Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/a733f6-09ad-4f1a-a357-e162203296bb/1/i70nOhRTYWFVEmDYSNdvomRGzUY.mft
File: i70nOhRTYWFVEmDYSNdvomRGzUY.mft (raw, json)
Hash identifier: MvtLvSdB/6U4HS+51QuQX5VUGrPfcw79rqoslLe+LKM=
Subject key identifier: 77:0E:9D:0B:28:FD:69:B5:13:FE:6B:36:BE:BB:06:F7:63:2C:1F:B7
Authority key identifier: 8B:BD:27:3A:14:53:61:61:55:12:60:D8:48:D7:6F:A2:64:46:CD:46
Certificate issuer: /CN=8bbd273a14536161551260d848d76fa26446cd46
Certificate serial: 019CAFB5EA0339BC7CDDF04E0AB552895DD9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i70nOhRTYWFVEmDYSNdvomRGzUY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/a733f6-09ad-4f1a-a357-e162203296bb/1/i70nOhRTYWFVEmDYSNdvomRGzUY.mft
Manifest number: 0421
Signing time: Mon 02 Mar 2026 18:01:00 +0000
Manifest this update: Mon 02 Mar 2026 18:01:00 +0000
Manifest next update: Tue 03 Mar 2026 18:01:00 +0000
Files and hashes: 1: Psndu95QZf6tgKNvQkbaDhxNkYg.roa (hash: d9f4EyfJsmR2vvAcSDXuO/gBDmodHHefWdbiiIbdVEk=)
2: i70nOhRTYWFVEmDYSNdvomRGzUY.crl (hash: xe6Beicb7yvdzpbgqABxhQ+Yv71pfkVNfe36cEDMItw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/a733f6-09ad-4f1a-a357-e162203296bb/1/i70nOhRTYWFVEmDYSNdvomRGzUY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/a733f6-09ad-4f1a-a357-e162203296bb/1/i70nOhRTYWFVEmDYSNdvomRGzUY.mft
rsync://rpki.ripe.net/repository/DEFAULT/i70nOhRTYWFVEmDYSNdvomRGzUY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:af:b5:ea:03:39:bc:7c:dd:f0:4e:0a:b5:52:89:5d:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bbd273a14536161551260d848d76fa26446cd46
Validity
Not Before: Mar 2 18:01:00 2026 GMT
Not After : Mar 3 18:01:00 2026 GMT
Subject: CN=770e9d0b28fd69b513fe6b36bebb06f7632c1fb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:28:b3:7f:8c:ce:71:3c:82:9b:86:4e:e0:ab:
68:2c:7a:cd:d5:b9:fc:80:4a:3c:18:1a:ac:88:df:
d2:fd:21:82:f6:93:ed:c1:74:a6:51:de:19:5b:ac:
e1:37:e7:cf:fc:b2:40:8b:43:66:f7:33:15:8c:c4:
72:fa:68:79:58:c8:db:ab:9e:e0:05:af:6d:5e:5b:
81:31:da:b7:4c:fb:17:15:e5:f8:e9:ac:ab:c3:43:
7d:db:cf:b2:bb:96:4a:c8:50:eb:4c:88:94:56:e1:
05:c3:47:aa:af:59:45:83:2e:af:f2:61:50:b1:63:
a2:13:f4:08:98:fc:7a:73:c8:f3:61:83:66:59:98:
10:b4:18:56:fb:e6:21:d0:70:a8:a0:62:16:da:58:
a6:9e:aa:75:67:0f:42:95:f6:b9:74:b4:da:d5:d1:
54:d6:9b:ee:20:e1:cd:66:28:4b:2f:8f:a4:e1:90:
8d:be:25:22:59:88:d4:95:9a:51:fd:06:8b:87:5e:
d1:1d:af:5e:58:c4:41:15:e0:bb:75:da:c6:d8:3d:
0b:d1:cf:00:20:6f:5d:f9:02:17:b9:ca:6c:d3:ec:
c1:cf:d0:b4:83:a9:93:a5:30:5a:65:17:b4:e2:d2:
38:93:36:3a:e8:a6:15:02:05:ba:97:72:85:d6:5e:
2a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:0E:9D:0B:28:FD:69:B5:13:FE:6B:36:BE:BB:06:F7:63:2C:1F:B7
X509v3 Authority Key Identifier:
keyid:8B:BD:27:3A:14:53:61:61:55:12:60:D8:48:D7:6F:A2:64:46:CD:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i70nOhRTYWFVEmDYSNdvomRGzUY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/a733f6-09ad-4f1a-a357-e162203296bb/1/i70nOhRTYWFVEmDYSNdvomRGzUY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/a733f6-09ad-4f1a-a357-e162203296bb/1/i70nOhRTYWFVEmDYSNdvomRGzUY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3f:55:ec:7d:d5:25:ce:17:00:dd:75:c7:0a:fc:24:51:74:a1:
4e:52:dc:38:c6:8d:4f:13:2f:4d:33:83:52:99:8e:b2:df:43:
a2:46:fb:c1:a8:7c:c9:dd:af:a6:59:62:16:7c:69:9b:43:69:
ac:2f:a1:c9:26:27:df:91:41:5c:cc:11:05:32:c7:b1:20:19:
3f:a2:5f:9b:d9:78:18:ea:ca:03:eb:53:70:99:81:fb:aa:ea:
7a:11:91:c8:30:ff:2a:4d:7d:f2:5e:5d:38:5c:16:fb:9a:81:
0a:3a:26:eb:57:73:97:a3:36:e3:9f:2c:30:f3:56:87:e0:c1:
da:bb:50:64:bc:a6:e0:a1:d2:2a:99:09:77:af:f7:92:ce:d4:
7f:46:47:0c:62:0b:15:1d:25:76:8e:d9:2e:04:2b:1f:10:28:
78:ef:f0:8b:1d:e8:2b:3d:b1:d1:fb:50:30:9f:64:ab:9a:e1:
d6:b8:53:72:73:73:42:03:a4:16:aa:b9:7a:c5:c1:3c:b8:f0:
43:5b:6a:8e:79:18:43:55:fd:28:32:4c:b2:6b:72:db:80:61:
1a:e3:80:ac:a6:6a:b2:29:8d:13:01:1d:a7:93:7a:81:e8:61:
db:29:0d:c1:87:1b:6f:ce:c6:cf:0f:b5:6d:33:2d:3a:40:b4:
a7:6d:47:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyvteoDObx83fBOCrVSiV3ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYmQyNzNhMTQ1MzYxNjE1NTEyNjBkODQ4ZDc2ZmEyNjQ0
NmNkNDYwHhcNMjYwMzAyMTgwMTAwWhcNMjYwMzAzMTgwMTAwWjAzMTEwLwYDVQQD
Eyg3NzBlOWQwYjI4ZmQ2OWI1MTNmZTZiMzZiZWJiMDZmNzYzMmMxZmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviizf4zOcTyCm4ZO4KtoLHrN1bn8
gEo8GBqsiN/S/SGC9pPtwXSmUd4ZW6zhN+fP/LJAi0Nm9zMVjMRy+mh5WMjbq57g
Ba9tXluBMdq3TPsXFeX46ayrw0N928+yu5ZKyFDrTIiUVuEFw0eqr1lFgy6v8mFQ
sWOiE/QImPx6c8jzYYNmWZgQtBhW++Yh0HCooGIW2limnqp1Zw9Clfa5dLTa1dFU
1pvuIOHNZihLL4+k4ZCNviUiWYjUlZpR/QaLh17RHa9eWMRBFeC7ddrG2D0L0c8A
IG9d+QIXucps0+zBz9C0g6mTpTBaZRe04tI4kzY66KYVAgW6l3KF1l4qMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHcOnQso/Wm1E/5rNr67BvdjLB+3MB8GA1UdIwQY
MBaAFIu9JzoUU2FhVRJg2EjXb6JkRs1GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTcwbk9oUlRZV0ZWRW1EWVNOZHZvbVJHelVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9hNzMzZjYtMDlhZC00ZjFhLWEzNTct
ZTE2MjIwMzI5NmJiLzEvaTcwbk9oUlRZV0ZWRW1EWVNOZHZvbVJHelVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9hNzMzZjYtMDlhZC00ZjFhLWEzNTctZTE2MjIwMzI5NmJi
LzEvaTcwbk9oUlRZV0ZWRW1EWVNOZHZvbVJHelVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP1XsfdUl
zhcA3XXHCvwkUXShTlLcOMaNTxMvTTODUpmOst9Dokb7wah8yd2vplliFnxpm0Np
rC+hySYn35FBXMwRBTLHsSAZP6Jfm9l4GOrKA+tTcJmB+6rqehGRyDD/Kk198l5d
OFwW+5qBCjom61dzl6M2458sMPNWh+DB2rtQZLym4KHSKpkJd6/3ks7Uf0ZHDGIL
FR0ldo7ZLgQrHxAoeO/wix3oKz2x0ftQMJ9kq5rh1rhTcnNzQgOkFqq5esXBPLjw
Q1tqjnkYQ1X9KDJMsmty24BhGuOArKZqsimNEwEdp5N6gehh2ykNwYcbb87Gzw+1
bTMtOkC0p21HiA==
-----END CERTIFICATE-----
Generated at Tue Mar 3 00:58:29 2026 by rpki-client