Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/e8dd6b-4627-4a3c-ba73-a54b869dcd27/1/sffQCUrcmNmwMnIOgePbWqdYHHQ.mft
File: sffQCUrcmNmwMnIOgePbWqdYHHQ.mft (raw, json)
Hash identifier: 2GhM8SYzqZtSo+ritMfV4EL9xr00F/OZHXO5PsIbCBs=
Subject key identifier: 89:5A:57:44:E9:01:7D:9D:F3:4B:97:56:D9:47:B2:0D:34:8D:D8:92
Authority key identifier: B1:F7:D0:09:4A:DC:98:D9:B0:32:72:0E:81:E3:DB:5A:A7:58:1C:74
Certificate issuer: /CN=b1f7d0094adc98d9b032720e81e3db5aa7581c74
Certificate serial: 019CAA2161AD1B403B09826565A8104DE89B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sffQCUrcmNmwMnIOgePbWqdYHHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/e8dd6b-4627-4a3c-ba73-a54b869dcd27/1/sffQCUrcmNmwMnIOgePbWqdYHHQ.mft
Manifest number: 0DCD
Signing time: Sun 01 Mar 2026 16:00:40 +0000
Manifest this update: Sun 01 Mar 2026 16:00:40 +0000
Manifest next update: Mon 02 Mar 2026 16:00:40 +0000
Files and hashes: 1: c0cTTJQDf36qVQCG96WRyKdM_Wc.roa (hash: aYsM49Xy0hnVUlbAWRXmCHPgWbkgOmuFrAd7Tian+Cg=)
2: sffQCUrcmNmwMnIOgePbWqdYHHQ.crl (hash: qzW9bpd5ZYZAvAvdDNgfPwM9rOcwGb+XrNGhT+FnJL8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/e8dd6b-4627-4a3c-ba73-a54b869dcd27/1/sffQCUrcmNmwMnIOgePbWqdYHHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/e8dd6b-4627-4a3c-ba73-a54b869dcd27/1/sffQCUrcmNmwMnIOgePbWqdYHHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/sffQCUrcmNmwMnIOgePbWqdYHHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 16:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:21:61:ad:1b:40:3b:09:82:65:65:a8:10:4d:e8:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1f7d0094adc98d9b032720e81e3db5aa7581c74
Validity
Not Before: Mar 1 16:00:40 2026 GMT
Not After : Mar 2 16:00:40 2026 GMT
Subject: CN=895a5744e9017d9df34b9756d947b20d348dd892
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f3:ca:5a:f0:be:4e:ab:6e:26:cb:e0:d2:c8:
8d:6b:7d:5f:1a:62:fd:69:67:4d:88:ae:8b:86:f1:
34:a1:29:60:24:c7:12:46:40:c4:0c:5d:c8:8d:2a:
2d:5f:53:b4:f2:db:10:e8:db:36:13:1e:da:41:05:
1f:da:ea:01:2a:c1:f0:fe:ca:96:b5:8f:8c:71:6c:
c8:eb:33:24:84:32:c0:dc:a9:b4:97:71:c9:bb:9a:
a3:54:ea:c6:c8:c9:43:0d:af:43:5e:7e:4c:1c:5d:
e7:16:de:b8:00:ad:57:bd:68:26:5b:f6:19:2a:6f:
69:aa:51:74:3f:56:f5:cf:85:7f:ed:f3:b5:17:79:
ed:15:af:cf:42:92:0e:93:bd:6f:9d:0a:d2:b7:ee:
f8:23:00:2a:69:65:f9:42:c7:d7:01:33:b6:25:85:
9c:cb:47:1f:e4:23:6c:96:ee:ac:f3:2c:75:1b:f4:
1a:56:23:e5:f7:5a:88:3a:f0:a4:e4:d0:34:a9:44:
4a:a2:95:9c:b2:9b:4a:bf:80:f6:2c:03:ed:84:71:
45:21:64:70:f0:f9:3d:f4:d5:2d:fe:1c:60:05:a2:
2d:80:56:df:bd:33:8b:44:08:ec:a2:85:6c:5a:60:
b9:71:00:a9:a3:68:f8:fe:64:11:0d:be:0e:a4:ef:
41:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:5A:57:44:E9:01:7D:9D:F3:4B:97:56:D9:47:B2:0D:34:8D:D8:92
X509v3 Authority Key Identifier:
keyid:B1:F7:D0:09:4A:DC:98:D9:B0:32:72:0E:81:E3:DB:5A:A7:58:1C:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sffQCUrcmNmwMnIOgePbWqdYHHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e8dd6b-4627-4a3c-ba73-a54b869dcd27/1/sffQCUrcmNmwMnIOgePbWqdYHHQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e8dd6b-4627-4a3c-ba73-a54b869dcd27/1/sffQCUrcmNmwMnIOgePbWqdYHHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
72:9b:de:4c:42:4c:75:85:b3:95:6b:c3:64:33:07:38:ca:52:
ae:96:49:a3:aa:fe:8b:60:74:72:08:58:e4:0f:03:54:19:22:
cd:c9:b6:74:9d:1d:1f:d7:c8:07:c4:45:b9:7f:65:f1:3a:f1:
14:4c:7d:7d:a3:a2:23:4a:2b:8b:d0:69:64:58:46:5d:ec:9a:
cc:a6:28:cb:e8:1d:57:2d:34:80:38:09:e0:19:e1:2c:c7:28:
32:7a:33:42:bc:b2:f6:bd:96:75:ee:d4:bb:3f:60:f7:ed:73:
e9:b4:bd:8d:21:cb:d8:8a:60:92:c9:6d:a4:20:97:cc:97:56:
4b:50:2e:08:75:c2:bc:4f:6b:24:6e:fd:02:89:dd:ca:fb:5f:
c0:c9:a7:4d:5f:d0:bd:78:f4:3d:62:d9:ad:1c:0c:0c:4d:ce:
cd:e6:01:b3:4d:18:f8:60:04:8b:7f:df:16:0d:94:ef:e8:00:
d5:e6:05:89:84:b8:e8:68:17:b7:17:e8:8a:9f:01:36:05:d7:
92:91:0c:e5:41:7f:64:d0:25:ba:27:d7:36:a1:6a:3f:1e:25:
8e:c9:6c:9d:d7:a1:c7:2e:cc:99:d5:75:4c:0c:2a:8c:94:9d:
19:36:35:23:7e:9a:a1:21:7e:9c:6c:e8:c7:40:08:41:41:26:
0b:2d:91:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqIWGtG0A7CYJlZagQTeibMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZjdkMDA5NGFkYzk4ZDliMDMyNzIwZTgxZTNkYjVhYTc1
ODFjNzQwHhcNMjYwMzAxMTYwMDQwWhcNMjYwMzAyMTYwMDQwWjAzMTEwLwYDVQQD
Eyg4OTVhNTc0NGU5MDE3ZDlkZjM0Yjk3NTZkOTQ3YjIwZDM0OGRkODkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyvPKWvC+TqtuJsvg0siNa31fGmL9
aWdNiK6LhvE0oSlgJMcSRkDEDF3IjSotX1O08tsQ6Ns2Ex7aQQUf2uoBKsHw/sqW
tY+McWzI6zMkhDLA3Km0l3HJu5qjVOrGyMlDDa9DXn5MHF3nFt64AK1XvWgmW/YZ
Km9pqlF0P1b1z4V/7fO1F3ntFa/PQpIOk71vnQrSt+74IwAqaWX5QsfXATO2JYWc
y0cf5CNslu6s8yx1G/QaViPl91qIOvCk5NA0qURKopWcsptKv4D2LAPthHFFIWRw
8Pk99NUt/hxgBaItgFbfvTOLRAjsooVsWmC5cQCpo2j4/mQRDb4OpO9BrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIlaV0TpAX2d80uXVtlHsg00jdiSMB8GA1UdIwQY
MBaAFLH30AlK3JjZsDJyDoHj21qnWBx0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2ZmUUNVcmNtTm13TW5JT2dlUGJXcWRZSEhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9lOGRkNmItNDYyNy00YTNjLWJhNzMt
YTU0Yjg2OWRjZDI3LzEvc2ZmUUNVcmNtTm13TW5JT2dlUGJXcWRZSEhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9lOGRkNmItNDYyNy00YTNjLWJhNzMtYTU0Yjg2OWRjZDI3
LzEvc2ZmUUNVcmNtTm13TW5JT2dlUGJXcWRZSEhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcpveTEJM
dYWzlWvDZDMHOMpSrpZJo6r+i2B0cghY5A8DVBkizcm2dJ0dH9fIB8RFuX9l8Trx
FEx9faOiI0ori9BpZFhGXeyazKYoy+gdVy00gDgJ4BnhLMcoMnozQryy9r2Wde7U
uz9g9+1z6bS9jSHL2IpgksltpCCXzJdWS1AuCHXCvE9rJG79AondyvtfwMmnTV/Q
vXj0PWLZrRwMDE3OzeYBs00Y+GAEi3/fFg2U7+gA1eYFiYS46GgXtxfoip8BNgXX
kpEM5UF/ZNAluifXNqFqPx4ljslsndehxy7MmdV1TAwqjJSdGTY1I36aoSF+nGzo
x0AIQUEmCy2Rsw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:28:13 2026 by rpki-client