Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
File: i5HgoQS1s93x9dCOessreeDVZvk.mft (raw, json)
Hash identifier: a6mOcZ/r3ZAo3T+1XnYBo92oKHaweZQrAluRSeliCSI=
Subject key identifier: 1B:58:FD:A5:A5:2B:38:7C:11:52:CA:41:72:F4:7F:B5:4B:FF:EE:FA
Authority key identifier: 8B:91:E0:A1:04:B5:B3:DD:F1:F5:D0:8E:7A:CB:2B:79:E0:D5:66:F9
Certificate issuer: /CN=8b91e0a104b5b3ddf1f5d08e7acb2b79e0d566f9
Certificate serial: 019D2A3B7C59814AAE7B6E70C8367EDC539F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i5HgoQS1s93x9dCOessreeDVZvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
Manifest number: 1297
Signing time: Thu 26 Mar 2026 13:00:34 +0000
Manifest this update: Thu 26 Mar 2026 13:00:34 +0000
Manifest next update: Fri 27 Mar 2026 13:00:34 +0000
Files and hashes: 1: FLemcIiElnlySDQ8j4MbhOGXKNY.roa (hash: +hFqqy7o9aLIrhPQ+Vl9O2F3JN7zKRwx0wl2/DYV2As=)
2: i5HgoQS1s93x9dCOessreeDVZvk.crl (hash: Tboc3HcJFDPtLbNnxBaHLyXYwO4awRvHPxt8rrEp6Ik=)
3: zL0BeH3r9AkOxhITJlCW5Ja8LGo.roa (hash: oLz5pL1eqyWTu6AOPoAU4vUbkw5hVQwpWZe1I3Dg04k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/i5HgoQS1s93x9dCOessreeDVZvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:3b:7c:59:81:4a:ae:7b:6e:70:c8:36:7e:dc:53:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b91e0a104b5b3ddf1f5d08e7acb2b79e0d566f9
Validity
Not Before: Mar 26 13:00:34 2026 GMT
Not After : Mar 27 13:00:34 2026 GMT
Subject: CN=1b58fda5a52b387c1152ca4172f47fb54bffeefa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d1:fb:b1:6a:41:97:5a:f1:98:0b:f0:cf:8f:
a0:21:15:0d:a0:7e:2b:79:8b:59:aa:d1:6e:c2:e3:
59:03:aa:41:ca:24:3b:db:ec:ae:9f:39:37:c1:04:
94:cd:46:cc:16:45:23:91:7c:b2:9b:fb:6c:1c:8f:
93:ed:69:a1:18:fd:fc:42:00:10:db:99:f0:c8:78:
9d:f3:e4:18:cd:0a:d0:81:59:36:91:5d:31:63:03:
80:f2:f3:49:e1:56:91:05:df:62:3c:21:5f:87:71:
d6:57:ce:dc:fa:b2:25:df:57:2c:0f:dd:59:27:bf:
8b:ca:41:c8:46:bb:25:31:03:02:fd:04:bf:73:51:
ad:ca:d1:c5:01:ec:57:5b:94:75:59:a4:e1:e6:62:
20:47:c1:4b:17:d4:c0:5c:2d:c2:e5:4b:a2:33:7b:
28:9b:42:65:2f:69:b5:52:e3:d5:3f:4a:ae:cc:d7:
70:0d:06:09:5e:d2:5c:86:92:c7:89:2d:b2:77:da:
7b:18:3d:1d:81:eb:f4:41:a5:fa:fc:ed:2e:6a:3d:
db:fc:71:fa:ce:e6:16:ba:03:dd:f9:a1:f1:27:ef:
58:83:04:a9:81:a9:fa:d6:bc:3c:ca:73:df:0f:75:
b8:b0:1a:51:6e:f6:7d:38:de:91:d0:a7:90:7d:1d:
f3:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:58:FD:A5:A5:2B:38:7C:11:52:CA:41:72:F4:7F:B5:4B:FF:EE:FA
X509v3 Authority Key Identifier:
keyid:8B:91:E0:A1:04:B5:B3:DD:F1:F5:D0:8E:7A:CB:2B:79:E0:D5:66:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i5HgoQS1s93x9dCOessreeDVZvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
