Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft
File: JY8HU8Azwa8JGGbQlCZFEmlspos.mft (raw, json)
Hash identifier: WuJ5TuDmM89HcKTDeh6dFCsAd6qCS/smTPD49V4k5E8=
Subject key identifier: B0:1A:16:F3:02:AC:CF:C9:67:89:1B:DA:37:96:2B:3A:6A:BE:E7:A8
Authority key identifier: 25:8F:07:53:C0:33:C1:AF:09:18:66:D0:94:26:45:12:69:6C:A6:8B
Certificate issuer: /CN=258f0753c033c1af091866d094264512696ca68b
Certificate serial: 019D29613A6B346E946C661971A90806C50E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JY8HU8Azwa8JGGbQlCZFEmlspos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft
Manifest number: 0BD3
Signing time: Thu 26 Mar 2026 09:02:10 +0000
Manifest this update: Thu 26 Mar 2026 09:02:10 +0000
Manifest next update: Fri 27 Mar 2026 09:02:10 +0000
Files and hashes: 1: Cpe2_Ojc_FZLY2oGHgVbMwJjk9A.roa (hash: QYPBK9tLe2NLf5ToJsGlVRXUrRctKZptQZU1FwtQfmU=)
2: JY8HU8Azwa8JGGbQlCZFEmlspos.crl (hash: gLQrvEZZKTSI3EM9pi23B9EyW15sSEh8CNixtDvxU6g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft
rsync://rpki.ripe.net/repository/DEFAULT/JY8HU8Azwa8JGGbQlCZFEmlspos.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:61:3a:6b:34:6e:94:6c:66:19:71:a9:08:06:c5:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=258f0753c033c1af091866d094264512696ca68b
Validity
Not Before: Mar 26 09:02:10 2026 GMT
Not After : Mar 27 09:02:10 2026 GMT
Subject: CN=b01a16f302accfc967891bda37962b3a6abee7a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ce:2a:ee:b9:1a:ba:d5:63:0d:59:92:15:10:
81:37:65:ec:6f:59:30:6b:f0:21:be:d6:c2:02:0f:
46:44:67:3c:a2:a5:9b:67:1a:60:62:78:b5:01:bc:
0e:7b:96:e1:78:be:39:16:ac:00:09:81:e5:18:00:
25:2b:ac:83:cb:87:62:f6:96:15:c9:2f:4a:9c:f6:
c7:88:f4:21:e0:01:8e:1c:18:df:05:a5:e6:51:ab:
92:7e:12:0e:79:01:e1:cc:ff:0c:c4:ea:0e:9a:e7:
75:6d:7e:6f:4a:77:50:90:a8:31:e6:e1:76:d3:eb:
89:6b:15:1a:40:d5:63:25:c2:c5:e0:dc:32:78:be:
f4:51:80:b2:ec:1a:46:fa:f9:38:9b:c0:54:e2:34:
58:27:03:cc:8d:ba:5a:e2:c5:c2:fa:15:64:b2:b6:
a1:c1:e8:c1:f6:fe:e3:72:f4:b4:f5:87:d1:91:db:
28:20:1b:ce:87:79:22:c4:dd:b7:90:a5:38:49:71:
c2:78:c3:0a:cc:c1:ef:07:c2:d4:3c:90:c7:22:e3:
8c:68:b4:ba:19:cb:c9:69:a1:38:63:9c:12:80:6d:
c4:c9:4e:4a:f9:e6:f6:de:81:e9:03:0e:d1:59:c9:
0d:0f:8c:5e:3d:e5:1f:75:eb:aa:9e:ed:11:d2:85:
4b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:1A:16:F3:02:AC:CF:C9:67:89:1B:DA:37:96:2B:3A:6A:BE:E7:A8
X509v3 Authority Key Identifier:
keyid:25:8F:07:53:C0:33:C1:AF:09:18:66:D0:94:26:45:12:69:6C:A6:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JY8HU8Azwa8JGGbQlCZFEmlspos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2d:71:71:34:85:79:24:f2:32:53:20:e2:66:46:dd:e3:7e:06:
