Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/40a9b5-e899-4a8a-ac4f-966fa96beff2/1/Mm9RyiOYIQP_40-YkNC3To-nga8.mft
File: Mm9RyiOYIQP_40-YkNC3To-nga8.mft (raw, json)
Hash identifier: GCEKIAtuTBIDL9QX7HYx4JKRS734j+WLE3VS8+aJflc=
Subject key identifier: 40:9B:0C:1C:E8:9B:B3:92:A9:43:90:4C:D4:88:3E:27:DB:92:EB:9A
Authority key identifier: 32:6F:51:CA:23:98:21:03:FF:E3:4F:98:90:D0:B7:4E:8F:A7:81:AF
Certificate issuer: /CN=326f51ca23982103ffe34f9890d0b74e8fa781af
Certificate serial: 019CAAC68E9892936BEE594B912277B1F991
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mm9RyiOYIQP_40-YkNC3To-nga8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/40a9b5-e899-4a8a-ac4f-966fa96beff2/1/Mm9RyiOYIQP_40-YkNC3To-nga8.mft
Manifest number: 08AA
Signing time: Sun 01 Mar 2026 19:01:05 +0000
Manifest this update: Sun 01 Mar 2026 19:01:05 +0000
Manifest next update: Mon 02 Mar 2026 19:01:05 +0000
Files and hashes: 1: COs54IVsv9bN1SyErw-G5fsb6yY.roa (hash: 9UNs6Dnf3rvvi5W/WKDmiw83fNTieB9/5O5ngxCvRno=)
2: Mm9RyiOYIQP_40-YkNC3To-nga8.crl (hash: 02ypp1rLB1d9xWv4fk8H/Dq48/xrX67kWq2x+R8yRyE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/40a9b5-e899-4a8a-ac4f-966fa96beff2/1/Mm9RyiOYIQP_40-YkNC3To-nga8.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/40a9b5-e899-4a8a-ac4f-966fa96beff2/1/Mm9RyiOYIQP_40-YkNC3To-nga8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Mm9RyiOYIQP_40-YkNC3To-nga8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:c6:8e:98:92:93:6b:ee:59:4b:91:22:77:b1:f9:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=326f51ca23982103ffe34f9890d0b74e8fa781af
Validity
Not Before: Mar 1 19:01:05 2026 GMT
Not After : Mar 2 19:01:05 2026 GMT
Subject: CN=409b0c1ce89bb392a943904cd4883e27db92eb9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b6:02:0d:95:ee:12:e1:18:f8:10:cf:53:cd:
f7:0a:c9:0e:1f:d1:d9:08:0a:eb:1d:db:38:5f:47:
b5:f7:f7:e0:63:f0:9e:bf:c7:13:22:a9:de:cc:5f:
3d:bd:32:a3:6d:f7:10:8d:cb:fd:87:06:6f:a5:fe:
78:3b:4f:c7:45:96:31:db:09:d5:09:1c:19:3b:79:
de:b3:06:42:cc:10:9f:f6:39:d5:d2:b2:19:74:2e:
22:5b:f7:e8:41:e2:7e:7d:11:40:be:84:3f:c4:e6:
1b:eb:10:46:6e:59:03:6f:51:ad:99:91:4d:d7:a6:
18:70:14:a3:01:03:31:af:d8:a2:e2:d4:97:ca:ac:
6f:7a:2a:52:e6:dd:9e:3c:2b:10:a6:51:3d:a0:c9:
8e:1e:60:59:25:2a:c7:56:92:b8:f2:7f:2b:a1:00:
27:3f:86:66:ef:18:d3:20:9e:27:b0:d2:f0:7b:47:
57:e2:76:07:82:62:59:02:a9:05:9b:e7:78:1d:96:
64:90:78:e4:c7:72:1a:5f:bc:40:a2:a5:40:cf:69:
fd:79:f7:1b:94:24:b7:52:43:17:1f:20:a1:d9:da:
a4:60:22:68:7b:41:e6:30:9a:7a:5b:03:da:fd:2e:
e3:a0:cf:69:7a:87:36:ea:ed:73:e1:12:3e:8d:99:
7f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:9B:0C:1C:E8:9B:B3:92:A9:43:90:4C:D4:88:3E:27:DB:92:EB:9A
X509v3 Authority Key Identifier:
