Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft
File: st8A84zO2SGXmTB2yzaFvzK8Xmk.mft (raw, json)
Hash identifier: xo3BGNWXk9K2POONIUb0PH64LCtf1Y3j+T6/h7VoPGM=
Subject key identifier: 34:60:B1:36:42:6E:74:E5:EF:7C:CB:7D:C5:35:24:3F:90:41:87:01
Authority key identifier: B2:DF:00:F3:8C:CE:D9:21:97:99:30:76:CB:36:85:BF:32:BC:5E:69
Certificate issuer: /CN=b2df00f38cced92197993076cb3685bf32bc5e69
Certificate serial: 019D97E183C14F9CF07C843A697DE86467B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft
Manifest number: 142A
Signing time: Thu 16 Apr 2026 20:00:32 +0000
Manifest this update: Thu 16 Apr 2026 20:00:32 +0000
Manifest next update: Fri 17 Apr 2026 20:00:32 +0000
Files and hashes: 1: 1-9MzMIRI9EZUWy0_EdU5hjULaQY.roa (hash: 6DcD4YBSDKFcP7fuSl9OrTUJJR5lZIill0/ldDdy3gw=)
2: st8A84zO2SGXmTB2yzaFvzK8Xmk.crl (hash: Aknu/iUSooV40n6Xroc6O+o/EIkV+eOowqpwrL6U00I=)
3: tlAQgGMhDgT__rhJHf56aqlul7E.roa (hash: BWDoEWyH3pvyZXWpW+PEd6Elxpc6FH99ZQRpTprPKtE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft
rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 20:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:97:e1:83:c1:4f:9c:f0:7c:84:3a:69:7d:e8:64:67:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2df00f38cced92197993076cb3685bf32bc5e69
Validity
Not Before: Apr 16 20:00:32 2026 GMT
Not After : Apr 17 20:00:32 2026 GMT
Subject: CN=3460b136426e74e5ef7ccb7dc535243f90418701
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b7:f9:63:7c:e8:af:29:4e:85:89:6c:97:2d:
b5:f8:c5:98:26:b2:21:e1:4a:6d:56:61:3a:ea:3d:
9d:90:24:71:4c:e2:64:6c:bf:a3:84:14:d5:a2:63:
d9:b0:ca:cf:ea:29:4e:b7:e2:a6:39:45:21:0a:7c:
58:2c:3f:dd:8d:94:91:80:23:3f:89:53:5c:45:46:
dd:6f:1a:84:57:42:13:f0:e7:3f:50:7b:0a:21:c6:
43:25:09:d1:0e:c0:b0:fc:af:c2:59:64:4b:47:05:
9b:e6:b1:78:7c:26:e3:d5:5e:cf:17:a4:fe:8e:cd:
e7:60:84:73:2f:1f:db:e7:26:75:d5:9f:5b:b8:9c:
fd:1c:12:fa:07:5f:dc:0e:01:7b:cf:d5:30:a2:5f:
25:fe:5f:78:ed:8f:4a:d3:81:5f:a5:f0:78:d1:2e:
14:95:52:ec:5b:fd:12:95:76:f8:35:f5:00:4e:5e:
ef:c2:db:b4:20:63:1a:1c:47:cb:c9:4e:94:41:5c:
56:b9:a8:ad:2d:5a:79:91:97:2c:f9:f2:89:bc:06:
f4:1d:97:e2:f6:08:00:ae:d4:e1:c3:be:96:ae:d5:
29:4d:f5:5c:ca:87:6e:f1:d4:bc:17:3a:cd:94:20:
74:5b:31:b5:ca:26:a9:e5:7c:1b:52:65:9c:8e:11:
d7:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:60:B1:36:42:6E:74:E5:EF:7C:CB:7D:C5:35:24:3F:90:41:87:01
X509v3 Authority Key Identifier:
