
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/010d3d-1ba8-4a96-8212-94ac8af1bfcf/1/bBlbm9RwAeq1D9uh3g0tP0Un9nU.mft
File: bBlbm9RwAeq1D9uh3g0tP0Un9nU.mft (raw, json)
Hash identifier: hD+FFdLk0oKZ1SBQLW5nsf2vkM05J38SEGFXKflPKrU=
Subject key identifier: 3F:D4:D7:38:00:09:4A:B4:AC:D3:E5:A0:74:68:6E:00:E4:B6:47:24
Authority key identifier: 6C:19:5B:9B:D4:70:01:EA:B5:0F:DB:A1:DE:0D:2D:3F:45:27:F6:75
Certificate issuer: /CN=6c195b9bd47001eab50fdba1de0d2d3f4527f675
Certificate serial: 019CAA21BA1B2B10714ACF36D42140A1CAC2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bBlbm9RwAeq1D9uh3g0tP0Un9nU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/010d3d-1ba8-4a96-8212-94ac8af1bfcf/1/bBlbm9RwAeq1D9uh3g0tP0Un9nU.mft
Manifest number: 03D8
Signing time: Sun 01 Mar 2026 16:01:02 +0000
Manifest this update: Sun 01 Mar 2026 16:01:02 +0000
Manifest next update: Mon 02 Mar 2026 16:01:02 +0000
Files and hashes: 1: GCeDgCKOnbFY3U0olZ4r0yqAX7g.roa (hash: +SThIA5U78DHRFgrExpVjECZowaekUZ+Kqjt9wzZQWI=)
2: bBlbm9RwAeq1D9uh3g0tP0Un9nU.crl (hash: PGYzqLZGR/kB0xyfS6LhImxFMejQjhdTimGw1/9kVdQ=)
3: tglsOsq2MXVhhtPQ1fuHwjxCRDE.roa (hash: 8XEuad3zZxDli1a1G3vIehCptWc+Hmtp2zxnb2jVTdQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/010d3d-1ba8-4a96-8212-94ac8af1bfcf/1/bBlbm9RwAeq1D9uh3g0tP0Un9nU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/010d3d-1ba8-4a96-8212-94ac8af1bfcf/1/bBlbm9RwAeq1D9uh3g0tP0Un9nU.mft
rsync://rpki.ripe.net/repository/DEFAULT/bBlbm9RwAeq1D9uh3g0tP0Un9nU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 16:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:21:ba:1b:2b:10:71:4a:cf:36:d4:21:40:a1:ca:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c195b9bd47001eab50fdba1de0d2d3f4527f675
Validity
Not Before: Mar 1 16:01:02 2026 GMT
Not After : Mar 2 16:01:02 2026 GMT
Subject: CN=3fd4d73800094ab4acd3e5a074686e00e4b64724
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ec:ae:2c:d8:71:76:db:4b:e5:5f:eb:cd:f3:
54:7d:39:62:85:ae:19:61:56:b3:3a:15:ba:da:45:
99:c4:51:c8:e5:3f:a9:65:95:58:32:0f:3c:0d:b8:
d3:c8:dd:db:ab:cd:64:0a:e5:48:dc:55:d5:0b:26:
42:a3:1b:48:ae:6f:74:2f:5a:bc:0e:58:28:75:84:
3c:28:2d:25:e3:07:f6:6d:30:e6:fe:c8:c0:54:24:
c5:23:21:24:ee:ae:3e:76:6c:2b:fa:5e:2d:48:a3:
be:e8:d5:00:18:d8:df:c1:7e:b8:f5:b6:da:5b:da:
a8:71:b1:96:40:b2:ba:81:b5:19:2f:57:17:53:06:
01:f2:21:2e:96:f6:9a:74:b6:d4:5c:8c:66:3e:f2:
38:98:f5:31:d5:63:95:83:91:ba:1b:5c:02:bd:56:
7d:68:45:bd:34:1d:e1:0a:c9:88:ac:bd:f3:6e:1c:
ae:79:1e:e0:70:b8:45:24:a2:33:0e:9b:5d:58:e3:
65:b7:d9:3d:38:23:de:79:17:75:b1:58:14:9c:f1:
29:ae:2b:5f:26:6d:5a:24:62:c0:51:d1:b8:db:9c:
23:ac:8d:76:10:d2:44:c5:f5:f8:f2:2c:3b:76:38:
92:7d:f6:5c:fa:e9:fb:cf:96:6b:a1:a5:20:5c:db:
55:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:D4:D7:38:00:09:4A:B4:AC:D3:E5:A0:74:68:6E:00:E4:B6:47:24
X509v3 Authority Key Identifier:
keyid:6C:19:5B:9B:D4:70:01:EA:B5:0F:DB:A1:DE:0D:2D:3F:45:27:F6:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bBlbm9RwAeq1D9uh3g0tP0Un9nU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/010d3d-1ba8-4a96-8212-94ac8af1bfcf/1/bBlbm9RwAeq1D9uh3g0tP0Un9nU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/010d3d-1ba8-4a96-8212-94ac8af1bfcf/1/bBlbm9RwAeq1D9uh3g0tP0Un9nU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
19:68:f2:4b:82:8f:6d:03:16:82:59:49:0a:f1:22:2d:98:a6:
5a:f5:5d:12:c1:09:d6:36:22:f3:02:6b:6c:d8:b2:bd:a9:93:
fd:c9:25:22:04:04:f6:0f:d8:1a:b3:e7:0f:94:b6:f8:05:95:
07:d8:3c:81:80:51:2d:77:53:15:32:43:cc:60:82:51:de:c6:
e8:e5:1c:63:ac:5d:82:c7:77:3b:57:0b:6e:9b:22:14:08:2a:
f5:5d:03:96:74:c5:e0:f2:c0:7a:58:ae:08:bc:18:30:9f:5f:
92:25:2a:42:1c:03:40:6f:e2:57:3e:a0:f5:98:eb:86:85:e6:
c6:4d:13:24:13:4a:67:30:60:7c:82:12:25:24:a4:8d:e8:3a:
05:47:03:94:a0:5e:53:6b:81:7a:a0:20:4f:c3:8e:68:75:7f:
0a:03:08:54:18:81:32:be:6f:3b:81:d9:72:91:f9:bd:74:f9:
82:50:3f:3a:c9:81:15:22:a2:b3:9f:16:7b:3c:74:c9:3d:3a:
04:0e:e4:89:a4:68:7f:47:7c:6d:3d:51:0c:e9:e1:b7:c4:14:
4b:b0:c5:23:72:eb:0b:2a:74:a5:b2:6f:d0:f1:32:8c:c3:a0:
77:8a:0b:0a:88:0d:fb:2e:34:46:c7:a9:9f:b2:b1:26:71:b1:
a4:64:f5:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqIbobKxBxSs821CFAocrCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMTk1YjliZDQ3MDAxZWFiNTBmZGJhMWRlMGQyZDNmNDUy
N2Y2NzUwHhcNMjYwMzAxMTYwMTAyWhcNMjYwMzAyMTYwMTAyWjAzMTEwLwYDVQQD
EygzZmQ0ZDczODAwMDk0YWI0YWNkM2U1YTA3NDY4NmUwMGU0YjY0NzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteyuLNhxdttL5V/rzfNUfTliha4Z
YVazOhW62kWZxFHI5T+pZZVYMg88DbjTyN3bq81kCuVI3FXVCyZCoxtIrm90L1q8
DlgodYQ8KC0l4wf2bTDm/sjAVCTFIyEk7q4+dmwr+l4tSKO+6NUAGNjfwX649bba
W9qocbGWQLK6gbUZL1cXUwYB8iEulvaadLbUXIxmPvI4mPUx1WOVg5G6G1wCvVZ9
aEW9NB3hCsmIrL3zbhyueR7gcLhFJKIzDptdWONlt9k9OCPeeRd1sVgUnPEpritf
Jm1aJGLAUdG425wjrI12ENJExfX48iw7djiSffZc+un7z5ZroaUgXNtV9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD/U1zgACUq0rNPloHRobgDktkckMB8GA1UdIwQY
MBaAFGwZW5vUcAHqtQ/bod4NLT9FJ/Z1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkJsYm05UndBZXExRDl1aDNnMHRQMFVuOW5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8wMTBkM2QtMWJhOC00YTk2LTgyMTIt
OTRhYzhhZjFiZmNmLzEvYkJsYm05UndBZXExRDl1aDNnMHRQMFVuOW5VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8wMTBkM2QtMWJhOC00YTk2LTgyMTItOTRhYzhhZjFiZmNm
LzEvYkJsYm05UndBZXExRDl1aDNnMHRQMFVuOW5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGWjyS4KP
bQMWgllJCvEiLZimWvVdEsEJ1jYi8wJrbNiyvamT/cklIgQE9g/YGrPnD5S2+AWV
B9g8gYBRLXdTFTJDzGCCUd7G6OUcY6xdgsd3O1cLbpsiFAgq9V0DlnTF4PLAeliu
CLwYMJ9fkiUqQhwDQG/iVz6g9ZjrhoXmxk0TJBNKZzBgfIISJSSkjeg6BUcDlKBe
U2uBeqAgT8OOaHV/CgMIVBiBMr5vO4HZcpH5vXT5glA/OsmBFSKis58Wezx0yT06
BA7kiaRof0d8bT1RDOnht8QUS7DFI3LrCyp0pbJv0PEyjMOgd4oLCogN+y40Rsep
n7KxJnGxpGT1VQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:52:24 2026 by rpki-client