keyid:32:6F:51:CA:23:98:21:03:FF:E3:4F:98:90:D0:B7:4E:8F:A7:81:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mm9RyiOYIQP_40-YkNC3To-nga8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/40a9b5-e899-4a8a-ac4f-966fa96beff2/1/Mm9RyiOYIQP_40-YkNC3To-nga8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/40a9b5-e899-4a8a-ac4f-966fa96beff2/1/Mm9RyiOYIQP_40-YkNC3To-nga8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
72:72:51:11:6e:43:8c:bb:85:a7:cc:5e:d9:58:29:4a:c0:c3:
7f:6b:b7:c1:87:47:ae:5e:b6:d5:f9:e9:fc:6e:b2:aa:80:f4:
a6:bb:91:9d:d8:5d:68:b7:71:23:47:4c:0b:e4:17:88:2b:4f:
f7:16:46:94:5e:44:45:5e:d8:78:ac:21:6c:b4:6d:5d:63:9c:
5e:dd:71:27:41:1a:d2:bd:14:bd:bc:c3:70:93:ec:ee:70:f1:
9c:85:0f:bc:2a:af:c4:3a:64:75:3e:15:7e:e7:c9:40:f7:e1:
4e:ac:76:36:b3:e7:e4:d6:b8:b9:3d:d6:bd:46:8a:77:dd:9d:
69:a1:7f:1d:22:15:65:ff:4b:44:c8:46:50:35:79:0c:a5:58:
12:34:87:19:36:6e:cf:c6:fe:ac:e9:03:8e:5b:a5:86:2b:fe:
8e:cd:d5:63:3e:2b:a8:bc:ae:9d:dc:ce:49:ee:2a:4a:99:77:
6f:8a:da:30:07:dc:f2:6b:57:db:1d:b7:8f:18:c6:3d:44:9e:
04:87:c8:e6:d9:9f:08:8f:2e:ec:55:a7:f1:b8:f7:a1:19:ad:
57:6b:a1:d1:e2:a7:48:9a:9d:8b:9a:2e:65:d6:74:88:fd:71:
1f:80:59:e6:31:53:bd:d1:b4:a4:47:48:0a:54:f7:e1:f4:68:
af:2d:57:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxo6YkpNr7llLkSJ3sfmRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNmY1MWNhMjM5ODIxMDNmZmUzNGY5ODkwZDBiNzRlOGZh
NzgxYWYwHhcNMjYwMzAxMTkwMTA1WhcNMjYwMzAyMTkwMTA1WjAzMTEwLwYDVQQD
Eyg0MDliMGMxY2U4OWJiMzkyYTk0MzkwNGNkNDg4M2UyN2RiOTJlYjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbYCDZXuEuEY+BDPU833CskOH9HZ
CArrHds4X0e19/fgY/Cev8cTIqnezF89vTKjbfcQjcv9hwZvpf54O0/HRZYx2wnV
CRwZO3neswZCzBCf9jnV0rIZdC4iW/foQeJ+fRFAvoQ/xOYb6xBGblkDb1GtmZFN
16YYcBSjAQMxr9ii4tSXyqxveipS5t2ePCsQplE9oMmOHmBZJSrHVpK48n8roQAn
P4Zm7xjTIJ4nsNLwe0dX4nYHgmJZAqkFm+d4HZZkkHjkx3IaX7xAoqVAz2n9efcb
lCS3UkMXHyCh2dqkYCJoe0HmMJp6WwPa/S7joM9peoc26u1z4RI+jZl/rwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFECbDBzom7OSqUOQTNSIPifbkuuaMB8GA1UdIwQY
MBaAFDJvUcojmCED/+NPmJDQt06Pp4GvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW05UnlpT1lJUVBfNDAtWWtOQzNUby1uZ2E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS80MGE5YjUtZTg5OS00YThhLWFjNGYt
OTY2ZmE5NmJlZmYyLzEvTW05UnlpT1lJUVBfNDAtWWtOQzNUby1uZ2E4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS80MGE5YjUtZTg5OS00YThhLWFjNGYtOTY2ZmE5NmJlZmYy
LzEvTW05UnlpT1lJUVBfNDAtWWtOQzNUby1uZ2E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcnJREW5D
jLuFp8xe2VgpSsDDf2u3wYdHrl621fnp/G6yqoD0pruRndhdaLdxI0dMC+QXiCtP
9xZGlF5ERV7YeKwhbLRtXWOcXt1xJ0Ea0r0UvbzDcJPs7nDxnIUPvCqvxDpkdT4V
fufJQPfhTqx2NrPn5Na4uT3WvUaKd92daaF/HSIVZf9LRMhGUDV5DKVYEjSHGTZu
z8b+rOkDjlulhiv+js3VYz4rqLyundzOSe4qSpl3b4raMAfc8mtX2x23jxjGPUSe
BIfI5tmfCI8u7FWn8bj3oRmtV2uh0eKnSJqdi5ouZdZ0iP1xH4BZ5jFTvdG0pEdI
ClT34fRory1XMw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:50:23 2026 by rpki-client