Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/afe9b8-e881-4462-a1ee-8e81d1350736/1/rh7z1ianVOQ9B8cA0FE8EUtmDvU.mft
File: rh7z1ianVOQ9B8cA0FE8EUtmDvU.mft (raw, json)
Hash identifier: BoZOajVpiqyY06h/b6ksJy9Ho2DxG6uFCNeuE/J6Svs=
Subject key identifier: D3:8C:F8:58:38:A6:16:D5:53:48:5A:DC:8C:3E:D6:37:A2:55:A6:16
Authority key identifier: AE:1E:F3:D6:26:A7:54:E4:3D:07:C7:00:D0:51:3C:11:4B:66:0E:F5
Certificate issuer: /CN=ae1ef3d626a754e43d07c700d0513c114b660ef5
Certificate serial: 019D2583A5C1659A307632F2BCCDC3E34598
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rh7z1ianVOQ9B8cA0FE8EUtmDvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/afe9b8-e881-4462-a1ee-8e81d1350736/1/rh7z1ianVOQ9B8cA0FE8EUtmDvU.mft
Manifest number: 1885
Signing time: Wed 25 Mar 2026 15:01:17 +0000
Manifest this update: Wed 25 Mar 2026 15:01:17 +0000
Manifest next update: Thu 26 Mar 2026 15:01:17 +0000
Files and hashes: 1: csk4BDz5s79i6tCuRhaWetkbfYE.roa (hash: y6UPDjUC5Ue0t7W29lJsgRf1Q1DAQIYmF8ZHDpBKink=)
2: rh7z1ianVOQ9B8cA0FE8EUtmDvU.crl (hash: vEMe91tbpGMwnZ6ofaI3XrKWYsHNiSMiLuBnchvXFHM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/afe9b8-e881-4462-a1ee-8e81d1350736/1/rh7z1ianVOQ9B8cA0FE8EUtmDvU.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/afe9b8-e881-4462-a1ee-8e81d1350736/1/rh7z1ianVOQ9B8cA0FE8EUtmDvU.mft
rsync://rpki.ripe.net/repository/DEFAULT/rh7z1ianVOQ9B8cA0FE8EUtmDvU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:83:a5:c1:65:9a:30:76:32:f2:bc:cd:c3:e3:45:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae1ef3d626a754e43d07c700d0513c114b660ef5
Validity
Not Before: Mar 25 15:01:17 2026 GMT
Not After : Mar 26 15:01:17 2026 GMT
Subject: CN=d38cf85838a616d553485adc8c3ed637a255a616
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d1:45:9f:1d:21:81:71:97:37:ec:44:fa:b2:
a3:b0:11:44:60:a9:e5:7e:6b:36:5a:30:1f:7a:7c:
13:7d:4d:e0:83:0e:77:ec:9b:31:16:82:8c:a9:0a:
b0:65:05:aa:4c:c4:ce:ab:da:c2:ee:c1:4e:6c:96:
28:24:35:06:b9:32:a1:a3:f0:15:c0:08:ad:ad:f5:
16:96:4d:b2:e1:bf:35:2e:3f:8c:1c:4c:93:96:8a:
24:01:5a:8d:e0:1d:51:6b:4f:51:4e:a5:4a:7f:eb:
49:e3:b2:f2:16:5a:b8:22:b4:ea:0b:a2:e2:6e:11:
0c:3c:bc:03:bf:c7:59:bb:67:c8:69:15:c2:f4:09:
89:c0:87:a5:65:82:fe:6e:86:ac:c3:86:07:12:03:
0d:59:14:61:cc:fb:84:89:9d:03:74:00:f1:1e:fe:
0b:b6:0e:c7:e3:29:82:60:68:4f:b2:0f:f0:27:36:
0a:ab:a1:4e:99:de:35:7f:f4:60:9d:6f:32:44:1b:
72:de:34:23:0c:76:7e:61:6b:66:e4:22:fa:31:a4:
47:86:fe:e9:bd:ab:8a:4e:5a:77:15:ac:e1:66:fb:
d9:38:fb:f2:5a:1b:77:f7:ff:ab:0e:23:31:e6:69:
f8:1b:22:6c:7e:e0:e1:5d:7b:eb:57:68:b7:56:32:
37:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:8C:F8:58:38:A6:16:D5:53:48:5A:DC:8C:3E:D6:37:A2:55:A6:16
X509v3 Authority Key Identifier:
keyid:AE:1E:F3:D6:26:A7:54:E4:3D:07:C7:00:D0:51:3C:11:4B:66:0E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rh7z1ianVOQ9B8cA0FE8EUtmDvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/afe9b8-e881-4462-a1ee-8e81d1350736/1/rh7z1ianVOQ9B8cA0FE8EUtmDvU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/afe9b8-e881-4462-a1ee-8e81d1350736/1/rh7z1ianVOQ9B8cA0FE8EUtmDvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4a:9c:5c:fb:15:74:bd:b5:b0:09:c8:73:ef:a0:c1:3d:e5:1a:
46:6e:17:d3:32:05:82:40:82:6f:5e:69:b9:62:79:c8:81:fa:
b4:91:80:fc:f4:8d:13:d6:12:99:c1:c5:a4:c9:d5:84:5b:09:
74:a9:a2:3f:64:45:7e:ed:28:dc:3b:b3:ef:95:94:3e:6a:0b:
4d:19:af:d9:c3:76:af:de:bc:54:ee:77:ad:a9:56:13:24:de:
1c:98:01:91:f1:d0:3c:8d:43:99:90:7c:95:5b:b0:46:41:4b:
8a:6c:aa:b7:94:44:07:f1:40:bc:6d:6c:d3:a0:4f:24:a4:de:
27:1c:5b:5a:87:77:2d:f1:77:be:21:75:63:d4:cf:58:79:53:
ba:eb:aa:3f:c4:94:78:a4:c2:f7:8c:79:89:6c:ce:8c:72:d7:
ee:8a:57:c0:4a:1e:0f:87:f1:16:6f:25:db:e7:74:4f:09:52:
01:c6:96:7a:e1:9d:04:ef:bd:23:04:27:81:16:c6:d8:b2:e4:
e9:49:69:a2:49:71:33:71:40:50:0d:cd:e2:21:f9:2e:d1:e0:
c3:4c:ae:82:b7:3e:98:7c:90:1b:39:7c:56:67:3d:29:f0:af:
b7:0e:9b:16:d9:a5:fc:9e:39:a7:f3:32:a1:6e:5b:f6:df:6f:
e7:17:fe:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lg6XBZZowdjLyvM3D40WYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlMWVmM2Q2MjZhNzU0ZTQzZDA3YzcwMGQwNTEzYzExNGI2
NjBlZjUwHhcNMjYwMzI1MTUwMTE3WhcNMjYwMzI2MTUwMTE3WjAzMTEwLwYDVQQD
EyhkMzhjZjg1ODM4YTYxNmQ1NTM0ODVhZGM4YzNlZDYzN2EyNTVhNjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdFFnx0hgXGXN+xE+rKjsBFEYKnl
fms2WjAfenwTfU3ggw537JsxFoKMqQqwZQWqTMTOq9rC7sFObJYoJDUGuTKho/AV
wAitrfUWlk2y4b81Lj+MHEyTlookAVqN4B1Ra09RTqVKf+tJ47LyFlq4IrTqC6Li
bhEMPLwDv8dZu2fIaRXC9AmJwIelZYL+boasw4YHEgMNWRRhzPuEiZ0DdADxHv4L
tg7H4ymCYGhPsg/wJzYKq6FOmd41f/RgnW8yRBty3jQjDHZ+YWtm5CL6MaRHhv7p
vauKTlp3FazhZvvZOPvyWht39/+rDiMx5mn4GyJsfuDhXXvrV2i3VjI3iwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNOM+Fg4phbVU0ha3Iw+1jeiVaYWMB8GA1UdIwQY
MBaAFK4e89Ymp1TkPQfHANBRPBFLZg71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmg3ejFpYW5WT1E5QjhjQTBGRThFVXRtRHZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hZmU5YjgtZTg4MS00NDYyLWExZWUt
OGU4MWQxMzUwNzM2LzEvcmg3ejFpYW5WT1E5QjhjQTBGRThFVXRtRHZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hZmU5YjgtZTg4MS00NDYyLWExZWUtOGU4MWQxMzUwNzM2
LzEvcmg3ejFpYW5WT1E5QjhjQTBGRThFVXRtRHZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASpxc+xV0
vbWwCchz76DBPeUaRm4X0zIFgkCCb15puWJ5yIH6tJGA/PSNE9YSmcHFpMnVhFsJ
dKmiP2RFfu0o3Duz75WUPmoLTRmv2cN2r968VO53ralWEyTeHJgBkfHQPI1DmZB8
lVuwRkFLimyqt5REB/FAvG1s06BPJKTeJxxbWod3LfF3viF1Y9TPWHlTuuuqP8SU
eKTC94x5iWzOjHLX7opXwEoeD4fxFm8l2+d0TwlSAcaWeuGdBO+9IwQngRbG2LLk
6UlpoklxM3FAUA3N4iH5LtHgw0yugrc+mHyQGzl8Vmc9KfCvtw6bFtml/J45p/My
oW5b9t9v5xf+Iw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:37:05 2026 by rpki-client