Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/041b9f-1a07-42e5-b487-29b97a1877fb/1/vnIqmXMsnDy8ILCkcpKoI3gmA6w.mft
File: vnIqmXMsnDy8ILCkcpKoI3gmA6w.mft (raw, json)
Hash identifier: M/+i263HEBg7VUE4YGDtsnTxtZKpn/vi5JgisFlcGNw=
Subject key identifier: 8A:88:0D:58:2A:2E:8C:4A:43:1E:10:E1:F4:03:CF:B0:9B:A9:23:E8
Authority key identifier: BE:72:2A:99:73:2C:9C:3C:BC:20:B0:A4:72:92:A8:23:78:26:03:AC
Certificate issuer: /CN=be722a99732c9c3cbc20b0a47292a823782603ac
Certificate serial: 019CAA592FFB13194EB8FD9478B638058B99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vnIqmXMsnDy8ILCkcpKoI3gmA6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/041b9f-1a07-42e5-b487-29b97a1877fb/1/vnIqmXMsnDy8ILCkcpKoI3gmA6w.mft
Manifest number: 17D7
Signing time: Sun 01 Mar 2026 17:01:37 +0000
Manifest this update: Sun 01 Mar 2026 17:01:37 +0000
Manifest next update: Mon 02 Mar 2026 17:01:37 +0000
Files and hashes: 1: J9YAUFwPteiNE41P-B9PZesABw4.roa (hash: aWHkIvoqLm8EJJK/XFEsvikfiT0fdWpAKa84pZKqHPU=)
2: vnIqmXMsnDy8ILCkcpKoI3gmA6w.crl (hash: Xkz/Ul6fhvWLCSiY03ISssu7SHaNuyjAC2ZWi/Eq10U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/041b9f-1a07-42e5-b487-29b97a1877fb/1/vnIqmXMsnDy8ILCkcpKoI3gmA6w.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/041b9f-1a07-42e5-b487-29b97a1877fb/1/vnIqmXMsnDy8ILCkcpKoI3gmA6w.mft
rsync://rpki.ripe.net/repository/DEFAULT/vnIqmXMsnDy8ILCkcpKoI3gmA6w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 17:01:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:59:2f:fb:13:19:4e:b8:fd:94:78:b6:38:05:8b:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be722a99732c9c3cbc20b0a47292a823782603ac
Validity
Not Before: Mar 1 17:01:37 2026 GMT
Not After : Mar 2 17:01:37 2026 GMT
Subject: CN=8a880d582a2e8c4a431e10e1f403cfb09ba923e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:3b:28:6d:77:76:02:9e:74:98:01:36:12:ea:
08:8f:12:c8:3c:10:85:86:ce:fd:f5:56:64:a5:cb:
c2:db:c2:0b:ab:42:fa:20:df:bf:ba:3c:14:ea:d6:
eb:96:52:b2:47:94:1c:34:c9:0b:14:11:1e:5c:b2:
eb:52:2e:d8:66:3e:48:a1:eb:37:7d:6b:85:19:58:
83:c9:e4:b9:7e:50:9c:5f:9f:a0:1c:1f:0e:f6:b9:
6c:63:93:6e:64:ee:79:a7:21:15:01:6e:02:fa:e4:
39:ac:5b:9a:bc:58:ef:8c:d6:dd:f2:87:cd:d8:74:
0f:3e:2e:ce:8b:26:a7:ab:81:7c:52:8c:d0:ca:7d:
39:e8:7c:53:ad:db:e6:60:bb:dc:df:80:23:23:59:
94:5b:7f:f4:fd:a5:e2:fc:02:40:70:a8:b6:69:d3:
aa:3d:b4:af:09:d4:a5:0e:0e:5c:0c:26:e7:43:f1:
10:7e:a1:1d:38:45:49:34:3b:b5:13:78:32:29:b4:
14:6a:99:0f:a3:12:11:5d:19:7c:d8:87:04:1a:69:
7c:e2:72:c6:84:87:2c:ea:bf:54:e7:e3:15:c1:e1:
0f:b4:41:8f:19:2c:c5:b8:e2:b8:c8:10:1d:2a:e4:
45:80:37:18:5d:c0:c8:8a:7b:82:ed:0b:fc:a6:de:
80:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:88:0D:58:2A:2E:8C:4A:43:1E:10:E1:F4:03:CF:B0:9B:A9:23:E8
X509v3 Authority Key Identifier:
keyid:BE:72:2A:99:73:2C:9C:3C:BC:20:B0:A4:72:92:A8:23:78:26:03:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vnIqmXMsnDy8ILCkcpKoI3gmA6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/041b9f-1a07-42e5-b487-29b97a1877fb/1/vnIqmXMsnDy8ILCkcpKoI3gmA6w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/041b9f-1a07-42e5-b487-29b97a1877fb/1/vnIqmXMsnDy8ILCkcpKoI3gmA6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
26:a2:62:0f:52:d0:45:61:dc:05:8f:f2:dc:90:47:b9:f3:dc:
dc:22:7f:54:6e:d1:4d:5b:19:1f:c9:57:a5:e3:c3:41:89:33:
05:99:97:a5:fb:3e:0b:b3:ce:18:57:ee:d7:13:51:5b:d2:ec:
2b:95:3d:25:1d:4e:da:40:ab:8f:a8:4f:31:e9:74:60:0d:96:
c4:a7:3c:03:a0:bf:0d:68:f3:79:42:ea:cf:05:51:37:e8:92:
e3:3f:19:c4:94:be:2b:19:79:62:3e:ff:72:4a:ac:87:0e:61:
de:c3:32:68:db:92:ad:82:88:8f:f7:e3:7b:1c:fc:9a:7e:f8:
4d:75:20:47:97:f9:52:07:e0:9f:2e:da:fe:aa:4a:3c:28:f8:
75:65:51:46:46:b1:e1:02:26:fb:32:e5:a5:96:34:74:e3:48:
94:65:dd:17:6d:8a:b2:32:40:4e:90:7a:13:a2:39:13:e9:60:
4c:63:7c:ac:e8:55:55:2b:6c:46:97:52:1b:64:f0:88:4b:e5:
2c:1b:52:21:50:f5:61:7e:01:75:58:aa:52:9c:ea:4b:79:d7:
81:90:48:ce:9f:c6:a4:a5:6a:d8:fc:f5:f1:76:3a:90:7d:10:
50:3d:df:57:c6:ed:3a:a2:94:ad:33:07:a9:bb:b2:d7:c8:3a:
46:1c:f5:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWS/7ExlOuP2UeLY4BYuZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNzIyYTk5NzMyYzljM2NiYzIwYjBhNDcyOTJhODIzNzgy
NjAzYWMwHhcNMjYwMzAxMTcwMTM3WhcNMjYwMzAyMTcwMTM3WjAzMTEwLwYDVQQD
Eyg4YTg4MGQ1ODJhMmU4YzRhNDMxZTEwZTFmNDAzY2ZiMDliYTkyM2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4TsobXd2Ap50mAE2EuoIjxLIPBCF
hs799VZkpcvC28ILq0L6IN+/ujwU6tbrllKyR5QcNMkLFBEeXLLrUi7YZj5Ioes3
fWuFGViDyeS5flCcX5+gHB8O9rlsY5NuZO55pyEVAW4C+uQ5rFuavFjvjNbd8ofN
2HQPPi7Oiyanq4F8UozQyn056HxTrdvmYLvc34AjI1mUW3/0/aXi/AJAcKi2adOq
PbSvCdSlDg5cDCbnQ/EQfqEdOEVJNDu1E3gyKbQUapkPoxIRXRl82IcEGml84nLG
hIcs6r9U5+MVweEPtEGPGSzFuOK4yBAdKuRFgDcYXcDIinuC7Qv8pt6ARwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIqIDVgqLoxKQx4Q4fQDz7CbqSPoMB8GA1UdIwQY
MBaAFL5yKplzLJw8vCCwpHKSqCN4JgOsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdm5JcW1YTXNuRHk4SUxDa2NwS29JM2dtQTZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8wNDFiOWYtMWEwNy00MmU1LWI0ODct
MjliOTdhMTg3N2ZiLzEvdm5JcW1YTXNuRHk4SUxDa2NwS29JM2dtQTZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8wNDFiOWYtMWEwNy00MmU1LWI0ODctMjliOTdhMTg3N2Zi
LzEvdm5JcW1YTXNuRHk4SUxDa2NwS29JM2dtQTZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJqJiD1LQ
RWHcBY/y3JBHufPc3CJ/VG7RTVsZH8lXpePDQYkzBZmXpfs+C7POGFfu1xNRW9Ls
K5U9JR1O2kCrj6hPMel0YA2WxKc8A6C/DWjzeULqzwVRN+iS4z8ZxJS+Kxl5Yj7/
ckqshw5h3sMyaNuSrYKIj/fjexz8mn74TXUgR5f5Ugfgny7a/qpKPCj4dWVRRkax
4QIm+zLlpZY0dONIlGXdF22KsjJATpB6E6I5E+lgTGN8rOhVVStsRpdSG2TwiEvl
LBtSIVD1YX4BdViqUpzqS3nXgZBIzp/GpKVq2Pz18XY6kH0QUD3fV8btOqKUrTMH
qbuy18g6Rhz10g==
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:59:55 2026 by rpki-client