Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/a30bea-9e93-4091-b6e1-e1ef27772eaf/1/rfDfdxFHQeE6F9chPmlWv5YntVg.mft
File: rfDfdxFHQeE6F9chPmlWv5YntVg.mft (raw, json)
Hash identifier: p9PJ+KNJWX7RKVK6EozUT0UPVx8ZhWpiehg3XDfE8E4=
Subject key identifier: D0:D0:26:97:83:7C:38:10:DC:EC:70:BA:43:D2:6C:05:DF:41:1A:E5
Authority key identifier: AD:F0:DF:77:11:47:41:E1:3A:17:D7:21:3E:69:56:BF:96:27:B5:58
Certificate issuer: /CN=adf0df77114741e13a17d7213e6956bf9627b558
Certificate serial: 019D2628055CDD6E7645E587F483DA48FB9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfDfdxFHQeE6F9chPmlWv5YntVg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/a30bea-9e93-4091-b6e1-e1ef27772eaf/1/rfDfdxFHQeE6F9chPmlWv5YntVg.mft
Manifest number: 173A
Signing time: Wed 25 Mar 2026 18:00:50 +0000
Manifest this update: Wed 25 Mar 2026 18:00:50 +0000
Manifest next update: Thu 26 Mar 2026 18:00:50 +0000
Files and hashes: 1: 8eYijGU89HKkHPl1vQkVznR2YWI.roa (hash: GVKbdEH+zbWNIRI6lkz6XipadG7YSN2rD9CEidAiQUs=)
2: rfDfdxFHQeE6F9chPmlWv5YntVg.crl (hash: hb17LXsLreuKenORF0VXdE/JAOUzHc1x8AxvbZcWp1c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/a30bea-9e93-4091-b6e1-e1ef27772eaf/1/rfDfdxFHQeE6F9chPmlWv5YntVg.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/a30bea-9e93-4091-b6e1-e1ef27772eaf/1/rfDfdxFHQeE6F9chPmlWv5YntVg.mft
rsync://rpki.ripe.net/repository/DEFAULT/rfDfdxFHQeE6F9chPmlWv5YntVg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 18:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:28:05:5c:dd:6e:76:45:e5:87:f4:83:da:48:fb:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf0df77114741e13a17d7213e6956bf9627b558
Validity
Not Before: Mar 25 18:00:50 2026 GMT
Not After : Mar 26 18:00:50 2026 GMT
Subject: CN=d0d02697837c3810dcec70ba43d26c05df411ae5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a2:f0:d9:6d:2a:04:90:6b:7d:f4:e1:80:68:
0c:66:4b:a5:eb:0d:69:79:2c:f2:f8:01:fc:11:9e:
f3:73:db:e3:48:05:99:28:50:33:69:7b:70:2b:15:
7f:82:7b:10:c4:a6:09:6b:2e:fc:83:df:fb:a1:a5:
17:1f:0b:d1:f7:11:bf:63:f8:4f:4f:36:85:7a:00:
0a:5f:23:fa:a0:d1:57:25:de:b8:55:e5:14:3c:b9:
5a:f4:b5:bb:68:20:6a:7c:84:5c:bb:0f:65:06:34:
9e:35:8a:1b:95:b9:42:76:99:ce:bf:22:69:16:58:
f3:5a:c9:0c:4b:2a:d5:35:4f:a6:de:53:3c:46:5b:
89:d8:ce:66:79:82:8d:58:ed:1f:fb:d7:48:a0:7b:
61:38:49:61:5b:e4:27:04:91:a3:af:a5:ff:75:42:
92:0d:87:5f:a3:08:89:70:70:89:00:81:ce:db:80:
96:92:9f:fa:fb:6b:9b:96:c4:d4:84:9b:45:9a:6f:
b9:ae:c5:f6:7a:bc:45:ac:25:14:3a:6a:cc:a0:93:
91:9f:31:30:70:c9:d2:78:4c:0e:e0:1f:ee:4f:fe:
76:6b:8e:2b:7d:6e:a8:08:62:e5:48:63:bf:23:37:
c7:59:a3:f6:8c:a3:7e:fc:4d:c4:fd:c2:fb:f0:2e:
16:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:D0:26:97:83:7C:38:10:DC:EC:70:BA:43:D2:6C:05:DF:41:1A:E5
X509v3 Authority Key Identifier:
keyid:AD:F0:DF:77:11:47:41:E1:3A:17:D7:21:3E:69:56:BF:96:27:B5:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfDfdxFHQeE6F9chPmlWv5YntVg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a30bea-9e93-4091-b6e1-e1ef27772eaf/1/rfDfdxFHQeE6F9chPmlWv5YntVg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a30bea-9e93-4091-b6e1-e1ef27772eaf/1/rfDfdxFHQeE6F9chPmlWv5YntVg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
42:f0:85:78:cb:cf:95:a1:51:dc:a1:0b:34:45:e3:7f:60:a1:
b3:12:d1:38:4b:99:83:78:4b:22:3a:2d:ed:74:fe:c3:6b:54:
bc:b3:77:c8:b5:5a:22:a3:53:54:b7:d5:ab:a3:15:cf:0b:d7:
3b:2c:fd:f5:44:02:15:d9:fc:a0:41:6a:21:45:f1:aa:7b:69:
33:b0:52:c3:77:b0:75:d5:f7:7b:2e:0e:4c:f3:87:ac:48:db:
48:13:d0:75:bb:c6:a5:28:da:a4:41:e7:7c:fa:d4:cd:c2:25:
05:56:6a:bb:1b:8e:8e:78:6c:96:61:e8:64:e4:0d:d8:84:9d:
5a:aa:e8:a4:30:89:ef:d3:78:25:77:85:6d:b1:15:3c:2f:e5:
e9:a1:b8:1e:a7:28:56:54:98:94:7b:eb:67:41:86:76:93:d4:
b8:f1:1a:a9:ed:ca:30:fc:09:52:3e:b1:55:fe:a1:b8:3b:02:
9f:43:02:3e:ac:6d:77:70:a3:cd:6e:5f:59:b8:c7:34:ab:c9:
a1:7e:e8:86:a8:4c:5a:be:3a:11:ea:5b:79:b5:db:12:f7:27:
fa:9b:1d:95:ab:d6:75:63:76:fc:be:1d:f0:3c:74:5b:2d:dc:
40:fa:aa:0c:ac:fb:a5:b3:6c:a6:e5:fa:d8:05:5a:46:0c:6f:
ce:e2:d0:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mKAVc3W52ReWH9IPaSPufMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjBkZjc3MTE0NzQxZTEzYTE3ZDcyMTNlNjk1NmJmOTYy
N2I1NTgwHhcNMjYwMzI1MTgwMDUwWhcNMjYwMzI2MTgwMDUwWjAzMTEwLwYDVQQD
EyhkMGQwMjY5NzgzN2MzODEwZGNlYzcwYmE0M2QyNmMwNWRmNDExYWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqLw2W0qBJBrffThgGgMZkul6w1p
eSzy+AH8EZ7zc9vjSAWZKFAzaXtwKxV/gnsQxKYJay78g9/7oaUXHwvR9xG/Y/hP
TzaFegAKXyP6oNFXJd64VeUUPLla9LW7aCBqfIRcuw9lBjSeNYoblblCdpnOvyJp
FljzWskMSyrVNU+m3lM8RluJ2M5meYKNWO0f+9dIoHthOElhW+QnBJGjr6X/dUKS
DYdfowiJcHCJAIHO24CWkp/6+2ublsTUhJtFmm+5rsX2erxFrCUUOmrMoJORnzEw
cMnSeEwO4B/uT/52a44rfW6oCGLlSGO/IzfHWaP2jKN+/E3E/cL78C4WJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNDQJpeDfDgQ3OxwukPSbAXfQRrlMB8GA1UdIwQY
MBaAFK3w33cRR0HhOhfXIT5pVr+WJ7VYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZEZmR4RkhRZUU2RjljaFBtbFd2NVludFZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9hMzBiZWEtOWU5My00MDkxLWI2ZTEt
ZTFlZjI3NzcyZWFmLzEvcmZEZmR4RkhRZUU2RjljaFBtbFd2NVludFZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9hMzBiZWEtOWU5My00MDkxLWI2ZTEtZTFlZjI3NzcyZWFm
LzEvcmZEZmR4RkhRZUU2RjljaFBtbFd2NVludFZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQvCFeMvP
laFR3KELNEXjf2ChsxLROEuZg3hLIjot7XT+w2tUvLN3yLVaIqNTVLfVq6MVzwvX
Oyz99UQCFdn8oEFqIUXxqntpM7BSw3ewddX3ey4OTPOHrEjbSBPQdbvGpSjapEHn
fPrUzcIlBVZquxuOjnhslmHoZOQN2ISdWqropDCJ79N4JXeFbbEVPC/l6aG4Hqco
VlSYlHvrZ0GGdpPUuPEaqe3KMPwJUj6xVf6huDsCn0MCPqxtd3CjzW5fWbjHNKvJ
oX7ohqhMWr46EepbebXbEvcn+psdlavWdWN2/L4d8Dx0Wy3cQPqqDKz7pbNspuX6
2AVaRgxvzuLQVA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:34:13 2026 by rpki-client