keyid:B2:DF:00:F3:8C:CE:D9:21:97:99:30:76:CB:36:85:BF:32:BC:5E:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4e:06:51:61:21:0f:34:d0:47:0d:d9:74:ef:5c:a3:49:de:be:
e3:7b:1a:a6:ac:96:bf:66:c4:9c:4f:ee:57:f6:e4:7b:22:db:
84:0c:09:82:94:f8:a9:f9:f5:ab:46:6e:fb:d8:1d:17:27:5b:
41:b5:d6:3f:f7:52:52:b5:05:ea:55:39:76:57:7d:db:e1:9e:
53:35:f8:d5:e3:a2:5e:3c:e5:76:63:dc:f2:2f:a2:d8:b5:38:
89:45:fc:ac:95:8e:57:a4:c0:5b:61:53:49:d3:94:15:b7:e9:
e0:06:61:e6:d0:0a:2b:4f:6b:bc:55:7a:cd:4d:d4:d1:53:e7:
df:24:3f:b3:29:c6:fe:71:0c:39:95:7b:f6:cf:bf:a6:e2:38:
44:eb:ec:f0:45:1a:9a:57:ec:67:8e:55:ba:a2:4b:f2:b6:f0:
69:30:f8:98:4b:4c:58:d1:4e:2b:5d:89:6c:78:5a:eb:37:83:
1b:d6:77:85:0f:69:e8:4f:5c:e3:fa:f6:f8:31:f6:2a:aa:49:
0c:c4:a7:46:64:37:d9:6c:83:d6:8a:28:00:b3:0a:df:65:05:
7d:93:14:18:d5:00:59:25:f1:bb:51:6a:77:08:07:f3:54:cc:
51:d5:cf:5e:03:85:6d:3c:c6:eb:fa:5a:8f:5e:29:12:7e:52:
97:70:84:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2X4YPBT5zwfIQ6aX3oZGe3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZGYwMGYzOGNjZWQ5MjE5Nzk5MzA3NmNiMzY4NWJmMzJi
YzVlNjkwHhcNMjYwNDE2MjAwMDMyWhcNMjYwNDE3MjAwMDMyWjAzMTEwLwYDVQQD
EygzNDYwYjEzNjQyNmU3NGU1ZWY3Y2NiN2RjNTM1MjQzZjkwNDE4NzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbf5Y3zorylOhYlsly21+MWYJrIh
4UptVmE66j2dkCRxTOJkbL+jhBTVomPZsMrP6ilOt+KmOUUhCnxYLD/djZSRgCM/
iVNcRUbdbxqEV0IT8Oc/UHsKIcZDJQnRDsCw/K/CWWRLRwWb5rF4fCbj1V7PF6T+
js3nYIRzLx/b5yZ11Z9buJz9HBL6B1/cDgF7z9Uwol8l/l947Y9K04FfpfB40S4U
lVLsW/0SlXb4NfUATl7vwtu0IGMaHEfLyU6UQVxWuaitLVp5kZcs+fKJvAb0HZfi
9ggArtThw76WrtUpTfVcyodu8dS8FzrNlCB0WzG1yiap5XwbUmWcjhHXgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDRgsTZCbnTl73zLfcU1JD+QQYcBMB8GA1UdIwQY
MBaAFLLfAPOMztkhl5kwdss2hb8yvF5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83MDZmYTgtNTJhMi00ZWQyLWEyZTEt
MDRlNGU0ZGM1ZmJhLzEvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83MDZmYTgtNTJhMi00ZWQyLWEyZTEtMDRlNGU0ZGM1ZmJh
LzEvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATgZRYSEP
NNBHDdl071yjSd6+43sapqyWv2bEnE/uV/bkeyLbhAwJgpT4qfn1q0Zu+9gdFydb
QbXWP/dSUrUF6lU5dld92+GeUzX41eOiXjzldmPc8i+i2LU4iUX8rJWOV6TAW2FT
SdOUFbfp4AZh5tAKK09rvFV6zU3U0VPn3yQ/synG/nEMOZV79s+/puI4ROvs8EUa
mlfsZ45VuqJL8rbwaTD4mEtMWNFOK12JbHha6zeDG9Z3hQ9p6E9c4/r2+DH2KqpJ
DMSnRmQ32WyD1oooALMK32UFfZMUGNUAWSXxu1FqdwgH81TMUdXPXgOFbTzG6/pa
j14pEn5Sl3CE5A==
-----END CERTIFICATE-----
Generated at Fri Apr 17 04:05:24 2026 by rpki-client