
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/bc53d2-9137-4799-9e41-e69a017485fb/1/jolfHicMY17GHfmpf8D2aMCo9Ug.mft
File: jolfHicMY17GHfmpf8D2aMCo9Ug.mft (raw, json)
Hash identifier: B4bgweiCGjBFmTsLwQ358jADmOiScL3TPxnAYIG55cc=
Subject key identifier: 53:0E:53:CF:64:60:EC:0F:BA:70:1D:3E:E1:B6:B4:9A:16:9D:A9:1E
Authority key identifier: 8E:89:5F:1E:27:0C:63:5E:C6:1D:F9:A9:7F:C0:F6:68:C0:A8:F5:48
Certificate issuer: /CN=8e895f1e270c635ec61df9a97fc0f668c0a8f548
Certificate serial: 019CACB54F0BF90E874C8466CED97A29F655
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jolfHicMY17GHfmpf8D2aMCo9Ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/bc53d2-9137-4799-9e41-e69a017485fb/1/jolfHicMY17GHfmpf8D2aMCo9Ug.mft
Manifest number: 133B
Signing time: Mon 02 Mar 2026 04:01:29 +0000
Manifest this update: Mon 02 Mar 2026 04:01:29 +0000
Manifest next update: Tue 03 Mar 2026 04:01:29 +0000
Files and hashes: 1: L24zb2GPwHD-aPGno9VtNYT_9UA.roa (hash: TV8bwr8KXxyIpZ3hz+LfUH4wszhJw0hokfRXNpqsBSk=)
2: jolfHicMY17GHfmpf8D2aMCo9Ug.crl (hash: MP9eq812rAyl1waHcFM/RFQXNaXFereBCz0YcBLA5Sk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/bc53d2-9137-4799-9e41-e69a017485fb/1/jolfHicMY17GHfmpf8D2aMCo9Ug.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/bc53d2-9137-4799-9e41-e69a017485fb/1/jolfHicMY17GHfmpf8D2aMCo9Ug.mft
rsync://rpki.ripe.net/repository/DEFAULT/jolfHicMY17GHfmpf8D2aMCo9Ug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 04:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:b5:4f:0b:f9:0e:87:4c:84:66:ce:d9:7a:29:f6:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e895f1e270c635ec61df9a97fc0f668c0a8f548
Validity
Not Before: Mar 2 04:01:29 2026 GMT
Not After : Mar 3 04:01:29 2026 GMT
Subject: CN=530e53cf6460ec0fba701d3ee1b6b49a169da91e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:61:76:9d:46:72:e9:b9:61:82:58:d7:be:14:
77:16:ad:df:0a:0f:a9:0e:53:9d:a5:a1:e4:5d:0f:
c5:2c:fa:53:f9:81:e1:90:15:cf:b1:60:34:9b:43:
c8:98:c1:47:1e:0a:bf:88:79:f8:95:37:a8:9c:f6:
fd:1a:1a:23:73:27:2a:93:72:be:98:d8:32:dd:90:
d9:41:21:5b:a9:32:61:87:57:da:1e:01:24:85:38:
52:18:c3:a3:3b:9d:29:06:8a:5f:94:35:b9:83:5d:
35:20:cf:c4:61:fa:d9:19:c4:76:6a:ac:c5:d8:8a:
84:30:8b:c2:7a:27:6e:84:6a:46:68:d5:b9:f6:99:
d4:4a:12:6d:18:f4:10:6e:d7:9d:df:33:93:ca:1e:
33:d2:80:ff:5c:1d:bb:b5:29:51:e3:98:9c:74:44:
c6:d6:df:15:9c:93:1a:dc:c1:14:ff:9f:65:cc:35:
45:15:55:9d:56:07:a9:18:f5:83:95:02:5e:19:e6:
c7:ca:3b:ec:fe:c0:35:43:2e:64:52:e4:44:c0:c9:
82:d5:96:f9:24:11:3e:31:f4:39:69:c2:5b:8e:2f:
62:45:94:0f:d5:a8:d3:94:bf:bc:1f:17:8e:b4:66:
05:19:98:83:5c:b8:dd:56:f5:dc:50:e5:1a:85:26:
ae:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:0E:53:CF:64:60:EC:0F:BA:70:1D:3E:E1:B6:B4:9A:16:9D:A9:1E
X509v3 Authority Key Identifier:
keyid:8E:89:5F:1E:27:0C:63:5E:C6:1D:F9:A9:7F:C0:F6:68:C0:A8:F5:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jolfHicMY17GHfmpf8D2aMCo9Ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/bc53d2-9137-4799-9e41-e69a017485fb/1/jolfHicMY17GHfmpf8D2aMCo9Ug.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/bc53d2-9137-4799-9e41-e69a017485fb/1/jolfHicMY17GHfmpf8D2aMCo9Ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1f:ac:95:ef:63:ef:a1:75:d5:58:cd:b1:67:54:ff:b4:9a:05:
dc:df:a1:3b:58:b4:d8:84:44:bc:91:dd:0e:d1:1b:63:a0:2d:
cf:d5:c8:3f:f5:33:eb:f9:2f:91:08:9a:e6:d0:38:e9:93:3e:
27:bf:12:39:2a:97:4f:bf:24:66:2b:c4:bc:c8:10:7c:b9:43:
98:fd:85:d5:77:8f:b3:d0:69:03:00:93:40:bb:31:e9:f3:79:
13:6d:39:3c:0d:d5:97:88:ea:d7:c5:a2:d0:cd:9a:d3:35:cc:
3c:d8:4c:50:04:84:df:4e:1a:02:98:cc:75:aa:b3:a3:81:0b:
62:08:c5:8a:95:2c:ca:07:90:c3:f6:a0:a0:38:ae:ac:1a:31:
85:b5:c8:33:54:83:42:87:88:b7:c3:21:10:81:71:34:a7:c7:
0d:73:16:1e:bf:5e:d5:a2:23:98:4c:18:e5:90:1d:1a:06:57:
cb:4a:c4:cd:36:35:9c:a8:43:61:de:2d:5f:71:3d:7a:7d:da:
a9:1c:73:e1:41:1b:44:72:8e:53:32:66:4a:1c:e8:dc:9f:63:
80:a8:13:fd:bc:79:3b:a4:73:ed:cf:e1:28:d6:34:ba:91:f9:
3e:54:63:52:f8:ac:d2:a2:71:55:86:55:dd:d0:3f:1b:d6:69:
aa:f4:b2:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZystU8L+Q6HTIRmztl6KfZVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlODk1ZjFlMjcwYzYzNWVjNjFkZjlhOTdmYzBmNjY4YzBh
OGY1NDgwHhcNMjYwMzAyMDQwMTI5WhcNMjYwMzAzMDQwMTI5WjAzMTEwLwYDVQQD
Eyg1MzBlNTNjZjY0NjBlYzBmYmE3MDFkM2VlMWI2YjQ5YTE2OWRhOTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2F2nUZy6blhgljXvhR3Fq3fCg+p
DlOdpaHkXQ/FLPpT+YHhkBXPsWA0m0PImMFHHgq/iHn4lTeonPb9Ghojcycqk3K+
mNgy3ZDZQSFbqTJhh1faHgEkhThSGMOjO50pBopflDW5g101IM/EYfrZGcR2aqzF
2IqEMIvCeiduhGpGaNW59pnUShJtGPQQbted3zOTyh4z0oD/XB27tSlR45icdETG
1t8VnJMa3MEU/59lzDVFFVWdVgepGPWDlQJeGebHyjvs/sA1Qy5kUuREwMmC1Zb5
JBE+MfQ5acJbji9iRZQP1ajTlL+8HxeOtGYFGZiDXLjdVvXcUOUahSauiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFMOU89kYOwPunAdPuG2tJoWnakeMB8GA1UdIwQY
MBaAFI6JXx4nDGNexh35qX/A9mjAqPVIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam9sZkhpY01ZMTdHSGZtcGY4RDJhTUNvOVVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9iYzUzZDItOTEzNy00Nzk5LTllNDEt
ZTY5YTAxNzQ4NWZiLzEvam9sZkhpY01ZMTdHSGZtcGY4RDJhTUNvOVVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9iYzUzZDItOTEzNy00Nzk5LTllNDEtZTY5YTAxNzQ4NWZi
LzEvam9sZkhpY01ZMTdHSGZtcGY4RDJhTUNvOVVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH6yV72Pv
oXXVWM2xZ1T/tJoF3N+hO1i02IREvJHdDtEbY6Atz9XIP/Uz6/kvkQia5tA46ZM+
J78SOSqXT78kZivEvMgQfLlDmP2F1XePs9BpAwCTQLsx6fN5E205PA3Vl4jq18Wi
0M2a0zXMPNhMUASE304aApjMdaqzo4ELYgjFipUsygeQw/agoDiurBoxhbXIM1SD
QoeIt8MhEIFxNKfHDXMWHr9e1aIjmEwY5ZAdGgZXy0rEzTY1nKhDYd4tX3E9en3a
qRxz4UEbRHKOUzJmShzo3J9jgKgT/bx5O6Rz7c/hKNY0upH5PlRjUvis0qJxVYZV
3dA/G9ZpqvSy6g==
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:00:37 2026 by rpki-client