Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft
File: st8A84zO2SGXmTB2yzaFvzK8Xmk.mft (raw, json)
Hash identifier: Xf4tFh2ue47FPvlAqKgcq6XEfpzpNtv6mo/BKOlK1ps=
Subject key identifier: 43:D9:3D:FA:AE:A5:B6:D2:EC:B1:F2:CC:2D:A2:B0:BA:8E:99:77:B3
Authority key identifier: B2:DF:00:F3:8C:CE:D9:21:97:99:30:76:CB:36:85:BF:32:BC:5E:69
Certificate issuer: /CN=b2df00f38cced92197993076cb3685bf32bc5e69
Certificate serial: 019D29CDCB34A53E7E7F25849DBB7B07E569
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft
Manifest number: 13F1
Signing time: Thu 26 Mar 2026 11:00:45 +0000
Manifest this update: Thu 26 Mar 2026 11:00:45 +0000
Manifest next update: Fri 27 Mar 2026 11:00:45 +0000
Files and hashes: 1: 1-9MzMIRI9EZUWy0_EdU5hjULaQY.roa (hash: 6DcD4YBSDKFcP7fuSl9OrTUJJR5lZIill0/ldDdy3gw=)
2: st8A84zO2SGXmTB2yzaFvzK8Xmk.crl (hash: FsYQgoFvZcrhpRi0qQS8Rz/tmsI9eI7Cle5Grs+NB78=)
3: tlAQgGMhDgT__rhJHf56aqlul7E.roa (hash: BWDoEWyH3pvyZXWpW+PEd6Elxpc6FH99ZQRpTprPKtE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft
rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:cd:cb:34:a5:3e:7e:7f:25:84:9d:bb:7b:07:e5:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2df00f38cced92197993076cb3685bf32bc5e69
Validity
Not Before: Mar 26 11:00:45 2026 GMT
Not After : Mar 27 11:00:45 2026 GMT
Subject: CN=43d93dfaaea5b6d2ecb1f2cc2da2b0ba8e9977b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:e6:e2:2a:8d:46:d1:48:92:25:06:6b:ae:7c:
6a:d7:59:04:bb:42:be:85:af:d1:4c:ca:26:51:5b:
af:32:e4:28:a8:1e:d1:d2:19:8e:2c:b5:3e:7c:fd:
d5:ed:ab:07:c4:08:0b:e2:36:21:b9:30:55:5a:0e:
38:d3:6c:b8:7f:4c:48:44:ed:4e:a4:98:88:ad:ea:
55:eb:9e:c5:b8:b0:a5:0d:9a:41:dd:91:1e:ab:dc:
46:bb:7c:bd:2c:48:68:d5:cc:60:25:ea:42:1f:26:
1f:59:da:f5:a8:bb:ec:18:67:ec:98:19:5e:8a:13:
29:ed:64:ed:2d:8d:49:bc:2a:4b:88:48:db:ad:ae:
46:fc:1e:6f:5d:4f:31:dd:a0:5e:4c:ae:fe:13:a8:
a9:ba:25:b8:8e:a4:dd:5b:2c:38:2d:df:01:5d:79:
3a:ae:6c:d7:ea:f3:e1:76:d5:df:cd:3d:60:a0:24:
fa:f6:5d:de:c2:f7:60:98:9b:03:84:45:11:d2:2b:
58:c2:47:ce:79:27:a3:5b:29:aa:c0:5a:ec:a7:fc:
50:ec:60:ec:1d:1e:a6:8c:2b:2d:34:e8:7c:37:4d:
0e:3b:61:05:d0:37:25:28:24:5c:69:65:34:f4:00:
cb:c8:b7:6e:53:f6:cc:33:38:1a:e2:70:9c:cd:d3:
41:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:D9:3D:FA:AE:A5:B6:D2:EC:B1:F2:CC:2D:A2:B0:BA:8E:99:77:B3
X509v3 Authority Key Identifier:
