Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/eac1f4-ace1-4ce1-a181-cfcabb19f989/1/p2i77FqeEb-9rthKqNOqzaKYifk.mft
File: p2i77FqeEb-9rthKqNOqzaKYifk.mft (raw, json)
Hash identifier: c5ZoD6uSNMAykMazsy0MtGX9rp3UIbUwIBhYUKnLdzU=
Subject key identifier: BF:9D:E3:B1:71:F4:DF:44:64:CC:3C:B8:69:80:BC:6D:1D:0F:32:2C
Authority key identifier: A7:68:BB:EC:5A:9E:11:BF:BD:AE:D8:4A:A8:D3:AA:CD:A2:98:89:F9
Certificate issuer: /CN=a768bbec5a9e11bfbdaed84aa8d3aacda29889f9
Certificate serial: 019D29CEB5D3660D9FBC3235CFB666989F4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p2i77FqeEb-9rthKqNOqzaKYifk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/eac1f4-ace1-4ce1-a181-cfcabb19f989/1/p2i77FqeEb-9rthKqNOqzaKYifk.mft
Manifest number: 1888
Signing time: Thu 26 Mar 2026 11:01:45 +0000
Manifest this update: Thu 26 Mar 2026 11:01:45 +0000
Manifest next update: Fri 27 Mar 2026 11:01:45 +0000
Files and hashes: 1: YwiBk7F0B614LD9wQoEFnkWeQjs.roa (hash: mvD8mcgS8Z/u8tn955UOEASMu8p9nleqgNicn8XmXOw=)
2: p2i77FqeEb-9rthKqNOqzaKYifk.crl (hash: fRF7SKD4MOXwBqpCRuSf9EhAZcswp28Gk1S2TN7XVwM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/eac1f4-ace1-4ce1-a181-cfcabb19f989/1/p2i77FqeEb-9rthKqNOqzaKYifk.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/eac1f4-ace1-4ce1-a181-cfcabb19f989/1/p2i77FqeEb-9rthKqNOqzaKYifk.mft
rsync://rpki.ripe.net/repository/DEFAULT/p2i77FqeEb-9rthKqNOqzaKYifk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:ce:b5:d3:66:0d:9f:bc:32:35:cf:b6:66:98:9f:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a768bbec5a9e11bfbdaed84aa8d3aacda29889f9
Validity
Not Before: Mar 26 11:01:45 2026 GMT
Not After : Mar 27 11:01:45 2026 GMT
Subject: CN=bf9de3b171f4df4464cc3cb86980bc6d1d0f322c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a6:31:33:d2:80:62:fb:4c:96:71:2b:69:67:
48:c2:e0:d1:20:91:7b:6b:e6:98:0a:cb:0b:93:8c:
2a:f7:4b:29:3c:4a:e3:bf:b0:2b:37:58:68:0f:db:
dd:d5:d9:49:91:e7:0a:01:e0:7a:12:98:ab:bb:0f:
ce:1c:47:41:c5:36:d4:3d:29:fb:04:ba:e4:e1:61:
9a:c9:d5:65:b3:1a:58:ff:56:1e:d5:3c:e4:67:f0:
7c:5a:85:51:1f:45:97:14:4e:33:7a:5d:1e:7a:9a:
07:54:ea:c5:d5:7d:8b:ae:75:e9:9f:1e:4a:03:c3:
d6:85:df:44:f5:b3:fd:c7:07:9f:b9:b3:b1:b8:cc:
1d:6a:27:e2:55:63:8a:00:03:e8:a7:5a:7d:21:03:
e2:78:fa:ae:c5:28:d1:8b:1e:3d:28:65:f4:20:60:
be:ed:de:aa:0e:6d:57:85:83:a6:0f:08:d1:86:33:
33:cd:d2:b1:09:4d:db:8e:f1:92:75:ba:bf:05:48:
4d:f3:fa:99:64:ce:5e:1e:3a:08:14:52:8a:1f:d7:
6d:68:0f:db:94:4e:4f:92:81:72:4c:76:e8:d3:88:
11:8f:35:79:de:e0:11:25:8c:e5:00:1f:da:74:f4:
95:6d:a8:de:72:30:8e:6f:e8:3d:2a:d7:e4:95:51:
29:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:9D:E3:B1:71:F4:DF:44:64:CC:3C:B8:69:80:BC:6D:1D:0F:32:2C
X509v3 Authority Key Identifier:
