Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/283d32-380a-4e6e-a957-c5baea3f1729/1/stLBGv8HK-w3pYJiEU4cBr7bSUI.mft
File: stLBGv8HK-w3pYJiEU4cBr7bSUI.mft (raw, json)
Hash identifier: jUumgpKFeC1KsOJqk0hFS+3DUqIZ+jD6hAqJu/J3tsw=
Subject key identifier: 3E:D6:E1:D0:BF:B5:EF:1B:2D:26:44:EF:57:09:00:6E:C9:48:0B:DC
Authority key identifier: B2:D2:C1:1A:FF:07:2B:EC:37:A5:82:62:11:4E:1C:06:BE:DB:49:42
Certificate issuer: /CN=b2d2c11aff072bec37a58262114e1c06bedb4942
Certificate serial: 019D27E04B1C3C3DC635BAB81905202A45B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/stLBGv8HK-w3pYJiEU4cBr7bSUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/283d32-380a-4e6e-a957-c5baea3f1729/1/stLBGv8HK-w3pYJiEU4cBr7bSUI.mft
Manifest number: 0222
Signing time: Thu 26 Mar 2026 02:01:43 +0000
Manifest this update: Thu 26 Mar 2026 02:01:43 +0000
Manifest next update: Fri 27 Mar 2026 02:01:43 +0000
Files and hashes: 1: 9a5ary6iFvpPhI3-VZwXzEYUNS4.roa (hash: bUunzrEWYSDdnUyB7OzOajjtkOR72CIasRBys0Yz5Bg=)
2: stLBGv8HK-w3pYJiEU4cBr7bSUI.crl (hash: 492+vaAs8MIwsFcDhDXILZQ4ri+MGpMjuH56LifMAkg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/283d32-380a-4e6e-a957-c5baea3f1729/1/stLBGv8HK-w3pYJiEU4cBr7bSUI.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/283d32-380a-4e6e-a957-c5baea3f1729/1/stLBGv8HK-w3pYJiEU4cBr7bSUI.mft
rsync://rpki.ripe.net/repository/DEFAULT/stLBGv8HK-w3pYJiEU4cBr7bSUI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:e0:4b:1c:3c:3d:c6:35:ba:b8:19:05:20:2a:45:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2d2c11aff072bec37a58262114e1c06bedb4942
Validity
Not Before: Mar 26 02:01:43 2026 GMT
Not After : Mar 27 02:01:43 2026 GMT
Subject: CN=3ed6e1d0bfb5ef1b2d2644ef5709006ec9480bdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:7e:d1:da:01:df:01:77:7e:9a:ae:33:e5:4b:
05:47:00:65:2d:bf:98:0c:b4:94:12:9d:b1:32:c7:
7c:ab:54:69:22:f4:7a:68:bb:a0:59:34:39:f0:33:
02:3a:d4:b3:c2:93:49:89:99:ae:0d:56:a3:88:91:
00:e6:c1:fe:66:28:60:b4:cb:03:4a:b3:fc:a7:45:
db:e1:a6:c9:60:a5:66:40:31:7a:9b:f2:dc:6e:e5:
97:13:6e:71:15:32:41:50:26:41:fc:ac:1e:4a:23:
d2:94:a5:d3:74:40:c8:9f:99:b2:54:38:90:cc:95:
95:90:44:28:2d:c9:8d:38:af:e0:16:53:d0:8a:81:
39:1f:fc:eb:42:19:48:7a:15:4b:60:bb:48:15:ac:
96:c6:b9:62:b5:d3:c6:34:21:17:fa:74:97:26:c1:
d7:7d:48:c9:c6:10:f4:05:d9:af:26:d7:b0:51:28:
9c:1c:61:35:3a:7c:96:7d:00:4f:56:e7:66:6e:58:
f7:0e:83:25:1f:fe:c0:a1:d0:0f:b3:a0:f4:3a:f7:
bd:14:f9:4c:90:f4:68:d2:66:5d:c2:0a:eb:b3:96:
c6:8b:17:8d:38:07:45:18:41:65:1f:7a:43:a7:25:
22:0c:43:a0:86:eb:8a:b2:d8:3b:9d:66:8a:01:6d:
ed:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:D6:E1:D0:BF:B5:EF:1B:2D:26:44:EF:57:09:00:6E:C9:48:0B:DC
X509v3 Authority Key Identifier:
keyid:B2:D2:C1:1A:FF:07:2B:EC:37:A5:82:62:11:4E:1C:06:BE:DB:49:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/stLBGv8HK-w3pYJiEU4cBr7bSUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/283d32-380a-4e6e-a957-c5baea3f1729/1/stLBGv8HK-w3pYJiEU4cBr7bSUI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/283d32-380a-4e6e-a957-c5baea3f1729/1/stLBGv8HK-w3pYJiEU4cBr7bSUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:61:1e:8e:3e:2e:12:4e:69:a2:80:26:39:a7:9f:f7:00:97:
c7:70:0e:32:ad:8a:00:c6:6b:4f:41:0d:7a:81:ad:07:e5:21:
1c:37:48:84:cd:c0:08:17:ee:ac:29:3d:e4:56:dc:58:09:c3:
d1:8e:3a:77:30:37:f7:44:b6:36:aa:47:96:c6:01:8f:d7:dc:
33:1c:63:a9:87:fc:2e:f5:34:3e:4a:a5:c8:5f:7f:be:86:d0:
a4:d4:0c:29:3d:81:d9:44:1c:c2:a5:05:28:65:61:51:4b:12:
38:3d:76:51:06:81:06:a7:86:b7:60:a7:1f:b3:17:be:10:68:
16:64:c1:40:4d:31:c7:b0:3e:a1:0a:f2:5b:17:5f:bc:74:13:
96:8a:81:8e:72:08:83:1f:7c:f1:c2:74:08:b3:70:47:f6:18:
77:a8:cc:08:2b:f6:26:68:95:2b:ab:a9:aa:5c:0b:81:61:03:
05:f9:f6:b7:3e:4e:c2:28:fe:29:b8:d4:a8:59:b5:6f:a1:00:
4c:ff:bc:ae:c3:3a:36:d9:ba:f8:a5:dc:77:94:cf:16:d9:a9:
84:9f:62:b1:db:e3:b6:de:96:be:7d:b2:ad:d6:60:20:1c:09:
a9:bb:05:8a:b0:12:44:54:a5:1d:ad:82:68:5c:e0:56:30:e0:
f2:11:40:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n4EscPD3GNbq4GQUgKkWwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZDJjMTFhZmYwNzJiZWMzN2E1ODI2MjExNGUxYzA2YmVk
YjQ5NDIwHhcNMjYwMzI2MDIwMTQzWhcNMjYwMzI3MDIwMTQzWjAzMTEwLwYDVQQD
EygzZWQ2ZTFkMGJmYjVlZjFiMmQyNjQ0ZWY1NzA5MDA2ZWM5NDgwYmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxn7R2gHfAXd+mq4z5UsFRwBlLb+Y
DLSUEp2xMsd8q1RpIvR6aLugWTQ58DMCOtSzwpNJiZmuDVajiJEA5sH+ZihgtMsD
SrP8p0Xb4abJYKVmQDF6m/LcbuWXE25xFTJBUCZB/KweSiPSlKXTdEDIn5myVDiQ
zJWVkEQoLcmNOK/gFlPQioE5H/zrQhlIehVLYLtIFayWxrlitdPGNCEX+nSXJsHX
fUjJxhD0BdmvJtewUSicHGE1OnyWfQBPVudmblj3DoMlH/7AodAPs6D0Ove9FPlM
kPRo0mZdwgrrs5bGixeNOAdFGEFlH3pDpyUiDEOghuuKstg7nWaKAW3thQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD7W4dC/te8bLSZE71cJAG7JSAvcMB8GA1UdIwQY
MBaAFLLSwRr/ByvsN6WCYhFOHAa+20lCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3RMQkd2OEhLLXczcFlKaUVVNGNCcjdiU1VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8yODNkMzItMzgwYS00ZTZlLWE5NTct
YzViYWVhM2YxNzI5LzEvc3RMQkd2OEhLLXczcFlKaUVVNGNCcjdiU1VJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8yODNkMzItMzgwYS00ZTZlLWE5NTctYzViYWVhM2YxNzI5
LzEvc3RMQkd2OEhLLXczcFlKaUVVNGNCcjdiU1VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEWEejj4u
Ek5pooAmOaef9wCXx3AOMq2KAMZrT0ENeoGtB+UhHDdIhM3ACBfurCk95FbcWAnD
0Y46dzA390S2NqpHlsYBj9fcMxxjqYf8LvU0PkqlyF9/vobQpNQMKT2B2UQcwqUF
KGVhUUsSOD12UQaBBqeGt2CnH7MXvhBoFmTBQE0xx7A+oQryWxdfvHQTloqBjnII
gx988cJ0CLNwR/YYd6jMCCv2JmiVK6upqlwLgWEDBfn2tz5Owij+KbjUqFm1b6EA
TP+8rsM6Ntm6+KXcd5TPFtmphJ9isdvjtt6Wvn2yrdZgIBwJqbsFirASRFSlHa2C
aFzgVjDg8hFAkg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:52:23 2026 by rpki-client