Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft
File: st8A84zO2SGXmTB2yzaFvzK8Xmk.mft (raw, json)
Hash identifier: vlA/nEnCrVC2M8Qt62504ZH7rTkgcnqsutw1jfrMXqs=
Subject key identifier: D4:B3:5C:2D:45:DA:9E:91:EE:7B:11:43:7F:25:A6:FE:0A:EB:10:03
Authority key identifier: B2:DF:00:F3:8C:CE:D9:21:97:99:30:76:CB:36:85:BF:32:BC:5E:69
Certificate issuer: /CN=b2df00f38cced92197993076cb3685bf32bc5e69
Certificate serial: 019CAA586C86BF29B536D67FBCF8261C75FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft
Manifest number: 13AF
Signing time: Sun 01 Mar 2026 17:00:47 +0000
Manifest this update: Sun 01 Mar 2026 17:00:47 +0000
Manifest next update: Mon 02 Mar 2026 17:00:47 +0000
Files and hashes: 1: 1-9MzMIRI9EZUWy0_EdU5hjULaQY.roa (hash: 6DcD4YBSDKFcP7fuSl9OrTUJJR5lZIill0/ldDdy3gw=)
2: st8A84zO2SGXmTB2yzaFvzK8Xmk.crl (hash: MiSw2dNsqdAnjGV3/R8qmYLniQMpyXvert/iD46D1O4=)
3: tlAQgGMhDgT__rhJHf56aqlul7E.roa (hash: BWDoEWyH3pvyZXWpW+PEd6Elxpc6FH99ZQRpTprPKtE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft
rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:58:6c:86:bf:29:b5:36:d6:7f:bc:f8:26:1c:75:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2df00f38cced92197993076cb3685bf32bc5e69
Validity
Not Before: Mar 1 17:00:47 2026 GMT
Not After : Mar 2 17:00:47 2026 GMT
Subject: CN=d4b35c2d45da9e91ee7b11437f25a6fe0aeb1003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:39:47:e4:c9:2a:57:20:0f:62:db:26:62:1b:
1f:d7:fa:f4:35:a1:5e:ab:2d:83:bc:9d:44:cc:f2:
39:f2:b9:1c:44:a6:c1:2a:22:a8:eb:16:45:ba:21:
b6:2c:1e:0c:8c:9b:72:7f:cd:5a:d2:cc:dd:c1:aa:
d5:75:56:48:b8:5e:d5:e1:02:f1:1e:89:60:1a:f8:
75:7d:cd:17:b0:fa:82:1a:c5:be:5a:4a:7e:24:1e:
a7:de:cc:71:c1:54:64:75:85:7a:f2:a9:27:7a:fe:
69:54:be:41:70:c2:cf:88:8f:77:c5:25:21:ce:8b:
a4:06:31:61:0e:12:d0:87:aa:f1:07:95:2f:eb:86:
6a:30:a8:cf:ab:aa:d9:4e:44:0d:66:81:32:3a:00:
b3:d3:0a:de:7c:34:c8:25:84:51:50:cd:f1:d1:8c:
45:8e:c5:c4:27:4d:3f:ef:90:ce:20:2d:3c:d2:63:
d7:6c:88:1b:6e:f7:12:ce:09:21:bf:62:b4:55:1f:
a2:98:d2:4e:75:d8:fc:15:83:42:b3:2b:a5:49:ec:
7e:59:b6:74:9c:30:6a:ee:28:38:5f:23:19:ae:20:
11:58:3a:67:8b:9c:2d:af:9e:f7:9f:fa:fa:fc:4c:
ff:1e:67:07:4f:9a:1b:0e:3c:40:af:c2:b1:0d:84:
1b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:B3:5C:2D:45:DA:9E:91:EE:7B:11:43:7F:25:A6:FE:0A:EB:10:03
X509v3 Authority Key Identifier:
