Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/16735d-6658-4b6f-a261-97ba37345aa8/1/dHnfUKMVAp6AqhlHr-EtselIYos.mft
File: dHnfUKMVAp6AqhlHr-EtselIYos.mft (raw, json)
Hash identifier: KlDYo+6xDJ6gA/98Dik/rgBALttvwG3JUGzwfs9bzj0=
Subject key identifier: D8:63:07:D6:83:E7:8E:0A:D5:CB:D2:DC:D7:B4:BE:FF:A6:D6:F0:88
Authority key identifier: 74:79:DF:50:A3:15:02:9E:80:AA:19:47:AF:E1:2D:B1:E9:48:62:8B
Certificate issuer: /CN=7479df50a315029e80aa1947afe12db1e948628b
Certificate serial: 019CAE6BCFE064CF21F35797459647C91CCE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dHnfUKMVAp6AqhlHr-EtselIYos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/16735d-6658-4b6f-a261-97ba37345aa8/1/dHnfUKMVAp6AqhlHr-EtselIYos.mft
Manifest number: 114B
Signing time: Mon 02 Mar 2026 12:00:27 +0000
Manifest this update: Mon 02 Mar 2026 12:00:27 +0000
Manifest next update: Tue 03 Mar 2026 12:00:27 +0000
Files and hashes: 1: BXcJyeoWgagdd3V31mwsVCcQbpE.roa (hash: yQn1/FtH4uOfCzrJXuLEmscMEDI0/UDWaQ5VY5MFs4U=)
2: dHnfUKMVAp6AqhlHr-EtselIYos.crl (hash: meY4ZTbwP+rqIF0HC+6f1frVIYiiOuAxt4YDxCz1X8Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/16735d-6658-4b6f-a261-97ba37345aa8/1/dHnfUKMVAp6AqhlHr-EtselIYos.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/16735d-6658-4b6f-a261-97ba37345aa8/1/dHnfUKMVAp6AqhlHr-EtselIYos.mft
rsync://rpki.ripe.net/repository/DEFAULT/dHnfUKMVAp6AqhlHr-EtselIYos.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:6b:cf:e0:64:cf:21:f3:57:97:45:96:47:c9:1c:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7479df50a315029e80aa1947afe12db1e948628b
Validity
Not Before: Mar 2 12:00:27 2026 GMT
Not After : Mar 3 12:00:27 2026 GMT
Subject: CN=d86307d683e78e0ad5cbd2dcd7b4beffa6d6f088
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:17:5a:1c:bd:68:26:63:78:53:62:89:cf:22:
ab:2e:39:c1:04:25:db:11:80:98:58:df:56:10:09:
7b:86:38:0f:24:bb:18:08:82:a6:b6:96:fe:6d:35:
09:33:cc:5c:a2:dc:24:39:4b:ba:6f:97:74:eb:41:
d5:04:fe:f7:0e:d2:da:7e:8e:70:c9:b2:fe:b5:c7:
89:3f:3b:bf:5c:46:02:68:b8:30:82:52:eb:4f:67:
c7:23:01:f8:55:bd:74:aa:73:3b:8f:c8:3a:96:d3:
07:bd:bd:3e:0c:30:dd:a1:d3:7e:07:1d:c0:4d:75:
16:a7:4f:c2:24:cf:26:6d:72:89:eb:03:20:08:69:
7d:15:ca:37:fb:a0:77:24:98:d3:83:cb:c8:7d:ee:
ca:83:fb:6a:66:fc:44:36:82:57:8f:b0:f7:31:64:
3f:9d:94:6b:ed:ff:2d:99:e0:1f:fa:8c:47:35:9d:
3c:3b:db:f3:a7:2b:c2:1c:bf:19:9f:ca:6a:f3:50:
44:85:c7:61:f8:82:2f:5a:88:70:93:6a:f9:c4:73:
65:a2:2f:06:b3:3e:62:ac:8f:39:e7:a9:34:51:f5:
d0:e8:3b:11:24:1b:d9:bd:7a:20:82:b6:7e:e9:97:
d7:01:b5:f0:a1:fd:10:60:51:85:e6:b7:aa:f9:77:
9a:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:63:07:D6:83:E7:8E:0A:D5:CB:D2:DC:D7:B4:BE:FF:A6:D6:F0:88
X509v3 Authority Key Identifier:
keyid:74:79:DF:50:A3:15:02:9E:80:AA:19:47:AF:E1:2D:B1:E9:48:62:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dHnfUKMVAp6AqhlHr-EtselIYos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/16735d-6658-4b6f-a261-97ba37345aa8/1/dHnfUKMVAp6AqhlHr-EtselIYos.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/16735d-6658-4b6f-a261-97ba37345aa8/1/dHnfUKMVAp6AqhlHr-EtselIYos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
30:37:be:ac:7d:8c:2e:f5:11:9c:87:65:cc:b4:49:48:50:79:
29:b0:95:22:40:7f:02:0f:82:e2:13:9b:b5:e8:29:07:6e:b4:
fe:d3:79:7e:f2:e8:5d:3e:cb:27:b8:70:4f:c7:61:d9:2f:2f:
68:be:7d:56:ab:79:0a:62:3c:b7:7d:64:e8:30:ea:e9:97:e7:
b0:37:58:41:b4:98:5b:79:51:86:71:f5:f7:f4:c8:94:8e:af:
16:f3:4a:bd:d8:8b:84:ee:65:5e:fe:6a:6c:bb:e2:4a:44:26:
f7:1c:35:d2:07:82:98:0a:ce:7d:1e:7a:82:38:c8:57:35:9b:
36:ae:f3:d3:3a:c7:13:25:e6:ff:09:34:21:08:b6:cb:cd:c1:
d3:a5:0e:77:12:4e:7a:7d:e1:10:49:2b:79:05:14:48:51:ce:
5f:0d:41:5f:d6:72:80:f2:5b:f6:33:43:6a:50:7b:b5:88:60:
c6:0f:4d:9d:e6:67:0d:01:41:d8:7e:29:ff:27:ea:55:fb:a3:
fe:0e:33:31:02:5e:d5:5f:3b:eb:f1:9a:d6:fa:2d:99:cb:73:
df:71:02:a0:a2:35:a1:8a:ce:48:56:7b:ff:0e:67:0a:2e:cf:
f7:e9:28:79:02:61:26:d3:c4:0c:7d:00:3e:87:7f:79:be:73:
a1:03:63:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyua8/gZM8h81eXRZZHyRzOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NzlkZjUwYTMxNTAyOWU4MGFhMTk0N2FmZTEyZGIxZTk0
ODYyOGIwHhcNMjYwMzAyMTIwMDI3WhcNMjYwMzAzMTIwMDI3WjAzMTEwLwYDVQQD
EyhkODYzMDdkNjgzZTc4ZTBhZDVjYmQyZGNkN2I0YmVmZmE2ZDZmMDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxdaHL1oJmN4U2KJzyKrLjnBBCXb
EYCYWN9WEAl7hjgPJLsYCIKmtpb+bTUJM8xcotwkOUu6b5d060HVBP73DtLafo5w
ybL+tceJPzu/XEYCaLgwglLrT2fHIwH4Vb10qnM7j8g6ltMHvb0+DDDdodN+Bx3A
TXUWp0/CJM8mbXKJ6wMgCGl9Fco3+6B3JJjTg8vIfe7Kg/tqZvxENoJXj7D3MWQ/
nZRr7f8tmeAf+oxHNZ08O9vzpyvCHL8Zn8pq81BEhcdh+IIvWohwk2r5xHNloi8G
sz5irI8556k0UfXQ6DsRJBvZvXoggrZ+6ZfXAbXwof0QYFGF5req+XeaEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNhjB9aD544K1cvS3Ne0vv+m1vCIMB8GA1UdIwQY
MBaAFHR531CjFQKegKoZR6/hLbHpSGKLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEhuZlVLTVZBcDZBcWhsSHItRXRzZWxJWW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8xNjczNWQtNjY1OC00YjZmLWEyNjEt
OTdiYTM3MzQ1YWE4LzEvZEhuZlVLTVZBcDZBcWhsSHItRXRzZWxJWW9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8xNjczNWQtNjY1OC00YjZmLWEyNjEtOTdiYTM3MzQ1YWE4
LzEvZEhuZlVLTVZBcDZBcWhsSHItRXRzZWxJWW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMDe+rH2M
LvURnIdlzLRJSFB5KbCVIkB/Ag+C4hObtegpB260/tN5fvLoXT7LJ7hwT8dh2S8v
aL59Vqt5CmI8t31k6DDq6ZfnsDdYQbSYW3lRhnH19/TIlI6vFvNKvdiLhO5lXv5q
bLviSkQm9xw10geCmArOfR56gjjIVzWbNq7z0zrHEyXm/wk0IQi2y83B06UOdxJO
en3hEEkreQUUSFHOXw1BX9ZygPJb9jNDalB7tYhgxg9NneZnDQFB2H4p/yfqVfuj
/g4zMQJe1V876/Ga1votmctz33ECoKI1oYrOSFZ7/w5nCi7P9+koeQJhJtPEDH0A
Pod/eb5zoQNj/g==
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:15:44 2026 by rpki-client