Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft
File: imgZHKtu8GsyKwsSSHhdSEpFJPM.mft (raw, json)
Hash identifier: Bpmjwwx6d87AkfvFl6+Kjm/xU/KJ7OJq9VSVdtxrI58=
Subject key identifier: 20:95:18:5E:2E:E2:B7:F5:D0:6A:36:CE:0F:EE:50:63:AC:A1:DF:B8
Authority key identifier: 8A:68:19:1C:AB:6E:F0:6B:32:2B:0B:12:48:78:5D:48:4A:45:24:F3
Certificate issuer: /CN=8a68191cab6ef06b322b0b1248785d484a4524f3
Certificate serial: 019D33E391826858257652A21F8249EB7186
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft
Manifest number: 12DC
Signing time: Sat 28 Mar 2026 10:00:45 +0000
Manifest this update: Sat 28 Mar 2026 10:00:45 +0000
Manifest next update: Sun 29 Mar 2026 10:00:45 +0000
Files and hashes: 1: YyRSnlrY6ZL2BY7kWgNKQn7ZABQ.roa (hash: XGF2A8hVRY8awHWUJiWHAMyAA173IB6zQJ6kuXsZFy4=)
2: imgZHKtu8GsyKwsSSHhdSEpFJPM.crl (hash: HJ+Tew+s7WnNEWekyExB7WuyQyKOO26+Pht190UQAbM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft
rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:33:e3:91:82:68:58:25:76:52:a2:1f:82:49:eb:71:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a68191cab6ef06b322b0b1248785d484a4524f3
Validity
Not Before: Mar 28 10:00:45 2026 GMT
Not After : Mar 29 10:00:45 2026 GMT
Subject: CN=2095185e2ee2b7f5d06a36ce0fee5063aca1dfb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:42:b7:29:77:8e:f5:bc:59:b2:d9:8a:a2:3f:
32:e7:69:44:e4:bd:e0:94:1e:0c:51:88:fc:ac:6e:
79:cf:46:72:94:ee:2d:17:d4:8b:12:fa:89:e3:30:
f1:0f:a1:0c:43:a4:5c:01:75:e8:6a:cb:4a:b4:9f:
6c:e4:82:37:9c:17:1d:4f:5d:e4:97:8d:c4:b2:e9:
fe:1b:6c:14:fa:45:3a:16:1b:dd:0e:39:bb:60:cc:
d3:c3:28:2b:07:87:60:a5:5c:e0:24:2a:5b:a1:e0:
3d:0e:7d:87:c9:aa:d8:72:c2:fa:34:d3:79:2f:04:
82:ba:3f:a4:c0:1a:9e:88:dd:e1:38:2e:ba:cc:fc:
3b:eb:8d:b6:a2:8d:cb:88:ba:e2:f0:39:aa:31:8e:
89:d4:3b:48:33:4d:bb:57:6d:c8:bf:6b:27:b5:c8:
10:1f:8e:f6:e4:d9:7d:da:ea:a0:42:07:5c:1c:d5:
8b:2a:9e:62:e7:0a:2d:95:49:47:ad:bc:f4:a8:25:
2b:44:e5:ff:62:2d:8e:a1:dc:bc:0a:28:84:97:e2:
79:33:9d:f7:e6:fc:af:d2:a5:f4:b3:33:d9:63:29:
e3:35:c7:97:7a:62:44:68:92:6c:7e:72:e0:cc:cf:
eb:4f:9a:a7:db:ae:69:a3:1b:16:f6:d3:50:db:04:
f8:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:95:18:5E:2E:E2:B7:F5:D0:6A:36:CE:0F:EE:50:63:AC:A1:DF:B8
X509v3 Authority Key Identifier:
keyid:8A:68:19:1C:AB:6E:F0:6B:32:2B:0B:12:48:78:5D:48:4A:45:24:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
72:49:2e:9f:d1:72:3f:09:1c:28:35:d5:82:d5:e2:4c:9e:0d:
2b:eb:f3:2e:55:0c:a1:38:d7:e9:9b:5d:27:cb:19:b4:28:3f:
bf:20:24:28:61:ad:49:a3:e8:42:21:46:e3:09:6a:1c:1b:ae:
a9:21:e7:8d:41:98:ec:aa:ed:06:54:60:3c:85:ab:cc:6e:70:
f6:5b:ab:62:83:60:90:df:21:6c:c3:63:5f:5a:4c:22:97:72:
76:99:00:74:a9:89:3a:d1:24:03:88:22:da:67:b4:08:83:30:
1a:2c:97:67:fe:1d:ef:4d:16:99:34:cd:1a:b2:9d:c7:b9:ee:
2c:71:59:c4:4f:15:49:08:74:07:c8:8f:aa:31:80:8c:e9:8c:
29:00:0f:5e:97:18:b6:2b:1f:3a:d4:a0:4c:3d:e1:57:f2:f7:
1c:61:46:65:7d:ef:e8:23:73:e2:3b:d9:a6:14:e2:6b:17:ad:
5c:d9:af:f3:86:51:ac:4d:78:89:77:23:f8:5a:00:cf:d7:ac:
99:b1:d8:15:cc:80:97:c3:11:bd:28:9a:23:b3:52:49:58:af:
34:f4:e5:6f:86:9f:71:fc:93:49:a5:a3:41:0a:15:d1:4e:6d:
85:22:dd:26:72:cc:76:ac:38:05:fe:f7:e2:d0:da:58:86:d3:
68:c2:5d:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0z45GCaFgldlKiH4JJ63GGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNjgxOTFjYWI2ZWYwNmIzMjJiMGIxMjQ4Nzg1ZDQ4NGE0
NTI0ZjMwHhcNMjYwMzI4MTAwMDQ1WhcNMjYwMzI5MTAwMDQ1WjAzMTEwLwYDVQQD
EygyMDk1MTg1ZTJlZTJiN2Y1ZDA2YTM2Y2UwZmVlNTA2M2FjYTFkZmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEK3KXeO9bxZstmKoj8y52lE5L3g
lB4MUYj8rG55z0ZylO4tF9SLEvqJ4zDxD6EMQ6RcAXXoastKtJ9s5II3nBcdT13k
l43Esun+G2wU+kU6FhvdDjm7YMzTwygrB4dgpVzgJCpboeA9Dn2HyarYcsL6NNN5
LwSCuj+kwBqeiN3hOC66zPw76422oo3LiLri8DmqMY6J1DtIM027V23Iv2sntcgQ
H4725Nl92uqgQgdcHNWLKp5i5wotlUlHrbz0qCUrROX/Yi2Oody8CiiEl+J5M533
5vyv0qX0szPZYynjNceXemJEaJJsfnLgzM/rT5qn265poxsW9tNQ2wT49QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCCVGF4u4rf10Go2zg/uUGOsod+4MB8GA1UdIwQY
MBaAFIpoGRyrbvBrMisLEkh4XUhKRSTzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW1nWkhLdHU4R3N5S3dzU1NIaGRTRXBGSlBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lM2VlOGQtZTQ1OS00ZjQ3LWI3NWQt
OTcxMTdlZWI0ODkxLzEvaW1nWkhLdHU4R3N5S3dzU1NIaGRTRXBGSlBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lM2VlOGQtZTQ1OS00ZjQ3LWI3NWQtOTcxMTdlZWI0ODkx
LzEvaW1nWkhLdHU4R3N5S3dzU1NIaGRTRXBGSlBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAckkun9Fy
PwkcKDXVgtXiTJ4NK+vzLlUMoTjX6ZtdJ8sZtCg/vyAkKGGtSaPoQiFG4wlqHBuu
qSHnjUGY7KrtBlRgPIWrzG5w9lurYoNgkN8hbMNjX1pMIpdydpkAdKmJOtEkA4gi
2me0CIMwGiyXZ/4d700WmTTNGrKdx7nuLHFZxE8VSQh0B8iPqjGAjOmMKQAPXpcY
tisfOtSgTD3hV/L3HGFGZX3v6CNz4jvZphTiaxetXNmv84ZRrE14iXcj+FoAz9es
mbHYFcyAl8MRvSiaI7NSSVivNPTlb4afcfyTSaWjQQoV0U5thSLdJnLMdqw4Bf73
4tDaWIbTaMJd3Q==
-----END CERTIFICATE-----
Generated at Sat Mar 28 11:47:40 2026 by rpki-client