Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/227b53-473d-46af-8201-98e879ea3726/1/jbK0TyPcypwGBL7WkPKKatkBeZk.mft
File: jbK0TyPcypwGBL7WkPKKatkBeZk.mft (raw, json)
Hash identifier: CvAk6UBh8oHa/GlYFOPnczdQNc30dKoYOaxtbCuTzX4=
Subject key identifier: 3D:AA:20:AF:2E:A2:76:E5:36:AC:F5:BD:D5:1D:59:43:04:92:0E:82
Authority key identifier: 8D:B2:B4:4F:23:DC:CA:9C:06:04:BE:D6:90:F2:8A:6A:D9:01:79:99
Certificate issuer: /CN=8db2b44f23dcca9c0604bed690f28a6ad9017999
Certificate serial: 019CADC82C45FABE2AC34C49BF9C2982C8E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbK0TyPcypwGBL7WkPKKatkBeZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/227b53-473d-46af-8201-98e879ea3726/1/jbK0TyPcypwGBL7WkPKKatkBeZk.mft
Manifest number: 0128
Signing time: Mon 02 Mar 2026 09:01:42 +0000
Manifest this update: Mon 02 Mar 2026 09:01:42 +0000
Manifest next update: Tue 03 Mar 2026 09:01:42 +0000
Files and hashes: 1: H60TaHzgzIDq5bEuHBb2yyowYNw.roa (hash: MUV9kznaIpAsdXMNwJm4Ji4yLC8b4zqE7vuFtiUPGnQ=)
2: jbK0TyPcypwGBL7WkPKKatkBeZk.crl (hash: oucUPDJsRt5SiIOhgdntENRfumezmD+h+5iNpajt8NI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/227b53-473d-46af-8201-98e879ea3726/1/jbK0TyPcypwGBL7WkPKKatkBeZk.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/227b53-473d-46af-8201-98e879ea3726/1/jbK0TyPcypwGBL7WkPKKatkBeZk.mft
rsync://rpki.ripe.net/repository/DEFAULT/jbK0TyPcypwGBL7WkPKKatkBeZk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:c8:2c:45:fa:be:2a:c3:4c:49:bf:9c:29:82:c8:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db2b44f23dcca9c0604bed690f28a6ad9017999
Validity
Not Before: Mar 2 09:01:42 2026 GMT
Not After : Mar 3 09:01:42 2026 GMT
Subject: CN=3daa20af2ea276e536acf5bdd51d594304920e82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:54:73:c3:4a:c3:60:51:24:35:bc:5e:8f:8d:
30:52:b0:c9:f1:8f:7d:b0:61:ad:84:23:3c:40:b5:
b5:bc:30:38:92:e6:7e:e0:71:5d:4a:d2:d8:c5:5d:
07:61:81:e9:58:d4:bc:02:b2:c8:65:71:a5:6c:96:
aa:05:1e:07:af:6a:85:00:d9:92:1c:78:3f:44:25:
15:90:63:e6:c2:a2:ef:ce:2c:43:c5:48:db:da:84:
fb:13:6e:f0:86:6a:85:b9:79:b2:51:ed:47:e4:0e:
a1:b7:2f:c6:ac:a1:d1:4d:92:50:5b:85:2e:b0:20:
86:f9:2c:c9:5e:65:06:12:93:83:0f:d5:06:a8:48:
68:ea:9f:1b:6a:6e:79:71:ee:e5:15:d8:5d:34:f0:
51:42:dc:e3:fa:27:f4:22:8a:79:f3:50:a3:7c:0f:
aa:a1:28:dd:f4:aa:fa:9a:22:cc:48:14:bd:d2:6f:
6d:f7:ba:96:17:3a:db:2c:bb:82:69:89:9e:f0:0e:
c3:0c:e9:93:0d:82:78:05:71:6b:61:f4:64:dc:22:
d5:32:b3:47:52:a4:2a:de:e3:79:0b:88:26:a4:66:
98:d9:e2:57:89:37:31:d8:3f:68:84:6c:60:92:be:
ca:a7:cb:ab:ac:70:9c:cd:1d:44:ed:d9:d6:39:d8:
4a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:AA:20:AF:2E:A2:76:E5:36:AC:F5:BD:D5:1D:59:43:04:92:0E:82
X509v3 Authority Key Identifier:
keyid:8D:B2:B4:4F:23:DC:CA:9C:06:04:BE:D6:90:F2:8A:6A:D9:01:79:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbK0TyPcypwGBL7WkPKKatkBeZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/227b53-473d-46af-8201-98e879ea3726/1/jbK0TyPcypwGBL7WkPKKatkBeZk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/227b53-473d-46af-8201-98e879ea3726/1/jbK0TyPcypwGBL7WkPKKatkBeZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:36:b8:55:a9:3c:63:f9:be:4c:a3:49:65:3a:43:ea:ac:be:
ee:25:09:3b:6f:73:30:db:11:6a:70:80:32:37:34:36:b0:7c:
12:4f:5a:86:a9:93:f4:13:cc:bd:b3:af:e8:39:79:52:a7:a5:
92:85:a5:18:47:68:c8:9f:45:df:ce:b6:3c:66:2e:99:09:4d:
f6:59:33:b6:7d:23:cf:f6:69:aa:e0:ae:b8:36:45:64:e0:c2:
7c:ad:99:e1:8e:be:65:4c:43:40:6e:50:e9:ad:78:0c:50:e3:
8b:42:51:d8:b4:9d:97:e0:c4:af:5b:d4:ff:52:86:e3:c6:51:
0a:dc:49:71:ee:27:d3:6e:ea:08:a6:fb:b0:6a:d2:f0:34:a3:
8c:28:4a:79:3e:78:90:e7:86:ed:93:49:ab:46:61:fc:16:83:
3e:7b:e0:93:4a:38:7b:f0:e7:ac:eb:fa:49:a6:ad:90:b6:17:
d0:08:a5:99:6c:61:d8:a7:7f:bb:9f:3f:2d:7a:99:f3:60:c4:
2a:4e:9d:4d:35:14:71:9d:af:53:eb:8d:92:53:8a:7a:e2:e1:
6e:94:6f:48:37:cf:d6:95:1e:63:3d:d0:07:67:4a:66:5a:3a:
fd:45:6f:e3:cf:46:ed:84:b4:b7:0c:cd:9d:7e:0b:42:11:1a:
50:44:d8:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytyCxF+r4qw0xJv5wpgsjjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYjJiNDRmMjNkY2NhOWMwNjA0YmVkNjkwZjI4YTZhZDkw
MTc5OTkwHhcNMjYwMzAyMDkwMTQyWhcNMjYwMzAzMDkwMTQyWjAzMTEwLwYDVQQD
EygzZGFhMjBhZjJlYTI3NmU1MzZhY2Y1YmRkNTFkNTk0MzA0OTIwZTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulRzw0rDYFEkNbxej40wUrDJ8Y99
sGGthCM8QLW1vDA4kuZ+4HFdStLYxV0HYYHpWNS8ArLIZXGlbJaqBR4Hr2qFANmS
HHg/RCUVkGPmwqLvzixDxUjb2oT7E27whmqFuXmyUe1H5A6hty/GrKHRTZJQW4Uu
sCCG+SzJXmUGEpODD9UGqEho6p8bam55ce7lFdhdNPBRQtzj+if0Iop581CjfA+q
oSjd9Kr6miLMSBS90m9t97qWFzrbLLuCaYme8A7DDOmTDYJ4BXFrYfRk3CLVMrNH
UqQq3uN5C4gmpGaY2eJXiTcx2D9ohGxgkr7Kp8urrHCczR1E7dnWOdhKTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD2qIK8uonblNqz1vdUdWUMEkg6CMB8GA1UdIwQY
MBaAFI2ytE8j3MqcBgS+1pDyimrZAXmZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamJLMFR5UGN5cHdHQkw3V2tQS0thdGtCZVprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8yMjdiNTMtNDczZC00NmFmLTgyMDEt
OThlODc5ZWEzNzI2LzEvamJLMFR5UGN5cHdHQkw3V2tQS0thdGtCZVprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8yMjdiNTMtNDczZC00NmFmLTgyMDEtOThlODc5ZWEzNzI2
LzEvamJLMFR5UGN5cHdHQkw3V2tQS0thdGtCZVprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZDa4Vak8
Y/m+TKNJZTpD6qy+7iUJO29zMNsRanCAMjc0NrB8Ek9ahqmT9BPMvbOv6Dl5Uqel
koWlGEdoyJ9F3862PGYumQlN9lkztn0jz/ZpquCuuDZFZODCfK2Z4Y6+ZUxDQG5Q
6a14DFDji0JR2LSdl+DEr1vU/1KG48ZRCtxJce4n027qCKb7sGrS8DSjjChKeT54
kOeG7ZNJq0Zh/BaDPnvgk0o4e/DnrOv6SaatkLYX0AilmWxh2Kd/u58/LXqZ82DE
Kk6dTTUUcZ2vU+uNklOKeuLhbpRvSDfP1pUeYz3QB2dKZlo6/UVv489G7YS0twzN
nX4LQhEaUETYww==
-----END CERTIFICATE-----
Generated at Mon Mar 2 20:39:11 2026 by rpki-client