keyid:A7:68:BB:EC:5A:9E:11:BF:BD:AE:D8:4A:A8:D3:AA:CD:A2:98:89:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p2i77FqeEb-9rthKqNOqzaKYifk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/eac1f4-ace1-4ce1-a181-cfcabb19f989/1/p2i77FqeEb-9rthKqNOqzaKYifk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/eac1f4-ace1-4ce1-a181-cfcabb19f989/1/p2i77FqeEb-9rthKqNOqzaKYifk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
51:ea:af:66:51:fc:78:d8:d9:18:ac:4b:7c:24:f5:74:a8:9b:
07:38:81:7d:3f:22:1b:f8:35:6b:44:af:b9:32:ec:c3:97:88:
bf:e5:31:37:35:49:be:67:e8:e1:af:8e:e6:b6:0c:d7:ce:0e:
c5:8b:a3:ed:98:33:56:25:de:35:b9:d4:51:bc:16:3e:94:34:
db:48:ee:59:93:e7:db:c1:6d:d1:6b:dd:16:f6:ca:e8:7d:9e:
97:7a:b4:f2:8e:22:26:28:6c:bc:69:1b:e0:a9:fa:59:92:d5:
69:10:b4:ef:16:5f:17:ea:59:4f:0a:82:f0:bb:19:92:3f:62:
f1:41:47:65:41:59:7e:c9:8a:f2:c3:cb:7f:f6:1e:db:eb:d0:
b0:18:15:51:11:5a:a4:82:82:c9:4b:f9:85:68:b2:5d:64:c2:
47:f5:a4:2e:e1:f4:08:f7:fe:fe:aa:a2:fe:d4:2d:60:34:6f:
e6:9f:ac:b0:5b:6e:a1:c9:0f:b3:15:99:08:be:42:0f:51:6e:
d6:1d:71:e6:9a:5a:1b:72:46:4e:d2:b2:38:f3:cc:0e:62:c8:
13:7e:39:c7:14:ab:39:0d:ec:57:e7:c2:4e:64:7f:9b:35:bb:
55:dd:b4:1f:aa:53:b9:be:e0:5a:42:94:88:67:52:5f:30:58:
e5:eb:3b:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzrXTZg2fvDI1z7ZmmJ9KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NjhiYmVjNWE5ZTExYmZiZGFlZDg0YWE4ZDNhYWNkYTI5
ODg5ZjkwHhcNMjYwMzI2MTEwMTQ1WhcNMjYwMzI3MTEwMTQ1WjAzMTEwLwYDVQQD
EyhiZjlkZTNiMTcxZjRkZjQ0NjRjYzNjYjg2OTgwYmM2ZDFkMGYzMjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKYxM9KAYvtMlnEraWdIwuDRIJF7
a+aYCssLk4wq90spPErjv7ArN1hoD9vd1dlJkecKAeB6Epiruw/OHEdBxTbUPSn7
BLrk4WGaydVlsxpY/1Ye1TzkZ/B8WoVRH0WXFE4zel0eepoHVOrF1X2LrnXpnx5K
A8PWhd9E9bP9xwefubOxuMwdaifiVWOKAAPop1p9IQPiePquxSjRix49KGX0IGC+
7d6qDm1XhYOmDwjRhjMzzdKxCU3bjvGSdbq/BUhN8/qZZM5eHjoIFFKKH9dtaA/b
lE5PkoFyTHbo04gRjzV53uARJYzlAB/adPSVbajecjCOb+g9KtfklVEpvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL+d47Fx9N9EZMw8uGmAvG0dDzIsMB8GA1UdIwQY
MBaAFKdou+xanhG/va7YSqjTqs2imIn5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDJpNzdGcWVFYi05cnRoS3FOT3F6YUtZaWZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9lYWMxZjQtYWNlMS00Y2UxLWExODEt
Y2ZjYWJiMTlmOTg5LzEvcDJpNzdGcWVFYi05cnRoS3FOT3F6YUtZaWZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9lYWMxZjQtYWNlMS00Y2UxLWExODEtY2ZjYWJiMTlmOTg5
LzEvcDJpNzdGcWVFYi05cnRoS3FOT3F6YUtZaWZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUeqvZlH8
eNjZGKxLfCT1dKibBziBfT8iG/g1a0SvuTLsw5eIv+UxNzVJvmfo4a+O5rYM184O
xYuj7ZgzViXeNbnUUbwWPpQ020juWZPn28Ft0WvdFvbK6H2el3q08o4iJihsvGkb
4Kn6WZLVaRC07xZfF+pZTwqC8LsZkj9i8UFHZUFZfsmK8sPLf/Ye2+vQsBgVURFa
pIKCyUv5hWiyXWTCR/WkLuH0CPf+/qqi/tQtYDRv5p+ssFtuockPsxWZCL5CD1Fu
1h1x5ppaG3JGTtKyOPPMDmLIE345xxSrOQ3sV+fCTmR/mzW7Vd20H6pTub7gWkKU
iGdSXzBY5es78w==
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:56:56 2026 by rpki-client