Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.mft
File: sdLmgf8j3d89UXhY4cZKHa0phyk.mft (raw, json)
Hash identifier: IFzTHgDUhAS2+ihGG5wVTA08iBmEsZvq1pnuTQXW4qE=
Subject key identifier: 1C:89:C6:90:5A:15:F4:F1:B5:87:62:D9:F7:92:2F:34:AF:2A:04:70
Authority key identifier: B1:D2:E6:81:FF:23:DD:DF:3D:51:78:58:E1:C6:4A:1D:AD:29:87:29
Certificate issuer: /CN=b1d2e681ff23dddf3d517858e1c64a1dad298729
Certificate serial: 019CADFE66CF282E34ACD4AAAF6DADED44A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sdLmgf8j3d89UXhY4cZKHa0phyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.mft
Manifest number: 1695
Signing time: Mon 02 Mar 2026 10:00:56 +0000
Manifest this update: Mon 02 Mar 2026 10:00:56 +0000
Manifest next update: Tue 03 Mar 2026 10:00:56 +0000
Files and hashes: 1: bLRsbjwrHl85CS_7pV5-UUKmgDU.roa (hash: wRWPjMaqEtjkWAV9xCnB4Aq9mP2pz2n/Qg6SuBrxsSE=)
2: sdLmgf8j3d89UXhY4cZKHa0phyk.crl (hash: jQ6qdk732GUsoVx67J/xBDdXFNXNS5kbuckPgvjUaBA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.mft
rsync://rpki.ripe.net/repository/DEFAULT/sdLmgf8j3d89UXhY4cZKHa0phyk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:fe:66:cf:28:2e:34:ac:d4:aa:af:6d:ad:ed:44:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1d2e681ff23dddf3d517858e1c64a1dad298729
Validity
Not Before: Mar 2 10:00:56 2026 GMT
Not After : Mar 3 10:00:56 2026 GMT
Subject: CN=1c89c6905a15f4f1b58762d9f7922f34af2a0470
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:8a:58:83:00:a8:f6:ed:ef:8a:9f:e5:96:c9:
a1:ad:cb:87:15:1f:01:dc:dd:0c:fc:ba:00:92:d2:
a5:95:e5:f7:4f:c0:65:22:a0:05:e6:f4:61:c0:ef:
0b:fe:36:18:44:ac:2e:2d:11:1e:47:60:15:f6:64:
29:c2:4d:f5:a6:c9:18:a3:66:81:ac:af:9b:44:ad:
bc:c4:7f:92:a8:b4:5f:30:1d:b8:32:0f:5b:0c:7b:
bf:3f:7b:29:bb:75:0e:1e:c1:a6:51:a3:23:de:2a:
c5:78:86:6c:fb:86:ca:4b:be:86:74:fc:1f:23:61:
bc:12:dd:39:6f:50:8e:05:cb:47:db:54:ad:af:3f:
c5:44:d5:26:d8:ac:52:6e:76:5b:4e:ee:97:33:bf:
74:43:2f:ff:ad:7b:f1:13:f5:bb:6a:ac:ee:e6:88:
1d:96:68:da:54:ec:01:4e:96:c1:97:41:fc:42:29:
48:65:6a:16:28:5f:49:a3:29:a8:f3:e7:c2:83:08:
8e:13:02:69:1a:63:18:6f:f2:30:61:ab:ff:a5:23:
a0:9c:55:85:ad:b3:d2:4f:31:5d:43:2a:50:04:92:
a3:6b:97:7a:19:4c:cd:cf:06:b0:4f:76:50:d4:fd:
10:c9:be:54:f1:de:df:bf:5c:78:46:1f:c7:90:58:
ef:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:89:C6:90:5A:15:F4:F1:B5:87:62:D9:F7:92:2F:34:AF:2A:04:70
X509v3 Authority Key Identifier:
