Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
File: v99XKOyr1W70Y3NWlVhmylRoaRo.mft (raw, json)
Hash identifier: QjO1B1dGcd5cXGQMOv3UCGoT3te3SA0LxEz705l8X0o=
Subject key identifier: 11:23:88:6B:46:4C:DD:6E:6A:20:00:C0:68:90:2B:AD:7F:8A:D2:F1
Authority key identifier: BF:DF:57:28:EC:AB:D5:6E:F4:63:73:56:95:58:66:CA:54:68:69:1A
Certificate issuer: /CN=bfdf5728ecabd56ef4637356955866ca5468691a
Certificate serial: 019D270411E9D4A24B4E0C0308B46F54CB63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
Manifest number: 04A9
Signing time: Wed 25 Mar 2026 22:01:11 +0000
Manifest this update: Wed 25 Mar 2026 22:01:11 +0000
Manifest next update: Thu 26 Mar 2026 22:01:11 +0000
Files and hashes: 1: 3BcGBZCHDgJs9gSoEvIJqO6Wdng.roa (hash: QqrBTNsjue3924ijEFZUnNRSzA8ZRhSOavKbIrZOqys=)
2: v99XKOyr1W70Y3NWlVhmylRoaRo.crl (hash: IK552OECMaMFYQk4QN2Nwbz50LYxhvX95K/w4+iiDTc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:04:11:e9:d4:a2:4b:4e:0c:03:08:b4:6f:54:cb:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfdf5728ecabd56ef4637356955866ca5468691a
Validity
Not Before: Mar 25 22:01:11 2026 GMT
Not After : Mar 26 22:01:11 2026 GMT
Subject: CN=1123886b464cdd6e6a2000c068902bad7f8ad2f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5f:19:23:ca:bd:31:05:f5:5c:62:18:01:d0:
1c:bd:9b:71:61:0a:05:1a:f0:50:bb:b0:dd:a7:d1:
f6:fb:6a:40:b0:8b:ca:8b:0a:c8:81:19:ef:05:22:
4d:69:52:5a:ca:1e:82:4e:d9:26:6b:40:f0:dd:f8:
62:3e:b1:24:f8:64:77:9b:e6:07:ee:44:05:88:70:
b7:d8:2c:7b:54:99:32:df:30:3d:4c:54:09:4a:f6:
f9:d9:08:3b:17:d0:69:1f:72:fa:68:14:55:ff:a1:
0f:c6:b9:1f:d6:ad:7a:2e:72:42:6a:90:77:e6:88:
a4:60:7b:9f:93:12:4d:62:f8:cd:a0:5f:e3:5b:25:
1d:c0:05:9a:2a:7e:f9:4d:ee:32:90:5c:97:d6:93:
9a:91:68:2a:30:c1:02:f0:74:8d:27:e1:f8:30:b1:
d0:10:3e:23:29:1f:50:58:b7:fd:2e:e8:5e:8c:f8:
c5:c2:f4:57:39:e0:68:73:f8:9c:b0:cd:c4:73:69:
86:e9:ce:7f:43:04:95:66:75:34:c3:ac:97:c5:64:
b5:be:d7:6a:50:86:00:0f:f0:5f:93:47:34:b1:31:
f6:52:e1:41:03:da:12:e4:26:bc:ad:b1:be:17:60:
94:11:d0:20:e2:f1:12:f8:c4:a6:f4:57:24:6b:94:
84:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:23:88:6B:46:4C:DD:6E:6A:20:00:C0:68:90:2B:AD:7F:8A:D2:F1
X509v3 Authority Key Identifier:
keyid:BF:DF:57:28:EC:AB:D5:6E:F4:63:73:56:95:58:66:CA:54:68:69:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3f:b3:82:6d:d6:b3:0e:d5:f3:83:fb:e3:21:87:31:cc:f7:35:
05:61:1f:67:c6:66:8f:ca:14:0a:d7:51:b5:3c:5f:91:af:f4:
54:91:c6:e5:09:5d:59:f1:fe:07:f2:47:f3:54:e4:a5:dd:20:
fa:7c:4f:9f:fe:e4:bb:70:aa:21:81:56:f8:c0:ac:e2:d9:f3:
46:88:d5:5b:cf:da:e0:c6:16:d1:00:b7:b6:31:89:05:3f:25:
01:b4:d5:26:e3:3e:8d:5d:77:4a:f1:3e:fe:70:6d:e4:e6:d2:
a7:b6:85:f0:0d:9f:b7:72:1f:dd:cd:a2:65:da:ed:6b:7b:f0:
82:94:e3:b4:d7:1c:7c:1a:84:d5:2b:53:25:0e:ff:77:46:88:
5d:0a:39:0b:87:93:19:8f:4a:e2:fd:c4:29:ed:5a:14:1b:00:
54:9d:27:aa:bb:8d:bc:70:c5:48:8c:01:ac:de:87:66:c0:3a:
75:6b:b4:86:38:a3:d5:9d:aa:9b:99:0b:3c:c9:5a:13:86:20:
65:f0:3c:97:21:db:ab:50:8d:fc:8f:d4:0e:2c:64:2a:c0:7d:
06:5f:e8:2c:db:6f:e7:ac:8a:e6:d5:0c:a8:47:6c:3d:2b:17:
a1:a5:6d:a0:42:1e:31:12:a3:c2:94:d4:79:a8:aa:40:82:8b:
7a:92:3e:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBBHp1KJLTgwDCLRvVMtjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZGY1NzI4ZWNhYmQ1NmVmNDYzNzM1Njk1NTg2NmNhNTQ2
ODY5MWEwHhcNMjYwMzI1MjIwMTExWhcNMjYwMzI2MjIwMTExWjAzMTEwLwYDVQQD
EygxMTIzODg2YjQ2NGNkZDZlNmEyMDAwYzA2ODkwMmJhZDdmOGFkMmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF8ZI8q9MQX1XGIYAdAcvZtxYQoF
GvBQu7Ddp9H2+2pAsIvKiwrIgRnvBSJNaVJayh6CTtkma0Dw3fhiPrEk+GR3m+YH
7kQFiHC32Cx7VJky3zA9TFQJSvb52Qg7F9BpH3L6aBRV/6EPxrkf1q16LnJCapB3
5oikYHufkxJNYvjNoF/jWyUdwAWaKn75Te4ykFyX1pOakWgqMMEC8HSNJ+H4MLHQ
ED4jKR9QWLf9LuhejPjFwvRXOeBoc/icsM3Ec2mG6c5/QwSVZnU0w6yXxWS1vtdq
UIYAD/Bfk0c0sTH2UuFBA9oS5Ca8rbG+F2CUEdAg4vES+MSm9Fcka5SE3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBEjiGtGTN1uaiAAwGiQK61/itLxMB8GA1UdIwQY
MBaAFL/fVyjsq9Vu9GNzVpVYZspUaGkaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9mY2YzMjItMTdjMS00ZjQwLWE2MTgt
YmQxNGQzNDRiYmYyLzEvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9mY2YzMjItMTdjMS00ZjQwLWE2MTgtYmQxNGQzNDRiYmYy
LzEvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP7OCbdaz
DtXzg/vjIYcxzPc1BWEfZ8Zmj8oUCtdRtTxfka/0VJHG5QldWfH+B/JH81Tkpd0g
+nxPn/7ku3CqIYFW+MCs4tnzRojVW8/a4MYW0QC3tjGJBT8lAbTVJuM+jV13SvE+
/nBt5ObSp7aF8A2ft3If3c2iZdrta3vwgpTjtNccfBqE1StTJQ7/d0aIXQo5C4eT
GY9K4v3EKe1aFBsAVJ0nqruNvHDFSIwBrN6HZsA6dWu0hjij1Z2qm5kLPMlaE4Yg
ZfA8lyHbq1CN/I/UDixkKsB9Bl/oLNtv56yK5tUMqEdsPSsXoaVtoEIeMRKjwpTU
eaiqQIKLepI+kg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:55:09 2026 by rpki-client