Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.mft
File: I32X8VCOekR4mfWaVfuKpiQe9RA.mft (raw, json)
Hash identifier: Phyi9i/LBm0n0e0mRku7gaB6tQTB7phTU0QPiChO+gk=
Subject key identifier: 51:1C:33:89:E8:2F:77:8E:40:EC:6E:EF:52:39:69:EB:62:87:34:8D
Authority key identifier: 23:7D:97:F1:50:8E:7A:44:78:99:F5:9A:55:FB:8A:A6:24:1E:F5:10
Certificate issuer: /CN=237d97f1508e7a447899f59a55fb8aa6241ef510
Certificate serial: 019D27DFE271374F9643A5F39FEC1D19409A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I32X8VCOekR4mfWaVfuKpiQe9RA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.mft
Manifest number: 0713
Signing time: Thu 26 Mar 2026 02:01:16 +0000
Manifest this update: Thu 26 Mar 2026 02:01:16 +0000
Manifest next update: Fri 27 Mar 2026 02:01:16 +0000
Files and hashes: 1: 2MeX37cZHGHHuxJtj1E28ddzIsI.roa (hash: LZd2fssCxVZOERqVCoqkBsBn4xYtLG5cKZGv8FiTdNw=)
2: I32X8VCOekR4mfWaVfuKpiQe9RA.crl (hash: osW+ZyHCL81cNoO8qS7I6cLoYq0LQ62rI9xBrktHSkE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.mft
rsync://rpki.ripe.net/repository/DEFAULT/I32X8VCOekR4mfWaVfuKpiQe9RA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:df:e2:71:37:4f:96:43:a5:f3:9f:ec:1d:19:40:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=237d97f1508e7a447899f59a55fb8aa6241ef510
Validity
Not Before: Mar 26 02:01:16 2026 GMT
Not After : Mar 27 02:01:16 2026 GMT
Subject: CN=511c3389e82f778e40ec6eef523969eb6287348d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:21:92:1b:7d:cb:78:d2:88:67:f5:20:87:e6:
db:22:63:04:cb:3e:62:8a:9c:82:80:1b:1f:ea:5f:
cf:95:3a:04:98:83:38:bf:42:22:8b:3f:bc:e8:9e:
c7:28:af:f1:34:dc:d9:22:c1:fb:d7:4e:62:08:5e:
db:0e:30:43:b3:6f:39:c0:80:72:70:4e:38:3f:e8:
06:8e:0c:55:9c:f5:32:d5:14:0e:b9:b3:e6:fb:ec:
ae:f5:f9:41:51:da:15:d3:9b:71:9f:29:1f:84:40:
71:0b:28:e9:d7:64:68:63:e5:81:9b:34:ad:44:67:
98:ba:0c:d1:63:96:ad:a0:4a:e0:f0:e4:81:1b:74:
be:0c:0f:38:b6:46:1a:7b:02:ea:c1:98:88:5e:4b:
22:24:d7:5e:2c:ae:60:a5:16:7d:b0:6f:cb:e9:04:
b9:c0:c7:1e:a0:cc:a5:51:7f:c1:a7:23:01:eb:98:
9e:fe:8c:4c:24:a4:de:9c:37:a0:c4:4c:8a:56:00:
08:1d:ae:a0:0f:64:c3:7d:c8:8b:89:d5:15:2e:ec:
da:a4:e3:c1:d1:29:da:93:a3:30:05:50:ed:26:4f:
56:58:8c:e8:e7:47:c6:95:67:ae:90:a7:3c:50:20:
7c:18:a5:5a:ac:b3:7f:a4:e4:ae:dd:70:2c:05:f9:
65:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:1C:33:89:E8:2F:77:8E:40:EC:6E:EF:52:39:69:EB:62:87:34:8D
X509v3 Authority Key Identifier:
keyid:23:7D:97:F1:50:8E:7A:44:78:99:F5:9A:55:FB:8A:A6:24:1E:F5:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I32X8VCOekR4mfWaVfuKpiQe9RA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a5:bb:ed:15:ae:24:67:d8:d1:8d:07:b3:7c:5a:cb:72:95:bb:
ef:ba:c6:0f:fc:70:1e:bb:9e:4e:c8:d5:03:b0:98:80:54:05:
b7:4a:82:f3:4d:fe:4d:41:19:ee:c3:17:a6:46:61:16:fd:e3:
3d:2d:9c:42:f6:cc:95:86:ab:eb:92:4c:c3:63:13:33:64:a6:
f6:f9:64:d2:b1:6d:94:36:59:9d:77:ee:74:fa:70:8d:67:71:
ad:b3:86:47:6a:4b:95:bd:cc:48:7e:e7:59:84:6e:d1:47:09:
f8:47:ff:63:aa:80:35:fe:0f:4c:eb:87:a1:4b:ac:38:4b:96:
a9:bc:2a:61:92:00:cf:e5:61:58:8f:f4:a2:eb:7a:68:c0:6d:
a0:32:bd:9c:76:d8:15:93:62:35:fd:c0:74:01:de:7e:52:59:
22:f2:7b:af:22:c1:27:86:f0:28:5c:a4:07:bf:c0:0c:75:ab:
8c:aa:f7:c3:35:02:e4:de:5a:70:0b:17:0a:8a:aa:3b:8e:42:
5f:67:ae:67:e4:0d:be:12:5a:94:3b:ec:83:78:7f:78:d6:bd:
2d:37:a4:33:84:72:f6:d2:2d:5a:42:db:de:bc:98:59:d1:12:
68:a1:f3:fe:08:43:d9:30:35:74:dc:0c:a5:3f:21:f0:fc:95:
7b:68:99:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n3+JxN0+WQ6Xzn+wdGUCaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzN2Q5N2YxNTA4ZTdhNDQ3ODk5ZjU5YTU1ZmI4YWE2MjQx
ZWY1MTAwHhcNMjYwMzI2MDIwMTE2WhcNMjYwMzI3MDIwMTE2WjAzMTEwLwYDVQQD
Eyg1MTFjMzM4OWU4MmY3NzhlNDBlYzZlZWY1MjM5NjllYjYyODczNDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyyGSG33LeNKIZ/Ugh+bbImMEyz5i
ipyCgBsf6l/PlToEmIM4v0Iiiz+86J7HKK/xNNzZIsH7105iCF7bDjBDs285wIBy
cE44P+gGjgxVnPUy1RQOubPm++yu9flBUdoV05txnykfhEBxCyjp12RoY+WBmzSt
RGeYugzRY5atoErg8OSBG3S+DA84tkYaewLqwZiIXksiJNdeLK5gpRZ9sG/L6QS5
wMceoMylUX/BpyMB65ie/oxMJKTenDegxEyKVgAIHa6gD2TDfciLidUVLuzapOPB
0Snak6MwBVDtJk9WWIzo50fGlWeukKc8UCB8GKVarLN/pOSu3XAsBflliwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFEcM4noL3eOQOxu71I5aetihzSNMB8GA1UdIwQY
MBaAFCN9l/FQjnpEeJn1mlX7iqYkHvUQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTMyWDhWQ09la1I0bWZXYVZmdUtwaVFlOVJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9mNTAzZDctMWZiNi00MzcwLWI0NGYt
NDRhNDFhOTMxMTNlLzEvSTMyWDhWQ09la1I0bWZXYVZmdUtwaVFlOVJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9mNTAzZDctMWZiNi00MzcwLWI0NGYtNDRhNDFhOTMxMTNl
LzEvSTMyWDhWQ09la1I0bWZXYVZmdUtwaVFlOVJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApbvtFa4k
Z9jRjQezfFrLcpW777rGD/xwHrueTsjVA7CYgFQFt0qC803+TUEZ7sMXpkZhFv3j
PS2cQvbMlYar65JMw2MTM2Sm9vlk0rFtlDZZnXfudPpwjWdxrbOGR2pLlb3MSH7n
WYRu0UcJ+Ef/Y6qANf4PTOuHoUusOEuWqbwqYZIAz+VhWI/0out6aMBtoDK9nHbY
FZNiNf3AdAHeflJZIvJ7ryLBJ4bwKFykB7/ADHWrjKr3wzUC5N5acAsXCoqqO45C
X2euZ+QNvhJalDvsg3h/eNa9LTekM4Ry9tItWkLb3ryYWdESaKHz/ghD2TA1dNwM
pT8h8PyVe2iZqw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:16:22 2026 by rpki-client