Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1f57d5-99c2-4ca9-9350-17735e2c255f/1/t3gT9sVnClhoatw9SVV0QpXdFBk.mft
File: t3gT9sVnClhoatw9SVV0QpXdFBk.mft (raw, json)
Hash identifier: tURBj8x5T3HqwJIPArJWl48DzFLqtzrKdQ748IE0zuU=
Subject key identifier: BB:A5:40:74:9A:3C:E1:5C:F3:65:EA:A6:9C:1F:A2:54:05:F5:B0:04
Authority key identifier: B7:78:13:F6:C5:67:0A:58:68:6A:DC:3D:49:55:74:42:95:DD:14:19
Certificate issuer: /CN=b77813f6c5670a58686adc3d4955744295dd1419
Certificate serial: 019CADC79B28318EE4DB6A9C5A2BAA7427DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t3gT9sVnClhoatw9SVV0QpXdFBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1f57d5-99c2-4ca9-9350-17735e2c255f/1/t3gT9sVnClhoatw9SVV0QpXdFBk.mft
Manifest number: 1120
Signing time: Mon 02 Mar 2026 09:01:05 +0000
Manifest this update: Mon 02 Mar 2026 09:01:05 +0000
Manifest next update: Tue 03 Mar 2026 09:01:05 +0000
Files and hashes: 1: 6I-7kIsmNEbjqpaRLZFYHSiX3Cg.roa (hash: l5DJjaa9jBabVc2gTKAmahVVwUkclCV/KKoXuPERh3I=)
2: t3gT9sVnClhoatw9SVV0QpXdFBk.crl (hash: cGuW5k+Xqtu+4s9GccnCyp7hq2/jCoC258sP/7JLkq8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/1f57d5-99c2-4ca9-9350-17735e2c255f/1/t3gT9sVnClhoatw9SVV0QpXdFBk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/1f57d5-99c2-4ca9-9350-17735e2c255f/1/t3gT9sVnClhoatw9SVV0QpXdFBk.mft
rsync://rpki.ripe.net/repository/DEFAULT/t3gT9sVnClhoatw9SVV0QpXdFBk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:c7:9b:28:31:8e:e4:db:6a:9c:5a:2b:aa:74:27:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b77813f6c5670a58686adc3d4955744295dd1419
Validity
Not Before: Mar 2 09:01:05 2026 GMT
Not After : Mar 3 09:01:05 2026 GMT
Subject: CN=bba540749a3ce15cf365eaa69c1fa25405f5b004
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d1:b7:d0:db:e0:17:96:28:98:00:0c:14:d5:
92:16:c8:5d:8c:68:e8:50:38:2a:89:c2:8a:e1:35:
18:18:23:25:2f:c9:7c:15:f2:5c:79:9a:10:c5:c3:
1f:24:52:6d:a6:ca:d9:e7:0e:3b:a2:28:91:ce:6c:
6a:9e:6d:98:c8:6d:8b:a1:ae:c1:cc:39:1e:bd:a6:
15:30:9b:cc:f1:1f:f7:63:73:9c:4d:e1:d9:9a:8c:
e7:43:22:8b:9a:13:b0:6d:50:24:75:56:1a:31:87:
13:3b:f1:4b:84:58:dd:d3:e5:ec:99:1e:f6:b0:b7:
11:0f:f9:d1:d6:b9:5b:4a:df:e8:41:7f:91:da:f2:
77:c4:2b:89:58:d7:5c:3d:fb:a7:dc:14:8a:a9:fd:
b2:72:af:08:be:dd:10:06:c4:7e:5f:61:78:ff:c5:
b8:65:30:8c:b7:79:52:1f:df:c2:f2:d2:f6:36:20:
f2:42:6f:dd:0b:e4:df:65:98:24:6e:1a:b3:be:bd:
33:6e:bb:4d:d9:cd:6f:f9:24:7a:df:3f:97:41:52:
e6:32:bf:a3:0f:3b:1c:f8:6c:88:09:c6:5e:c1:b1:
88:ba:06:6a:d4:7b:c0:92:28:f0:a1:24:4d:ab:2c:
65:e1:08:04:eb:22:85:03:f4:3f:6a:45:34:cf:c2:
fd:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:A5:40:74:9A:3C:E1:5C:F3:65:EA:A6:9C:1F:A2:54:05:F5:B0:04
X509v3 Authority Key Identifier:
