Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/d6d263-29f9-4613-bb7d-4938b8d0c3de/1/sH-v24bTjze_DCbT8nMf3vaxTko.mft
File: sH-v24bTjze_DCbT8nMf3vaxTko.mft (raw, json)
Hash identifier: l9h8nP5raxGz2dT72sRQPLXoGLo+lCAnmjs773Hjztc=
Subject key identifier: 42:1B:3F:4B:E0:04:DF:9E:8E:BD:C7:2B:4B:1C:4C:74:77:0C:90:0E
Authority key identifier: B0:7F:AF:DB:86:D3:8F:37:BF:0C:26:D3:F2:73:1F:DE:F6:B1:4E:4A
Certificate issuer: /CN=b07fafdb86d38f37bf0c26d3f2731fdef6b14e4a
Certificate serial: 019D26CCCC5E8D2C730F77D50D60E4F3D2D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sH-v24bTjze_DCbT8nMf3vaxTko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/d6d263-29f9-4613-bb7d-4938b8d0c3de/1/sH-v24bTjze_DCbT8nMf3vaxTko.mft
Manifest number: 09E4
Signing time: Wed 25 Mar 2026 21:00:48 +0000
Manifest this update: Wed 25 Mar 2026 21:00:48 +0000
Manifest next update: Thu 26 Mar 2026 21:00:48 +0000
Files and hashes: 1: lZWH-2ISRkDqDMQnCqDWW-98xnk.roa (hash: JDtc5t6fobEneseGSEO/aqOB7d3WkNL4mqQCpDAemQg=)
2: sH-v24bTjze_DCbT8nMf3vaxTko.crl (hash: lsk6DIZYz2TLActgMdER4a3OdPC92/IlawQroBrv5MM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/d6d263-29f9-4613-bb7d-4938b8d0c3de/1/sH-v24bTjze_DCbT8nMf3vaxTko.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/d6d263-29f9-4613-bb7d-4938b8d0c3de/1/sH-v24bTjze_DCbT8nMf3vaxTko.mft
rsync://rpki.ripe.net/repository/DEFAULT/sH-v24bTjze_DCbT8nMf3vaxTko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 21:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:cc:cc:5e:8d:2c:73:0f:77:d5:0d:60:e4:f3:d2:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07fafdb86d38f37bf0c26d3f2731fdef6b14e4a
Validity
Not Before: Mar 25 21:00:48 2026 GMT
Not After : Mar 26 21:00:48 2026 GMT
Subject: CN=421b3f4be004df9e8ebdc72b4b1c4c74770c900e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4c:6f:52:eb:b5:98:a8:fd:58:21:a4:7f:6b:
dd:af:bc:8c:12:e9:90:09:81:d9:f2:9f:2a:5a:8c:
ea:53:a0:e1:a6:dd:f4:dd:a8:74:0c:33:50:fc:97:
7e:62:57:bf:6b:9e:b6:e1:b4:01:a3:a8:ea:ae:39:
8d:fb:89:5f:db:bc:0a:20:18:26:a7:cf:92:ed:19:
22:61:0e:30:6a:62:7b:58:23:e7:9a:ae:d3:fe:3d:
b2:29:23:dc:bd:57:fb:4d:9d:ac:48:68:de:14:ef:
3c:3d:9a:a1:61:57:4a:be:15:1a:f2:1f:14:f8:db:
34:86:10:43:53:ef:ca:d6:31:e9:9f:69:68:2a:87:
77:fe:a8:46:50:65:39:d6:c7:3e:c6:fc:b9:fb:c1:
ca:63:e9:db:58:28:86:6b:87:16:b1:17:ad:2d:52:
ca:46:0c:47:b1:53:f2:a3:ea:33:d6:55:77:fc:8f:
1f:94:22:35:de:a4:f0:e3:de:22:0c:d3:c8:d0:31:
13:59:2b:d1:af:67:5e:c8:9b:d4:39:46:77:30:35:
f6:80:90:52:69:3e:02:1a:e2:d4:60:e2:cf:60:6e:
26:5b:80:0e:a8:5b:c9:91:4f:d8:ae:dc:d7:0a:d4:
74:26:dc:e6:a5:be:9a:4b:db:40:d2:d2:c8:6a:16:
1d:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:1B:3F:4B:E0:04:DF:9E:8E:BD:C7:2B:4B:1C:4C:74:77:0C:90:0E
X509v3 Authority Key Identifier:
keyid:B0:7F:AF:DB:86:D3:8F:37:BF:0C:26:D3:F2:73:1F:DE:F6:B1:4E:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sH-v24bTjze_DCbT8nMf3vaxTko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/d6d263-29f9-4613-bb7d-4938b8d0c3de/1/sH-v24bTjze_DCbT8nMf3vaxTko.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/d6d263-29f9-4613-bb7d-4938b8d0c3de/1/sH-v24bTjze_DCbT8nMf3vaxTko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7a:a6:1b:5a:c5:75:32:76:a7:bb:98:d2:4e:94:71:1d:bb:86:
3c:a1:a3:09:0a:a6:25:14:ce:14:5c:ed:1c:0f:5c:4e:55:03:
d1:b7:7f:14:5e:71:89:aa:d8:54:17:aa:c8:e8:1f:a2:77:a4:
80:fa:b5:49:42:f1:6a:2a:f3:ab:8f:a5:e9:de:01:f6:db:d0:
09:ab:4c:8c:ee:97:f0:32:31:ac:e2:cb:f2:1e:1f:68:b3:c0:
ba:d1:4a:4b:96:e8:d0:6c:1b:db:c4:d1:6c:89:a0:25:52:1b:
20:cb:00:cc:f5:6d:75:c5:45:d7:99:00:18:55:ca:9c:d1:56:
e3:48:a9:a3:38:f4:52:36:cd:f3:02:a4:52:a9:11:f4:17:45:
67:4c:f9:e0:16:a4:58:fb:4d:3f:23:d0:ac:69:98:a0:e6:b3:
cc:76:e8:23:80:23:a2:6d:d2:a2:87:de:f7:e2:c2:b9:ff:73:
70:82:83:0c:60:04:48:08:7f:39:e0:ee:52:fe:f7:5a:25:85:
33:ba:c7:82:4d:42:5a:ef:19:0c:7c:73:b7:11:ef:72:7c:ad:
f1:5b:fe:0c:16:30:77:07:78:1f:de:81:c7:6a:a1:bd:ec:24:
9f:65:b5:54:64:bc:8e:3a:a6:fc:9b:4a:b6:4a:f2:28:3b:a3:
28:96:14:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mzMxejSxzD3fVDWDk89LQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2ZhZmRiODZkMzhmMzdiZjBjMjZkM2YyNzMxZmRlZjZi
MTRlNGEwHhcNMjYwMzI1MjEwMDQ4WhcNMjYwMzI2MjEwMDQ4WjAzMTEwLwYDVQQD
Eyg0MjFiM2Y0YmUwMDRkZjllOGViZGM3MmI0YjFjNGM3NDc3MGM5MDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0xvUuu1mKj9WCGkf2vdr7yMEumQ
CYHZ8p8qWozqU6Dhpt303ah0DDNQ/Jd+Yle/a5624bQBo6jqrjmN+4lf27wKIBgm
p8+S7RkiYQ4wamJ7WCPnmq7T/j2yKSPcvVf7TZ2sSGjeFO88PZqhYVdKvhUa8h8U
+Ns0hhBDU+/K1jHpn2loKod3/qhGUGU51sc+xvy5+8HKY+nbWCiGa4cWsRetLVLK
RgxHsVPyo+oz1lV3/I8flCI13qTw494iDNPI0DETWSvRr2deyJvUOUZ3MDX2gJBS
aT4CGuLUYOLPYG4mW4AOqFvJkU/YrtzXCtR0Jtzmpb6aS9tA0tLIahYdqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEIbP0vgBN+ejr3HK0scTHR3DJAOMB8GA1UdIwQY
MBaAFLB/r9uG0483vwwm0/JzH972sU5KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0gtdjI0YlRqemVfRENiVDhuTWYzdmF4VGtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9kNmQyNjMtMjlmOS00NjEzLWJiN2Qt
NDkzOGI4ZDBjM2RlLzEvc0gtdjI0YlRqemVfRENiVDhuTWYzdmF4VGtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9kNmQyNjMtMjlmOS00NjEzLWJiN2QtNDkzOGI4ZDBjM2Rl
LzEvc0gtdjI0YlRqemVfRENiVDhuTWYzdmF4VGtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeqYbWsV1
Mnanu5jSTpRxHbuGPKGjCQqmJRTOFFztHA9cTlUD0bd/FF5xiarYVBeqyOgfonek
gPq1SULxairzq4+l6d4B9tvQCatMjO6X8DIxrOLL8h4faLPAutFKS5bo0Gwb28TR
bImgJVIbIMsAzPVtdcVF15kAGFXKnNFW40ipozj0UjbN8wKkUqkR9BdFZ0z54Bak
WPtNPyPQrGmYoOazzHboI4Ajom3Soofe9+LCuf9zcIKDDGAESAh/OeDuUv73WiWF
M7rHgk1CWu8ZDHxztxHvcnyt8Vv+DBYwdwd4H96Bx2qhvewkn2W1VGS8jjqm/JtK
tkryKDujKJYU3g==
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:57:54 2026 by rpki-client