Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.mft
File: jrsOsZ53d9cDgAD2wS053tEgQkI.mft (raw, json)
Hash identifier: 9TiHwz1/Zlx89Hqu4fTEWapuLEpw6ayuGBaWe+4DZ24=
Subject key identifier: D3:BC:26:36:59:B4:7E:3F:3C:09:A0:1B:4B:A9:78:02:BD:6B:99:83
Authority key identifier: 8E:BB:0E:B1:9E:77:77:D7:03:80:00:F6:C1:2D:39:DE:D1:20:42:42
Certificate issuer: /CN=8ebb0eb19e7777d7038000f6c12d39ded1204242
Certificate serial: 019CAEDA4B26C23740001CF2FDEDB3DC27BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jrsOsZ53d9cDgAD2wS053tEgQkI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.mft
Manifest number: 0E82
Signing time: Mon 02 Mar 2026 14:01:07 +0000
Manifest this update: Mon 02 Mar 2026 14:01:07 +0000
Manifest next update: Tue 03 Mar 2026 14:01:07 +0000
Files and hashes: 1: 1Q9fXglvsAmLyk7oBnnGROcZ55Q.roa (hash: 8sGtUkhkFlICQ8XRP+JZAkWRdlSZS/aRM+3p/w/Efdw=)
2: jrsOsZ53d9cDgAD2wS053tEgQkI.crl (hash: gztkQf2NhmrStJaD75EhKqS3Y4QkPdiUMG7GHYm9lgc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.mft
rsync://rpki.ripe.net/repository/DEFAULT/jrsOsZ53d9cDgAD2wS053tEgQkI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 14:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:da:4b:26:c2:37:40:00:1c:f2:fd:ed:b3:dc:27:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ebb0eb19e7777d7038000f6c12d39ded1204242
Validity
Not Before: Mar 2 14:01:07 2026 GMT
Not After : Mar 3 14:01:07 2026 GMT
Subject: CN=d3bc263659b47e3f3c09a01b4ba97802bd6b9983
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:bb:5d:ef:3d:32:85:3b:b0:46:72:fa:fd:d6:
c6:a3:44:7c:20:28:98:95:a4:cf:f4:f6:6f:7e:dd:
1f:9e:2f:c3:65:30:00:b7:87:23:92:b3:d2:00:83:
3e:c6:b9:f0:5e:d9:81:a7:90:43:5d:c0:a0:eb:b7:
52:6e:9c:60:9c:c0:25:c9:19:21:0f:d9:73:7f:7b:
fd:a7:f1:cc:5f:5e:06:4e:6d:1f:ef:61:4e:0c:2b:
b1:a8:2f:05:d1:c0:ce:f0:2b:5e:81:60:d7:a9:a4:
dd:e9:24:5d:08:49:4d:41:59:24:f0:4b:d4:f0:d5:
5a:0c:96:32:ae:51:e3:1d:4f:58:2e:6a:91:b4:e8:
fc:2d:0c:7a:38:66:e6:1d:17:2b:aa:32:12:d3:1c:
8c:b7:fe:95:57:75:6d:da:60:1b:70:21:c5:b1:b1:
4a:48:57:66:9a:00:58:0b:36:ce:2d:89:4a:71:49:
5a:b6:00:bb:60:a4:a9:e5:08:df:bc:9a:6e:35:e8:
31:28:03:f6:0b:bb:42:33:70:55:2a:90:01:0a:d0:
9e:6b:92:1b:9a:43:43:33:ab:78:db:64:65:d5:a5:
5e:1a:31:5a:43:a7:00:f5:eb:f0:de:c6:d3:5b:f1:
4b:73:e0:64:6e:81:2c:17:f1:38:7a:dd:74:04:33:
07:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:BC:26:36:59:B4:7E:3F:3C:09:A0:1B:4B:A9:78:02:BD:6B:99:83
X509v3 Authority Key Identifier:
keyid:8E:BB:0E:B1:9E:77:77:D7:03:80:00:F6:C1:2D:39:DE:D1:20:42:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jrsOsZ53d9cDgAD2wS053tEgQkI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0f:44:83:6d:67:17:26:ed:01:9b:4d:26:24:3b:09:89:87:d1:
53:19:67:ff:9c:78:81:ba:64:c0:b3:11:fc:8e:79:dd:e6:c4:
38:de:3a:49:d7:c3:52:a1:e1:fb:30:44:c5:31:5d:3d:e7:25:
9c:9d:7a:1a:29:a7:fe:55:d1:82:61:26:eb:53:0b:d5:ab:8a:
a3:c4:49:0b:a7:d4:64:66:01:cd:d4:15:4e:2f:be:22:14:9c:
b8:91:1c:fd:67:68:b5:5c:23:af:41:86:21:f2:39:c8:61:c4:
49:d6:98:66:f7:76:99:a9:68:30:d3:e1:68:0f:ab:0d:cf:87:
45:da:69:41:be:06:29:fc:bb:5c:b4:99:cd:a7:d0:06:55:2b:
ad:97:cf:e6:23:13:c1:8d:4b:f9:38:db:83:a3:b6:1b:dd:aa:
c9:77:bd:5b:bc:c9:76:97:29:81:07:e8:6f:59:28:79:b0:43:
23:5b:7d:97:ab:c3:fe:3e:23:24:99:fe:ca:ae:00:86:eb:ba:
ba:62:9c:91:0f:e0:e9:0b:40:50:f7:96:98:d9:3e:b2:dd:92:
4e:5d:be:d4:ab:18:34:1a:90:00:d9:0b:0e:b4:76:05:01:76:
ab:0f:3b:12:4c:b9:b8:77:59:b9:53:66:04:bc:bd:05:9e:5b:
23:50:0d:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyu2ksmwjdAABzy/e2z3Ce/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYmIwZWIxOWU3Nzc3ZDcwMzgwMDBmNmMxMmQzOWRlZDEy
MDQyNDIwHhcNMjYwMzAyMTQwMTA3WhcNMjYwMzAzMTQwMTA3WjAzMTEwLwYDVQQD
EyhkM2JjMjYzNjU5YjQ3ZTNmM2MwOWEwMWI0YmE5NzgwMmJkNmI5OTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbtd7z0yhTuwRnL6/dbGo0R8ICiY
laTP9PZvft0fni/DZTAAt4cjkrPSAIM+xrnwXtmBp5BDXcCg67dSbpxgnMAlyRkh
D9lzf3v9p/HMX14GTm0f72FODCuxqC8F0cDO8CtegWDXqaTd6SRdCElNQVkk8EvU
8NVaDJYyrlHjHU9YLmqRtOj8LQx6OGbmHRcrqjIS0xyMt/6VV3Vt2mAbcCHFsbFK
SFdmmgBYCzbOLYlKcUlatgC7YKSp5QjfvJpuNegxKAP2C7tCM3BVKpABCtCea5Ib
mkNDM6t422Rl1aVeGjFaQ6cA9evw3sbTW/FLc+BkboEsF/E4et10BDMHZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNO8JjZZtH4/PAmgG0upeAK9a5mDMB8GA1UdIwQY
MBaAFI67DrGed3fXA4AA9sEtOd7RIEJCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanJzT3NaNTNkOWNEZ0FEMndTMDUzdEVnUWtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8zYjE1N2QtODE5Ni00ZTQwLWFiMzYt
MTUxNDFjNjY4NTRkLzEvanJzT3NaNTNkOWNEZ0FEMndTMDUzdEVnUWtJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8zYjE1N2QtODE5Ni00ZTQwLWFiMzYtMTUxNDFjNjY4NTRk
LzEvanJzT3NaNTNkOWNEZ0FEMndTMDUzdEVnUWtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD0SDbWcX
Ju0Bm00mJDsJiYfRUxln/5x4gbpkwLMR/I553ebEON46SdfDUqHh+zBExTFdPecl
nJ16Gimn/lXRgmEm61ML1auKo8RJC6fUZGYBzdQVTi++IhScuJEc/WdotVwjr0GG
IfI5yGHESdaYZvd2maloMNPhaA+rDc+HRdppQb4GKfy7XLSZzafQBlUrrZfP5iMT
wY1L+Tjbg6O2G92qyXe9W7zJdpcpgQfob1koebBDI1t9l6vD/j4jJJn+yq4Ahuu6
umKckQ/g6QtAUPeWmNk+st2STl2+1KsYNBqQANkLDrR2BQF2qw87Eky5uHdZuVNm
BLy9BZ5bI1ANow==
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:41:55 2026 by rpki-client