keyid:B7:78:13:F6:C5:67:0A:58:68:6A:DC:3D:49:55:74:42:95:DD:14:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t3gT9sVnClhoatw9SVV0QpXdFBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1f57d5-99c2-4ca9-9350-17735e2c255f/1/t3gT9sVnClhoatw9SVV0QpXdFBk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1f57d5-99c2-4ca9-9350-17735e2c255f/1/t3gT9sVnClhoatw9SVV0QpXdFBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
71:37:96:ce:ec:36:8f:a2:26:83:45:12:33:2b:ef:1a:e4:05:
0e:12:c3:17:a7:74:a7:46:0e:8e:19:00:6b:dc:9f:13:d8:42:
ae:e1:cf:bd:6c:0d:8b:bc:01:27:ef:b9:83:a8:cd:ae:42:50:
e8:a7:55:4e:68:a0:26:1b:83:64:97:66:9b:07:9f:47:a7:e1:
e5:c6:6f:ea:94:14:a4:58:d0:e0:5a:a7:6c:d2:38:eb:a3:6d:
38:8e:f0:91:c0:ff:52:79:8e:3a:fc:45:17:fa:06:46:4b:75:
3c:a3:b8:80:58:b7:00:c2:2d:86:b9:3f:38:4c:b1:0d:0b:a2:
6f:77:0a:3f:c8:c5:1e:bf:ea:c2:a1:51:68:54:5a:85:4c:33:
cc:b4:5a:a1:01:d8:12:66:37:4f:08:a5:f7:ae:e4:dd:ce:8e:
c1:8d:43:4b:4b:5b:d9:7c:62:86:01:d0:b7:4d:83:b5:45:96:
32:3b:09:22:b2:40:de:fe:6c:88:fd:87:bf:04:9d:94:9f:49:
81:02:1b:e4:4d:3c:b7:3a:0c:d8:2f:cf:b3:e7:f1:d9:5e:f8:
2d:e1:43:21:2f:07:21:cc:5c:49:e0:65:29:36:14:33:4d:0f:
74:92:72:b6:4e:16:21:b7:5f:f5:71:98:bd:0f:cc:f9:40:f6:
b2:2b:92:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytx5soMY7k22qcWiuqdCfeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NzgxM2Y2YzU2NzBhNTg2ODZhZGMzZDQ5NTU3NDQyOTVk
ZDE0MTkwHhcNMjYwMzAyMDkwMTA1WhcNMjYwMzAzMDkwMTA1WjAzMTEwLwYDVQQD
EyhiYmE1NDA3NDlhM2NlMTVjZjM2NWVhYTY5YzFmYTI1NDA1ZjViMDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNG30NvgF5YomAAMFNWSFshdjGjo
UDgqicKK4TUYGCMlL8l8FfJceZoQxcMfJFJtpsrZ5w47oiiRzmxqnm2YyG2Loa7B
zDkevaYVMJvM8R/3Y3OcTeHZmoznQyKLmhOwbVAkdVYaMYcTO/FLhFjd0+XsmR72
sLcRD/nR1rlbSt/oQX+R2vJ3xCuJWNdcPfun3BSKqf2ycq8Ivt0QBsR+X2F4/8W4
ZTCMt3lSH9/C8tL2NiDyQm/dC+TfZZgkbhqzvr0zbrtN2c1v+SR63z+XQVLmMr+j
Dzsc+GyICcZewbGIugZq1HvAkijwoSRNqyxl4QgE6yKFA/Q/akU0z8L9hQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLulQHSaPOFc82XqppwfolQF9bAEMB8GA1UdIwQY
MBaAFLd4E/bFZwpYaGrcPUlVdEKV3RQZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDNnVDlzVm5DbGhvYXR3OVNWVjBRcFhkRkJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xZjU3ZDUtOTljMi00Y2E5LTkzNTAt
MTc3MzVlMmMyNTVmLzEvdDNnVDlzVm5DbGhvYXR3OVNWVjBRcFhkRkJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xZjU3ZDUtOTljMi00Y2E5LTkzNTAtMTc3MzVlMmMyNTVm
LzEvdDNnVDlzVm5DbGhvYXR3OVNWVjBRcFhkRkJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcTeWzuw2
j6Img0USMyvvGuQFDhLDF6d0p0YOjhkAa9yfE9hCruHPvWwNi7wBJ++5g6jNrkJQ
6KdVTmigJhuDZJdmmwefR6fh5cZv6pQUpFjQ4FqnbNI466NtOI7wkcD/UnmOOvxF
F/oGRkt1PKO4gFi3AMIthrk/OEyxDQuib3cKP8jFHr/qwqFRaFRahUwzzLRaoQHY
EmY3Twil967k3c6OwY1DS0tb2XxihgHQt02DtUWWMjsJIrJA3v5siP2HvwSdlJ9J
gQIb5E08tzoM2C/Ps+fx2V74LeFDIS8HIcxcSeBlKTYUM00PdJJytk4WIbdf9XGY
vQ/M+UD2siuSaw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:48:01 2026 by rpki-client