Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/is3dXDDVgOsP7soqFs9cWoslaP0.mft
File: is3dXDDVgOsP7soqFs9cWoslaP0.mft (raw, json)
Hash identifier: fX7WsL7+65ON8tPVW+XrTY6JnZlkuyyLrcvgFK5YakU=
Subject key identifier: DD:76:09:77:0E:1D:F1:27:E3:C9:48:51:CB:D8:CF:14:6F:93:15:F5
Authority key identifier: 8A:CD:DD:5C:30:D5:80:EB:0F:EE:CA:2A:16:CF:5C:5A:8B:25:68:FD
Certificate issuer: /CN=8acddd5c30d580eb0feeca2a16cf5c5a8b2568fd
Certificate serial: 019CADC8563EBCB8C9AB391FFE1DC91F0A05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/is3dXDDVgOsP7soqFs9cWoslaP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/is3dXDDVgOsP7soqFs9cWoslaP0.mft
Manifest number: 184A
Signing time: Mon 02 Mar 2026 09:01:53 +0000
Manifest this update: Mon 02 Mar 2026 09:01:53 +0000
Manifest next update: Tue 03 Mar 2026 09:01:53 +0000
Files and hashes: 1: 9tcqRBW5dWCPlBmOmJEm6c--iDU.roa (hash: u8oO/RgVRYujIoxnuHbXuI4mqtgSWQD8/zpjHQZYwcI=)
2: is3dXDDVgOsP7soqFs9cWoslaP0.crl (hash: Zmc3kk72joJP72vacYzNQ6fPEfD6w0JSIlSGjjv5ebo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/is3dXDDVgOsP7soqFs9cWoslaP0.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/is3dXDDVgOsP7soqFs9cWoslaP0.mft
rsync://rpki.ripe.net/repository/DEFAULT/is3dXDDVgOsP7soqFs9cWoslaP0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:c8:56:3e:bc:b8:c9:ab:39:1f:fe:1d:c9:1f:0a:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8acddd5c30d580eb0feeca2a16cf5c5a8b2568fd
Validity
Not Before: Mar 2 09:01:53 2026 GMT
Not After : Mar 3 09:01:53 2026 GMT
Subject: CN=dd7609770e1df127e3c94851cbd8cf146f9315f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:4c:96:6c:52:a3:f6:19:2f:b7:2b:45:8d:b3:
f9:45:85:dd:8e:73:d2:40:fe:4c:7a:10:c7:7e:9a:
be:42:3c:13:0d:cc:02:05:c0:d6:65:a8:fa:7c:be:
fd:5b:d8:6a:b6:7c:d4:eb:0f:38:da:70:4e:95:6b:
70:3f:43:8f:91:8e:1c:a7:0f:08:f6:c1:71:4e:14:
ff:04:d0:9e:5a:ed:40:1c:66:65:01:c5:75:ee:01:
a5:44:90:0a:82:ed:29:ed:e7:fb:5f:c9:45:61:e8:
38:fc:b7:44:ef:fa:fc:bd:5a:40:e1:09:84:e3:71:
3a:38:2b:4c:de:26:1f:95:be:3f:38:48:9f:e6:37:
14:17:4a:21:08:88:7e:30:fa:79:ed:38:3e:d2:56:
86:7f:f4:69:06:8a:dc:b5:48:3e:66:b0:91:69:41:
e0:f5:b1:f7:7d:fb:d7:93:3b:2f:6a:1c:0b:5f:33:
7b:4e:dd:33:9e:3f:b1:9c:70:86:51:25:38:4d:cc:
d0:a4:49:8b:03:c2:43:c4:94:ca:97:78:d5:6e:e0:
15:f8:28:09:76:15:bf:97:51:c9:bb:56:75:a6:33:
32:11:03:37:d0:7c:90:93:e1:f6:2e:b4:b6:56:37:
5d:bd:1f:ee:ed:75:c8:ee:fe:7a:59:b5:7c:d9:69:
19:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:76:09:77:0E:1D:F1:27:E3:C9:48:51:CB:D8:CF:14:6F:93:15:F5
X509v3 Authority Key Identifier:
