Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/65bcff-ba01-498c-b54d-84026bc852f0/1/tU3fbwMzHNdzx-ersVQpuo0gvXg.mft
File: tU3fbwMzHNdzx-ersVQpuo0gvXg.mft (raw, json)
Hash identifier: iyX9yCsgHvVly57IBZiDKbSI2AqCWYkxfoXvXZHlzMg=
Subject key identifier: BD:24:4D:CC:17:05:5F:C1:DA:B5:86:05:67:3C:62:1D:DD:19:56:C8
Authority key identifier: B5:4D:DF:6F:03:33:1C:D7:73:C7:E7:AB:B1:54:29:BA:8D:20:BD:78
Certificate issuer: /CN=b54ddf6f03331cd773c7e7abb15429ba8d20bd78
Certificate serial: 019D341A8D0F7B76041F8867CD185354ED4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tU3fbwMzHNdzx-ersVQpuo0gvXg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/65bcff-ba01-498c-b54d-84026bc852f0/1/tU3fbwMzHNdzx-ersVQpuo0gvXg.mft
Manifest number: 09D0
Signing time: Sat 28 Mar 2026 11:00:48 +0000
Manifest this update: Sat 28 Mar 2026 11:00:48 +0000
Manifest next update: Sun 29 Mar 2026 11:00:48 +0000
Files and hashes: 1: n3LXa0-xioBb1QsCYTVot6eV2ZE.roa (hash: n4raPKw8IwbnWXJNFwCqDhVOg3Y+1y9CxDz8k7+MVtI=)
2: tU3fbwMzHNdzx-ersVQpuo0gvXg.crl (hash: c9btZkqgd9HOKS/dDqufkXLeotWidGyvKnGQJjRQ5Qs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/65bcff-ba01-498c-b54d-84026bc852f0/1/tU3fbwMzHNdzx-ersVQpuo0gvXg.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/65bcff-ba01-498c-b54d-84026bc852f0/1/tU3fbwMzHNdzx-ersVQpuo0gvXg.mft
rsync://rpki.ripe.net/repository/DEFAULT/tU3fbwMzHNdzx-ersVQpuo0gvXg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:34:1a:8d:0f:7b:76:04:1f:88:67:cd:18:53:54:ed:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b54ddf6f03331cd773c7e7abb15429ba8d20bd78
Validity
Not Before: Mar 28 11:00:48 2026 GMT
Not After : Mar 29 11:00:48 2026 GMT
Subject: CN=bd244dcc17055fc1dab58605673c621ddd1956c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:89:e0:9c:1f:48:ba:c8:fc:25:30:06:04:ce:
2c:cc:61:94:2c:f2:94:46:be:03:3d:ba:e3:af:c7:
95:18:36:5c:54:3f:2a:a0:c0:e7:61:fe:43:18:e5:
d4:e8:f1:a7:82:50:30:ff:5b:5b:b2:95:88:23:95:
cb:b6:86:33:25:ee:29:56:d7:1e:ca:47:bb:a8:f8:
96:93:b3:56:fb:27:8e:29:e6:7d:ba:d9:8a:64:ae:
b9:8d:b1:66:de:b7:fd:51:93:f3:84:ee:27:9a:01:
fc:97:a0:10:a4:69:fd:cc:0f:b2:07:36:e1:1c:cf:
ca:02:99:5f:a2:40:37:3d:17:97:4b:8e:fa:df:b2:
27:9c:b4:34:67:1b:f4:92:0c:0d:2b:6d:c7:bd:a2:
43:1b:d6:e6:11:c5:cc:5e:9e:18:32:79:c2:d1:9d:
1d:40:28:a1:17:f7:15:92:b6:1f:3b:1b:d3:59:63:
85:54:46:f2:17:c1:dd:d5:2f:c4:7b:65:2a:3c:25:
51:3c:eb:99:d4:4e:69:a4:1c:d6:3e:c3:01:1a:e6:
2a:2a:60:db:af:2a:bd:08:18:e3:90:e0:ee:b2:0c:
46:57:f9:12:1c:e9:d5:18:33:9f:e8:82:3c:d5:bb:
ac:28:e5:a5:44:77:0d:42:8f:85:01:22:67:14:e5:
c0:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:24:4D:CC:17:05:5F:C1:DA:B5:86:05:67:3C:62:1D:DD:19:56:C8
X509v3 Authority Key Identifier:
keyid:B5:4D:DF:6F:03:33:1C:D7:73:C7:E7:AB:B1:54:29:BA:8D:20:BD:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tU3fbwMzHNdzx-ersVQpuo0gvXg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/65bcff-ba01-498c-b54d-84026bc852f0/1/tU3fbwMzHNdzx-ersVQpuo0gvXg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/65bcff-ba01-498c-b54d-84026bc852f0/1/tU3fbwMzHNdzx-ersVQpuo0gvXg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:59:99:67:db:51:18:35:c0:71:b0:28:6b:fe:3e:45:05:03:
17:2a:25:6e:2c:f1:10:d3:49:42:27:8c:c9:e2:4f:be:25:1b:
f2:2f:5f:7d:f7:91:c7:63:7d:dc:3a:1e:34:4c:50:f7:2f:4b:
3f:45:d0:ef:38:b8:74:3d:7a:63:6c:5a:fc:71:92:57:fe:38:
93:78:35:ce:da:cb:0d:81:f2:d9:96:0e:4a:e8:fd:9f:60:10:
85:77:ea:3c:2b:d7:5b:52:a3:7b:58:91:04:93:8f:a4:4b:3c:
6f:4f:1f:82:71:62:cc:c8:74:45:95:4e:34:9f:3d:f7:83:3a:
51:6a:98:2e:04:7c:2d:2a:b7:d7:61:67:94:15:e8:41:79:a6:
89:7c:57:31:61:eb:cc:3c:43:cd:cc:4d:ef:17:29:dc:7c:57:
9c:ee:45:70:95:5b:b0:e4:6d:b6:ac:dd:f1:18:9f:f5:97:41:
7a:5a:59:17:ce:6a:6c:17:f8:a6:09:24:25:e1:c8:b2:8d:03:
b3:1b:04:7c:a8:57:16:bc:24:53:1e:c2:69:d1:cb:45:7e:2f:
5e:5a:98:a7:e6:d6:1d:a7:75:62:2d:09:b6:a7:f9:09:3d:f9:
27:12:55:7b:db:5f:0a:82:aa:a8:3e:c0:0d:d6:32:cf:64:ad:
ac:35:e7:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ00Go0Pe3YEH4hnzRhTVO1LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NGRkZjZmMDMzMzFjZDc3M2M3ZTdhYmIxNTQyOWJhOGQy
MGJkNzgwHhcNMjYwMzI4MTEwMDQ4WhcNMjYwMzI5MTEwMDQ4WjAzMTEwLwYDVQQD
EyhiZDI0NGRjYzE3MDU1ZmMxZGFiNTg2MDU2NzNjNjIxZGRkMTk1NmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYngnB9Iusj8JTAGBM4szGGULPKU
Rr4DPbrjr8eVGDZcVD8qoMDnYf5DGOXU6PGnglAw/1tbspWII5XLtoYzJe4pVtce
yke7qPiWk7NW+yeOKeZ9utmKZK65jbFm3rf9UZPzhO4nmgH8l6AQpGn9zA+yBzbh
HM/KAplfokA3PReXS47637InnLQ0Zxv0kgwNK23HvaJDG9bmEcXMXp4YMnnC0Z0d
QCihF/cVkrYfOxvTWWOFVEbyF8Hd1S/Ee2UqPCVRPOuZ1E5ppBzWPsMBGuYqKmDb
ryq9CBjjkODusgxGV/kSHOnVGDOf6II81busKOWlRHcNQo+FASJnFOXA7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL0kTcwXBV/B2rWGBWc8Yh3dGVbIMB8GA1UdIwQY
MBaAFLVN328DMxzXc8fnq7FUKbqNIL14MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFUzZmJ3TXpITmR6eC1lcnNWUXB1bzBndlhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82NWJjZmYtYmEwMS00OThjLWI1NGQt
ODQwMjZiYzg1MmYwLzEvdFUzZmJ3TXpITmR6eC1lcnNWUXB1bzBndlhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC82NWJjZmYtYmEwMS00OThjLWI1NGQtODQwMjZiYzg1MmYw
LzEvdFUzZmJ3TXpITmR6eC1lcnNWUXB1bzBndlhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEVmZZ9tR
GDXAcbAoa/4+RQUDFyolbizxENNJQieMyeJPviUb8i9fffeRx2N93DoeNExQ9y9L
P0XQ7zi4dD16Y2xa/HGSV/44k3g1ztrLDYHy2ZYOSuj9n2AQhXfqPCvXW1Kje1iR
BJOPpEs8b08fgnFizMh0RZVONJ8994M6UWqYLgR8LSq312FnlBXoQXmmiXxXMWHr
zDxDzcxN7xcp3HxXnO5FcJVbsORttqzd8Rif9ZdBelpZF85qbBf4pgkkJeHIso0D
sxsEfKhXFrwkUx7CadHLRX4vXlqYp+bWHad1Yi0Jtqf5CT35JxJVe9tfCoKqqD7A
DdYyz2StrDXn5g==
-----END CERTIFICATE-----
Generated at Sat Mar 28 15:56:25 2026 by rpki-client