keyid:B2:DF:00:F3:8C:CE:D9:21:97:99:30:76:CB:36:85:BF:32:BC:5E:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b9:c8:b8:1a:aa:0d:d3:7f:18:d0:66:6e:d1:2a:6f:ad:a1:9b:
d2:a1:5b:fe:1e:7e:2a:1a:2c:82:0e:85:db:c3:df:ef:1c:41:
6a:ba:82:47:1f:0a:e3:b1:b3:f8:a3:5e:12:9b:70:8b:cb:77:
b4:95:ca:96:d0:aa:0b:4f:72:8d:91:59:69:d6:66:02:d4:4c:
7f:8d:7d:b6:20:6a:f5:e7:2d:7d:3e:15:ea:37:e8:d5:e4:3d:
91:f2:09:ce:fe:a4:33:64:02:8d:ff:e0:36:15:80:a4:55:e2:
12:b4:1e:84:2a:d7:55:92:e8:f3:3a:44:9a:35:b3:30:73:bb:
42:e6:78:4b:41:d1:b5:a4:f3:d5:0f:b4:bb:7e:18:7b:cf:0a:
f8:3b:05:7b:f1:41:16:db:a1:bb:cc:40:cc:7e:e0:d4:31:0c:
f4:db:38:eb:dd:68:ac:91:d0:50:25:b9:b6:c7:71:9b:be:e8:
de:f2:48:d9:7c:2a:d2:fa:f6:cc:54:47:97:60:c0:4d:78:09:
bc:61:1f:83:d4:0b:25:4c:8a:c3:3f:74:b3:43:3a:cb:45:5f:
e1:0e:7a:99:6e:85:b4:a7:dd:cc:e3:b5:fb:11:51:f4:27:44:
cc:a6:74:c0:73:16:58:78:8e:b1:e9:c8:c2:53:f4:1a:d4:c8:
6f:cc:29:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzcs0pT5+fyWEnbt7B+VpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZGYwMGYzOGNjZWQ5MjE5Nzk5MzA3NmNiMzY4NWJmMzJi
YzVlNjkwHhcNMjYwMzI2MTEwMDQ1WhcNMjYwMzI3MTEwMDQ1WjAzMTEwLwYDVQQD
Eyg0M2Q5M2RmYWFlYTViNmQyZWNiMWYyY2MyZGEyYjBiYThlOTk3N2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7+biKo1G0UiSJQZrrnxq11kEu0K+
ha/RTMomUVuvMuQoqB7R0hmOLLU+fP3V7asHxAgL4jYhuTBVWg4402y4f0xIRO1O
pJiIrepV657FuLClDZpB3ZEeq9xGu3y9LEho1cxgJepCHyYfWdr1qLvsGGfsmBle
ihMp7WTtLY1JvCpLiEjbra5G/B5vXU8x3aBeTK7+E6ipuiW4jqTdWyw4Ld8BXXk6
rmzX6vPhdtXfzT1goCT69l3ewvdgmJsDhEUR0itYwkfOeSejWymqwFrsp/xQ7GDs
HR6mjCstNOh8N00OO2EF0DclKCRcaWU09ADLyLduU/bMMzga4nCczdNBOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEPZPfqupbbS7LHyzC2isLqOmXezMB8GA1UdIwQY
MBaAFLLfAPOMztkhl5kwdss2hb8yvF5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83MDZmYTgtNTJhMi00ZWQyLWEyZTEt
MDRlNGU0ZGM1ZmJhLzEvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83MDZmYTgtNTJhMi00ZWQyLWEyZTEtMDRlNGU0ZGM1ZmJh
LzEvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuci4GqoN
038Y0GZu0SpvraGb0qFb/h5+Khosgg6F28Pf7xxBarqCRx8K47Gz+KNeEptwi8t3
tJXKltCqC09yjZFZadZmAtRMf419tiBq9ectfT4V6jfo1eQ9kfIJzv6kM2QCjf/g
NhWApFXiErQehCrXVZLo8zpEmjWzMHO7QuZ4S0HRtaTz1Q+0u34Ye88K+DsFe/FB
Ftuhu8xAzH7g1DEM9Ns4691orJHQUCW5tsdxm77o3vJI2Xwq0vr2zFRHl2DATXgJ
vGEfg9QLJUyKwz90s0M6y0Vf4Q56mW6FtKfdzOO1+xFR9CdEzKZ0wHMWWHiOsenI
wlP0GtTIb8wpSA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:47:23 2026 by rpki-client