Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft
File: JY8HU8Azwa8JGGbQlCZFEmlspos.mft (raw, json)
Hash identifier: 8184JSI/IuI16I/eLVQxStLw7heJi4QWFbDcRctQKfA=
Subject key identifier: DA:24:42:CB:CC:A6:CA:18:A0:A0:6E:2B:A9:57:8C:D4:5E:CF:BE:D6
Authority key identifier: 25:8F:07:53:C0:33:C1:AF:09:18:66:D0:94:26:45:12:69:6C:A6:8B
Certificate issuer: /CN=258f0753c033c1af091866d094264512696ca68b
Certificate serial: 019CA9EAE039B93B5EB0E65387BA9A7F101C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JY8HU8Azwa8JGGbQlCZFEmlspos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft
Manifest number: 0B91
Signing time: Sun 01 Mar 2026 15:01:08 +0000
Manifest this update: Sun 01 Mar 2026 15:01:08 +0000
Manifest next update: Mon 02 Mar 2026 15:01:08 +0000
Files and hashes: 1: Cpe2_Ojc_FZLY2oGHgVbMwJjk9A.roa (hash: QYPBK9tLe2NLf5ToJsGlVRXUrRctKZptQZU1FwtQfmU=)
2: JY8HU8Azwa8JGGbQlCZFEmlspos.crl (hash: mpFy8AqpaZOg10vuVVxfXgV8bEisitZjwVdp8bHHcBE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft
rsync://rpki.ripe.net/repository/DEFAULT/JY8HU8Azwa8JGGbQlCZFEmlspos.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a9:ea:e0:39:b9:3b:5e:b0:e6:53:87:ba:9a:7f:10:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=258f0753c033c1af091866d094264512696ca68b
Validity
Not Before: Mar 1 15:01:08 2026 GMT
Not After : Mar 2 15:01:08 2026 GMT
Subject: CN=da2442cbcca6ca18a0a06e2ba9578cd45ecfbed6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:64:77:05:ad:d1:eb:42:e1:36:c6:c8:35:30:
ef:fc:f8:c3:60:73:20:7b:67:96:69:c1:65:b2:b8:
87:58:1b:07:fc:17:23:ca:43:1f:2f:8b:9d:78:ab:
1c:88:c9:54:3d:d1:ed:d7:91:f5:5b:ac:47:41:98:
d7:e7:39:03:76:47:6c:26:7a:2f:ce:9e:c5:79:31:
cf:2a:1e:03:99:dd:a9:ad:04:f0:80:7b:c4:64:49:
a3:b5:14:d2:df:9b:cd:7a:ba:ce:ea:63:3b:e8:c0:
43:ff:12:80:bb:1c:58:5a:cd:b8:dc:cb:db:d3:d8:
16:24:5e:36:99:35:af:51:8d:af:15:91:16:22:64:
ae:0a:dc:fd:ce:ef:eb:7b:e7:af:5f:ab:95:ab:c8:
77:ad:83:2b:0a:41:04:e6:1c:95:06:c7:06:b5:46:
48:0d:0d:76:19:c3:43:fe:cb:59:7e:fc:f4:8a:07:
3b:66:9e:c5:aa:44:a9:0a:38:f5:3e:90:a2:bf:8b:
62:d2:33:a2:1b:2f:15:0c:44:d7:ad:7c:51:48:2e:
09:d3:fc:3e:c1:71:0c:b2:37:ef:c1:ee:7b:eb:77:
a3:18:eb:8b:55:a7:09:8a:b3:de:b8:d8:9e:2a:1b:
af:f7:af:1e:53:a4:ff:27:3b:fa:8f:2b:ed:1f:15:
17:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:24:42:CB:CC:A6:CA:18:A0:A0:6E:2B:A9:57:8C:D4:5E:CF:BE:D6
X509v3 Authority Key Identifier:
keyid:25:8F:07:53:C0:33:C1:AF:09:18:66:D0:94:26:45:12:69:6C:A6:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JY8HU8Azwa8JGGbQlCZFEmlspos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