f9:be:ab:d3:ba:d3:84:94:28:98:07:30:41:d5:b0:44:83:5f:
9c:54:6b:98:a1:21:f0:a6:1e:b7:32:3d:98:56:e8:12:fd:f4:
d3:16:25:11:af:9a:33:a4:b1:85:9f:46:33:c3:a0:d1:c4:8b:
e7:83:1a:fd:cf:7f:c9:bc:c1:8c:0e:5e:2b:9e:df:36:1a:af:
6f:74:ad:94:41:8c:bc:a7:70:a1:81:28:4b:f6:11:72:1b:74:
e1:d5:d5:2c:4e:39:07:24:78:3d:79:8a:1f:bb:1f:4b:59:c5:
45:c3:d5:fc:c9:65:a8:9f:a7:44:92:ea:a2:91:28:31:bd:73:
ac:2f:22:4a:0d:78:e9:15:12:2d:f6:a9:14:e1:cd:6a:da:71:
1d:cd:db:72:c6:94:d8:35:c8:47:6b:dd:d5:b4:09:1d:f1:11:
62:e1:b0:d0:3f:02:86:bf:2c:dd:83:09:b5:ed:91:18:f1:d7:
e5:ea:61:20:76:a6:2a:fb:e7:53:bf:30:c6:5f:80:83:5c:38:
e7:9d:bb:b4:a7:41:9f:01:79:a7:56:7c:79:fc:e7:68:8b:14:
7f:57:27:03:87:86:0c:d2:89:f8:61:e6:ac:0e:2b:bf:03:8e:
52:60:c1:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYTprNG6UbGYZcakIBsUOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1OGYwNzUzYzAzM2MxYWYwOTE4NjZkMDk0MjY0NTEyNjk2
Y2E2OGIwHhcNMjYwMzI2MDkwMjEwWhcNMjYwMzI3MDkwMjEwWjAzMTEwLwYDVQQD
EyhiMDFhMTZmMzAyYWNjZmM5Njc4OTFiZGEzNzk2MmIzYTZhYmVlN2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAys4q7rkautVjDVmSFRCBN2Xsb1kw
a/AhvtbCAg9GRGc8oqWbZxpgYni1AbwOe5bheL45FqwACYHlGAAlK6yDy4di9pYV
yS9KnPbHiPQh4AGOHBjfBaXmUauSfhIOeQHhzP8MxOoOmud1bX5vSndQkKgx5uF2
0+uJaxUaQNVjJcLF4NwyeL70UYCy7BpG+vk4m8BU4jRYJwPMjbpa4sXC+hVksrah
wejB9v7jcvS09YfRkdsoIBvOh3kixN23kKU4SXHCeMMKzMHvB8LUPJDHIuOMaLS6
GcvJaaE4Y5wSgG3EyU5K+eb23oHpAw7RWckND4xePeUfdeuqnu0R0oVLcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLAaFvMCrM/JZ4kb2jeWKzpqvueoMB8GA1UdIwQY
MBaAFCWPB1PAM8GvCRhm0JQmRRJpbKaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlk4SFU4QXp3YThKR0diUWxDWkZFbWxzcG9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8zYmFlODctODJlYi00NTFmLTgwNDQt
MmMyZjBkMjRmOTM2LzEvSlk4SFU4QXp3YThKR0diUWxDWkZFbWxzcG9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8zYmFlODctODJlYi00NTFmLTgwNDQtMmMyZjBkMjRmOTM2
LzEvSlk4SFU4QXp3YThKR0diUWxDWkZFbWxzcG9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALXFxNIV5
JPIyUyDiZkbd434G+b6r07rThJQomAcwQdWwRINfnFRrmKEh8KYetzI9mFboEv30
0xYlEa+aM6SxhZ9GM8Og0cSL54Ma/c9/ybzBjA5eK57fNhqvb3StlEGMvKdwoYEo
S/YRcht04dXVLE45ByR4PXmKH7sfS1nFRcPV/MllqJ+nRJLqopEoMb1zrC8iSg14
6RUSLfapFOHNatpxHc3bcsaU2DXIR2vd1bQJHfERYuGw0D8Chr8s3YMJte2RGPHX
5ephIHamKvvnU78wxl+Ag1w45527tKdBnwF5p1Z8efznaIsUf1cnA4eGDNKJ+GHm
rA4rvwOOUmDBYw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:52:17 2026 by rpki-client