
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
File: i5HgoQS1s93x9dCOessreeDVZvk.mft (raw, json)
Hash identifier: g7KYscTk1YjwPmGYcfCu31vO8SaEPhAV+bw85yOL6t8=
Subject key identifier: D4:73:82:01:92:F7:E7:ED:CD:95:94:8D:8C:C4:28:D3:40:24:A6:13
Authority key identifier: 8B:91:E0:A1:04:B5:B3:DD:F1:F5:D0:8E:7A:CB:2B:79:E0:D5:66:F9
Certificate issuer: /CN=8b91e0a104b5b3ddf1f5d08e7acb2b79e0d566f9
Certificate serial: 019CAEA36EAE6A77FDE9534E9C703D486DDD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i5HgoQS1s93x9dCOessreeDVZvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
Manifest number: 1257
Signing time: Mon 02 Mar 2026 13:01:11 +0000
Manifest this update: Mon 02 Mar 2026 13:01:11 +0000
Manifest next update: Tue 03 Mar 2026 13:01:11 +0000
Files and hashes: 1: FLemcIiElnlySDQ8j4MbhOGXKNY.roa (hash: +hFqqy7o9aLIrhPQ+Vl9O2F3JN7zKRwx0wl2/DYV2As=)
2: i5HgoQS1s93x9dCOessreeDVZvk.crl (hash: N3T/P5PLxgjWZGxDJ4pLiT3k9lslDTGuglF4n/N3aR8=)
3: zL0BeH3r9AkOxhITJlCW5Ja8LGo.roa (hash: oLz5pL1eqyWTu6AOPoAU4vUbkw5hVQwpWZe1I3Dg04k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/i5HgoQS1s93x9dCOessreeDVZvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 13:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:a3:6e:ae:6a:77:fd:e9:53:4e:9c:70:3d:48:6d:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b91e0a104b5b3ddf1f5d08e7acb2b79e0d566f9
Validity
Not Before: Mar 2 13:01:11 2026 GMT
Not After : Mar 3 13:01:11 2026 GMT
Subject: CN=d473820192f7e7edcd95948d8cc428d34024a613
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:05:f2:08:c6:31:79:a7:04:33:95:cc:08:41:
5d:c4:db:fa:9f:3b:0f:a9:c8:bf:58:0a:80:d2:fe:
32:be:97:cf:f4:e8:42:6e:b7:58:88:be:54:21:c0:
ee:54:c9:bc:e6:eb:30:b9:3e:cb:df:9e:a9:f5:5a:
c4:c8:dc:88:1e:3c:3b:d7:e8:59:cc:74:43:3d:62:
30:fb:93:13:7c:61:a8:f9:28:4d:81:26:58:81:14:
ea:8a:da:d7:b0:88:1c:e7:e1:f8:f2:e3:db:2c:b7:
66:d6:10:40:38:64:d6:40:b0:8b:1f:50:49:5f:d1:
e2:85:b7:55:94:8a:a5:91:2b:82:d3:03:3e:55:8c:
47:6d:4f:b1:94:44:b7:66:e7:8a:62:c9:ae:e1:a6:
35:a7:e8:2f:76:8e:1d:20:19:fd:82:11:c7:2b:67:
6d:91:f7:b7:7d:44:e9:ef:5b:85:03:75:e6:f3:3e:
77:60:85:cd:e7:31:63:e8:7c:13:0b:ac:61:c4:4e:
0b:dd:bc:f7:e5:c8:26:42:5b:5c:81:a1:f4:05:95:
21:7b:62:29:47:4c:ea:a1:3d:f7:44:03:18:9f:dd:
76:07:08:e2:5b:18:11:c4:1d:06:0c:c0:4b:45:ec:
67:df:52:e6:e7:85:42:a7:24:88:69:a3:e4:4f:17:
d0:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:73:82:01:92:F7:E7:ED:CD:95:94:8D:8C:C4:28:D3:40:24:A6:13
X509v3 Authority Key Identifier:
keyid:8B:91:E0:A1:04:B5:B3:DD:F1:F5:D0:8E:7A:CB:2B:79:E0:D5:66:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i5HgoQS1s93x9dCOessreeDVZvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
16:7a:13:7a:de:64:3e:9d:58:a9:26:90:58:92:30:36:45:87:
93:0d:19:af:94:e4:37:09:a1:24:34:07:b5:af:47:11:dd:60:
8b:7e:49:8d:88:e7:ce:eb:ee:a3:a4:24:f9:c3:bb:80:45:ae:
4f:13:6c:48:66:e1:d7:0c:6b:02:b3:c2:90:b7:9e:3b:26:45:
18:b8:9b:cf:02:15:8f:52:c8:af:22:1d:f1:8e:00:ca:b7:49:
92:5b:8d:2a:dc:a6:1c:ce:4e:55:60:9f:7c:30:7c:4d:29:4c:
55:6b:ba:f9:63:08:9f:c0:b3:d4:fe:39:d7:90:20:76:36:2d:
0b:55:76:f7:50:f7:9d:b6:57:8d:5f:12:94:ae:4b:91:83:0d:
06:72:92:87:95:4a:5c:b3:8e:63:2f:f6:2e:38:d5:7c:7e:60:
75:7c:5f:54:41:c7:c7:68:f9:ae:37:b6:e5:65:90:5a:cd:d4:
cd:d7:45:fb:0b:e7:be:6f:3d:d3:96:b2:66:05:8a:59:8d:c3:
52:15:cf:e7:d2:cb:53:e8:18:b0:02:9b:3b:39:cc:21:16:b2:
83:b6:7d:3f:90:ef:ab:2a:0e:35:c5:ba:8e:be:39:a6:e7:61:
a5:ec:3d:4b:b3:4a:70:ef:c7:ca:f0:e0:a2:a0:9a:8f:3a:78:
dd:3c:f8:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyuo26uanf96VNOnHA9SG3dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiOTFlMGExMDRiNWIzZGRmMWY1ZDA4ZTdhY2IyYjc5ZTBk
NTY2ZjkwHhcNMjYwMzAyMTMwMTExWhcNMjYwMzAzMTMwMTExWjAzMTEwLwYDVQQD
EyhkNDczODIwMTkyZjdlN2VkY2Q5NTk0OGQ4Y2M0MjhkMzQwMjRhNjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAXyCMYxeacEM5XMCEFdxNv6nzsP
qci/WAqA0v4yvpfP9OhCbrdYiL5UIcDuVMm85uswuT7L356p9VrEyNyIHjw71+hZ
zHRDPWIw+5MTfGGo+ShNgSZYgRTqitrXsIgc5+H48uPbLLdm1hBAOGTWQLCLH1BJ
X9HihbdVlIqlkSuC0wM+VYxHbU+xlES3ZueKYsmu4aY1p+gvdo4dIBn9ghHHK2dt
kfe3fUTp71uFA3Xm8z53YIXN5zFj6HwTC6xhxE4L3bz35cgmQltcgaH0BZUhe2Ip
R0zqoT33RAMYn912BwjiWxgRxB0GDMBLRexn31Lm54VCpySIaaPkTxfQ4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNRzggGS9+ftzZWUjYzEKNNAJKYTMB8GA1UdIwQY
MBaAFIuR4KEEtbPd8fXQjnrLK3ng1Wb5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTVIZ29RUzFzOTN4OWRDT2Vzc3JlZURWWnZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9kZmJmYzQtY2MzZi00NzdjLThkNzYt
YThjNTc2MjI0YmEyLzEvaTVIZ29RUzFzOTN4OWRDT2Vzc3JlZURWWnZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9kZmJmYzQtY2MzZi00NzdjLThkNzYtYThjNTc2MjI0YmEy
LzEvaTVIZ29RUzFzOTN4OWRDT2Vzc3JlZURWWnZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFnoTet5k
Pp1YqSaQWJIwNkWHkw0Zr5TkNwmhJDQHta9HEd1gi35JjYjnzuvuo6Qk+cO7gEWu
TxNsSGbh1wxrArPCkLeeOyZFGLibzwIVj1LIryId8Y4AyrdJkluNKtymHM5OVWCf
fDB8TSlMVWu6+WMIn8Cz1P4515AgdjYtC1V291D3nbZXjV8SlK5LkYMNBnKSh5VK
XLOOYy/2LjjVfH5gdXxfVEHHx2j5rje25WWQWs3UzddF+wvnvm8905ayZgWKWY3D
UhXP59LLU+gYsAKbOznMIRayg7Z9P5DvqyoONcW6jr45pudhpew9S7NKcO/HyvDg
oqCajzp43Tz4tQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:56:00 2026 by rpki-client