95:13:1f:c7:49:2e:b4:af:82:36:30:41:63:95:ea:a9:d4:b8:
0b:74:68:72:36:67:15:76:56:d4:6d:97:8c:05:5b:58:24:04:
61:f4:11:19:ad:d8:7d:03:fb:4a:44:79:cb:42:25:67:ae:ef:
d6:fa:5d:c9:1a:72:10:6d:78:99:65:a3:98:29:ff:e2:e2:f5:
62:d9:16:67:c6:34:ea:c5:df:fb:a6:48:9b:d6:f7:5c:1f:13:
63:cd:2e:76:14:cd:1d:41:d3:04:16:2d:d6:87:98:46:0b:71:
7d:c8:e6:05:e2:49:cf:00:4b:3a:f9:f5:0a:68:b1:ee:81:f8:
b6:1a:6d:fe:5e:11:c8:cf:8a:b8:7b:14:2c:4e:36:e4:79:8b:
48:e1:3f:f5:60:87:92:a0:16:da:1e:16:2a:28:1b:83:f3:96:
eb:38:b5:b5:02:d2:e3:55:84:b2:56:1d:6b:d3:7d:e8:03:4c:
de:3d:19:6f:d7:7a:9d:a5:4e:e0:6e:b1:5c:f9:ed:16:b3:a2:
f2:78:29:99:ee:46:a4:f1:74:04:fc:b1:86:9c:d5:e8:7b:f2:
95:91:d7:b6:37:0c:a4:8f:ee:c5:ad:57:59:61:73:03:a0:af:
fb:33:3e:ad:4e:b1:a5:6c:05:b0:37:92:98:6f:27:7e:65:a5:
bb:91:54:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qO3xZgUque25wyDZ+3FOfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiOTFlMGExMDRiNWIzZGRmMWY1ZDA4ZTdhY2IyYjc5ZTBk
NTY2ZjkwHhcNMjYwMzI2MTMwMDM0WhcNMjYwMzI3MTMwMDM0WjAzMTEwLwYDVQQD
EygxYjU4ZmRhNWE1MmIzODdjMTE1MmNhNDE3MmY0N2ZiNTRiZmZlZWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtH7sWpBl1rxmAvwz4+gIRUNoH4r
eYtZqtFuwuNZA6pByiQ72+yunzk3wQSUzUbMFkUjkXyym/tsHI+T7WmhGP38QgAQ
25nwyHid8+QYzQrQgVk2kV0xYwOA8vNJ4VaRBd9iPCFfh3HWV87c+rIl31csD91Z
J7+LykHIRrslMQMC/QS/c1GtytHFAexXW5R1WaTh5mIgR8FLF9TAXC3C5UuiM3so
m0JlL2m1UuPVP0quzNdwDQYJXtJchpLHiS2yd9p7GD0dgev0QaX6/O0uaj3b/HH6
zuYWugPd+aHxJ+9YgwSpgan61rw8ynPfD3W4sBpRbvZ9ON6R0KeQfR3zFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBtY/aWlKzh8EVLKQXL0f7VL/+76MB8GA1UdIwQY
MBaAFIuR4KEEtbPd8fXQjnrLK3ng1Wb5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTVIZ29RUzFzOTN4OWRDT2Vzc3JlZURWWnZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9kZmJmYzQtY2MzZi00NzdjLThkNzYt
YThjNTc2MjI0YmEyLzEvaTVIZ29RUzFzOTN4OWRDT2Vzc3JlZURWWnZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9kZmJmYzQtY2MzZi00NzdjLThkNzYtYThjNTc2MjI0YmEy
LzEvaTVIZ29RUzFzOTN4OWRDT2Vzc3JlZURWWnZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlRMfx0ku
tK+CNjBBY5XqqdS4C3RocjZnFXZW1G2XjAVbWCQEYfQRGa3YfQP7SkR5y0IlZ67v
1vpdyRpyEG14mWWjmCn/4uL1YtkWZ8Y06sXf+6ZIm9b3XB8TY80udhTNHUHTBBYt
1oeYRgtxfcjmBeJJzwBLOvn1Cmix7oH4thpt/l4RyM+KuHsULE425HmLSOE/9WCH
kqAW2h4WKigbg/OW6zi1tQLS41WEslYda9N96ANM3j0Zb9d6naVO4G6xXPntFrOi
8ngpme5GpPF0BPyxhpzV6HvylZHXtjcMpI/uxa1XWWFzA6Cv+zM+rU6xpWwFsDeS
mG8nfmWlu5FU+Q==
-----END CERTIFICATE-----
Generated at Thu Mar 26 18:48:30 2026 by rpki-client