Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
File: bIlKsevTD7N84imjdNPjE52QUY8.mft (raw, json)
Hash identifier: SNOPMy6hE8rYEBu2t+0fF/aNM+5Y7pMFC57a0PwqZlY=
Subject key identifier: E5:DB:F1:8E:F7:FA:96:C9:C6:C2:79:23:D0:25:F4:06:28:77:EE:12
Authority key identifier: 6C:89:4A:B1:EB:D3:0F:B3:7C:E2:29:A3:74:D3:E3:13:9D:90:51:8F
Certificate issuer: /CN=6c894ab1ebd30fb37ce229a374d3e3139d90518f
Certificate serial: 019CAB6B46F2A5E6548D6A97A4568212A9DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
Manifest number: 0886
Signing time: Sun 01 Mar 2026 22:01:00 +0000
Manifest this update: Sun 01 Mar 2026 22:01:00 +0000
Manifest next update: Mon 02 Mar 2026 22:01:00 +0000
Files and hashes: 1: HMK0XQoxdRxzLrSbOk3nRa3LDfU.roa (hash: ULrE37Ak3LEpHtIRIUxe40WhUc8sSXQeL2cSCTuAsyw=)
2: bIlKsevTD7N84imjdNPjE52QUY8.crl (hash: akOa7AIkZjPRtB7RbMIYcYqOBkVOFOuqW5Uon/x+KPc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:6b:46:f2:a5:e6:54:8d:6a:97:a4:56:82:12:a9:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c894ab1ebd30fb37ce229a374d3e3139d90518f
Validity
Not Before: Mar 1 22:01:00 2026 GMT
Not After : Mar 2 22:01:00 2026 GMT
Subject: CN=e5dbf18ef7fa96c9c6c27923d025f4062877ee12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:cc:a5:79:e4:ca:32:45:9c:22:60:3f:3a:79:
f1:87:3a:a7:8d:09:64:91:d8:9f:e2:48:81:68:f5:
ae:11:ae:ab:3b:9d:0a:1b:80:f2:36:b2:4e:28:1e:
f6:3e:0e:b9:89:dd:64:ba:47:ae:40:f0:30:af:52:
fd:f2:e9:47:94:1a:46:5b:e9:0a:b1:4c:a7:d0:35:
c1:be:17:dc:15:9c:1e:d4:72:c9:86:c9:0a:47:c0:
ef:f7:92:47:a5:23:46:2d:74:fd:26:8f:f3:e7:70:
59:f2:c2:8c:1b:40:85:4b:2a:42:ea:51:d2:41:18:
74:d6:50:2f:af:bd:0a:9d:b2:c3:cf:8f:8f:23:2b:
54:9b:64:8f:76:f3:32:03:7b:70:17:98:d2:a8:44:
0f:5e:0d:83:5d:7f:b0:f8:ef:36:21:57:e3:a5:85:
c8:6e:75:c4:81:c2:57:70:af:ce:82:9e:df:0c:5f:
7f:8e:ee:c8:93:c8:3c:7d:e1:a6:31:11:fa:cf:39:
91:0d:fe:95:21:15:9d:9e:5e:6a:f9:eb:40:fe:56:
48:c9:3d:04:47:0a:79:7e:53:f0:8c:36:b7:cf:52:
ad:ba:81:f9:dc:fd:c0:56:39:41:1f:55:26:76:ce:
a5:2c:bf:4a:6f:04:d1:7a:6b:25:e7:17:8c:3a:5b:
6f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:DB:F1:8E:F7:FA:96:C9:C6:C2:79:23:D0:25:F4:06:28:77:EE:12
X509v3 Authority Key Identifier:
keyid:6C:89:4A:B1:EB:D3:0F:B3:7C:E2:29:A3:74:D3:E3:13:9D:90:51:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
18:a9:2f:4d:c0:58:5e:59:3d:4b:65:9a:9c:78:d7:3e:a4:dd:
30:08:ba:5b:a5:d2:ff:02:1d:7b:2b:e7:da:b9:1a:ef:6e:73:
3a:75:68:e5:cd:04:06:84:37:42:3c:ac:23:a2:6a:d4:b8:c7:
49:24:fa:5a:ef:71:f8:0e:34:e9:0c:48:12:5d:4d:66:c1:93:
6e:fa:93:9b:91:f3:31:30:db:26:11:32:19:d5:5f:d5:81:33:
0a:7f:1e:6b:8d:11:37:88:81:9e:79:05:94:cc:a9:dc:ad:f3:
22:c6:56:fe:c1:c5:9d:53:60:f5:5b:fa:12:94:28:24:e6:23:
a8:ec:b9:b3:b7:b9:44:b9:d6:10:75:2b:7c:24:50:b2:3a:51:
4a:c0:f4:10:c2:96:17:30:9a:91:bc:34:a4:43:e5:8b:fc:83:
5f:22:9c:f5:26:e8:88:e4:24:2d:91:3f:74:f0:77:ec:4d:94:
fe:6f:49:ab:a8:91:d7:0b:85:a1:bf:8d:ad:e9:b3:b3:3c:53:
53:5a:1b:e4:b3:99:17:8f:68:75:0f:2e:00:8e:b1:53:ce:62:
5e:35:8a:f5:30:b4:07:1d:85:e2:77:e0:b3:7e:43:98:20:74:
ff:5c:ca:bc:f7:ca:66:a5:f3:c1:23:a9:88:2e:3d:86:03:f6:
8c:3d:97:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra0bypeZUjWqXpFaCEqnfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjODk0YWIxZWJkMzBmYjM3Y2UyMjlhMzc0ZDNlMzEzOWQ5
MDUxOGYwHhcNMjYwMzAxMjIwMTAwWhcNMjYwMzAyMjIwMTAwWjAzMTEwLwYDVQQD
EyhlNWRiZjE4ZWY3ZmE5NmM5YzZjMjc5MjNkMDI1ZjQwNjI4NzdlZTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA68yleeTKMkWcImA/OnnxhzqnjQlk
kdif4kiBaPWuEa6rO50KG4DyNrJOKB72Pg65id1kukeuQPAwr1L98ulHlBpGW+kK
sUyn0DXBvhfcFZwe1HLJhskKR8Dv95JHpSNGLXT9Jo/z53BZ8sKMG0CFSypC6lHS
QRh01lAvr70KnbLDz4+PIytUm2SPdvMyA3twF5jSqEQPXg2DXX+w+O82IVfjpYXI
bnXEgcJXcK/Ogp7fDF9/ju7Ik8g8feGmMRH6zzmRDf6VIRWdnl5q+etA/lZIyT0E
Rwp5flPwjDa3z1KtuoH53P3AVjlBH1Umds6lLL9KbwTRemsl5xeMOltvhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOXb8Y73+pbJxsJ5I9Al9AYod+4SMB8GA1UdIwQY
MBaAFGyJSrHr0w+zfOIpo3TT4xOdkFGPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklsS3NldlREN044NGltamROUGpFNTJRVVk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS81ZmFmNzYtMWJjMi00NzIxLTk0OTgt
YTFhZTU5ZTE2ODczLzEvYklsS3NldlREN044NGltamROUGpFNTJRVVk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS81ZmFmNzYtMWJjMi00NzIxLTk0OTgtYTFhZTU5ZTE2ODcz
LzEvYklsS3NldlREN044NGltamROUGpFNTJRVVk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGKkvTcBY
Xlk9S2WanHjXPqTdMAi6W6XS/wIdeyvn2rka725zOnVo5c0EBoQ3QjysI6Jq1LjH
SST6Wu9x+A406QxIEl1NZsGTbvqTm5HzMTDbJhEyGdVf1YEzCn8ea40RN4iBnnkF
lMyp3K3zIsZW/sHFnVNg9Vv6EpQoJOYjqOy5s7e5RLnWEHUrfCRQsjpRSsD0EMKW
FzCakbw0pEPli/yDXyKc9SboiOQkLZE/dPB37E2U/m9Jq6iR1wuFob+NremzszxT
U1ob5LOZF49odQ8uAI6xU85iXjWK9TC0Bx2F4nfgs35DmCB0/1zKvPfKZqXzwSOp
iC49hgP2jD2XPw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:45:55 2026 by rpki-client