Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/v4iEmi616d1XGo50O-17lRPXoSE.mft
File: v4iEmi616d1XGo50O-17lRPXoSE.mft (raw, json)
Hash identifier: 2hGrne/LYoYERU4Z4nKMQPB7AbNMXhW2N9OG+pJiWR8=
Subject key identifier: DB:97:5D:C5:83:23:3A:4F:7C:66:F8:76:53:17:1B:9B:8D:FF:8C:74
Authority key identifier: BF:88:84:9A:2E:B5:E9:DD:57:1A:8E:74:3B:ED:7B:95:13:D7:A1:21
Certificate issuer: /CN=bf88849a2eb5e9dd571a8e743bed7b9513d7a121
Certificate serial: 019D2704B2CE6B84ACAD72F25BC28D4681EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4iEmi616d1XGo50O-17lRPXoSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/v4iEmi616d1XGo50O-17lRPXoSE.mft
Manifest number: 0457
Signing time: Wed 25 Mar 2026 22:01:52 +0000
Manifest this update: Wed 25 Mar 2026 22:01:52 +0000
Manifest next update: Thu 26 Mar 2026 22:01:52 +0000
Files and hashes: 1: 3RsLnrTTWTLPQLyhD4gSJN-DaTI.roa (hash: P//UvOt3ZaB3uh3PmS1jjSG8dYP/ZrhMVhcmC8uqPak=)
2: orOrT8NVY4pf1QT1W-mHVHhwDL8.roa (hash: bx8FYIhx4hyq5ap/XvQzvchaRMF2JO/G6piTSSfSHKo=)
3: v4iEmi616d1XGo50O-17lRPXoSE.crl (hash: mM+u1fIWo67Mr/caM9A/YCpGW4Qdft9ck1268BfCUwQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/v4iEmi616d1XGo50O-17lRPXoSE.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/v4iEmi616d1XGo50O-17lRPXoSE.mft
rsync://rpki.ripe.net/repository/DEFAULT/v4iEmi616d1XGo50O-17lRPXoSE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:01:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:04:b2:ce:6b:84:ac:ad:72:f2:5b:c2:8d:46:81:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf88849a2eb5e9dd571a8e743bed7b9513d7a121
Validity
Not Before: Mar 25 22:01:52 2026 GMT
Not After : Mar 26 22:01:52 2026 GMT
Subject: CN=db975dc583233a4f7c66f87653171b9b8dff8c74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e8:e9:68:b5:ac:43:ea:38:b2:0c:ee:8d:be:
69:7b:72:f9:da:f2:60:94:44:c7:1c:5a:78:47:89:
5f:51:29:fe:30:89:9e:3f:d5:02:e1:a3:cc:06:df:
21:16:98:41:84:b6:1c:af:5c:ac:d9:6b:82:92:1b:
ee:a3:38:87:9d:ca:d5:49:b4:93:72:29:a3:27:45:
a6:1b:53:72:b2:c3:66:3f:b6:5d:07:7a:12:23:a2:
14:90:4e:b0:5b:bf:83:81:a9:e2:ab:91:39:9a:d6:
e5:f9:2d:15:ff:28:2e:5f:95:88:10:fe:df:29:b8:
88:87:48:21:41:e8:1b:80:fd:59:a1:e0:2b:6c:fd:
7b:d5:68:c9:5e:36:dd:81:df:54:4c:76:18:fd:72:
62:83:97:85:78:27:27:30:3f:d5:e9:af:11:52:d0:
18:f1:1d:b8:2f:5d:f8:7d:c2:50:55:b3:e2:12:ec:
fc:8a:5f:86:8f:fa:5b:28:95:e2:8e:43:73:b4:a7:
2c:8f:77:57:1d:df:e6:ed:33:f6:1c:f1:f5:33:45:
71:32:c8:68:46:9a:be:4b:42:47:71:ef:d7:ef:ab:
9a:ca:ee:72:9b:2f:27:82:4e:05:9f:2e:8c:52:63:
95:55:fc:c3:e2:6b:69:2a:41:a2:ec:a2:e8:77:0a:
d3:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:97:5D:C5:83:23:3A:4F:7C:66:F8:76:53:17:1B:9B:8D:FF:8C:74
X509v3 Authority Key Identifier:
keyid:BF:88:84:9A:2E:B5:E9:DD:57:1A:8E:74:3B:ED:7B:95:13:D7:A1:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4iEmi616d1XGo50O-17lRPXoSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/v4iEmi616d1XGo50O-17lRPXoSE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/v4iEmi616d1XGo50O-17lRPXoSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2b:c1:18:10:ee:fe:5a:bd:9d:94:01:99:6c:40:2a:56:81:fa:
a9:81:0d:5e:94:d2:68:8a:82:d1:ab:3c:e1:6f:6f:c1:dc:7d:
9d:a2:a5:a5:a3:67:a4:f8:80:f7:11:c5:0d:3d:96:0e:c3:76:
29:ac:87:1a:b8:3c:11:0b:f1:c5:11:7d:b5:b5:0f:a6:43:22:
cf:1f:3c:5b:48:02:29:b5:10:81:e0:4f:ef:e0:ae:29:1c:99:
4c:3b:cd:79:0e:28:4d:89:1c:bf:f0:7d:7d:f5:ea:6b:36:27:
97:7e:68:bc:e2:d6:83:06:be:cc:44:5e:fd:bc:2b:2f:13:95:
6c:71:a7:8f:30:af:06:f3:c9:80:aa:45:9b:9d:9e:f2:8c:75:
1e:d1:c9:fa:e2:80:14:fc:06:ce:d8:ae:13:42:b7:0f:68:78:
76:63:68:53:93:8f:43:24:71:3c:39:15:45:a2:4d:f7:ab:e3:
76:f4:3d:81:e8:70:69:e4:01:fb:ec:74:12:2c:37:18:15:ec:
44:c1:f5:15:73:a6:91:81:5c:82:47:87:13:0b:5c:91:a4:16:
77:6f:55:1f:42:e2:02:4e:c9:00:dc:38:7f:ea:35:6a:50:f8:
7d:65:31:36:44:29:b9:a7:30:0c:86:f3:f5:4b:b2:5d:46:df:
fa:68:e4:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBLLOa4SsrXLyW8KNRoHrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODg4NDlhMmViNWU5ZGQ1NzFhOGU3NDNiZWQ3Yjk1MTNk
N2ExMjEwHhcNMjYwMzI1MjIwMTUyWhcNMjYwMzI2MjIwMTUyWjAzMTEwLwYDVQQD
EyhkYjk3NWRjNTgzMjMzYTRmN2M2NmY4NzY1MzE3MWI5YjhkZmY4Yzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvujpaLWsQ+o4sgzujb5pe3L52vJg
lETHHFp4R4lfUSn+MImeP9UC4aPMBt8hFphBhLYcr1ys2WuCkhvuoziHncrVSbST
cimjJ0WmG1NyssNmP7ZdB3oSI6IUkE6wW7+Dganiq5E5mtbl+S0V/yguX5WIEP7f
KbiIh0ghQegbgP1ZoeArbP171WjJXjbdgd9UTHYY/XJig5eFeCcnMD/V6a8RUtAY
8R24L134fcJQVbPiEuz8il+Gj/pbKJXijkNztKcsj3dXHd/m7TP2HPH1M0VxMsho
Rpq+S0JHce/X76uayu5ymy8ngk4Fny6MUmOVVfzD4mtpKkGi7KLodwrTTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNuXXcWDIzpPfGb4dlMXG5uN/4x0MB8GA1UdIwQY
MBaAFL+IhJoutendVxqOdDvte5UT16EhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRpRW1pNjE2ZDFYR281ME8tMTdsUlBYb1NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9kYmM1OGUtMDI3Yi00YWFjLTlkZTYt
MjM3MzliNWZkODRjLzEvdjRpRW1pNjE2ZDFYR281ME8tMTdsUlBYb1NFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9kYmM1OGUtMDI3Yi00YWFjLTlkZTYtMjM3MzliNWZkODRj
LzEvdjRpRW1pNjE2ZDFYR281ME8tMTdsUlBYb1NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK8EYEO7+
Wr2dlAGZbEAqVoH6qYENXpTSaIqC0as84W9vwdx9naKlpaNnpPiA9xHFDT2WDsN2
KayHGrg8EQvxxRF9tbUPpkMizx88W0gCKbUQgeBP7+CuKRyZTDvNeQ4oTYkcv/B9
ffXqazYnl35ovOLWgwa+zERe/bwrLxOVbHGnjzCvBvPJgKpFm52e8ox1HtHJ+uKA
FPwGztiuE0K3D2h4dmNoU5OPQyRxPDkVRaJN96vjdvQ9gehwaeQB++x0Eiw3GBXs
RMH1FXOmkYFcgkeHEwtckaQWd29VH0LiAk7JANw4f+o1alD4fWUxNkQpuacwDIbz
9UuyXUbf+mjkGA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:53:12 2026 by rpki-client