keyid:B1:D2:E6:81:FF:23:DD:DF:3D:51:78:58:E1:C6:4A:1D:AD:29:87:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sdLmgf8j3d89UXhY4cZKHa0phyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0a:0b:7b:39:e3:d2:ee:58:ab:b9:6f:dd:2d:92:55:18:ad:6e:
0d:0a:b9:9f:0d:22:fd:76:c6:b3:e5:7d:b4:77:06:46:e0:c0:
23:b1:e9:b9:85:61:8f:d7:be:d8:07:cb:e7:ed:da:93:2e:f3:
53:da:61:6e:72:9f:91:8e:c1:69:ee:0b:cf:b4:65:04:d8:7c:
cb:24:39:8d:1f:db:b2:f8:b8:a4:d2:02:a8:4e:51:79:60:b4:
12:61:c6:61:bc:66:57:7f:7f:50:59:6f:e9:87:c6:83:4a:05:
1e:b1:b7:6a:bf:ab:a6:a8:34:94:3a:65:a5:9a:43:ec:95:ba:
d3:a5:bf:9c:d2:3d:f6:c3:fe:32:87:ce:75:02:1c:d2:7f:62:
db:87:e6:50:cf:62:71:95:25:1e:b2:d8:44:b5:f0:68:ad:71:
71:81:a2:13:3a:87:4e:a7:1c:b7:c5:46:67:5c:35:86:10:20:
71:71:20:90:a5:64:b2:93:32:47:13:99:10:78:96:17:9e:a7:
4a:3e:80:7c:54:60:15:d4:e1:d8:69:33:4b:76:3e:86:5c:ee:
89:18:49:56:a0:6b:c3:ee:c6:7c:ca:40:d8:ac:ee:c5:8d:df:
f5:16:df:50:7e:1e:ad:2c:2e:b1:3f:61:36:cc:72:1d:7f:d4:
85:02:37:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyt/mbPKC40rNSqr22t7USlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZDJlNjgxZmYyM2RkZGYzZDUxNzg1OGUxYzY0YTFkYWQy
OTg3MjkwHhcNMjYwMzAyMTAwMDU2WhcNMjYwMzAzMTAwMDU2WjAzMTEwLwYDVQQD
EygxYzg5YzY5MDVhMTVmNGYxYjU4NzYyZDlmNzkyMmYzNGFmMmEwNDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtopYgwCo9u3vip/llsmhrcuHFR8B
3N0M/LoAktKlleX3T8BlIqAF5vRhwO8L/jYYRKwuLREeR2AV9mQpwk31pskYo2aB
rK+bRK28xH+SqLRfMB24Mg9bDHu/P3spu3UOHsGmUaMj3irFeIZs+4bKS76GdPwf
I2G8Et05b1COBctH21Strz/FRNUm2KxSbnZbTu6XM790Qy//rXvxE/W7aqzu5ogd
lmjaVOwBTpbBl0H8QilIZWoWKF9Joymo8+fCgwiOEwJpGmMYb/IwYav/pSOgnFWF
rbPSTzFdQypQBJKja5d6GUzNzwawT3ZQ1P0Qyb5U8d7fv1x4Rh/HkFjv0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFByJxpBaFfTxtYdi2feSLzSvKgRwMB8GA1UdIwQY
MBaAFLHS5oH/I93fPVF4WOHGSh2tKYcpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2RMbWdmOGozZDg5VVhoWTRjWktIYTBwaHlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9kNTY4ZWQtMTc4MC00ZDYwLWE2Zjct
NWE4MzYwZGVhM2EzLzEvc2RMbWdmOGozZDg5VVhoWTRjWktIYTBwaHlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9kNTY4ZWQtMTc4MC00ZDYwLWE2ZjctNWE4MzYwZGVhM2Ez
LzEvc2RMbWdmOGozZDg5VVhoWTRjWktIYTBwaHlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACgt7OePS
7liruW/dLZJVGK1uDQq5nw0i/XbGs+V9tHcGRuDAI7HpuYVhj9e+2AfL5+3aky7z
U9phbnKfkY7Bae4Lz7RlBNh8yyQ5jR/bsvi4pNICqE5ReWC0EmHGYbxmV39/UFlv
6YfGg0oFHrG3ar+rpqg0lDplpZpD7JW606W/nNI99sP+MofOdQIc0n9i24fmUM9i
cZUlHrLYRLXwaK1xcYGiEzqHTqcct8VGZ1w1hhAgcXEgkKVkspMyRxOZEHiWF56n
Sj6AfFRgFdTh2GkzS3Y+hlzuiRhJVqBrw+7GfMpA2KzuxY3f9RbfUH4erSwusT9h
NsxyHX/UhQI3DA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:02:35 2026 by rpki-client