Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/f2111a-3f47-4ff0-a51d-b251377add86/1/E9g7Il3TOGDFHcRKqI218D3BWnQ.mft
File: E9g7Il3TOGDFHcRKqI218D3BWnQ.mft (raw, json)
Hash identifier: vQQdO+dJIBOi6/33NSprTYoOcb/9PcPocl0eZ++GYVg=
Subject key identifier: 68:7F:0B:A3:D0:A5:0C:40:AE:4D:34:D3:D2:DD:20:B1:95:49:07:54
Authority key identifier: 13:D8:3B:22:5D:D3:38:60:C5:1D:C4:4A:A8:8D:B5:F0:3D:C1:5A:74
Certificate issuer: /CN=13d83b225dd33860c51dc44aa88db5f03dc15a74
Certificate serial: 019CB05B22D47B1B80D5DC8584215EC22FB5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E9g7Il3TOGDFHcRKqI218D3BWnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/f2111a-3f47-4ff0-a51d-b251377add86/1/E9g7Il3TOGDFHcRKqI218D3BWnQ.mft
Manifest number: 17DA
Signing time: Mon 02 Mar 2026 21:01:28 +0000
Manifest this update: Mon 02 Mar 2026 21:01:28 +0000
Manifest next update: Tue 03 Mar 2026 21:01:28 +0000
Files and hashes: 1: 4QtQ4JO4bCdyuS9fUme9C3LxdRc.roa (hash: R6o6h7FPQ78N3YyiGkBHhpV10pWrv1sif+o6N3TYJMg=)
2: E9g7Il3TOGDFHcRKqI218D3BWnQ.crl (hash: GQqt+BS+GInxQsX17usPbacnY+f5S4PkjyTOZ2068s0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/f2111a-3f47-4ff0-a51d-b251377add86/1/E9g7Il3TOGDFHcRKqI218D3BWnQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/f2111a-3f47-4ff0-a51d-b251377add86/1/E9g7Il3TOGDFHcRKqI218D3BWnQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/E9g7Il3TOGDFHcRKqI218D3BWnQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b0:5b:22:d4:7b:1b:80:d5:dc:85:84:21:5e:c2:2f:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13d83b225dd33860c51dc44aa88db5f03dc15a74
Validity
Not Before: Mar 2 21:01:28 2026 GMT
Not After : Mar 3 21:01:28 2026 GMT
Subject: CN=687f0ba3d0a50c40ae4d34d3d2dd20b195490754
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:cc:25:0e:23:b0:e6:85:95:f2:bc:d3:41:f1:
ca:71:04:e9:33:24:88:cc:81:1c:12:6a:9a:35:4e:
4e:7c:2e:61:61:66:9e:7f:35:98:c2:94:91:a0:4a:
1f:e5:88:49:05:15:25:da:c8:a0:a2:3f:ee:47:9a:
1f:5a:a1:c8:e1:88:0c:97:78:88:5a:39:b6:77:27:
3c:32:a3:44:05:49:ed:b4:c0:36:02:1e:e1:b5:1f:
0d:c4:b0:de:d4:d4:05:26:5c:cc:85:1f:5b:6f:da:
0b:d9:41:67:5e:c2:a7:18:d4:85:3a:3a:a7:4f:da:
10:09:6c:c3:f6:14:f2:44:30:49:fc:ee:45:ea:4f:
03:4c:2f:ec:3a:04:b5:0d:de:1a:38:20:f0:be:d9:
1a:4b:71:fe:89:32:dc:02:85:3c:82:1c:60:41:2e:
d7:a3:2e:a2:f5:52:37:05:78:3e:db:82:55:09:1b:
70:b6:e3:f1:98:c2:32:42:66:3d:26:23:6c:f8:37:
ba:c3:9b:95:c9:9d:e0:0d:08:ff:f1:7a:6e:8d:e9:
ef:b3:52:0c:35:1c:0a:94:36:60:af:a4:f4:d7:e4:
f2:04:7e:c5:4a:08:bc:68:f5:42:a1:cd:c8:4e:fc:
c4:e3:2b:5b:e0:66:fc:65:f5:84:e1:99:eb:a8:2c:
72:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:7F:0B:A3:D0:A5:0C:40:AE:4D:34:D3:D2:DD:20:B1:95:49:07:54
X509v3 Authority Key Identifier:
keyid:13:D8:3B:22:5D:D3:38:60:C5:1D:C4:4A:A8:8D:B5:F0:3D:C1:5A:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E9g7Il3TOGDFHcRKqI218D3BWnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/f2111a-3f47-4ff0-a51d-b251377add86/1/E9g7Il3TOGDFHcRKqI218D3BWnQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/f2111a-3f47-4ff0-a51d-b251377add86/1/E9g7Il3TOGDFHcRKqI218D3BWnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
63:ea:3c:18:74:15:6c:9c:e0:23:c8:c1:a7:e1:2c:48:ee:73:
46:da:e6:08:f7:ca:36:6d:c7:2f:e7:d7:3e:5d:12:84:dc:cb:
84:d3:f3:df:67:f9:f8:20:48:d3:89:ce:80:ab:a3:a8:98:e6:
df:0d:ad:3f:b9:3b:b7:89:db:fd:9c:12:be:16:1c:44:32:fa:
9a:44:5e:f1:71:39:d5:1e:52:cc:91:7a:9c:80:a3:72:c2:d2:
bd:5f:23:da:9b:1d:78:08:10:43:be:9d:5c:a9:d5:59:06:eb:
52:ab:99:eb:91:3b:60:10:0a:82:a9:ed:48:36:c3:7c:53:c5:
9a:83:aa:7a:1e:83:1d:e9:53:ee:ec:87:a4:7a:89:90:b0:d7:
d1:92:0e:32:2c:cf:fd:a8:e8:97:88:01:08:ed:07:d3:6d:ee:
42:30:90:3d:67:57:84:1d:b7:af:46:b0:4d:84:91:86:dd:12:
05:d9:1b:e7:0e:0e:c8:74:87:37:3f:80:3b:c8:47:da:c6:07:
03:a3:a8:bd:02:24:4b:a0:ab:2c:f5:45:a5:b4:e7:77:8a:28:
86:dd:a3:8d:a2:51:74:7b:73:f1:91:37:4f:db:9d:8f:1d:45:
08:69:ba:f3:56:61:d2:09:cf:63:69:74:dd:ed:05:ca:6d:e1:
c9:58:5a:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZywWyLUexuA1dyFhCFewi+1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzZDgzYjIyNWRkMzM4NjBjNTFkYzQ0YWE4OGRiNWYwM2Rj
MTVhNzQwHhcNMjYwMzAyMjEwMTI4WhcNMjYwMzAzMjEwMTI4WjAzMTEwLwYDVQQD
Eyg2ODdmMGJhM2QwYTUwYzQwYWU0ZDM0ZDNkMmRkMjBiMTk1NDkwNzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8swlDiOw5oWV8rzTQfHKcQTpMySI
zIEcEmqaNU5OfC5hYWaefzWYwpSRoEof5YhJBRUl2sigoj/uR5ofWqHI4YgMl3iI
Wjm2dyc8MqNEBUnttMA2Ah7htR8NxLDe1NQFJlzMhR9bb9oL2UFnXsKnGNSFOjqn
T9oQCWzD9hTyRDBJ/O5F6k8DTC/sOgS1Dd4aOCDwvtkaS3H+iTLcAoU8ghxgQS7X
oy6i9VI3BXg+24JVCRtwtuPxmMIyQmY9JiNs+De6w5uVyZ3gDQj/8Xpujenvs1IM
NRwKlDZgr6T01+TyBH7FSgi8aPVCoc3ITvzE4ytb4Gb8ZfWE4ZnrqCxyuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGh/C6PQpQxArk0009LdILGVSQdUMB8GA1UdIwQY
MBaAFBPYOyJd0zhgxR3ESqiNtfA9wVp0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTlnN0lsM1RPR0RGSGNSS3FJMjE4RDNCV25RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9mMjExMWEtM2Y0Ny00ZmYwLWE1MWQt
YjI1MTM3N2FkZDg2LzEvRTlnN0lsM1RPR0RGSGNSS3FJMjE4RDNCV25RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9mMjExMWEtM2Y0Ny00ZmYwLWE1MWQtYjI1MTM3N2FkZDg2
LzEvRTlnN0lsM1RPR0RGSGNSS3FJMjE4RDNCV25RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY+o8GHQV
bJzgI8jBp+EsSO5zRtrmCPfKNm3HL+fXPl0ShNzLhNPz32f5+CBI04nOgKujqJjm
3w2tP7k7t4nb/ZwSvhYcRDL6mkRe8XE51R5SzJF6nICjcsLSvV8j2psdeAgQQ76d
XKnVWQbrUquZ65E7YBAKgqntSDbDfFPFmoOqeh6DHelT7uyHpHqJkLDX0ZIOMizP
/ajol4gBCO0H023uQjCQPWdXhB23r0awTYSRht0SBdkb5w4OyHSHNz+AO8hH2sYH
A6OovQIkS6CrLPVFpbTnd4ooht2jjaJRdHtz8ZE3T9udjx1FCGm681Zh0gnPY2l0
3e0Fym3hyVhasQ==
-----END CERTIFICATE-----
Generated at Tue Mar 3 00:41:15 2026 by rpki-client