
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
File: i5HgoQS1s93x9dCOessreeDVZvk.mft (raw, json)
Hash identifier: 6rIeFnqen5rP85vNKdd7nlFl3T8nteVSR18zCH/4DX8=
Subject key identifier: D3:18:72:9E:C1:89:F1:6D:15:45:10:1A:E8:98:94:1F:4A:BA:5D:5E
Authority key identifier: 8B:91:E0:A1:04:B5:B3:DD:F1:F5:D0:8E:7A:CB:2B:79:E0:D5:66:F9
Certificate issuer: /CN=8b91e0a104b5b3ddf1f5d08e7acb2b79e0d566f9
Certificate serial: 019CAAC65DEAA5EC0C187ADC333AABE17C4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i5HgoQS1s93x9dCOessreeDVZvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
Manifest number: 1255
Signing time: Sun 01 Mar 2026 19:00:52 +0000
Manifest this update: Sun 01 Mar 2026 19:00:52 +0000
Manifest next update: Mon 02 Mar 2026 19:00:52 +0000
Files and hashes: 1: FLemcIiElnlySDQ8j4MbhOGXKNY.roa (hash: +hFqqy7o9aLIrhPQ+Vl9O2F3JN7zKRwx0wl2/DYV2As=)
2: i5HgoQS1s93x9dCOessreeDVZvk.crl (hash: rskFSBDJqSbx7yBkmsXe+Pt/g5CFUe9c5JMe6zNvRLg=)
3: zL0BeH3r9AkOxhITJlCW5Ja8LGo.roa (hash: oLz5pL1eqyWTu6AOPoAU4vUbkw5hVQwpWZe1I3Dg04k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/i5HgoQS1s93x9dCOessreeDVZvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:c6:5d:ea:a5:ec:0c:18:7a:dc:33:3a:ab:e1:7c:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b91e0a104b5b3ddf1f5d08e7acb2b79e0d566f9
Validity
Not Before: Mar 1 19:00:52 2026 GMT
Not After : Mar 2 19:00:52 2026 GMT
Subject: CN=d318729ec189f16d1545101ae898941f4aba5d5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:4c:32:77:6c:73:ad:7c:f8:06:03:8b:c6:f3:
a7:bf:e9:86:09:c0:07:c7:e5:5e:1e:de:da:72:fd:
ea:ab:98:db:1d:c4:68:0d:65:3e:f4:b5:76:86:d7:
3c:51:2c:8b:2b:5e:89:ff:e7:62:a7:81:8c:12:37:
af:7c:0a:b5:cf:71:42:c3:73:02:79:9b:8b:38:6b:
7b:d0:c6:68:b2:2c:85:45:c0:c5:84:3c:2d:3b:28:
a9:b6:f2:5c:fe:12:d5:3e:d8:04:6c:7d:8b:a4:e8:
6f:90:e9:77:b4:ff:cf:f0:93:34:0d:17:31:c7:b1:
da:75:83:63:4c:03:f6:f7:75:cd:23:a8:59:2c:17:
b8:d5:db:b4:9c:41:ba:83:0b:cc:92:e7:c6:33:d2:
81:23:45:3f:c2:c6:d7:5d:9b:58:92:2a:c3:7f:08:
a6:59:45:ec:e4:04:bf:0d:d1:d5:2a:81:8d:b6:7d:
8c:4c:26:ce:e4:ac:bf:57:5c:59:f1:c9:d0:d6:d2:
54:67:88:d2:55:6b:ca:96:3d:0a:44:23:f3:9f:35:
58:04:f9:86:64:aa:b2:8b:3f:b6:2b:67:f5:fc:db:
a1:ad:b4:7e:78:d8:81:bc:13:b3:d2:b7:59:a1:7c:
b4:5f:40:b0:af:f2:9f:d4:85:cd:b3:18:f0:2e:a5:
99:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:18:72:9E:C1:89:F1:6D:15:45:10:1A:E8:98:94:1F:4A:BA:5D:5E
X509v3 Authority Key Identifier:
keyid:8B:91:E0:A1:04:B5:B3:DD:F1:F5:D0:8E:7A:CB:2B:79:E0:D5:66:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i5HgoQS1s93x9dCOessreeDVZvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
