Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/bfb542-4f67-46c5-9710-694252f029f1/1/1-ItEPpksZlZYlC5okNKY1ozeZCU.mft
File: 1-ItEPpksZlZYlC5okNKY1ozeZCU.mft (raw, json)
Hash identifier: Gj6eUEgqNgJN12v1k1Y/B2UU3CKDpfIrEadLTms3mYU=
Subject key identifier: 8C:55:A6:BB:34:D0:53:0B:9A:66:85:32:D8:75:E8:56:61:AF:F2:26
Authority key identifier: F8:8B:44:3E:99:2C:66:56:58:94:2E:68:90:D2:98:D6:8C:DE:64:25
Certificate issuer: /CN=f88b443e992c665658942e6890d298d68cde6425
Certificate serial: 019D254CE86DEAD16A79E4BC5FACC6B080CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-ItEPpksZlZYlC5okNKY1ozeZCU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/bfb542-4f67-46c5-9710-694252f029f1/1/1-ItEPpksZlZYlC5okNKY1ozeZCU.mft
Manifest number: 28
Signing time: Wed 25 Mar 2026 14:01:30 +0000
Manifest this update: Wed 25 Mar 2026 14:01:30 +0000
Manifest next update: Thu 26 Mar 2026 14:01:30 +0000
Files and hashes: 1: 1-ItEPpksZlZYlC5okNKY1ozeZCU.crl (hash: Kc0V5cCzg4GamnUyilIJnqvPt/Mh3+XOhM8MYqGRQc4=)
2: 1-UY4PSsLAhrs1PzARcse-G3oKuQ.roa (hash: bquKinVoexR3C7npUBsFt5Z6yuA7X3IOlH1/GIEH79I=)
3: MoYUgffviiPeADSdZFuk0-PlxG8.roa (hash: bL0U0C+BvRbuUVGBt4mIGhNW64bof79FYnK3rvVowmE=)
4: VHGH1mjlVKHvXOWyM-EzBXtEmjs.roa (hash: 3A2MAM39EnOIUbihWoQHY/ugzdD83ycM1Te5mtz2Mw4=)
5: zvXYFDRMBmdtrWW83QBWL5pe_xg.asa (hash: PjKpfmDVSkgo9TP/TQvIvWmCKdqKtpoJYwtUOMSdrYk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/bfb542-4f67-46c5-9710-694252f029f1/1/1-ItEPpksZlZYlC5okNKY1ozeZCU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/bfb542-4f67-46c5-9710-694252f029f1/1/1-ItEPpksZlZYlC5okNKY1ozeZCU.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-ItEPpksZlZYlC5okNKY1ozeZCU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 14:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:4c:e8:6d:ea:d1:6a:79:e4:bc:5f:ac:c6:b0:80:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f88b443e992c665658942e6890d298d68cde6425
Validity
Not Before: Mar 25 14:01:30 2026 GMT
Not After : Mar 26 14:01:30 2026 GMT
Subject: CN=8c55a6bb34d0530b9a668532d875e85661aff226
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:9c:7c:81:60:22:34:cb:72:a7:ad:a3:d7:74:
05:a5:0e:fc:34:03:72:e6:97:91:1c:ae:ea:36:28:
fe:10:2e:cd:d0:dc:5d:d7:32:bb:03:d8:a9:76:57:
ea:8b:6c:8c:64:00:96:7a:25:11:d3:ba:6c:71:4e:
59:37:3b:6c:e3:14:f6:b7:3d:cc:1d:2f:8c:b6:27:
1b:71:7e:c9:20:93:3f:4c:30:ff:c8:58:32:e7:25:
16:a2:c6:56:92:2b:30:e5:33:65:08:36:90:ad:3c:
c3:f0:a5:fb:82:89:1e:c4:03:2c:42:69:b9:f2:14:
d6:a8:04:22:43:ab:a0:5a:0b:a5:ff:d8:21:fe:fe:
b0:e4:6d:ed:43:c8:48:16:8a:f8:fc:f4:40:16:0e:
86:d0:99:45:ca:81:a6:81:97:2c:d8:04:dc:d6:79:
36:b7:2d:a1:9b:d5:45:0f:9f:e0:d2:83:1a:2d:87:
e1:2b:b7:58:63:83:a1:70:61:92:48:c6:d6:81:0b:
ee:89:ae:db:cf:f9:a7:4c:8a:ea:90:ed:d7:b8:df:
38:a0:e7:50:9d:a3:36:e4:d8:e3:32:59:a1:cb:40:
c7:07:e5:19:52:b9:88:89:8b:2f:d7:f1:45:38:bb:
8c:36:c2:f2:bc:d2:c5:8f:38:60:d6:9c:af:6a:d5:
a0:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:55:A6:BB:34:D0:53:0B:9A:66:85:32:D8:75:E8:56:61:AF:F2:26
X509v3 Authority Key Identifier:
keyid:F8:8B:44:3E:99:2C:66:56:58:94:2E:68:90:D2:98:D6:8C:DE:64:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-ItEPpksZlZYlC5okNKY1ozeZCU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/bfb542-4f67-46c5-9710-694252f029f1/1/1-ItEPpksZlZYlC5okNKY1ozeZCU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/bfb542-4f67-46c5-9710-694252f029f1/1/1-ItEPpksZlZYlC5okNKY1ozeZCU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:09:be:af:4d:5a:45:50:e8:32:6e:5b:70:94:04:a5:1b:b4:
ba:52:d6:3c:75:90:cf:74:77:5a:9f:08:e7:6b:fa:db:27:35:
6c:01:a8:cd:40:83:64:c6:09:58:41:7c:1c:de:9d:bc:3c:16:
29:d4:52:71:c4:c5:1f:ef:e2:11:96:02:fd:37:9c:32:a1:e9:
9f:c4:38:a0:9d:b9:f7:a0:a9:a0:5b:f5:bf:28:6d:e1:8c:cc:
95:59:80:8d:32:c1:de:1f:af:1e:bf:5f:db:2d:11:ee:6d:b4:
91:3b:dd:60:c2:2a:4d:87:22:3e:97:16:34:1c:f8:3f:30:a8:
84:0e:55:43:75:8d:b3:5e:b4:ea:9f:9b:f7:c2:80:83:02:0f:
73:ae:c8:7a:4c:c9:92:ba:fa:c7:39:e4:d4:8e:51:f8:23:e9:
a9:af:a7:63:aa:eb:ac:e9:85:b1:47:7f:07:b1:00:a7:38:b0:
e8:68:d6:9c:df:d8:62:b5:2f:d2:7b:82:10:fc:53:18:63:95:
85:a5:e5:7c:24:bf:16:16:ec:6d:e5:e4:12:12:5b:99:a8:be:
6b:53:57:da:5a:e6:23:fd:cd:5e:b8:bc:56:0a:32:bd:6f:33:
a8:a8:e7:a2:ff:ac:3c:79:cf:4b:9c:1d:ce:4e:21:b7:a1:a5:
15:e3:02:fe
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZ0lTOht6tFqeeS8X6zGsIDOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4OGI0NDNlOTkyYzY2NTY1ODk0MmU2ODkwZDI5OGQ2OGNk
ZTY0MjUwHhcNMjYwMzI1MTQwMTMwWhcNMjYwMzI2MTQwMTMwWjAzMTEwLwYDVQQD
Eyg4YzU1YTZiYjM0ZDA1MzBiOWE2Njg1MzJkODc1ZTg1NjYxYWZmMjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJx8gWAiNMtyp62j13QFpQ78NANy
5peRHK7qNij+EC7N0Nxd1zK7A9ipdlfqi2yMZACWeiUR07pscU5ZNzts4xT2tz3M
HS+MticbcX7JIJM/TDD/yFgy5yUWosZWkisw5TNlCDaQrTzD8KX7gokexAMsQmm5
8hTWqAQiQ6ugWgul/9gh/v6w5G3tQ8hIFor4/PRAFg6G0JlFyoGmgZcs2ATc1nk2
ty2hm9VFD5/g0oMaLYfhK7dYY4OhcGGSSMbWgQvuia7bz/mnTIrqkO3XuN84oOdQ
naM25NjjMlmhy0DHB+UZUrmIiYsv1/FFOLuMNsLyvNLFjzhg1pyvatWglQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFIxVprs00FMLmmaFMth16FZhr/ImMB8GA1UdIwQY
MBaAFPiLRD6ZLGZWWJQuaJDSmNaM3mQlMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1JdEVQcGtzWmxaWWxDNW9rTktZMW96ZVpDVS5jZXIw
gY4GCCsGAQUFBwELBIGBMH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIvYmZiNTQyLTRmNjctNDZjNS05NzEw
LTY5NDI1MmYwMjlmMS8xLzEtSXRFUHBrc1psWllsQzVva05LWTFvemVaQ1UubWZ0
MIGCBgNVHR8EezB5MHegdaBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3Np
dG9yeS9ERUZBVUxULzViL2JmYjU0Mi00ZjY3LTQ2YzUtOTcxMC02OTQyNTJmMDI5
ZjEvMS8xLUl0RVBwa3NabFpZbEM1b2tOS1kxb3plWkNVLmNybDAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgAC
BQAwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGwm+
r01aRVDoMm5bcJQEpRu0ulLWPHWQz3R3Wp8I52v62yc1bAGozUCDZMYJWEF8HN6d
vDwWKdRSccTFH+/iEZYC/TecMqHpn8Q4oJ2596CpoFv1vyht4YzMlVmAjTLB3h+v
Hr9f2y0R7m20kTvdYMIqTYciPpcWNBz4PzCohA5VQ3WNs1606p+b98KAgwIPc67I
ekzJkrr6xznk1I5R+CPpqa+nY6rrrOmFsUd/B7EApziw6GjWnN/YYrUv0nuCEPxT
GGOVhaXlfCS/FhbsbeXkEhJbmai+a1NX2lrmI/3NXri8VgoyvW8zqKjnov+sPHnP
S5wdzk4ht6GlFeMC/g==
-----END CERTIFICATE-----
Generated at Wed Mar 25 21:25:02 2026 by rpki-client