Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/ef6f1a-6dfc-494e-b85d-d18773e7bc47/1/sgZjWDqBicvqrIjUOHZ5l7ESVUk.mft
File: sgZjWDqBicvqrIjUOHZ5l7ESVUk.mft (raw, json)
Hash identifier: sgvzgnyRCcPnzVR7SJL/8LRiRUsQrHLAVQQGME2aC2Q=
Subject key identifier: B2:95:75:02:DE:39:A4:1E:CC:B2:42:DB:46:9D:CB:68:A4:3F:00:A4
Authority key identifier: B2:06:63:58:3A:81:89:CB:EA:AC:88:D4:38:76:79:97:B1:12:55:49
Certificate issuer: /CN=b20663583a8189cbeaac88d438767997b1125549
Certificate serial: 019CAA593C2BD33E8E9B77722BF4F95D30DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sgZjWDqBicvqrIjUOHZ5l7ESVUk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/ef6f1a-6dfc-494e-b85d-d18773e7bc47/1/sgZjWDqBicvqrIjUOHZ5l7ESVUk.mft
Manifest number: 17A3
Signing time: Sun 01 Mar 2026 17:01:40 +0000
Manifest this update: Sun 01 Mar 2026 17:01:40 +0000
Manifest next update: Mon 02 Mar 2026 17:01:40 +0000
Files and hashes: 1: 9hTsswgUXOfKzK86jh8sw9PnVRQ.roa (hash: VUMPgbx8iNcl27+3ad2ddOknvW8bTIH2c1IPAK3gQHk=)
2: sgZjWDqBicvqrIjUOHZ5l7ESVUk.crl (hash: BQTyn/JwgEXF/Q1iGx5gDT5e9XaUNHaVLVNmjPCSm/s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/ef6f1a-6dfc-494e-b85d-d18773e7bc47/1/sgZjWDqBicvqrIjUOHZ5l7ESVUk.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/ef6f1a-6dfc-494e-b85d-d18773e7bc47/1/sgZjWDqBicvqrIjUOHZ5l7ESVUk.mft
rsync://rpki.ripe.net/repository/DEFAULT/sgZjWDqBicvqrIjUOHZ5l7ESVUk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 17:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:59:3c:2b:d3:3e:8e:9b:77:72:2b:f4:f9:5d:30:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b20663583a8189cbeaac88d438767997b1125549
Validity
Not Before: Mar 1 17:01:40 2026 GMT
Not After : Mar 2 17:01:40 2026 GMT
Subject: CN=b2957502de39a41eccb242db469dcb68a43f00a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b1:a4:4c:d2:48:4a:73:a8:24:a8:b3:fc:be:
8c:3c:55:78:ea:21:97:6a:bc:c0:d8:91:0e:ff:aa:
63:78:01:32:9c:2d:da:7a:83:3f:ef:3d:74:b1:8b:
bc:da:2d:2f:3d:72:a2:49:b8:a8:60:1a:a0:22:68:
0d:2d:e4:6c:b9:a5:69:02:02:be:0c:10:9e:0a:09:
08:10:9a:ed:42:46:5b:a2:0e:06:59:2e:5b:bd:b8:
2e:2d:c0:77:9b:d2:f6:6e:98:14:29:21:ce:e5:21:
7b:56:67:b8:fb:3b:cb:2b:59:b3:08:dc:eb:bc:fc:
c3:b4:da:58:ba:30:1b:30:ca:46:ef:5f:fc:6b:39:
4b:a5:56:15:fe:83:f5:e2:9f:78:f0:20:1c:bb:e2:
4a:3a:ce:c6:0d:5f:8d:27:19:05:a8:88:15:7b:1a:
a7:92:95:65:d8:b3:88:b5:4f:a1:aa:c5:90:93:8b:
79:2a:5a:e1:29:4c:67:f3:67:cc:8d:0c:8b:99:1c:
d9:cb:a7:d1:b4:3f:7e:f7:f3:f7:95:c5:c7:e0:aa:
2a:fd:5c:5c:c6:5d:b1:9f:96:42:a0:fb:a2:fd:9c:
5b:c5:fb:5b:6b:71:65:bb:83:b7:22:dc:96:b0:43:
b6:61:f3:b1:2a:7d:14:01:39:f7:84:aa:5b:b8:de:
db:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:95:75:02:DE:39:A4:1E:CC:B2:42:DB:46:9D:CB:68:A4:3F:00:A4
X509v3 Authority Key Identifier:
keyid:B2:06:63:58:3A:81:89:CB:EA:AC:88:D4:38:76:79:97:B1:12:55:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sgZjWDqBicvqrIjUOHZ5l7ESVUk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/ef6f1a-6dfc-494e-b85d-d18773e7bc47/1/sgZjWDqBicvqrIjUOHZ5l7ESVUk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/ef6f1a-6dfc-494e-b85d-d18773e7bc47/1/sgZjWDqBicvqrIjUOHZ5l7ESVUk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4f:86:29:5c:9d:ce:bc:ea:fe:1a:71:02:9a:2b:8d:2b:c1:34:
f0:6f:b3:11:6e:cb:7d:86:8a:3a:2f:83:61:c9:d7:ae:a7:da:
ef:0f:7c:0b:9f:c3:da:ee:4b:18:4c:cd:c7:bb:dc:2b:8a:73:
c9:36:f7:53:15:ba:d4:20:7d:01:f5:ca:3e:75:2b:29:ff:0a:
ca:8a:56:55:f6:4f:b0:c1:70:a5:79:d5:34:f4:2a:1a:6a:43:
9d:ee:4b:4d:70:58:68:09:4a:e0:62:30:6d:a9:8f:92:1c:3f:
0c:43:be:1a:e8:64:d3:e3:d2:c5:5a:81:e2:a2:53:15:29:90:
44:fe:69:b9:ae:52:4e:16:d7:dd:a0:42:c8:04:0b:58:78:1c:
ad:4e:92:a8:00:1f:ea:0d:44:7e:bc:1e:f0:c4:09:97:6d:1d:
00:4c:4e:c5:cb:34:b1:3c:4f:aa:75:9f:2e:45:f6:56:a0:d8:
00:3a:2b:7e:44:2c:49:8f:62:9d:83:cd:46:d4:3c:97:3d:bc:
9f:30:b9:d0:ca:06:ce:aa:31:71:17:cb:30:33:76:cd:31:b7:
9c:7f:41:53:a9:7a:3c:0d:67:16:8e:b3:e9:8a:df:8a:dc:fd:
8d:99:a5:f0:08:cb:b0:89:9c:eb:5d:80:37:1e:01:3c:96:13:
d8:41:8c:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWTwr0z6Om3dyK/T5XTDdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMDY2MzU4M2E4MTg5Y2JlYWFjODhkNDM4NzY3OTk3YjEx
MjU1NDkwHhcNMjYwMzAxMTcwMTQwWhcNMjYwMzAyMTcwMTQwWjAzMTEwLwYDVQQD
EyhiMjk1NzUwMmRlMzlhNDFlY2NiMjQyZGI0NjlkY2I2OGE0M2YwMGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7GkTNJISnOoJKiz/L6MPFV46iGX
arzA2JEO/6pjeAEynC3aeoM/7z10sYu82i0vPXKiSbioYBqgImgNLeRsuaVpAgK+
DBCeCgkIEJrtQkZbog4GWS5bvbguLcB3m9L2bpgUKSHO5SF7Vme4+zvLK1mzCNzr
vPzDtNpYujAbMMpG71/8azlLpVYV/oP14p948CAcu+JKOs7GDV+NJxkFqIgVexqn
kpVl2LOItU+hqsWQk4t5KlrhKUxn82fMjQyLmRzZy6fRtD9+9/P3lcXH4Koq/Vxc
xl2xn5ZCoPui/Zxbxftba3Flu4O3ItyWsEO2YfOxKn0UATn3hKpbuN7b/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLKVdQLeOaQezLJC20ady2ikPwCkMB8GA1UdIwQY
MBaAFLIGY1g6gYnL6qyI1Dh2eZexElVJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2daaldEcUJpY3ZxcklqVU9IWjVsN0VTVlVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9lZjZmMWEtNmRmYy00OTRlLWI4NWQt
ZDE4NzczZTdiYzQ3LzEvc2daaldEcUJpY3ZxcklqVU9IWjVsN0VTVlVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9lZjZmMWEtNmRmYy00OTRlLWI4NWQtZDE4NzczZTdiYzQ3
LzEvc2daaldEcUJpY3ZxcklqVU9IWjVsN0VTVlVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT4YpXJ3O
vOr+GnECmiuNK8E08G+zEW7LfYaKOi+DYcnXrqfa7w98C5/D2u5LGEzNx7vcK4pz
yTb3UxW61CB9AfXKPnUrKf8KyopWVfZPsMFwpXnVNPQqGmpDne5LTXBYaAlK4GIw
bamPkhw/DEO+Guhk0+PSxVqB4qJTFSmQRP5pua5SThbX3aBCyAQLWHgcrU6SqAAf
6g1Efrwe8MQJl20dAExOxcs0sTxPqnWfLkX2VqDYADorfkQsSY9inYPNRtQ8lz28
nzC50MoGzqoxcRfLMDN2zTG3nH9BU6l6PA1nFo6z6Yrfitz9jZml8AjLsImc612A
Nx4BPJYT2EGMfA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:27:09 2026 by rpki-client