68:66:51:86:e6:6c:d9:c8:df:48:2f:c5:95:92:f2:66:78:12:
27:30:f4:28:73:e8:b8:0c:63:c7:cd:6b:00:0f:4d:19:fd:56:
f3:67:d6:aa:dd:8d:5f:4d:2d:ab:3a:9f:6c:af:64:8b:f3:4c:
f7:60:3c:e9:c0:7f:4b:62:22:19:5c:bc:ad:9b:99:19:9b:cf:
68:b7:66:54:39:4e:a4:eb:4c:bb:d6:ef:d8:05:03:79:40:7d:
75:69:2a:d2:42:29:92:c7:27:d1:90:30:8f:5d:28:d8:26:bf:
c9:2a:de:f6:7a:de:4e:2d:66:14:b1:02:6b:82:eb:ff:9c:98:
cd:6b:1e:ee:12:16:ae:1b:37:92:63:ad:bd:bc:9a:b4:9e:f3:
e1:88:17:32:a2:43:26:26:95:34:45:5e:96:8d:d6:a7:95:36:
9b:b6:e0:06:fe:dd:e4:2b:03:ce:83:56:c1:6b:1f:a5:0b:78:
4b:64:eb:bc:88:c1:c5:a7:e7:8f:ac:cf:b2:c9:35:e5:d1:b4:
a5:68:89:27:43:d8:96:94:92:23:5f:47:77:31:20:c3:3a:d9:
c9:96:6c:05:77:1a:e4:d1:b5:01:a5:b0:ca:29:34:24:a3:71:
82:72:32:33:f3:7a:3e:a6:09:a4:e8:91:66:e8:d4:1f:76:88:
fa:ec:01:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyp6uA5uTtesOZTh7qafxAcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1OGYwNzUzYzAzM2MxYWYwOTE4NjZkMDk0MjY0NTEyNjk2
Y2E2OGIwHhcNMjYwMzAxMTUwMTA4WhcNMjYwMzAyMTUwMTA4WjAzMTEwLwYDVQQD
EyhkYTI0NDJjYmNjYTZjYTE4YTBhMDZlMmJhOTU3OGNkNDVlY2ZiZWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWR3Ba3R60LhNsbINTDv/PjDYHMg
e2eWacFlsriHWBsH/BcjykMfL4udeKsciMlUPdHt15H1W6xHQZjX5zkDdkdsJnov
zp7FeTHPKh4Dmd2prQTwgHvEZEmjtRTS35vNerrO6mM76MBD/xKAuxxYWs243Mvb
09gWJF42mTWvUY2vFZEWImSuCtz9zu/re+evX6uVq8h3rYMrCkEE5hyVBscGtUZI
DQ12GcND/stZfvz0igc7Zp7FqkSpCjj1PpCiv4ti0jOiGy8VDETXrXxRSC4J0/w+
wXEMsjfvwe5763ejGOuLVacJirPeuNieKhuv968eU6T/Jzv6jyvtHxUXiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNokQsvMpsoYoKBuK6lXjNRez77WMB8GA1UdIwQY
MBaAFCWPB1PAM8GvCRhm0JQmRRJpbKaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlk4SFU4QXp3YThKR0diUWxDWkZFbWxzcG9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8zYmFlODctODJlYi00NTFmLTgwNDQt
MmMyZjBkMjRmOTM2LzEvSlk4SFU4QXp3YThKR0diUWxDWkZFbWxzcG9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8zYmFlODctODJlYi00NTFmLTgwNDQtMmMyZjBkMjRmOTM2
LzEvSlk4SFU4QXp3YThKR0diUWxDWkZFbWxzcG9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaGZRhuZs
2cjfSC/FlZLyZngSJzD0KHPouAxjx81rAA9NGf1W82fWqt2NX00tqzqfbK9ki/NM
92A86cB/S2IiGVy8rZuZGZvPaLdmVDlOpOtMu9bv2AUDeUB9dWkq0kIpkscn0ZAw
j10o2Ca/ySre9nreTi1mFLECa4Lr/5yYzWse7hIWrhs3kmOtvbyatJ7z4YgXMqJD
JiaVNEVelo3Wp5U2m7bgBv7d5CsDzoNWwWsfpQt4S2TrvIjBxafnj6zPssk15dG0
pWiJJ0PYlpSSI19HdzEgwzrZyZZsBXca5NG1AaWwyik0JKNxgnIyM/N6PqYJpOiR
ZujUH3aI+uwBIQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:51:29 2026 by rpki-client