Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft
File: imgZHKtu8GsyKwsSSHhdSEpFJPM.mft (raw, json)
Hash identifier: wrmBOLXNqDByxC66i7fwvRlEOqhpufRjgV42P5oJaDY=
Subject key identifier: 21:A4:FF:38:F2:E3:E2:85:D8:11:43:AF:98:44:52:B0:EE:61:AF:74
Authority key identifier: 8A:68:19:1C:AB:6E:F0:6B:32:2B:0B:12:48:78:5D:48:4A:45:24:F3
Certificate issuer: /CN=8a68191cab6ef06b322b0b1248785d484a4524f3
Certificate serial: 019CACB47DBFB298665D4E0669A9C671BC76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft
Manifest number: 1296
Signing time: Mon 02 Mar 2026 04:00:35 +0000
Manifest this update: Mon 02 Mar 2026 04:00:35 +0000
Manifest next update: Tue 03 Mar 2026 04:00:35 +0000
Files and hashes: 1: YyRSnlrY6ZL2BY7kWgNKQn7ZABQ.roa (hash: XGF2A8hVRY8awHWUJiWHAMyAA173IB6zQJ6kuXsZFy4=)
2: imgZHKtu8GsyKwsSSHhdSEpFJPM.crl (hash: lroj7ys6ez/CwCh9uy61dWoa24CL9NIjR6fW1qGgOmM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft
rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:b4:7d:bf:b2:98:66:5d:4e:06:69:a9:c6:71:bc:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a68191cab6ef06b322b0b1248785d484a4524f3
Validity
Not Before: Mar 2 04:00:35 2026 GMT
Not After : Mar 3 04:00:35 2026 GMT
Subject: CN=21a4ff38f2e3e285d81143af984452b0ee61af74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:07:86:f8:21:e8:70:2d:de:da:a4:5c:6e:25:
e0:d9:b3:37:bb:b0:33:83:f2:87:c0:4b:81:5b:c9:
02:76:c1:cb:ca:bb:b3:df:a2:ad:1a:9d:6f:e9:e1:
83:e9:71:e6:1c:dc:f9:b3:e7:6f:08:ea:f5:f3:67:
1a:2d:55:06:5c:96:f0:42:4b:17:cd:bf:9b:60:fb:
53:2a:d3:38:c7:db:6f:61:54:9e:1c:d2:fd:e3:09:
57:d7:5a:0d:60:ad:bf:a3:64:58:8d:96:05:8f:67:
39:8d:2e:ae:54:95:f4:a5:78:f6:4c:3a:70:a8:ca:
79:78:19:d1:6d:eb:ee:76:e3:e5:1c:53:39:0d:24:
b6:67:7e:a2:f1:e9:b3:b7:38:22:b0:88:b3:44:04:
7c:64:26:b2:7e:25:2b:d7:3a:72:85:1b:b5:f4:a8:
17:ec:f2:d3:da:78:0e:dc:a1:ec:29:67:b6:02:e9:
46:cb:4f:71:fe:45:12:84:cd:79:cf:25:8e:dd:47:
b4:d7:6d:29:d4:8f:cb:9e:5a:f0:a7:28:44:05:a3:
9a:48:9a:80:8c:8b:50:71:8f:36:fd:f2:b5:87:bd:
84:58:95:4d:b9:5c:7f:1e:cd:1a:da:3b:00:17:ee:
74:b1:4f:ee:7e:c6:29:0b:cd:d6:ca:f2:eb:d7:bb:
1c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:A4:FF:38:F2:E3:E2:85:D8:11:43:AF:98:44:52:B0:EE:61:AF:74
X509v3 Authority Key Identifier:
keyid:8A:68:19:1C:AB:6E:F0:6B:32:2B:0B:12:48:78:5D:48:4A:45:24:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9a:93:0f:aa:c9:73:df:fa:f9:fc:d3:3d:88:80:d2:e4:0d:b3:
f9:aa:7d:f3:be:22:c6:4c:48:b9:5c:64:ab:5d:7b:f4:27:2d:
ed:5d:20:eb:51:84:83:a0:29:3a:a5:2a:d9:f0:9c:66:f2:a1:
d4:89:3d:78:47:8d:bb:d8:0f:7d:a3:34:74:32:37:fa:94:d6:
ae:56:02:76:13:b2:cf:04:83:dd:cd:8b:0d:3c:d2:67:29:01:
a2:87:45:18:09:b4:21:ed:14:33:63:9d:44:dc:f2:a1:d8:bc:
87:7e:54:61:4e:6f:28:35:cc:d6:2f:96:73:75:fc:49:5a:41:
e1:92:7e:a2:4f:d2:48:28:33:ff:7d:de:ff:0d:77:e7:cb:3f:
e0:8c:bd:d1:28:aa:ba:2d:bc:94:8b:14:51:c5:85:51:d4:a1:
52:d5:0c:08:44:38:61:f9:af:d3:6a:68:89:dd:4e:6c:f7:39:
55:3c:6f:c5:b6:c2:d1:4c:1b:62:95:a2:a7:ce:f1:d5:1d:31:
34:44:4f:94:e5:9f:7b:2e:83:3f:78:73:84:d7:0a:fa:fd:33:
c2:4b:e8:cc:90:23:28:79:62:b7:1e:3c:e7:7a:78:b7:87:8b:
2c:36:4e:66:6a:95:19:d4:20:12:1b:06:49:83:a0:da:01:9f:
e9:7b:37:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZystH2/sphmXU4GaanGcbx2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNjgxOTFjYWI2ZWYwNmIzMjJiMGIxMjQ4Nzg1ZDQ4NGE0
NTI0ZjMwHhcNMjYwMzAyMDQwMDM1WhcNMjYwMzAzMDQwMDM1WjAzMTEwLwYDVQQD
EygyMWE0ZmYzOGYyZTNlMjg1ZDgxMTQzYWY5ODQ0NTJiMGVlNjFhZjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuweG+CHocC3e2qRcbiXg2bM3u7Az
g/KHwEuBW8kCdsHLyruz36KtGp1v6eGD6XHmHNz5s+dvCOr182caLVUGXJbwQksX
zb+bYPtTKtM4x9tvYVSeHNL94wlX11oNYK2/o2RYjZYFj2c5jS6uVJX0pXj2TDpw
qMp5eBnRbevuduPlHFM5DSS2Z36i8emztzgisIizRAR8ZCayfiUr1zpyhRu19KgX
7PLT2ngO3KHsKWe2AulGy09x/kUShM15zyWO3Ue0120p1I/LnlrwpyhEBaOaSJqA
jItQcY82/fK1h72EWJVNuVx/Hs0a2jsAF+50sU/ufsYpC83WyvLr17scwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCGk/zjy4+KF2BFDr5hEUrDuYa90MB8GA1UdIwQY
MBaAFIpoGRyrbvBrMisLEkh4XUhKRSTzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW1nWkhLdHU4R3N5S3dzU1NIaGRTRXBGSlBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lM2VlOGQtZTQ1OS00ZjQ3LWI3NWQt
OTcxMTdlZWI0ODkxLzEvaW1nWkhLdHU4R3N5S3dzU1NIaGRTRXBGSlBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lM2VlOGQtZTQ1OS00ZjQ3LWI3NWQtOTcxMTdlZWI0ODkx
LzEvaW1nWkhLdHU4R3N5S3dzU1NIaGRTRXBGSlBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmpMPqslz
3/r5/NM9iIDS5A2z+ap9874ixkxIuVxkq1179Cct7V0g61GEg6ApOqUq2fCcZvKh
1Ik9eEeNu9gPfaM0dDI3+pTWrlYCdhOyzwSD3c2LDTzSZykBoodFGAm0Ie0UM2Od
RNzyodi8h35UYU5vKDXM1i+Wc3X8SVpB4ZJ+ok/SSCgz/33e/w1358s/4Iy90Siq
ui28lIsUUcWFUdShUtUMCEQ4Yfmv02poid1ObPc5VTxvxbbC0UwbYpWip87x1R0x
NERPlOWfey6DP3hzhNcK+v0zwkvozJAjKHlitx4853p4t4eLLDZOZmqVGdQgEhsG
SYOg2gGf6Xs35g==
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:11:12 2026 by rpki-client