Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/0077c5-f0be-463f-ab75-8c3dcc459026/1/l8AN4AfUqkpAMdR2ELObd0kIv0k.mft
File: l8AN4AfUqkpAMdR2ELObd0kIv0k.mft (raw, json)
Hash identifier: rvbzANHMKwQtaqKDxNDnPXFThxQ2IiJyje/1s7cgKv8=
Subject key identifier: E9:0F:5B:A5:9E:BC:92:90:7B:83:0D:A1:E9:1F:15:06:27:91:C6:EE
Authority key identifier: 97:C0:0D:E0:07:D4:AA:4A:40:31:D4:76:10:B3:9B:77:49:08:BF:49
Certificate issuer: /CN=97c00de007d4aa4a4031d47610b39b774908bf49
Certificate serial: 019CAD907A60E64F4FD7407FE1808B1DD24A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l8AN4AfUqkpAMdR2ELObd0kIv0k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/0077c5-f0be-463f-ab75-8c3dcc459026/1/l8AN4AfUqkpAMdR2ELObd0kIv0k.mft
Manifest number: 042D
Signing time: Mon 02 Mar 2026 08:00:52 +0000
Manifest this update: Mon 02 Mar 2026 08:00:52 +0000
Manifest next update: Tue 03 Mar 2026 08:00:52 +0000
Files and hashes: 1: l8AN4AfUqkpAMdR2ELObd0kIv0k.crl (hash: nYmaU4nS663wV1BMOEOyUdBwtv3CMoh36GfvyMxvpUs=)
2: odYIvbxaJeYmOjoyzYcsw6tdRBQ.roa (hash: gjz6TPRGymxJ3q8bit5/XLbB9ysikFUi3nJ/upxA8J0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/0077c5-f0be-463f-ab75-8c3dcc459026/1/l8AN4AfUqkpAMdR2ELObd0kIv0k.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/0077c5-f0be-463f-ab75-8c3dcc459026/1/l8AN4AfUqkpAMdR2ELObd0kIv0k.mft
rsync://rpki.ripe.net/repository/DEFAULT/l8AN4AfUqkpAMdR2ELObd0kIv0k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 08:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:90:7a:60:e6:4f:4f:d7:40:7f:e1:80:8b:1d:d2:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97c00de007d4aa4a4031d47610b39b774908bf49
Validity
Not Before: Mar 2 08:00:52 2026 GMT
Not After : Mar 3 08:00:52 2026 GMT
Subject: CN=e90f5ba59ebc92907b830da1e91f15062791c6ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ed:22:b8:9b:76:4d:3d:cd:42:1c:9c:f1:55:
c2:84:d5:66:6f:3b:e4:71:50:e5:cb:06:e7:4c:b7:
a5:40:65:08:14:ff:24:8c:c3:88:b3:f8:b5:c3:0f:
36:ce:04:96:a3:88:93:18:c8:b7:c0:43:fd:7c:96:
44:c7:b9:fd:04:f7:52:c7:3a:e2:41:e0:13:7e:e9:
20:07:e0:93:60:fb:09:08:dc:2f:e4:43:e6:64:4d:
83:ee:aa:c3:da:35:5e:0e:d0:c4:ce:91:fe:15:5b:
b2:25:7e:81:de:64:f9:e5:d2:0d:8e:e4:10:ef:39:
c5:1b:e5:08:19:8c:b1:29:21:12:1c:ac:b5:e9:79:
c5:e7:20:30:84:3b:d5:b8:ea:aa:ee:d2:00:67:1f:
9d:1a:40:2e:b3:b7:10:fe:d4:88:a2:37:90:58:9a:
57:e5:7d:93:35:6d:1b:3e:ac:06:6c:3e:73:da:23:
ca:87:28:f4:77:c1:94:03:bf:ed:82:05:d3:70:97:
d2:1f:7f:3b:c9:5f:ee:64:5d:a0:a2:d7:e2:1c:d0:
76:1c:ac:ec:a2:17:4d:86:cd:41:24:14:5b:27:bc:
09:19:2a:8a:74:86:05:8d:d1:9b:41:14:30:2b:2d:
de:f4:85:54:0d:05:33:43:eb:74:b7:80:a7:4c:6c:
f0:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:0F:5B:A5:9E:BC:92:90:7B:83:0D:A1:E9:1F:15:06:27:91:C6:EE
X509v3 Authority Key Identifier:
keyid:97:C0:0D:E0:07:D4:AA:4A:40:31:D4:76:10:B3:9B:77:49:08:BF:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l8AN4AfUqkpAMdR2ELObd0kIv0k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/0077c5-f0be-463f-ab75-8c3dcc459026/1/l8AN4AfUqkpAMdR2ELObd0kIv0k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/0077c5-f0be-463f-ab75-8c3dcc459026/1/l8AN4AfUqkpAMdR2ELObd0kIv0k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2e:df:04:d6:55:16:f0:1f:5a:d4:a8:9d:f5:77:a2:3e:3f:02:
df:24:52:d7:d0:df:12:ee:91:a2:fc:fe:da:45:79:14:67:23:
1b:ef:58:dd:3e:72:97:2c:32:5b:17:af:3c:f2:9e:02:81:2a:
93:20:8a:e2:e3:7a:7c:73:84:b4:ed:40:26:4d:64:7d:48:c7:
b8:ea:7a:a7:69:b2:f8:9d:30:6b:8a:a8:4a:d9:32:84:c2:eb:
f9:1f:b3:49:4c:ae:45:4e:b5:c4:da:bc:e6:52:3a:61:52:92:
0a:a4:15:4b:ea:67:24:58:66:b5:51:b6:96:4c:32:a2:f1:fa:
61:7b:b9:a4:31:2e:ff:3a:02:39:c6:91:c0:1b:fb:22:02:b2:
0d:c7:ed:5f:2d:88:f1:29:93:df:54:6f:f6:c1:d6:86:07:f8:
90:dd:df:a3:9d:af:57:73:1e:a3:f3:e6:62:3c:30:83:1e:59:
22:4e:bf:43:de:99:3c:4c:cb:63:ed:27:ab:cf:3f:1b:7a:ff:
be:8a:a1:04:11:d3:0a:3f:89:3c:4b:26:e0:63:af:a0:1e:df:
5d:fc:fc:70:03:07:78:e9:0c:2e:18:11:f9:ad:ca:be:7f:43:
e6:74:e8:72:7d:9d:0c:db:49:2e:33:12:59:9b:d4:e7:51:a7:
2f:b2:61:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytkHpg5k9P10B/4YCLHdJKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3YzAwZGUwMDdkNGFhNGE0MDMxZDQ3NjEwYjM5Yjc3NDkw
OGJmNDkwHhcNMjYwMzAyMDgwMDUyWhcNMjYwMzAzMDgwMDUyWjAzMTEwLwYDVQQD
EyhlOTBmNWJhNTllYmM5MjkwN2I4MzBkYTFlOTFmMTUwNjI3OTFjNmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAze0iuJt2TT3NQhyc8VXChNVmbzvk
cVDlywbnTLelQGUIFP8kjMOIs/i1ww82zgSWo4iTGMi3wEP9fJZEx7n9BPdSxzri
QeATfukgB+CTYPsJCNwv5EPmZE2D7qrD2jVeDtDEzpH+FVuyJX6B3mT55dINjuQQ
7znFG+UIGYyxKSESHKy16XnF5yAwhDvVuOqq7tIAZx+dGkAus7cQ/tSIojeQWJpX
5X2TNW0bPqwGbD5z2iPKhyj0d8GUA7/tggXTcJfSH387yV/uZF2gotfiHNB2HKzs
ohdNhs1BJBRbJ7wJGSqKdIYFjdGbQRQwKy3e9IVUDQUzQ+t0t4CnTGzwywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOkPW6WevJKQe4MNoekfFQYnkcbuMB8GA1UdIwQY
MBaAFJfADeAH1KpKQDHUdhCzm3dJCL9JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDhBTjRBZlVxa3BBTWRSMkVMT2JkMGtJdjBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8wMDc3YzUtZjBiZS00NjNmLWFiNzUt
OGMzZGNjNDU5MDI2LzEvbDhBTjRBZlVxa3BBTWRSMkVMT2JkMGtJdjBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8wMDc3YzUtZjBiZS00NjNmLWFiNzUtOGMzZGNjNDU5MDI2
LzEvbDhBTjRBZlVxa3BBTWRSMkVMT2JkMGtJdjBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALt8E1lUW
8B9a1Kid9XeiPj8C3yRS19DfEu6Rovz+2kV5FGcjG+9Y3T5ylywyWxevPPKeAoEq
kyCK4uN6fHOEtO1AJk1kfUjHuOp6p2my+J0wa4qoStkyhMLr+R+zSUyuRU61xNq8
5lI6YVKSCqQVS+pnJFhmtVG2lkwyovH6YXu5pDEu/zoCOcaRwBv7IgKyDcftXy2I
8SmT31Rv9sHWhgf4kN3fo52vV3Meo/PmYjwwgx5ZIk6/Q96ZPEzLY+0nq88/G3r/
voqhBBHTCj+JPEsm4GOvoB7fXfz8cAMHeOkMLhgR+a3Kvn9D5nTocn2dDNtJLjMS
WZvU51GnL7Jh4Q==
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:31:36 2026 by rpki-client