Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/rIoOCxsh8JMzPAdIFFsWKEGM8rU.mft
File: rIoOCxsh8JMzPAdIFFsWKEGM8rU.mft (raw, json)
Hash identifier: sCpil0xkTKrMOJPnyskZLf+KCCM1FcvnEwtofkki/+4=
Subject key identifier: CA:1F:D4:17:AC:A9:1A:86:B7:17:FE:0D:75:92:E4:90:29:33:B3:E2
Authority key identifier: AC:8A:0E:0B:1B:21:F0:93:33:3C:07:48:14:5B:16:28:41:8C:F2:B5
Certificate issuer: /CN=ac8a0e0b1b21f093333c0748145b1628418cf2b5
Certificate serial: 019CAAC64C0FC1E1C72BB16E788BD19DD9B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rIoOCxsh8JMzPAdIFFsWKEGM8rU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/rIoOCxsh8JMzPAdIFFsWKEGM8rU.mft
Manifest number: 1850
Signing time: Sun 01 Mar 2026 19:00:48 +0000
Manifest this update: Sun 01 Mar 2026 19:00:48 +0000
Manifest next update: Mon 02 Mar 2026 19:00:48 +0000
Files and hashes: 1: QACcx3bmkYq5FVm71dmit53bn4Q.roa (hash: oQ/m7QfRfNheRWfUqid3dTy2xJX9VnnT62jOhchvHuk=)
2: gux-IxdkibcThQl39PWiMsakK0g.roa (hash: xADBPDkQYtVHScAVn2k1rTwtjm/TxC5Y/n4oo7GBk1E=)
3: jpvZw7M6HWfeaPP7BBGWUfnUPW8.roa (hash: m69AM/qWHvVH8vQjk7f2bA/DtDMk2TIVp7SRlmCI4co=)
4: rIoOCxsh8JMzPAdIFFsWKEGM8rU.crl (hash: Ez5i3gwHezcfLAXiBxvA3zsRDVIp2yfdrtSGXas6+/M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/rIoOCxsh8JMzPAdIFFsWKEGM8rU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/rIoOCxsh8JMzPAdIFFsWKEGM8rU.mft
rsync://rpki.ripe.net/repository/DEFAULT/rIoOCxsh8JMzPAdIFFsWKEGM8rU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 19:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:c6:4c:0f:c1:e1:c7:2b:b1:6e:78:8b:d1:9d:d9:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac8a0e0b1b21f093333c0748145b1628418cf2b5
Validity
Not Before: Mar 1 19:00:48 2026 GMT
Not After : Mar 2 19:00:48 2026 GMT
Subject: CN=ca1fd417aca91a86b717fe0d7592e4902933b3e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:6f:6a:bf:58:c6:be:b9:b0:d0:91:9f:01:6a:
14:92:70:b0:6d:41:38:46:6c:9d:ec:83:d6:2c:ee:
b1:ce:bf:bd:12:87:e9:fe:9b:88:f5:08:62:0d:cb:
9b:f5:7b:aa:4f:6f:ae:ef:fe:93:61:9f:c0:40:0c:
12:e0:37:fc:61:4d:0c:13:98:69:5d:d6:6d:41:7a:
29:31:19:c6:0f:22:9c:af:6e:aa:21:ed:26:b2:ba:
23:74:fb:9f:34:e9:42:08:c0:b6:39:32:2d:9f:08:
45:af:a9:d7:3c:9a:eb:d8:37:0e:a0:e1:91:84:98:
86:f4:fb:f0:a7:dd:6f:37:ba:1e:95:c5:e9:94:3b:
99:98:9b:c8:f6:72:2a:11:50:3c:69:1e:6d:19:1a:
65:69:65:45:fe:23:dc:ab:22:5f:45:62:8f:41:cd:
75:33:b1:c4:88:a0:9e:6f:6b:45:e1:26:6a:a0:f8:
b7:dc:ad:27:78:4b:b6:3e:42:e0:95:c9:5d:62:d2:
fc:81:c2:db:1f:77:29:f3:70:53:c8:ee:c7:84:bd:
3a:da:0a:17:a4:14:04:32:58:6f:a6:ec:37:0d:be:
b9:82:28:81:91:f9:23:0d:e3:67:6c:09:d5:42:64:
a6:07:8b:af:cd:24:25:80:e3:25:66:7f:8e:7c:b9:
a1:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:1F:D4:17:AC:A9:1A:86:B7:17:FE:0D:75:92:E4:90:29:33:B3:E2
X509v3 Authority Key Identifier:
keyid:AC:8A:0E:0B:1B:21:F0:93:33:3C:07:48:14:5B:16:28:41:8C:F2:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rIoOCxsh8JMzPAdIFFsWKEGM8rU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/rIoOCxsh8JMzPAdIFFsWKEGM8rU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/rIoOCxsh8JMzPAdIFFsWKEGM8rU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
35:5d:c1:97:6b:35:cd:1c:af:28:bf:25:3c:7f:3c:28:cf:f8:
4c:a3:8e:6e:61:07:76:26:71:c5:50:5b:89:a4:21:9c:57:46:
7d:27:de:92:44:b8:33:bf:d1:53:b2:30:9a:6d:57:07:6f:52:
a3:49:2f:13:e8:60:ac:4c:2e:61:6e:91:8b:34:97:5d:5a:89:
2a:cf:f0:2d:dd:04:12:31:3b:c4:2a:20:ff:e4:26:eb:83:a4:
b5:42:46:5f:19:dd:d9:bb:1a:4b:85:fa:d8:03:33:1f:94:17:
00:5d:f1:a1:bb:fd:f3:f1:a8:38:d0:78:93:95:82:d5:67:da:
28:82:c0:43:dd:3b:d3:af:79:1d:03:53:79:6d:d4:dd:a7:30:
eb:4a:65:bc:0b:af:b1:91:b9:3d:08:ad:54:61:01:ae:ec:be:
0e:9a:ed:db:dc:db:29:d9:a4:15:ec:46:c6:dc:4e:aa:a1:03:
8c:cd:83:27:4d:f1:bf:1c:e3:bb:50:ff:ad:e7:37:d2:dd:eb:
67:22:7e:51:07:7c:5f:3c:3e:4e:a6:ce:03:64:44:a9:60:f9:
de:a8:b4:de:8b:44:9d:83:dd:26:79:b0:af:5c:19:51:c3:6b:
c0:b5:55:20:bc:1e:4d:cd:30:43:44:ea:c9:25:c7:78:fb:d2:
35:85:a0:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxkwPweHHK7FueIvRndm4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOGEwZTBiMWIyMWYwOTMzMzNjMDc0ODE0NWIxNjI4NDE4
Y2YyYjUwHhcNMjYwMzAxMTkwMDQ4WhcNMjYwMzAyMTkwMDQ4WjAzMTEwLwYDVQQD
EyhjYTFmZDQxN2FjYTkxYTg2YjcxN2ZlMGQ3NTkyZTQ5MDI5MzNiM2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoG9qv1jGvrmw0JGfAWoUknCwbUE4
Rmyd7IPWLO6xzr+9Eofp/puI9QhiDcub9XuqT2+u7/6TYZ/AQAwS4Df8YU0ME5hp
XdZtQXopMRnGDyKcr26qIe0msrojdPufNOlCCMC2OTItnwhFr6nXPJrr2DcOoOGR
hJiG9Pvwp91vN7oelcXplDuZmJvI9nIqEVA8aR5tGRplaWVF/iPcqyJfRWKPQc11
M7HEiKCeb2tF4SZqoPi33K0neEu2PkLglcldYtL8gcLbH3cp83BTyO7HhL062goX
pBQEMlhvpuw3Db65giiBkfkjDeNnbAnVQmSmB4uvzSQlgOMlZn+OfLmhQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMof1BesqRqGtxf+DXWS5JApM7PiMB8GA1UdIwQY
MBaAFKyKDgsbIfCTMzwHSBRbFihBjPK1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcklvT0N4c2g4Sk16UEFkSUZGc1dLRUdNOHJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84Y2U2YTEtMTMwYy00ODBlLWE5MDMt
ZGI4ZWZmMWIxMWEwLzEvcklvT0N4c2g4Sk16UEFkSUZGc1dLRUdNOHJVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84Y2U2YTEtMTMwYy00ODBlLWE5MDMtZGI4ZWZmMWIxMWEw
LzEvcklvT0N4c2g4Sk16UEFkSUZGc1dLRUdNOHJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANV3Bl2s1
zRyvKL8lPH88KM/4TKOObmEHdiZxxVBbiaQhnFdGfSfekkS4M7/RU7Iwmm1XB29S
o0kvE+hgrEwuYW6RizSXXVqJKs/wLd0EEjE7xCog/+Qm64OktUJGXxnd2bsaS4X6
2AMzH5QXAF3xobv98/GoONB4k5WC1WfaKILAQ9070695HQNTeW3U3acw60plvAuv
sZG5PQitVGEBruy+Dprt29zbKdmkFexGxtxOqqEDjM2DJ03xvxzju1D/rec30t3r
ZyJ+UQd8Xzw+TqbOA2REqWD53qi03otEnYPdJnmwr1wZUcNrwLVVILweTc0wQ0Tq
ySXHePvSNYWgng==
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:10:40 2026 by rpki-client