Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
File: StFxca6oV2xDHGN0GGkcnB9VdRY.mft (raw, json)
Hash identifier: d3ppdkWy29WFY/WD7qqGGk3rOdAUjtQatTmYqEYqpdk=
Subject key identifier: 6C:33:72:AC:72:B4:77:12:9D:CA:EE:1A:C0:DF:3F:29:2E:1F:3A:4E
Authority key identifier: 4A:D1:71:71:AE:A8:57:6C:43:1C:63:74:18:69:1C:9C:1F:55:75:16
Certificate issuer: /CN=4ad17171aea8576c431c637418691c9c1f557516
Certificate serial: 019D28848261E3BE3E2F6C9D5D740B39236B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/StFxca6oV2xDHGN0GGkcnB9VdRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
Manifest number: 1534
Signing time: Thu 26 Mar 2026 05:01:05 +0000
Manifest this update: Thu 26 Mar 2026 05:01:05 +0000
Manifest next update: Fri 27 Mar 2026 05:01:05 +0000
Files and hashes: 1: StFxca6oV2xDHGN0GGkcnB9VdRY.crl (hash: F8OUwsAlLOfAIjmlSMBjRW94g/T9XdDNygGpPVPSlHw=)
2: YW79Yef_XcQH-yQeSEH6dsBEV58.roa (hash: OnfUE3JgvIAolLyP0DJV9UMqit9OdFdesv9RsZ2Z4TI=)
3: qHkKc6qThO5LVCCZnqTx59tVQVQ.roa (hash: hYX8MCTn1ruNTten5OGMYptvMIuzTBWfYXGAUvW3g24=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
rsync://rpki.ripe.net/repository/DEFAULT/StFxca6oV2xDHGN0GGkcnB9VdRY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:84:82:61:e3:be:3e:2f:6c:9d:5d:74:0b:39:23:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ad17171aea8576c431c637418691c9c1f557516
Validity
Not Before: Mar 26 05:01:05 2026 GMT
Not After : Mar 27 05:01:05 2026 GMT
Subject: CN=6c3372ac72b477129dcaee1ac0df3f292e1f3a4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7a:8e:a2:4e:35:4b:17:45:93:ca:65:ad:cd:
36:99:92:04:f5:a2:d6:1f:7b:f6:2c:2c:73:88:1f:
83:b2:d9:a2:cc:27:34:d2:8e:80:81:2a:12:d1:af:
22:7d:f0:65:75:20:08:50:01:f6:50:57:c2:6a:22:
a2:80:31:56:bf:7d:07:02:2f:94:58:dd:92:eb:cd:
bf:85:92:66:0e:28:f0:5e:46:9c:a4:01:6f:0d:17:
77:a1:7a:eb:d3:16:1b:39:37:6c:8f:43:f1:84:b9:
e4:6c:07:7f:7d:59:f3:f0:73:7c:1a:87:48:79:4c:
05:e3:29:d2:da:9a:e2:45:65:c4:4f:6b:8c:4f:8f:
1b:95:ff:24:fe:50:f0:58:99:26:f4:eb:72:9c:94:
64:7c:f8:91:a6:92:fc:5b:7e:89:fa:71:c3:a3:8a:
4d:04:b7:21:e0:78:5c:87:66:e5:dd:f9:18:52:ed:
9c:3a:3f:46:df:f2:81:1e:a5:ae:c0:01:d5:5f:e3:
2b:34:eb:e2:3e:0f:7e:c5:c7:b9:a7:8c:01:65:28:
8c:e2:7f:9e:63:67:70:03:64:95:be:c5:8a:49:85:
93:66:3c:03:e6:f1:2a:8b:bd:74:f4:93:da:71:33:
18:10:22:94:d9:34:f4:d4:6a:d4:51:9b:1d:38:ae:
8e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:33:72:AC:72:B4:77:12:9D:CA:EE:1A:C0:DF:3F:29:2E:1F:3A:4E
X509v3 Authority Key Identifier:
keyid:4A:D1:71:71:AE:A8:57:6C:43:1C:63:74:18:69:1C:9C:1F:55:75:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/StFxca6oV2xDHGN0GGkcnB9VdRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
53:cc:1a:c1:04:9b:cc:2e:93:70:b2:bb:2e:3f:67:75:17:13:
81:12:84:7b:d1:79:c5:3b:7f:c6:bb:42:3b:df:d1:dd:c5:e7:
fd:bf:60:fe:29:e5:98:4f:37:1c:5b:11:4d:55:da:f8:b9:15:
05:f8:be:6d:b7:a5:4e:0b:1d:05:c2:e6:85:86:7b:09:5c:21:
73:63:11:32:eb:73:b2:a0:ae:6d:ca:00:e6:42:69:e5:c9:9a:
43:56:25:e4:c1:85:c7:ef:ca:6f:1e:a1:fc:a8:94:53:f0:ef:
f9:cc:ba:38:21:73:a5:8f:55:53:e6:bd:d0:dd:37:3c:d3:21:
e5:51:d0:3e:8f:3f:da:0f:32:0f:b6:0b:f1:84:9c:56:97:40:
cd:cf:c1:96:81:4f:c5:99:7f:5c:7d:e9:0f:d3:6e:07:b6:de:
95:21:4a:44:71:83:82:2d:b0:26:25:dc:4a:73:72:12:99:f5:
b6:0a:ad:ef:03:13:d5:76:dd:4d:df:65:d0:9c:5d:a5:33:27:
74:74:ee:d7:a8:c7:f8:28:13:d5:0e:bd:d7:ce:20:2a:97:5f:
23:57:67:4e:06:ad:22:a1:6c:c2:0b:ce:eb:4d:79:a1:f0:53:
ce:0e:2d:18:08:38:7e:df:39:a0:80:b7:42:d5:fa:b0:37:c8:
5c:8e:5b:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ohIJh474+L2ydXXQLOSNrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZDE3MTcxYWVhODU3NmM0MzFjNjM3NDE4NjkxYzljMWY1
NTc1MTYwHhcNMjYwMzI2MDUwMTA1WhcNMjYwMzI3MDUwMTA1WjAzMTEwLwYDVQQD
Eyg2YzMzNzJhYzcyYjQ3NzEyOWRjYWVlMWFjMGRmM2YyOTJlMWYzYTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHqOok41SxdFk8plrc02mZIE9aLW
H3v2LCxziB+DstmizCc00o6AgSoS0a8iffBldSAIUAH2UFfCaiKigDFWv30HAi+U
WN2S682/hZJmDijwXkacpAFvDRd3oXrr0xYbOTdsj0PxhLnkbAd/fVnz8HN8GodI
eUwF4ynS2priRWXET2uMT48blf8k/lDwWJkm9OtynJRkfPiRppL8W36J+nHDo4pN
BLch4Hhch2bl3fkYUu2cOj9G3/KBHqWuwAHVX+MrNOviPg9+xce5p4wBZSiM4n+e
Y2dwA2SVvsWKSYWTZjwD5vEqi7109JPacTMYECKU2TT01GrUUZsdOK6OAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGwzcqxytHcSncruGsDfPykuHzpOMB8GA1UdIwQY
MBaAFErRcXGuqFdsQxxjdBhpHJwfVXUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3RGeGNhNm9WMnhESEdOMEdHa2NuQjlWZFJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81YTNjZDEtODEwOS00YzY2LTgzMjQt
NDgyOGQ2NTEwNGUxLzEvU3RGeGNhNm9WMnhESEdOMEdHa2NuQjlWZFJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81YTNjZDEtODEwOS00YzY2LTgzMjQtNDgyOGQ2NTEwNGUx
LzEvU3RGeGNhNm9WMnhESEdOMEdHa2NuQjlWZFJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU8wawQSb
zC6TcLK7Lj9ndRcTgRKEe9F5xTt/xrtCO9/R3cXn/b9g/inlmE83HFsRTVXa+LkV
Bfi+bbelTgsdBcLmhYZ7CVwhc2MRMutzsqCubcoA5kJp5cmaQ1Yl5MGFx+/Kbx6h
/KiUU/Dv+cy6OCFzpY9VU+a90N03PNMh5VHQPo8/2g8yD7YL8YScVpdAzc/BloFP
xZl/XH3pD9NuB7belSFKRHGDgi2wJiXcSnNyEpn1tgqt7wMT1XbdTd9l0JxdpTMn
dHTu16jH+CgT1Q69184gKpdfI1dnTgatIqFswgvO6015ofBTzg4tGAg4ft85oIC3
QtX6sDfIXI5b2w==
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:16:44 2026 by rpki-client