Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/d70833-68eb-4100-9123-94e1ab575094/1/4mthhRZS_I_twBGm8i966ba-sKM.mft
File: 4mthhRZS_I_twBGm8i966ba-sKM.mft (raw, json)
Hash identifier: DI2zrOuw8GpdvmzkbHUTuI7lsiiMNrqSmd9QtlTWJtU=
Subject key identifier: D9:38:B3:C5:4B:24:C0:30:DA:4D:B9:57:DA:5A:13:26:17:26:F9:7E
Authority key identifier: E2:6B:61:85:16:52:FC:8F:ED:C0:11:A6:F2:2F:7A:E9:B6:BE:B0:A3
Certificate issuer: /CN=e26b61851652fc8fedc011a6f22f7ae9b6beb0a3
Certificate serial: 019CAB33EF7D6C73B8D71C2773C133299D80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4mthhRZS_I_twBGm8i966ba-sKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/d70833-68eb-4100-9123-94e1ab575094/1/4mthhRZS_I_twBGm8i966ba-sKM.mft
Manifest number: 0C72
Signing time: Sun 01 Mar 2026 21:00:33 +0000
Manifest this update: Sun 01 Mar 2026 21:00:33 +0000
Manifest next update: Mon 02 Mar 2026 21:00:33 +0000
Files and hashes: 1: 4mthhRZS_I_twBGm8i966ba-sKM.crl (hash: q4Eqy20PLQqBLKm7Cv/Cm57bnidKY3VLkBH7izdOzOM=)
2: 6c0GmPSIo0E5XPLL6BcvGXFoeoU.roa (hash: XKGNTxIctVAHlMjqMo1n+V2kjvQsJG2Ze8aGQf0oQWc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/d70833-68eb-4100-9123-94e1ab575094/1/4mthhRZS_I_twBGm8i966ba-sKM.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/d70833-68eb-4100-9123-94e1ab575094/1/4mthhRZS_I_twBGm8i966ba-sKM.mft
rsync://rpki.ripe.net/repository/DEFAULT/4mthhRZS_I_twBGm8i966ba-sKM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 21:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:33:ef:7d:6c:73:b8:d7:1c:27:73:c1:33:29:9d:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e26b61851652fc8fedc011a6f22f7ae9b6beb0a3
Validity
Not Before: Mar 1 21:00:33 2026 GMT
Not After : Mar 2 21:00:33 2026 GMT
Subject: CN=d938b3c54b24c030da4db957da5a13261726f97e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:19:7b:bd:ac:74:a0:f4:89:92:be:80:5d:3f:
7c:2f:b9:5a:53:a4:cc:90:98:13:1c:d9:a6:53:c6:
71:da:8d:63:87:94:14:2f:4c:41:cf:52:ca:9f:2d:
47:78:c1:9e:8d:19:11:4b:e4:fa:f5:10:ab:ec:7a:
21:aa:44:df:6e:f4:a8:eb:bc:5a:1c:e0:3f:6e:7f:
1b:f0:64:9a:be:ba:89:3d:18:90:70:80:28:54:8f:
cf:02:50:2e:9c:43:47:60:ca:2f:06:1d:b8:16:cc:
88:02:75:36:ba:14:a9:85:b3:27:65:d8:42:7b:44:
96:a3:d0:7f:31:1a:5f:ee:d7:61:c0:14:73:d8:ed:
21:f7:a0:39:64:55:2d:44:8e:48:0e:8c:59:6d:46:
e3:b4:75:d0:5b:58:ca:8e:c7:7d:7f:b0:89:77:2c:
c4:86:21:0c:4b:c3:38:5e:96:eb:89:02:6e:26:d5:
dc:a4:9a:7d:82:5a:81:54:8f:c0:41:5e:a5:43:ba:
77:35:1a:f4:7a:57:39:c3:6e:79:95:28:be:b7:3f:
aa:df:b7:b3:d5:c5:61:c1:55:ae:c6:1b:54:eb:aa:
bb:8a:e6:4e:7f:ef:a8:72:6f:05:f2:e9:71:e4:ae:
31:d2:f3:29:c4:ef:a5:c5:37:af:4a:50:b7:3c:6e:
04:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:38:B3:C5:4B:24:C0:30:DA:4D:B9:57:DA:5A:13:26:17:26:F9:7E
X509v3 Authority Key Identifier:
keyid:E2:6B:61:85:16:52:FC:8F:ED:C0:11:A6:F2:2F:7A:E9:B6:BE:B0:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4mthhRZS_I_twBGm8i966ba-sKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/d70833-68eb-4100-9123-94e1ab575094/1/4mthhRZS_I_twBGm8i966ba-sKM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/d70833-68eb-4100-9123-94e1ab575094/1/4mthhRZS_I_twBGm8i966ba-sKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2c:a2:a2:30:17:a8:a8:1d:f9:a7:60:55:03:94:3a:62:27:e8:
b3:a7:7d:b6:17:64:63:e4:6c:8a:ae:52:1e:59:6f:1f:2f:b9:
0d:2f:da:9c:5d:c2:40:85:a4:d3:df:6f:4a:7c:d6:4b:d4:6e:
14:c6:92:30:97:bd:ce:2b:a0:2e:a1:40:53:88:1e:29:11:05:
8d:e2:6b:ce:d6:c1:24:26:39:8f:a7:fe:50:7d:d7:56:6e:95:
e7:92:d8:ff:57:97:ab:1c:f9:35:bc:79:91:7a:55:b1:23:42:
66:27:b0:a7:44:14:c5:d3:44:00:4a:09:87:0b:0e:4b:45:26:
1a:49:eb:89:41:62:8a:4a:86:7a:2b:ff:f4:6e:3c:4d:2b:71:
15:37:6e:fa:e0:ac:8c:11:09:9b:5e:4c:60:9f:8a:ea:e3:38:
6f:8d:f4:0a:75:a5:d4:ec:d5:98:dd:3d:65:dc:6a:33:0f:be:
6d:e1:48:ac:44:32:4a:04:b9:1c:b4:42:a0:16:08:33:53:b1:
9f:49:6e:a1:f6:33:66:fb:93:f4:de:cb:6b:08:fb:39:9f:b9:
b6:19:90:0e:c6:9f:d1:fc:8e:ea:12:8f:68:dc:31:dc:79:dc:
b7:02:6a:2f:b7:2c:a0:f4:76:47:77:7c:c5:42:eb:a2:ac:4b:
53:bb:66:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrM+99bHO41xwnc8EzKZ2AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyNmI2MTg1MTY1MmZjOGZlZGMwMTFhNmYyMmY3YWU5YjZi
ZWIwYTMwHhcNMjYwMzAxMjEwMDMzWhcNMjYwMzAyMjEwMDMzWjAzMTEwLwYDVQQD
EyhkOTM4YjNjNTRiMjRjMDMwZGE0ZGI5NTdkYTVhMTMyNjE3MjZmOTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBl7vax0oPSJkr6AXT98L7laU6TM
kJgTHNmmU8Zx2o1jh5QUL0xBz1LKny1HeMGejRkRS+T69RCr7HohqkTfbvSo67xa
HOA/bn8b8GSavrqJPRiQcIAoVI/PAlAunENHYMovBh24FsyIAnU2uhSphbMnZdhC
e0SWo9B/MRpf7tdhwBRz2O0h96A5ZFUtRI5IDoxZbUbjtHXQW1jKjsd9f7CJdyzE
hiEMS8M4XpbriQJuJtXcpJp9glqBVI/AQV6lQ7p3NRr0elc5w255lSi+tz+q37ez
1cVhwVWuxhtU66q7iuZOf++ocm8F8ulx5K4x0vMpxO+lxTevSlC3PG4EzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNk4s8VLJMAw2k25V9paEyYXJvl+MB8GA1UdIwQY
MBaAFOJrYYUWUvyP7cARpvIveum2vrCjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNG10aGhSWlNfSV90d0JHbThpOTY2YmEtc0tNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9kNzA4MzMtNjhlYi00MTAwLTkxMjMt
OTRlMWFiNTc1MDk0LzEvNG10aGhSWlNfSV90d0JHbThpOTY2YmEtc0tNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9kNzA4MzMtNjhlYi00MTAwLTkxMjMtOTRlMWFiNTc1MDk0
LzEvNG10aGhSWlNfSV90d0JHbThpOTY2YmEtc0tNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALKKiMBeo
qB35p2BVA5Q6Yifos6d9thdkY+Rsiq5SHllvHy+5DS/anF3CQIWk099vSnzWS9Ru
FMaSMJe9ziugLqFAU4geKREFjeJrztbBJCY5j6f+UH3XVm6V55LY/1eXqxz5Nbx5
kXpVsSNCZiewp0QUxdNEAEoJhwsOS0UmGknriUFiikqGeiv/9G48TStxFTdu+uCs
jBEJm15MYJ+K6uM4b430CnWl1OzVmN09ZdxqMw++beFIrEQySgS5HLRCoBYIM1Ox
n0luofYzZvuT9N7Lawj7OZ+5thmQDsaf0fyO6hKPaNwx3HnctwJqL7csoPR2R3d8
xULroqxLU7tmfA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:04:48 2026 by rpki-client