keyid:B2:DF:00:F3:8C:CE:D9:21:97:99:30:76:CB:36:85:BF:32:BC:5E:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:9f:30:79:ec:41:fd:ad:ec:28:c2:9d:c4:eb:61:df:4a:cb:
ce:a6:83:6e:d6:1e:9f:64:a9:e4:39:7c:43:c9:b4:29:24:05:
f0:06:e0:22:17:65:47:79:d4:66:c5:0c:8d:0e:39:c5:d4:0d:
5b:af:a2:ec:fe:ae:1a:aa:a8:19:b4:52:42:c2:94:46:21:7c:
bf:d4:e3:cc:7f:6f:c1:a4:75:6f:0c:ea:cd:a6:02:6b:23:9d:
68:48:85:4a:66:d8:86:1f:e1:2d:9b:ae:be:16:00:aa:2d:91:
22:f3:04:8b:40:5b:00:5e:b7:5c:6f:52:c5:6f:0e:6c:73:c8:
b4:19:d2:cf:85:dd:be:fd:dc:ff:60:9c:bc:53:d5:89:5d:71:
cc:24:27:64:48:ad:35:a7:5d:76:be:12:1d:da:77:82:78:5c:
ec:e6:a4:2d:90:de:cf:06:82:20:79:f7:af:08:a0:52:07:4e:
d5:17:62:d4:5b:4c:a7:7b:e2:dd:45:14:bc:df:e7:b9:1c:f0:
d1:d3:a6:90:af:4c:9e:6d:35:ad:df:60:ef:fb:ee:d9:4d:6f:
a0:46:58:b6:f1:a5:dd:65:7c:54:37:42:b3:2f:9c:e0:31:de:
7c:16:c1:64:a9:b0:58:c1:ec:d2:2f:27:e3:2b:ba:1e:79:95:
0e:6e:df:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWGyGvym1NtZ/vPgmHHX+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZGYwMGYzOGNjZWQ5MjE5Nzk5MzA3NmNiMzY4NWJmMzJi
YzVlNjkwHhcNMjYwMzAxMTcwMDQ3WhcNMjYwMzAyMTcwMDQ3WjAzMTEwLwYDVQQD
EyhkNGIzNWMyZDQ1ZGE5ZTkxZWU3YjExNDM3ZjI1YTZmZTBhZWIxMDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDlH5MkqVyAPYtsmYhsf1/r0NaFe
qy2DvJ1EzPI58rkcRKbBKiKo6xZFuiG2LB4MjJtyf81a0szdwarVdVZIuF7V4QLx
HolgGvh1fc0XsPqCGsW+Wkp+JB6n3sxxwVRkdYV68qknev5pVL5BcMLPiI93xSUh
zoukBjFhDhLQh6rxB5Uv64ZqMKjPq6rZTkQNZoEyOgCz0wrefDTIJYRRUM3x0YxF
jsXEJ00/75DOIC080mPXbIgbbvcSzgkhv2K0VR+imNJOddj8FYNCsyulSex+WbZ0
nDBq7ig4XyMZriARWDpni5wtr573n/r6/Ez/HmcHT5obDjxAr8KxDYQbGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNSzXC1F2p6R7nsRQ38lpv4K6xADMB8GA1UdIwQY
MBaAFLLfAPOMztkhl5kwdss2hb8yvF5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83MDZmYTgtNTJhMi00ZWQyLWEyZTEt
MDRlNGU0ZGM1ZmJhLzEvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83MDZmYTgtNTJhMi00ZWQyLWEyZTEtMDRlNGU0ZGM1ZmJh
LzEvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADp8weexB
/a3sKMKdxOth30rLzqaDbtYen2Sp5Dl8Q8m0KSQF8AbgIhdlR3nUZsUMjQ45xdQN
W6+i7P6uGqqoGbRSQsKURiF8v9TjzH9vwaR1bwzqzaYCayOdaEiFSmbYhh/hLZuu
vhYAqi2RIvMEi0BbAF63XG9SxW8ObHPItBnSz4Xdvv3c/2CcvFPViV1xzCQnZEit
Nadddr4SHdp3gnhc7OakLZDezwaCIHn3rwigUgdO1Rdi1FtMp3vi3UUUvN/nuRzw
0dOmkK9Mnm01rd9g7/vu2U1voEZYtvGl3WV8VDdCsy+c4DHefBbBZKmwWMHs0i8n
4yu6HnmVDm7f+g==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:24:11 2026 by rpki-client