFT4XW7YKlsafbwegSJ8uNd1yw81oobk9xmpCoN4oJIVK5/XKh3BgqZC4F
saTAfVYNJjZJQUUYvsLuGs327UnCFJ9k6BVHcjwCFnv1p+gQNfMh0U1U32OY5DOp
sd3/F/iQ4EK1Jarr4F3FtvSkLdcQ/3WzWhDERuYNmcSaP5INiD7mmKPaAG1wQMxB
CUoXu1nfS2YyAWF8J7bb1jgQKPeJArGK2JzBn2lxTpRtL8sEaylpHSvsylk4/84B
0WAfwyc0iHyYbRUWGYWhON70JCSOdN0h2RxkP5xPlLVFKjwk77loi5KT8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD25LUA1J0WxTaY73E65XnqlZ8SdMB8GA1UdIwQY
MBaAFOLaI9O5MNTB86xzBl1xpgfDXSkAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRvajA3a3cxTUh6ckhNR1hYR21COE5kS1FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9kZWViYjgtYWU4Ni00Njk0LWE5NzIt
ODI3YTBhYzA0YTlkLzEvNHRvajA3a3cxTUh6ckhNR1hYR21COE5kS1FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9kZWViYjgtYWU4Ni00Njk0LWE5NzItODI3YTBhYzA0YTlk
LzEvNHRvajA3a3cxTUh6ckhNR1hYR21COE5kS1FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL3QeLRLp
v8NJq9fP4oTe9EEvqJHwvZd900hNpfLEplKB3rdyFia0troo0cVMSjarmZ4ew0tT
qba5lv557PoO7jncIP8qKrc5JVgvcdC8zDJS+XETv523CEf/06zziQDj/CqCyiWI
EIvtkIQ7ubWRPILyFaNNGT3NcqZ4zpBaKfFljgLZozoZOj8hTqbE7h+kwvZgAzKv
kQRaAOYm7GxO53TD8iTTeNOOKPwFBYmLWlVCNItIgLOp1e44D2S80WrY2EHggyBL
DpIpTjQOLX9pPKDHs9tGQ1hghPc3tAnIcirUODvlSMDcnO7HqQxcrfj7SVDu9swe
pVXUueamtOHV+A==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:21:47 2026 by rpki-client