Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/8fc261-bff8-4490-8b69-009739f7e55c/1/10itqKdHT1rZkMmB_2snzj3hRxM.mft
File: 10itqKdHT1rZkMmB_2snzj3hRxM.mft (raw, json)
Hash identifier: lYoLecaKtbDNn3Pu0FvVnWb2rbzrTo8J/uO0B3GvGIk=
Subject key identifier: 5D:B6:FA:4C:02:77:16:E1:AC:3C:47:4C:E5:80:D4:2F:46:0A:25:0C
Authority key identifier: D7:48:AD:A8:A7:47:4F:5A:D9:90:C9:81:FF:6B:27:CE:3D:E1:47:13
Certificate issuer: /CN=d748ada8a7474f5ad990c981ff6b27ce3de14713
Certificate serial: 019D26286A632BF77F8764329B477058361D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10itqKdHT1rZkMmB_2snzj3hRxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/8fc261-bff8-4490-8b69-009739f7e55c/1/10itqKdHT1rZkMmB_2snzj3hRxM.mft
Manifest number: 01A2
Signing time: Wed 25 Mar 2026 18:01:15 +0000
Manifest this update: Wed 25 Mar 2026 18:01:15 +0000
Manifest next update: Thu 26 Mar 2026 18:01:15 +0000
Files and hashes: 1: 10itqKdHT1rZkMmB_2snzj3hRxM.crl (hash: GCQONdDW1V3631ndlL5ZO0V0CakqEFIMDr6eXTVRjoA=)
2: dh6O1KZT1UxJ74lXsViPoGTKRqs.roa (hash: GqWYfVTgp7zJ77InQ5zu+O/CisErYsq267odGYdVn8s=)
3: q2Sr6iNLEgQhXIhOj17x_U41yCw.roa (hash: v7+FGob3+laO9WE5TRGdJZbvI5tauk2y9nqQMlT/eeI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/8fc261-bff8-4490-8b69-009739f7e55c/1/10itqKdHT1rZkMmB_2snzj3hRxM.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/8fc261-bff8-4490-8b69-009739f7e55c/1/10itqKdHT1rZkMmB_2snzj3hRxM.mft
rsync://rpki.ripe.net/repository/DEFAULT/10itqKdHT1rZkMmB_2snzj3hRxM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 18:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:28:6a:63:2b:f7:7f:87:64:32:9b:47:70:58:36:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d748ada8a7474f5ad990c981ff6b27ce3de14713
Validity
Not Before: Mar 25 18:01:15 2026 GMT
Not After : Mar 26 18:01:15 2026 GMT
Subject: CN=5db6fa4c027716e1ac3c474ce580d42f460a250c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:46:dc:5b:c2:ff:25:2f:a3:9f:47:3b:eb:b4:
c0:d6:89:24:54:d4:c4:60:21:c6:0f:6f:dc:35:f0:
2d:6f:93:57:0f:02:8e:44:35:93:c1:eb:40:69:6b:
cf:90:3a:44:51:7f:12:83:b7:64:64:ce:c7:b1:6a:
75:d6:f1:b8:a7:43:9e:f4:a7:b9:c1:33:18:9d:7c:
c4:54:af:fa:fd:cf:3b:5f:37:92:cd:de:47:a0:8f:
d5:b5:ba:74:4d:3f:f3:7f:cd:43:6c:30:b9:06:01:
68:e7:63:70:a2:de:35:3b:45:1b:cb:1e:62:3b:d1:
1f:49:b8:cd:56:e2:78:e2:13:7d:91:61:20:cb:d5:
f6:54:21:cc:63:da:1e:44:3a:92:15:15:c7:6c:3d:
d4:07:84:56:d2:62:6c:35:05:4b:b0:62:05:d5:1b:
2d:16:62:38:1b:d5:72:8c:f4:3c:5a:8b:1a:a2:ee:
64:56:ca:01:53:38:d5:20:80:cf:67:08:f7:d6:8d:
8d:72:a8:f3:00:bc:91:89:93:90:91:11:7c:b5:7c:
51:d7:84:ec:6d:40:66:c6:52:31:6d:19:cb:d4:1e:
03:3c:fa:69:96:43:b0:e4:0a:d5:65:93:6c:f1:45:
eb:53:90:54:ba:33:59:2b:19:a0:79:5c:50:08:15:
be:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:B6:FA:4C:02:77:16:E1:AC:3C:47:4C:E5:80:D4:2F:46:0A:25:0C
X509v3 Authority Key Identifier:
keyid:D7:48:AD:A8:A7:47:4F:5A:D9:90:C9:81:FF:6B:27:CE:3D:E1:47:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10itqKdHT1rZkMmB_2snzj3hRxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/8fc261-bff8-4490-8b69-009739f7e55c/1/10itqKdHT1rZkMmB_2snzj3hRxM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/8fc261-bff8-4490-8b69-009739f7e55c/1/10itqKdHT1rZkMmB_2snzj3hRxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
95:20:f2:bd:d0:04:5a:29:41:0d:fa:c9:23:88:72:77:6a:70:
68:b5:ae:00:d0:d7:0f:30:e9:68:4d:92:c3:36:b5:f5:bc:e7:
f8:88:a1:ca:2d:ae:74:a3:4a:41:65:de:be:25:db:1d:e1:f3:
6b:f5:b1:28:26:a4:d3:2a:ec:95:39:f6:e9:c0:e3:26:3d:1a:
af:9a:0d:e4:20:1e:98:ac:c7:8f:37:7e:20:1d:dd:0c:e0:9d:
ae:85:a0:9a:6e:66:f0:d1:58:5b:1f:20:db:29:ef:d7:33:6a:
33:02:48:1c:ba:51:2b:0a:19:8e:16:e3:7a:d8:bc:62:07:35:
a0:7b:9e:e1:07:8b:f7:56:df:2e:e2:10:dc:05:9d:22:ea:4b:
3d:ae:2d:b6:99:49:95:4b:b4:53:58:5d:d9:95:7e:d6:72:ba:
aa:1f:e5:9c:f4:24:4a:64:6a:83:25:82:a6:3b:3e:b4:49:da:
f5:b7:81:0a:54:42:63:e4:7d:b6:ae:0a:d4:06:3c:b8:bd:ad:
a2:24:cb:8b:8c:69:9d:68:88:48:51:14:f7:f1:40:f5:55:31:
3e:7a:44:51:dd:23:61:8f:df:bf:ef:c0:52:1e:ba:77:85:30:
3a:c4:44:50:11:2c:d2:28:4f:77:14:22:07:96:ae:f2:a0:b9:
ac:4c:ed:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mKGpjK/d/h2Qym0dwWDYdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDhhZGE4YTc0NzRmNWFkOTkwYzk4MWZmNmIyN2NlM2Rl
MTQ3MTMwHhcNMjYwMzI1MTgwMTE1WhcNMjYwMzI2MTgwMTE1WjAzMTEwLwYDVQQD
Eyg1ZGI2ZmE0YzAyNzcxNmUxYWMzYzQ3NGNlNTgwZDQyZjQ2MGEyNTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2UbcW8L/JS+jn0c767TA1okkVNTE
YCHGD2/cNfAtb5NXDwKORDWTwetAaWvPkDpEUX8Sg7dkZM7HsWp11vG4p0Oe9Ke5
wTMYnXzEVK/6/c87XzeSzd5HoI/Vtbp0TT/zf81DbDC5BgFo52Nwot41O0Ubyx5i
O9EfSbjNVuJ44hN9kWEgy9X2VCHMY9oeRDqSFRXHbD3UB4RW0mJsNQVLsGIF1Rst
FmI4G9VyjPQ8Wosaou5kVsoBUzjVIIDPZwj31o2NcqjzALyRiZOQkRF8tXxR14Ts
bUBmxlIxbRnL1B4DPPpplkOw5ArVZZNs8UXrU5BUujNZKxmgeVxQCBW+IQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF22+kwCdxbhrDxHTOWA1C9GCiUMMB8GA1UdIwQY
MBaAFNdIrainR09a2ZDJgf9rJ8494UcTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBpdHFLZEhUMXJaa01tQl8yc256ajNoUnhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi84ZmMyNjEtYmZmOC00NDkwLThiNjkt
MDA5NzM5ZjdlNTVjLzEvMTBpdHFLZEhUMXJaa01tQl8yc256ajNoUnhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi84ZmMyNjEtYmZmOC00NDkwLThiNjktMDA5NzM5ZjdlNTVj
LzEvMTBpdHFLZEhUMXJaa01tQl8yc256ajNoUnhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlSDyvdAE
WilBDfrJI4hyd2pwaLWuANDXDzDpaE2Swza19bzn+Iihyi2udKNKQWXeviXbHeHz
a/WxKCak0yrslTn26cDjJj0ar5oN5CAemKzHjzd+IB3dDOCdroWgmm5m8NFYWx8g
2ynv1zNqMwJIHLpRKwoZjhbjeti8Ygc1oHue4QeL91bfLuIQ3AWdIupLPa4ttplJ
lUu0U1hd2ZV+1nK6qh/lnPQkSmRqgyWCpjs+tEna9beBClRCY+R9tq4K1AY8uL2t
oiTLi4xpnWiISFEU9/FA9VUxPnpEUd0jYY/fv+/AUh66d4UwOsREUBEs0ihPdxQi
B5au8qC5rEztlg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 03:45:49 2026 by rpki-client