keyid:8A:CD:DD:5C:30:D5:80:EB:0F:EE:CA:2A:16:CF:5C:5A:8B:25:68:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/is3dXDDVgOsP7soqFs9cWoslaP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/is3dXDDVgOsP7soqFs9cWoslaP0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/is3dXDDVgOsP7soqFs9cWoslaP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a3:c9:b1:e0:2f:ab:7c:e6:65:ae:69:52:d5:81:a4:0d:f3:91:
90:4f:b1:24:5e:26:b6:bb:9e:38:70:05:e3:f6:b0:d2:97:da:
c1:46:4c:50:ca:1d:3f:67:43:a1:6e:d7:59:fa:19:df:aa:51:
87:6a:83:d3:0b:6d:5f:d6:39:73:14:4d:6d:fc:8d:7b:32:1f:
65:57:ea:9e:c4:82:0b:54:6c:ed:ad:ca:a2:7a:4d:b2:af:3c:
d1:fb:d7:b6:e5:a7:3a:a6:2a:b2:f1:27:59:26:f6:9e:52:95:
d9:16:80:16:5c:0b:8b:a6:11:74:c1:a5:8e:f7:54:53:ba:81:
f7:70:f6:b2:13:96:10:2a:0b:49:6f:4b:24:b3:ac:2e:03:ee:
ac:a4:2d:df:62:d1:4a:6f:a7:ec:9d:db:25:c1:be:75:25:a1:
7a:62:1b:30:ac:de:b0:8a:51:bd:58:9b:03:88:ff:dd:b6:22:
37:b9:a0:48:9f:b4:53:3c:2e:b2:a6:35:b5:30:ec:9a:45:15:
04:94:ca:52:37:77:50:0a:a8:6e:6d:d4:6a:b7:27:2d:51:f1:
56:e6:f5:15:16:38:81:ff:16:0d:1a:e7:0e:ab:c6:e2:30:cb:
55:b4:68:38:87:b8:dd:c1:99:b7:7e:19:8b:3a:08:ea:9a:9a:
cd:e1:f7:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytyFY+vLjJqzkf/h3JHwoFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhY2RkZDVjMzBkNTgwZWIwZmVlY2EyYTE2Y2Y1YzVhOGIy
NTY4ZmQwHhcNMjYwMzAyMDkwMTUzWhcNMjYwMzAzMDkwMTUzWjAzMTEwLwYDVQQD
EyhkZDc2MDk3NzBlMWRmMTI3ZTNjOTQ4NTFjYmQ4Y2YxNDZmOTMxNWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0yWbFKj9hkvtytFjbP5RYXdjnPS
QP5MehDHfpq+QjwTDcwCBcDWZaj6fL79W9hqtnzU6w842nBOlWtwP0OPkY4cpw8I
9sFxThT/BNCeWu1AHGZlAcV17gGlRJAKgu0p7ef7X8lFYeg4/LdE7/r8vVpA4QmE
43E6OCtM3iYflb4/OEif5jcUF0ohCIh+MPp57Tg+0laGf/RpBorctUg+ZrCRaUHg
9bH3ffvXkzsvahwLXzN7Tt0znj+xnHCGUSU4TczQpEmLA8JDxJTKl3jVbuAV+CgJ
dhW/l1HJu1Z1pjMyEQM30HyQk+H2LrS2VjddvR/u7XXI7v56WbV82WkZ2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN12CXcOHfEn48lIUcvYzxRvkxX1MB8GA1UdIwQY
MBaAFIrN3Vww1YDrD+7KKhbPXFqLJWj9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXMzZFhERFZnT3NQN3NvcUZzOWNXb3NsYVAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yNWFjYTctN2UyOC00ODdjLTg2ZDIt
MTdiMWM3Mzc5MzAwLzEvaXMzZFhERFZnT3NQN3NvcUZzOWNXb3NsYVAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yNWFjYTctN2UyOC00ODdjLTg2ZDItMTdiMWM3Mzc5MzAw
LzEvaXMzZFhERFZnT3NQN3NvcUZzOWNXb3NsYVAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo8mx4C+r
fOZlrmlS1YGkDfORkE+xJF4mtrueOHAF4/aw0pfawUZMUModP2dDoW7XWfoZ36pR
h2qD0wttX9Y5cxRNbfyNezIfZVfqnsSCC1Rs7a3KonpNsq880fvXtuWnOqYqsvEn
WSb2nlKV2RaAFlwLi6YRdMGljvdUU7qB93D2shOWECoLSW9LJLOsLgPurKQt32LR
Sm+n7J3bJcG+dSWhemIbMKzesIpRvVibA4j/3bYiN7mgSJ+0UzwusqY1tTDsmkUV
BJTKUjd3UAqobm3UarcnLVHxVub1FRY4gf8WDRrnDqvG4jDLVbRoOIe43cGZt34Z
izoI6pqazeH3ug==
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:30:12 2026 by rpki-client