Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/bff1c3-0084-42bb-bcf7-2cb8877fd970/1/t1ELZRv73wnISGqBNiAABb77SX0.mft
File: t1ELZRv73wnISGqBNiAABb77SX0.mft (raw, json)
Hash identifier: HMunvvlwyTChSTwYVbk0wE229I9MWp+aP0XS0Rqd4FQ=
Subject key identifier: 3A:23:93:9C:F5:F6:BA:06:15:55:5A:A9:F8:47:D4:DB:7D:35:FC:27
Authority key identifier: B7:51:0B:65:1B:FB:DF:09:C8:48:6A:81:36:20:00:05:BE:FB:49:7D
Certificate issuer: /CN=b7510b651bfbdf09c8486a8136200005befb497d
Certificate serial: 019CABD9CBAE7A6AEA143B04C2222F119201
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t1ELZRv73wnISGqBNiAABb77SX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/bff1c3-0084-42bb-bcf7-2cb8877fd970/1/t1ELZRv73wnISGqBNiAABb77SX0.mft
Manifest number: 0EC6
Signing time: Mon 02 Mar 2026 00:01:43 +0000
Manifest this update: Mon 02 Mar 2026 00:01:43 +0000
Manifest next update: Tue 03 Mar 2026 00:01:43 +0000
Files and hashes: 1: eXDqAVaIQyjrBekMkhiLLXazNGo.roa (hash: mx0bQziTxDdXw4zJxmPWo837bOwGLkOKhTyelVbdF1g=)
2: t1ELZRv73wnISGqBNiAABb77SX0.crl (hash: 8vEspKdWxoSJ4sdRBcgTvWfbBZQGFjbyhoheyw4upM0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/bff1c3-0084-42bb-bcf7-2cb8877fd970/1/t1ELZRv73wnISGqBNiAABb77SX0.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/bff1c3-0084-42bb-bcf7-2cb8877fd970/1/t1ELZRv73wnISGqBNiAABb77SX0.mft
rsync://rpki.ripe.net/repository/DEFAULT/t1ELZRv73wnISGqBNiAABb77SX0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:d9:cb:ae:7a:6a:ea:14:3b:04:c2:22:2f:11:92:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7510b651bfbdf09c8486a8136200005befb497d
Validity
Not Before: Mar 2 00:01:43 2026 GMT
Not After : Mar 3 00:01:43 2026 GMT
Subject: CN=3a23939cf5f6ba0615555aa9f847d4db7d35fc27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b7:08:e1:cb:7f:9f:48:60:00:cf:6e:87:53:
73:e4:d7:95:9f:bc:f6:c5:23:e6:d8:2f:9a:d0:cb:
85:ff:0f:06:60:0b:95:b2:a7:f1:aa:19:f3:73:dc:
b9:28:54:30:c8:6a:78:94:ee:4f:1a:a7:70:55:da:
4a:aa:95:4c:3a:35:24:b6:65:69:b3:43:7d:57:72:
e1:1f:27:52:71:5d:4f:3d:d1:3b:97:56:1f:4b:23:
19:29:9a:de:cc:25:44:d5:47:7f:a5:b5:99:94:6a:
3c:11:7a:c3:c6:ef:02:00:ed:bb:ca:b1:61:8b:c2:
c2:3c:5f:cd:bd:73:6b:a2:9c:a9:af:0f:da:82:70:
a5:a3:6d:5d:f0:f1:32:12:22:24:65:e4:12:7d:3c:
00:52:dc:94:39:f2:e7:66:82:94:40:e8:e8:e4:1e:
d7:85:f3:7b:e1:ed:1e:7a:45:e2:ea:e0:42:ba:75:
48:98:2f:fe:e1:48:2f:3b:82:18:53:84:85:b2:ff:
33:4f:5e:fe:18:c7:5e:83:48:61:6c:49:48:e0:71:
47:51:26:4a:71:97:fd:4e:07:55:0b:a3:3f:44:8a:
af:38:ad:8e:4f:09:e3:42:04:fc:45:6a:0c:9b:36:
44:65:99:9e:e0:c4:a6:2e:50:1c:16:65:59:0c:f7:
dd:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:23:93:9C:F5:F6:BA:06:15:55:5A:A9:F8:47:D4:DB:7D:35:FC:27
X509v3 Authority Key Identifier:
keyid:B7:51:0B:65:1B:FB:DF:09:C8:48:6A:81:36:20:00:05:BE:FB:49:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t1ELZRv73wnISGqBNiAABb77SX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/bff1c3-0084-42bb-bcf7-2cb8877fd970/1/t1ELZRv73wnISGqBNiAABb77SX0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/bff1c3-0084-42bb-bcf7-2cb8877fd970/1/t1ELZRv73wnISGqBNiAABb77SX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3f:62:72:b2:cc:18:76:c1:25:bc:8d:df:5a:7b:ea:ba:38:05:
96:43:0d:9a:1d:a9:03:cd:ba:9a:99:4a:3e:fa:dd:4e:34:9c:
74:5d:8b:06:d7:b2:03:fd:06:33:5e:50:98:88:a7:f5:6f:3c:
ff:fb:ac:2a:c2:74:c2:5d:e0:6c:4d:27:13:fe:64:77:c4:2e:
b1:7f:48:40:30:a7:cb:ef:d8:60:8e:fd:ed:49:a2:d6:a4:d0:
48:e3:34:69:13:d8:01:0f:14:03:ac:f4:02:da:68:ae:39:fb:
52:91:94:aa:ba:58:30:e9:cd:6f:ce:ed:0f:45:aa:23:2b:f3:
bc:ec:4b:b2:68:b0:a0:8e:06:43:3f:bd:90:f6:a3:c5:68:26:
2b:53:b3:d6:7f:2d:51:b9:7f:c5:c8:3a:50:02:13:1a:ea:71:
1a:0a:74:14:55:df:88:4a:54:89:88:a1:3e:a8:74:91:78:00:
d6:54:ba:87:bc:12:08:16:53:72:18:b5:fa:95:82:57:7a:10:
f9:cd:f5:eb:42:50:b2:6f:dd:4f:64:ff:1c:99:4c:a0:6a:ea:
a6:e3:3f:4e:96:ea:9e:50:da:4b:70:e4:41:62:5c:99:3a:07:
a7:95:cb:d9:05:23:90:eb:09:ec:70:db:c3:9b:a0:97:1e:e6:
fc:8f:34:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2cuuemrqFDsEwiIvEZIBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NTEwYjY1MWJmYmRmMDljODQ4NmE4MTM2MjAwMDA1YmVm
YjQ5N2QwHhcNMjYwMzAyMDAwMTQzWhcNMjYwMzAzMDAwMTQzWjAzMTEwLwYDVQQD
EygzYTIzOTM5Y2Y1ZjZiYTA2MTU1NTVhYTlmODQ3ZDRkYjdkMzVmYzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrcI4ct/n0hgAM9uh1Nz5NeVn7z2
xSPm2C+a0MuF/w8GYAuVsqfxqhnzc9y5KFQwyGp4lO5PGqdwVdpKqpVMOjUktmVp
s0N9V3LhHydScV1PPdE7l1YfSyMZKZrezCVE1Ud/pbWZlGo8EXrDxu8CAO27yrFh
i8LCPF/NvXNropyprw/agnClo21d8PEyEiIkZeQSfTwAUtyUOfLnZoKUQOjo5B7X
hfN74e0eekXi6uBCunVImC/+4UgvO4IYU4SFsv8zT17+GMdeg0hhbElI4HFHUSZK
cZf9TgdVC6M/RIqvOK2OTwnjQgT8RWoMmzZEZZme4MSmLlAcFmVZDPfdZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDojk5z19roGFVVaqfhH1Nt9NfwnMB8GA1UdIwQY
MBaAFLdRC2Ub+98JyEhqgTYgAAW++0l9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDFFTFpSdjczd25JU0dxQk5pQUFCYjc3U1gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9iZmYxYzMtMDA4NC00MmJiLWJjZjct
MmNiODg3N2ZkOTcwLzEvdDFFTFpSdjczd25JU0dxQk5pQUFCYjc3U1gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9iZmYxYzMtMDA4NC00MmJiLWJjZjctMmNiODg3N2ZkOTcw
LzEvdDFFTFpSdjczd25JU0dxQk5pQUFCYjc3U1gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP2JysswY
dsElvI3fWnvqujgFlkMNmh2pA826mplKPvrdTjScdF2LBteyA/0GM15QmIin9W88
//usKsJ0wl3gbE0nE/5kd8QusX9IQDCny+/YYI797Umi1qTQSOM0aRPYAQ8UA6z0
Atporjn7UpGUqrpYMOnNb87tD0WqIyvzvOxLsmiwoI4GQz+9kPajxWgmK1Oz1n8t
Ubl/xcg6UAITGupxGgp0FFXfiEpUiYihPqh0kXgA1lS6h7wSCBZTchi1+pWCV3oQ
+c3160JQsm/dT2T/HJlMoGrqpuM/TpbqnlDaS3DkQWJcmToHp5XL2QUjkOsJ7HDb
w5uglx7m/I80Ag==
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:05:20 2026 by rpki-client