Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/d8f845-6250-4df8-90c0-e24b579c9914/1/SS0kreN6IjOTKECddX1H-XlDt6A.mft
File: SS0kreN6IjOTKECddX1H-XlDt6A.mft (raw, json)
Hash identifier: hFJ/jdHUCfcG+/Cej66y2dIPHVk0TiP2HrLENp/JB84=
Subject key identifier: 13:03:C0:42:67:B6:CC:A8:9E:F9:3C:61:07:2D:DD:D8:30:AB:C9:30
Authority key identifier: 49:2D:24:AD:E3:7A:22:33:93:28:40:9D:75:7D:47:F9:79:43:B7:A0
Certificate issuer: /CN=492d24ade37a22339328409d757d47f97943b7a0
Certificate serial: 019CABD997D032D33FCF0DDE7053A5D1E620
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SS0kreN6IjOTKECddX1H-XlDt6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/d8f845-6250-4df8-90c0-e24b579c9914/1/SS0kreN6IjOTKECddX1H-XlDt6A.mft
Manifest number: 0F42
Signing time: Mon 02 Mar 2026 00:01:29 +0000
Manifest this update: Mon 02 Mar 2026 00:01:29 +0000
Manifest next update: Tue 03 Mar 2026 00:01:29 +0000
Files and hashes: 1: NFYt2GuSWXtuOwlW6Nq8CMWtovs.roa (hash: puZ/+ztmFMeMmQqgSFGKCmQg2VYFRDLAAcv+aC1rqdo=)
2: SS0kreN6IjOTKECddX1H-XlDt6A.crl (hash: 9TG6QGrMlSg1tyxEKnF4eS0/+MAXwQYexTQYGJhzSnk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/d8f845-6250-4df8-90c0-e24b579c9914/1/SS0kreN6IjOTKECddX1H-XlDt6A.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/d8f845-6250-4df8-90c0-e24b579c9914/1/SS0kreN6IjOTKECddX1H-XlDt6A.mft
rsync://rpki.ripe.net/repository/DEFAULT/SS0kreN6IjOTKECddX1H-XlDt6A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:d9:97:d0:32:d3:3f:cf:0d:de:70:53:a5:d1:e6:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=492d24ade37a22339328409d757d47f97943b7a0
Validity
Not Before: Mar 2 00:01:29 2026 GMT
Not After : Mar 3 00:01:29 2026 GMT
Subject: CN=1303c04267b6cca89ef93c61072dddd830abc930
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e3:9d:bb:01:71:fe:56:21:a0:e7:5a:ca:43:
b2:1e:9a:86:26:b5:2a:d6:d0:d5:ea:e5:c0:20:ee:
5e:3a:dc:6b:75:bd:6b:d7:75:0c:d8:0e:01:ba:fb:
7c:52:48:6b:df:f8:26:6c:31:8d:fb:35:04:01:25:
12:f4:a2:07:e2:7c:00:3e:dd:3f:ed:fb:46:80:d9:
81:b4:4f:45:7c:54:5c:96:0e:cc:0c:5d:c3:44:c2:
30:37:3a:69:70:72:cf:c3:1e:e5:cf:45:1f:5d:4f:
b5:bf:bc:e4:47:dc:1a:0c:d4:a6:25:5f:0a:f5:e2:
45:ad:70:9d:b6:d0:1b:0a:36:d0:d2:9f:4e:be:d6:
52:36:f2:4b:f5:cb:dc:15:3b:36:1d:2b:5f:56:b2:
5b:22:02:67:1c:e9:52:ff:68:95:14:04:44:f3:77:
f4:a6:f6:55:3a:84:41:3e:5c:62:c8:4b:ae:79:b0:
dc:54:32:49:71:87:03:33:e8:68:ee:0e:b5:bd:e5:
c4:11:fd:ae:77:1a:3e:a0:67:80:dc:b8:06:27:86:
5c:0e:ff:16:9d:04:9a:53:dd:d7:0e:6d:0b:51:9f:
82:4d:ec:fa:b6:80:d7:c1:4c:ea:bf:5c:1a:b6:2c:
2a:c1:b4:a0:68:b5:d0:5c:74:27:a1:06:fd:17:41:
da:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:03:C0:42:67:B6:CC:A8:9E:F9:3C:61:07:2D:DD:D8:30:AB:C9:30
X509v3 Authority Key Identifier:
