Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/c1a852-55f5-4505-8d90-2157a575db0b/1/S8K4kvLb729UtFNg_rD4QUpahQQ.mft
File: S8K4kvLb729UtFNg_rD4QUpahQQ.mft (raw, json)
Hash identifier: bY6ZcwQUXcarhoBQo6zPCrqD918vcCCOsuYIk3kV/TY=
Subject key identifier: D2:46:09:A3:C5:52:A1:2B:8B:F7:E2:84:7B:13:25:EE:3E:F8:2F:64
Authority key identifier: 4B:C2:B8:92:F2:DB:EF:6F:54:B4:53:60:FE:B0:F8:41:4A:5A:85:04
Certificate issuer: /CN=4bc2b892f2dbef6f54b45360feb0f8414a5a8504
Certificate serial: 019CAAFD35D6FE37664E0423EA717EE359F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S8K4kvLb729UtFNg_rD4QUpahQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/c1a852-55f5-4505-8d90-2157a575db0b/1/S8K4kvLb729UtFNg_rD4QUpahQQ.mft
Manifest number: 1241
Signing time: Sun 01 Mar 2026 20:00:46 +0000
Manifest this update: Sun 01 Mar 2026 20:00:46 +0000
Manifest next update: Mon 02 Mar 2026 20:00:46 +0000
Files and hashes: 1: F4rY5JVMtMl_zYzUZwZp4oeHP1I.roa (hash: E0rqrVkOGoV8SRKX7SA5ZbTVTAKBdcJrr4ggv5rMXIg=)
2: S8K4kvLb729UtFNg_rD4QUpahQQ.crl (hash: klyqJtla3ylNF1zT5eOcomy/DttK4Wg6+ID/kUZ2bMc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/c1a852-55f5-4505-8d90-2157a575db0b/1/S8K4kvLb729UtFNg_rD4QUpahQQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/c1a852-55f5-4505-8d90-2157a575db0b/1/S8K4kvLb729UtFNg_rD4QUpahQQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/S8K4kvLb729UtFNg_rD4QUpahQQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:fd:35:d6:fe:37:66:4e:04:23:ea:71:7e:e3:59:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4bc2b892f2dbef6f54b45360feb0f8414a5a8504
Validity
Not Before: Mar 1 20:00:46 2026 GMT
Not After : Mar 2 20:00:46 2026 GMT
Subject: CN=d24609a3c552a12b8bf7e2847b1325ee3ef82f64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:80:4c:9c:d2:e2:48:ce:e8:a9:cd:09:bf:2b:
24:28:a6:18:12:b4:3a:2a:05:91:bb:a8:ba:86:3c:
05:86:c7:34:49:b2:86:d8:69:0e:71:a3:b8:cb:5b:
7a:b9:43:6c:8d:75:0b:ac:fb:45:e9:79:bc:9a:12:
a7:67:61:07:e2:e9:c9:a9:b7:44:d3:7c:e5:98:72:
b8:14:b1:36:dc:d5:8c:7a:5b:fc:bb:86:bc:19:fa:
c9:47:a9:98:65:31:e4:9f:c0:61:a3:33:00:a3:2e:
5d:3b:9a:a4:37:e3:35:06:13:b9:64:0a:56:16:13:
a8:c6:e3:87:c1:fc:c7:a4:16:fc:5c:26:8b:0a:6c:
0c:69:be:1f:a1:c1:f8:eb:f6:a0:e6:63:4f:97:70:
13:d0:16:69:f9:4e:3c:d0:88:e7:c3:7e:8f:34:bb:
2f:8a:29:d8:81:67:62:07:27:c2:6e:18:20:47:a8:
26:f8:a5:97:bd:08:4b:a7:68:3a:40:7d:9b:28:de:
f7:6c:07:02:7f:0a:79:74:84:11:00:9f:66:36:52:
55:ed:bf:ea:16:4f:4d:81:da:de:38:2f:82:ce:5d:
c9:5e:95:89:38:49:de:53:b1:75:17:49:72:63:1e:
b9:f0:77:68:cc:64:63:d7:ec:05:c9:83:79:db:dc:
b9:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:46:09:A3:C5:52:A1:2B:8B:F7:E2:84:7B:13:25:EE:3E:F8:2F:64
X509v3 Authority Key Identifier:
keyid:4B:C2:B8:92:F2:DB:EF:6F:54:B4:53:60:FE:B0:F8:41:4A:5A:85:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S8K4kvLb729UtFNg_rD4QUpahQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/c1a852-55f5-4505-8d90-2157a575db0b/1/S8K4kvLb729UtFNg_rD4QUpahQQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/c1a852-55f5-4505-8d90-2157a575db0b/1/S8K4kvLb729UtFNg_rD4QUpahQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
70:ac:85:af:96:da:95:29:08:6a:a9:45:f8:da:d1:85:20:01:
aa:4b:ad:cf:e6:62:52:ec:38:1c:ae:09:97:51:9c:aa:65:eb:
33:54:c0:b2:5e:a4:1d:41:bc:5d:92:da:56:8f:47:c9:a0:fd:
f4:b1:6f:a4:ca:3e:44:26:1b:2a:f0:9e:9d:49:9c:de:bc:a1:
1f:e4:03:aa:31:a8:44:08:8a:c3:76:39:db:12:e3:55:8f:c9:
1d:ce:04:75:e0:e3:bf:03:cf:85:9b:e6:23:f2:de:b7:a2:7c:
c7:ea:3a:c9:53:3b:e3:2e:bd:11:69:71:eb:f9:3d:9b:d5:7a:
91:fe:d6:60:0d:ec:b4:f7:ab:9c:80:50:41:b4:98:e1:fe:37:
a4:9d:54:4a:04:e7:39:11:67:1b:70:be:6e:a0:90:01:48:33:
09:87:98:f1:57:e9:ab:98:5f:9f:88:87:0d:b7:0f:94:8e:50:
9b:8d:c0:a1:49:14:0a:7a:ad:2e:ae:ad:63:b1:52:84:0a:bf:
4f:ad:29:34:3c:f9:55:97:e5:df:61:71:ae:3a:e0:3a:bf:25:
44:2c:5f:0c:82:db:80:90:2d:e5:1d:89:cf:91:c3:6e:87:24:
f8:80:f5:0c:b1:c6:45:ca:b0:58:10:a5:c5:60:5a:57:5a:ee:
72:a0:9b:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyq/TXW/jdmTgQj6nF+41n5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiYzJiODkyZjJkYmVmNmY1NGI0NTM2MGZlYjBmODQxNGE1
YTg1MDQwHhcNMjYwMzAxMjAwMDQ2WhcNMjYwMzAyMjAwMDQ2WjAzMTEwLwYDVQQD
EyhkMjQ2MDlhM2M1NTJhMTJiOGJmN2UyODQ3YjEzMjVlZTNlZjgyZjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4BMnNLiSM7oqc0JvyskKKYYErQ6
KgWRu6i6hjwFhsc0SbKG2GkOcaO4y1t6uUNsjXULrPtF6Xm8mhKnZ2EH4unJqbdE
03zlmHK4FLE23NWMelv8u4a8GfrJR6mYZTHkn8BhozMAoy5dO5qkN+M1BhO5ZApW
FhOoxuOHwfzHpBb8XCaLCmwMab4focH46/ag5mNPl3AT0BZp+U480Ijnw36PNLsv
iinYgWdiByfCbhggR6gm+KWXvQhLp2g6QH2bKN73bAcCfwp5dIQRAJ9mNlJV7b/q
Fk9NgdreOC+Czl3JXpWJOEneU7F1F0lyYx658HdozGRj1+wFyYN529y5CwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNJGCaPFUqEri/fihHsTJe4++C9kMB8GA1UdIwQY
MBaAFEvCuJLy2+9vVLRTYP6w+EFKWoUEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzhLNGt2TGI3MjlVdEZOZ19yRDRRVXBhaFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9jMWE4NTItNTVmNS00NTA1LThkOTAt
MjE1N2E1NzVkYjBiLzEvUzhLNGt2TGI3MjlVdEZOZ19yRDRRVXBhaFFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9jMWE4NTItNTVmNS00NTA1LThkOTAtMjE1N2E1NzVkYjBi
LzEvUzhLNGt2TGI3MjlVdEZOZ19yRDRRVXBhaFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcKyFr5ba
lSkIaqlF+NrRhSABqkutz+ZiUuw4HK4Jl1GcqmXrM1TAsl6kHUG8XZLaVo9HyaD9
9LFvpMo+RCYbKvCenUmc3ryhH+QDqjGoRAiKw3Y52xLjVY/JHc4EdeDjvwPPhZvm
I/Let6J8x+o6yVM74y69EWlx6/k9m9V6kf7WYA3stPernIBQQbSY4f43pJ1USgTn
ORFnG3C+bqCQAUgzCYeY8Vfpq5hfn4iHDbcPlI5Qm43AoUkUCnqtLq6tY7FShAq/
T60pNDz5VZfl32FxrjrgOr8lRCxfDILbgJAt5R2Jz5HDbock+ID1DLHGRcqwWBCl
xWBaV1rucqCbXA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:06:34 2026 by rpki-client