Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
File: v99XKOyr1W70Y3NWlVhmylRoaRo.mft (raw, json)
Hash identifier: VpQUNPgbEITJQVx5Hl6SWEdvMXL8HC25yQS8mk+BqC4=
Subject key identifier: 7C:FE:44:09:AB:AC:5F:3F:EC:72:E2:9B:A5:B0:9E:25:D7:EF:B2:B8
Authority key identifier: BF:DF:57:28:EC:AB:D5:6E:F4:63:73:56:95:58:66:CA:54:68:69:1A
Certificate issuer: /CN=bfdf5728ecabd56ef4637356955866ca5468691a
Certificate serial: 019CAB6BD9FB0905239F95760C181744E4D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
Manifest number: 0469
Signing time: Sun 01 Mar 2026 22:01:37 +0000
Manifest this update: Sun 01 Mar 2026 22:01:37 +0000
Manifest next update: Mon 02 Mar 2026 22:01:37 +0000
Files and hashes: 1: 3BcGBZCHDgJs9gSoEvIJqO6Wdng.roa (hash: QqrBTNsjue3924ijEFZUnNRSzA8ZRhSOavKbIrZOqys=)
2: v99XKOyr1W70Y3NWlVhmylRoaRo.crl (hash: JQOovDSbcJw31Qxq6UB2ZTJMKiXJnMydu5nBqD/szkY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 22:01:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:6b:d9:fb:09:05:23:9f:95:76:0c:18:17:44:e4:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfdf5728ecabd56ef4637356955866ca5468691a
Validity
Not Before: Mar 1 22:01:37 2026 GMT
Not After : Mar 2 22:01:37 2026 GMT
Subject: CN=7cfe4409abac5f3fec72e29ba5b09e25d7efb2b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ff:71:60:bc:79:19:00:0e:eb:1d:e1:a3:43:
9e:61:f7:47:94:1c:f7:c0:2f:f8:bd:52:e0:60:c9:
48:fc:7c:b8:78:77:4f:72:23:06:b7:24:7a:ee:98:
0d:8d:69:b2:78:23:70:fa:fe:69:6d:0d:af:8f:89:
1a:3f:b6:aa:8c:b1:18:00:8f:60:41:a6:c5:4a:6b:
4b:7d:8e:1f:a3:d5:3c:4e:33:77:1f:6d:5b:4e:d5:
0c:66:55:12:3c:b7:51:10:3f:44:80:35:b1:f3:0f:
1e:47:cf:3d:20:72:a6:90:0e:76:12:bd:26:ce:cb:
2d:43:d2:29:d2:56:d4:81:fa:f2:c3:06:e3:77:d5:
8b:09:55:1c:59:51:2a:83:ff:cf:43:77:5e:5d:f4:
78:49:9e:49:50:67:3a:7a:7f:56:5c:34:f8:e9:be:
90:e3:a5:94:e4:6d:81:3e:dd:01:84:5f:b3:ad:5e:
08:13:62:4f:2d:eb:42:e1:0d:0f:f6:4d:0e:fc:43:
c7:c2:26:0f:ab:62:45:10:ed:ae:ca:68:ef:ef:ef:
dd:97:5c:44:8b:1f:be:6b:48:ec:be:5e:33:3b:50:
98:c7:49:5d:47:72:c8:ad:d5:5e:03:ab:5d:36:80:
ff:00:92:0b:67:35:b5:36:8b:ca:22:78:40:59:7d:
10:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:FE:44:09:AB:AC:5F:3F:EC:72:E2:9B:A5:B0:9E:25:D7:EF:B2:B8
X509v3 Authority Key Identifier:
keyid:BF:DF:57:28:EC:AB:D5:6E:F4:63:73:56:95:58:66:CA:54:68:69:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