34:d3:57:e0:4c:da:db:d1:e1:43:63:1d:89:1d:f3:19:d4:c6:
0a:53:f6:ed:8b:a4:d1:65:b3:cc:75:fc:96:cf:b4:6e:fc:d3:
93:28:ef:a3:91:16:87:25:2d:e1:cd:7d:cf:0a:cc:b5:61:2f:
d6:f3:48:fa:b1:cc:32:12:13:58:40:7d:52:ff:c1:34:fc:1a:
89:16:16:90:f5:4e:9a:ef:35:0b:7c:10:53:65:d3:13:d0:5e:
99:73:64:0a:8d:e6:c0:5d:70:23:0e:17:bc:eb:74:3e:9d:bc:
b6:f0:9c:d9:c8:89:36:bc:55:d3:4e:34:d9:c6:0c:60:ab:ca:
49:b7:7a:d7:e7:ab:7f:5c:da:d8:48:66:2e:25:75:91:bf:fa:
84:8e:f6:68:c8:ba:5b:f8:94:d9:53:91:41:d9:a5:bc:f8:35:
50:b5:49:85:d1:fb:75:aa:2e:c7:60:90:0a:bb:d4:f1:3a:65:
04:bc:ad:16:17:09:a3:3b:61:d9:45:58:ab:f2:63:6c:00:e8:
df:d7:3c:2a:ab:52:d6:3b:53:fd:72:98:60:fa:99:a1:96:80:
4b:e2:b0:49:b0:ff:7a:44:e0:71:5e:82:dc:a1:b7:43:46:a9:
48:91:b9:f1:9f:2f:98:47:37:25:c7:fc:1b:39:b9:e4:dc:df:
a5:7a:1e:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxl3qpewMGHrcMzqr4XxKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiOTFlMGExMDRiNWIzZGRmMWY1ZDA4ZTdhY2IyYjc5ZTBk
NTY2ZjkwHhcNMjYwMzAxMTkwMDUyWhcNMjYwMzAyMTkwMDUyWjAzMTEwLwYDVQQD
EyhkMzE4NzI5ZWMxODlmMTZkMTU0NTEwMWFlODk4OTQxZjRhYmE1ZDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzkwyd2xzrXz4BgOLxvOnv+mGCcAH
x+VeHt7acv3qq5jbHcRoDWU+9LV2htc8USyLK16J/+dip4GMEjevfAq1z3FCw3MC
eZuLOGt70MZosiyFRcDFhDwtOyiptvJc/hLVPtgEbH2LpOhvkOl3tP/P8JM0DRcx
x7HadYNjTAP293XNI6hZLBe41du0nEG6gwvMkufGM9KBI0U/wsbXXZtYkirDfwim
WUXs5AS/DdHVKoGNtn2MTCbO5Ky/V1xZ8cnQ1tJUZ4jSVWvKlj0KRCPznzVYBPmG
ZKqyiz+2K2f1/NuhrbR+eNiBvBOz0rdZoXy0X0Cwr/Kf1IXNsxjwLqWZ6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNMYcp7BifFtFUUQGuiYlB9Kul1eMB8GA1UdIwQY
MBaAFIuR4KEEtbPd8fXQjnrLK3ng1Wb5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTVIZ29RUzFzOTN4OWRDT2Vzc3JlZURWWnZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9kZmJmYzQtY2MzZi00NzdjLThkNzYt
YThjNTc2MjI0YmEyLzEvaTVIZ29RUzFzOTN4OWRDT2Vzc3JlZURWWnZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9kZmJmYzQtY2MzZi00NzdjLThkNzYtYThjNTc2MjI0YmEy
LzEvaTVIZ29RUzFzOTN4OWRDT2Vzc3JlZURWWnZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANNNX4Eza
29HhQ2MdiR3zGdTGClP27Yuk0WWzzHX8ls+0bvzTkyjvo5EWhyUt4c19zwrMtWEv
1vNI+rHMMhITWEB9Uv/BNPwaiRYWkPVOmu81C3wQU2XTE9BemXNkCo3mwF1wIw4X
vOt0Pp28tvCc2ciJNrxV00402cYMYKvKSbd61+erf1za2EhmLiV1kb/6hI72aMi6
W/iU2VORQdmlvPg1ULVJhdH7daoux2CQCrvU8TplBLytFhcJozth2UVYq/JjbADo
39c8KqtS1jtT/XKYYPqZoZaAS+KwSbD/ekTgcV6C3KG3Q0apSJG58Z8vmEc3Jcf8
Gzm55NzfpXoevg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:14:26 2026 by rpki-client