keyid:49:2D:24:AD:E3:7A:22:33:93:28:40:9D:75:7D:47:F9:79:43:B7:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SS0kreN6IjOTKECddX1H-XlDt6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/d8f845-6250-4df8-90c0-e24b579c9914/1/SS0kreN6IjOTKECddX1H-XlDt6A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/d8f845-6250-4df8-90c0-e24b579c9914/1/SS0kreN6IjOTKECddX1H-XlDt6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
85:f2:fa:e8:23:1a:e0:e2:ef:76:28:18:f5:5e:ce:8a:eb:22:
5a:97:51:43:94:5c:3b:4e:4f:f9:80:b5:9c:0c:28:bb:0d:42:
2e:8e:96:1c:10:94:d1:16:45:56:c3:22:65:15:19:7f:cf:ab:
16:98:96:be:3e:a3:4f:14:be:81:3f:04:c9:19:7d:6c:c6:ea:
28:ed:71:b9:cd:b4:d6:4b:78:13:fe:15:2c:9c:82:ce:83:ac:
8b:98:cb:2b:df:49:72:e4:7d:35:d6:c6:07:db:95:f4:c5:fb:
38:9e:6e:e4:19:2f:db:64:f6:38:c0:b6:8b:7a:e7:04:db:9c:
7c:e8:75:37:bb:cc:db:38:7f:83:63:52:66:be:75:a6:21:7b:
7a:13:5d:91:2f:7b:13:f5:75:81:70:f3:83:8b:9d:d7:e8:f6:
3d:a4:66:d2:bd:fb:00:fd:c7:d3:c5:63:4d:52:11:52:09:c7:
91:35:b6:7d:0d:4d:19:d4:c0:bf:94:d6:b1:97:79:da:78:ba:
d4:96:9e:f6:51:16:7b:09:97:bc:c1:76:e4:9a:8f:ea:82:63:
34:e9:44:60:86:3f:b7:c7:ab:08:08:07:45:e0:4e:cd:63:52:
2c:c1:aa:bf:96:71:e9:d5:26:be:33:1b:d9:74:b2:b2:f1:75:
63:6d:f6:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2ZfQMtM/zw3ecFOl0eYgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MmQyNGFkZTM3YTIyMzM5MzI4NDA5ZDc1N2Q0N2Y5Nzk0
M2I3YTAwHhcNMjYwMzAyMDAwMTI5WhcNMjYwMzAzMDAwMTI5WjAzMTEwLwYDVQQD
EygxMzAzYzA0MjY3YjZjY2E4OWVmOTNjNjEwNzJkZGRkODMwYWJjOTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+OduwFx/lYhoOdaykOyHpqGJrUq
1tDV6uXAIO5eOtxrdb1r13UM2A4Buvt8Ukhr3/gmbDGN+zUEASUS9KIH4nwAPt0/
7ftGgNmBtE9FfFRclg7MDF3DRMIwNzppcHLPwx7lz0UfXU+1v7zkR9waDNSmJV8K
9eJFrXCdttAbCjbQ0p9OvtZSNvJL9cvcFTs2HStfVrJbIgJnHOlS/2iVFARE83f0
pvZVOoRBPlxiyEuuebDcVDJJcYcDM+ho7g61veXEEf2udxo+oGeA3LgGJ4ZcDv8W
nQSaU93XDm0LUZ+CTez6toDXwUzqv1watiwqwbSgaLXQXHQnoQb9F0HauwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBMDwEJntsyonvk8YQct3dgwq8kwMB8GA1UdIwQY
MBaAFEktJK3jeiIzkyhAnXV9R/l5Q7egMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1Mwa3JlTjZJak9US0VDZGRYMUgtWGxEdDZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9kOGY4NDUtNjI1MC00ZGY4LTkwYzAt
ZTI0YjU3OWM5OTE0LzEvU1Mwa3JlTjZJak9US0VDZGRYMUgtWGxEdDZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS9kOGY4NDUtNjI1MC00ZGY4LTkwYzAtZTI0YjU3OWM5OTE0
LzEvU1Mwa3JlTjZJak9US0VDZGRYMUgtWGxEdDZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhfL66CMa
4OLvdigY9V7OiusiWpdRQ5RcO05P+YC1nAwouw1CLo6WHBCU0RZFVsMiZRUZf8+r
FpiWvj6jTxS+gT8EyRl9bMbqKO1xuc201kt4E/4VLJyCzoOsi5jLK99JcuR9NdbG
B9uV9MX7OJ5u5Bkv22T2OMC2i3rnBNucfOh1N7vM2zh/g2NSZr51piF7ehNdkS97
E/V1gXDzg4ud1+j2PaRm0r37AP3H08VjTVIRUgnHkTW2fQ1NGdTAv5TWsZd52ni6
1Jae9lEWewmXvMF25JqP6oJjNOlEYIY/t8erCAgHReBOzWNSLMGqv5Zx6dUmvjMb
2XSysvF1Y232sA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:15:52 2026 by rpki-client