81:3c:58:e7:bf:2e:79:81:fe:92:e6:e8:35:d9:d2:52:3a:87:
c0:fe:88:06:c5:29:3a:19:a7:b7:32:a5:00:b0:e0:26:00:48:
f1:fd:c8:c3:05:38:35:1d:48:79:ae:90:02:75:45:73:75:41:
52:60:3b:88:94:ba:91:b6:97:6f:08:16:15:5e:7f:6b:3e:a0:
6a:1c:57:90:b4:c5:b7:5a:27:2f:9a:da:03:e9:1e:da:ec:49:
03:5f:04:32:e3:67:8b:99:8b:4a:1a:f0:d1:22:d7:12:ce:99:
fd:35:e9:ad:a1:bc:1d:5b:77:b4:e7:52:2d:04:09:bc:af:f4:
d7:cd:bc:54:2f:44:2a:16:ef:00:5e:17:3a:cf:bc:6f:5b:54:
f3:47:29:a3:3a:05:8d:78:38:59:d4:86:a0:8f:df:b8:ae:29:
2b:1f:73:0f:aa:0f:cd:62:8f:c0:10:2f:04:b8:e8:b5:f1:4e:
5f:0e:d9:7f:5b:f4:52:59:f0:9c:2e:df:3a:ab:40:a8:e6:6c:
9c:97:07:64:8d:b7:33:78:4d:9f:65:80:97:d9:f5:65:2b:16:
1c:88:27:9a:79:d3:31:4e:f5:82:7a:37:35:09:d8:ab:b3:64:
3d:c6:6e:0e:18:b6:1d:2e:ad:9b:ca:cf:43:72:5c:be:d1:10:
bd:09:a7:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra9n7CQUjn5V2DBgXROTUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZGY1NzI4ZWNhYmQ1NmVmNDYzNzM1Njk1NTg2NmNhNTQ2
ODY5MWEwHhcNMjYwMzAxMjIwMTM3WhcNMjYwMzAyMjIwMTM3WjAzMTEwLwYDVQQD
Eyg3Y2ZlNDQwOWFiYWM1ZjNmZWM3MmUyOWJhNWIwOWUyNWQ3ZWZiMmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/9xYLx5GQAO6x3ho0OeYfdHlBz3
wC/4vVLgYMlI/Hy4eHdPciMGtyR67pgNjWmyeCNw+v5pbQ2vj4kaP7aqjLEYAI9g
QabFSmtLfY4fo9U8TjN3H21bTtUMZlUSPLdRED9EgDWx8w8eR889IHKmkA52Er0m
zsstQ9Ip0lbUgfrywwbjd9WLCVUcWVEqg//PQ3deXfR4SZ5JUGc6en9WXDT46b6Q
46WU5G2BPt0BhF+zrV4IE2JPLetC4Q0P9k0O/EPHwiYPq2JFEO2uymjv7+/dl1xE
ix++a0jsvl4zO1CYx0ldR3LIrdVeA6tdNoD/AJILZzW1NovKInhAWX0QfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHz+RAmrrF8/7HLim6WwniXX77K4MB8GA1UdIwQY
MBaAFL/fVyjsq9Vu9GNzVpVYZspUaGkaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9mY2YzMjItMTdjMS00ZjQwLWE2MTgt
YmQxNGQzNDRiYmYyLzEvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9mY2YzMjItMTdjMS00ZjQwLWE2MTgtYmQxNGQzNDRiYmYy
LzEvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgTxY578u
eYH+kuboNdnSUjqHwP6IBsUpOhmntzKlALDgJgBI8f3IwwU4NR1Iea6QAnVFc3VB
UmA7iJS6kbaXbwgWFV5/az6gahxXkLTFt1onL5raA+ke2uxJA18EMuNni5mLShrw
0SLXEs6Z/TXpraG8HVt3tOdSLQQJvK/01828VC9EKhbvAF4XOs+8b1tU80cpozoF
jXg4WdSGoI/fuK4pKx9zD6oPzWKPwBAvBLjotfFOXw7Zf1v0UlnwnC7fOqtAqOZs
nJcHZI23M3hNn2WAl9n1ZSsWHIgnmnnTMU71gno3NQnYq7NkPcZuDhi2HS6tm8rP
Q3JcvtEQvQmnUw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:43:36 2026 by rpki-client