Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/38b792-18fb-4bed-990c-e950d87f8e25/1/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.mft
File: shXNjm2zVEGYTZx9_Jr7ZT5V3_E.mft (raw, json)
Hash identifier: ydYhdhwvJ+QPob4/L1gLkySjbAC1E+2BDWgFbLm2mDo=
Subject key identifier: 1E:F1:D2:A5:7B:23:D8:F1:47:FF:9D:4F:9A:DB:4C:2F:D7:DD:53:AB
Authority key identifier: B2:15:CD:8E:6D:B3:54:41:98:4D:9C:7D:FC:9A:FB:65:3E:55:DF:F1
Certificate issuer: /CN=b215cd8e6db35441984d9c7dfc9afb653e55dff1
Certificate serial: 019CAB341FCCCF34745171726800D82F3776
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/38b792-18fb-4bed-990c-e950d87f8e25/1/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.mft
Manifest number: 17AF
Signing time: Sun 01 Mar 2026 21:00:45 +0000
Manifest this update: Sun 01 Mar 2026 21:00:45 +0000
Manifest next update: Mon 02 Mar 2026 21:00:45 +0000
Files and hashes: 1: p64_xVoksOfjBTpAEK-sqxOtfyo.roa (hash: Mpzgzqkjd9r2rYbbw0eBHseWMwAwQ2eJtwJ2+TbcIMI=)
2: shXNjm2zVEGYTZx9_Jr7ZT5V3_E.crl (hash: +3PXSN0oIdIQR6UbAnJYzqIEZdRBfl68C6E0s6Bzqp4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/38b792-18fb-4bed-990c-e950d87f8e25/1/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/38b792-18fb-4bed-990c-e950d87f8e25/1/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.mft
rsync://rpki.ripe.net/repository/DEFAULT/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:34:1f:cc:cf:34:74:51:71:72:68:00:d8:2f:37:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b215cd8e6db35441984d9c7dfc9afb653e55dff1
Validity
Not Before: Mar 1 21:00:45 2026 GMT
Not After : Mar 2 21:00:45 2026 GMT
Subject: CN=1ef1d2a57b23d8f147ff9d4f9adb4c2fd7dd53ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:bb:54:4b:82:ef:04:79:2e:fa:21:5e:05:00:
ed:fb:2b:1d:48:be:bf:f7:77:a3:30:b4:45:c2:a9:
77:c7:c4:cf:58:bd:92:58:f4:fe:84:93:06:a1:08:
2c:79:f0:87:f3:87:6b:b4:e2:89:d0:2c:f3:4b:7e:
fb:c5:aa:75:26:ee:8c:1b:f5:de:30:82:b4:15:09:
39:8a:4f:da:fc:7e:73:17:e1:1c:f3:b2:e9:75:c8:
1a:c7:85:b2:2e:8c:3f:24:59:04:24:f3:73:20:98:
7e:45:c5:93:ab:25:41:ee:25:52:80:c4:ad:d6:9b:
df:2f:1e:35:32:72:9c:43:46:33:42:0f:ac:c4:4b:
d3:ec:da:69:5d:31:2d:6d:18:07:42:95:76:75:ca:
2c:92:8b:99:50:d1:8d:84:d7:09:5d:13:75:41:42:
d2:29:b2:f2:38:4f:1e:e0:48:37:9d:b2:f9:c9:5b:
44:2e:28:b1:e3:36:c7:56:0d:c1:71:22:c2:00:8f:
b5:29:ac:e7:28:1c:d5:6d:06:dd:11:cb:63:7d:cb:
e6:e3:2c:d2:e1:a3:2f:04:c1:b0:eb:6f:df:e0:a7:
ec:0a:9f:59:8e:da:81:54:e4:9b:05:4d:2a:42:03:
be:a4:ff:bf:42:86:c1:5b:81:bc:30:7a:8b:b8:bb:
5e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:F1:D2:A5:7B:23:D8:F1:47:FF:9D:4F:9A:DB:4C:2F:D7:DD:53:AB
X509v3 Authority Key Identifier:
keyid:B2:15:CD:8E:6D:B3:54:41:98:4D:9C:7D:FC:9A:FB:65:3E:55:DF:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/38b792-18fb-4bed-990c-e950d87f8e25/1/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/38b792-18fb-4bed-990c-e950d87f8e25/1/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a8:46:04:6f:f9:b3:73:3c:18:47:c5:44:d2:a6:ec:30:f0:01:
c7:d1:5a:cb:8a:f6:6e:a9:c9:66:79:35:cf:54:75:79:0b:80:
e8:c7:74:f7:bd:00:1f:bf:4b:4a:78:54:9f:43:db:61:d9:07:
55:92:2e:e5:12:d5:bd:12:70:f1:e8:65:d9:6c:7a:47:f1:22:
d9:b8:cc:28:40:eb:18:41:41:26:aa:dc:ce:44:2e:d0:95:23:
7f:00:42:7b:7b:f0:c9:59:59:80:19:04:be:de:d2:6c:48:2c:
ad:10:17:a6:95:7e:1b:40:95:77:01:a7:71:3a:da:59:f1:96:
2f:20:9e:80:c4:eb:0f:d2:d3:d9:72:97:86:74:b7:82:a2:62:
1a:6d:57:05:2a:21:59:c8:fa:f7:64:62:4b:c0:ec:fc:e0:f3:
92:92:3d:59:25:7b:82:a8:4f:c9:5b:0c:12:95:75:ff:63:be:
f0:f0:1d:de:f6:12:2f:fe:47:63:8a:5e:a9:5f:d7:9c:55:19:
0d:4d:8e:36:59:d9:e7:9e:50:9e:b8:17:38:7b:50:05:3c:2a:
da:b1:5f:8e:69:2d:a7:43:d8:83:a1:dd:48:12:bf:bf:03:ec:
d3:b3:85:34:a0:25:a1:be:0b:78:48:ad:7d:2a:e6:6e:34:31:
35:0b:f8:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrNB/MzzR0UXFyaADYLzd2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMTVjZDhlNmRiMzU0NDE5ODRkOWM3ZGZjOWFmYjY1M2U1
NWRmZjEwHhcNMjYwMzAxMjEwMDQ1WhcNMjYwMzAyMjEwMDQ1WjAzMTEwLwYDVQQD
EygxZWYxZDJhNTdiMjNkOGYxNDdmZjlkNGY5YWRiNGMyZmQ3ZGQ1M2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA77tUS4LvBHku+iFeBQDt+ysdSL6/
93ejMLRFwql3x8TPWL2SWPT+hJMGoQgsefCH84drtOKJ0CzzS377xap1Ju6MG/Xe
MIK0FQk5ik/a/H5zF+Ec87Lpdcgax4WyLow/JFkEJPNzIJh+RcWTqyVB7iVSgMSt
1pvfLx41MnKcQ0YzQg+sxEvT7NppXTEtbRgHQpV2dcoskouZUNGNhNcJXRN1QULS
KbLyOE8e4Eg3nbL5yVtELiix4zbHVg3BcSLCAI+1KaznKBzVbQbdEctjfcvm4yzS
4aMvBMGw62/f4KfsCp9ZjtqBVOSbBU0qQgO+pP+/QobBW4G8MHqLuLteTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB7x0qV7I9jxR/+dT5rbTC/X3VOrMB8GA1UdIwQY
MBaAFLIVzY5ts1RBmE2cffya+2U+Vd/xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2hYTmptMnpWRUdZVFp4OV9KcjdaVDVWM19FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zOGI3OTItMThmYi00YmVkLTk5MGMt
ZTk1MGQ4N2Y4ZTI1LzEvc2hYTmptMnpWRUdZVFp4OV9KcjdaVDVWM19FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zOGI3OTItMThmYi00YmVkLTk5MGMtZTk1MGQ4N2Y4ZTI1
LzEvc2hYTmptMnpWRUdZVFp4OV9KcjdaVDVWM19FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqEYEb/mz
czwYR8VE0qbsMPABx9Fay4r2bqnJZnk1z1R1eQuA6Md0970AH79LSnhUn0PbYdkH
VZIu5RLVvRJw8ehl2Wx6R/Ei2bjMKEDrGEFBJqrczkQu0JUjfwBCe3vwyVlZgBkE
vt7SbEgsrRAXppV+G0CVdwGncTraWfGWLyCegMTrD9LT2XKXhnS3gqJiGm1XBSoh
Wcj692RiS8Ds/ODzkpI9WSV7gqhPyVsMEpV1/2O+8PAd3vYSL/5HY4peqV/XnFUZ
DU2ONlnZ555QnrgXOHtQBTwq2rFfjmktp0PYg6HdSBK/vwPs07OFNKAlob4LeEit
fSrmbjQxNQv4DA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:59:20 2026 by rpki-client