Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/d3377a-8d38-4235-aa73-7e89b720190d/1/h30YEASPQ3IFBuTBgg9v4I_3ym4.mft
File: h30YEASPQ3IFBuTBgg9v4I_3ym4.mft (raw, json)
Hash identifier: ceUTwESwf4GRI9kC9omewYhzl1EH8enH1EAjssPe9+g=
Subject key identifier: 40:08:C0:1F:35:87:57:30:07:32:32:8F:80:22:53:6F:37:33:1D:7A
Authority key identifier: 87:7D:18:10:04:8F:43:72:05:06:E4:C1:82:0F:6F:E0:8F:F7:CA:6E
Certificate issuer: /CN=877d1810048f43720506e4c1820f6fe08ff7ca6e
Certificate serial: 019CAF10CB5C9BBD51DAE4CDB257CC482563
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h30YEASPQ3IFBuTBgg9v4I_3ym4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/d3377a-8d38-4235-aa73-7e89b720190d/1/h30YEASPQ3IFBuTBgg9v4I_3ym4.mft
Manifest number: 0DE2
Signing time: Mon 02 Mar 2026 15:00:39 +0000
Manifest this update: Mon 02 Mar 2026 15:00:39 +0000
Manifest next update: Tue 03 Mar 2026 15:00:39 +0000
Files and hashes: 1: dMfmkGCssv7XqTWroQRv-l8a5ns.roa (hash: hm9ZxaNW+e5ilEfF4gv37M+kUWsrW8nDblCItA5yuBg=)
2: h30YEASPQ3IFBuTBgg9v4I_3ym4.crl (hash: pUnBqcKkQYeKPqxfiP1wIOZxsy/bguN0JlC/H8y76z8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/d3377a-8d38-4235-aa73-7e89b720190d/1/h30YEASPQ3IFBuTBgg9v4I_3ym4.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/d3377a-8d38-4235-aa73-7e89b720190d/1/h30YEASPQ3IFBuTBgg9v4I_3ym4.mft
rsync://rpki.ripe.net/repository/DEFAULT/h30YEASPQ3IFBuTBgg9v4I_3ym4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:af:10:cb:5c:9b:bd:51:da:e4:cd:b2:57:cc:48:25:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=877d1810048f43720506e4c1820f6fe08ff7ca6e
Validity
Not Before: Mar 2 15:00:39 2026 GMT
Not After : Mar 3 15:00:39 2026 GMT
Subject: CN=4008c01f358757300732328f8022536f37331d7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:bf:06:11:7e:1f:b9:c5:28:20:85:b3:b1:cb:
53:95:ef:19:24:5d:26:6c:fe:51:10:7f:d0:2a:9a:
14:f9:42:e4:32:ed:4b:b3:14:b4:f5:74:c1:a3:46:
d0:e7:08:92:ac:e0:f2:dd:23:5d:35:e2:71:da:77:
d2:8e:a4:7e:80:e5:31:77:85:02:eb:1b:06:7f:87:
92:ac:75:af:e5:17:95:6d:7a:b9:00:25:f4:0a:fe:
fa:27:81:b1:49:52:92:f0:69:16:26:39:7c:2c:d5:
d0:ca:e8:79:2f:6c:e6:3a:14:28:85:f8:d0:ef:8a:
c1:85:44:a9:ba:9c:06:2a:fc:23:0d:09:fe:ec:36:
54:58:5a:b3:ac:03:b8:fd:95:70:55:08:3f:31:94:
b0:03:0d:44:e0:4e:9e:ab:c5:23:9d:bd:b2:55:4f:
33:1e:9d:31:6e:05:5b:67:98:43:2f:f4:e6:92:c0:
91:65:9d:b9:74:3e:b6:83:fa:35:c8:9f:50:a8:92:
54:6f:5b:d4:21:64:37:58:98:88:59:a6:ff:99:e2:
f3:43:b6:9e:da:6d:87:7c:5c:2d:86:0e:b5:63:90:
2e:ea:34:3b:47:29:20:7c:4f:b0:2a:7c:37:e7:b0:
7f:31:04:b5:81:f8:aa:00:d7:05:ba:b5:8f:87:99:
fe:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:08:C0:1F:35:87:57:30:07:32:32:8F:80:22:53:6F:37:33:1D:7A
X509v3 Authority Key Identifier:
keyid:87:7D:18:10:04:8F:43:72:05:06:E4:C1:82:0F:6F:E0:8F:F7:CA:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h30YEASPQ3IFBuTBgg9v4I_3ym4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/d3377a-8d38-4235-aa73-7e89b720190d/1/h30YEASPQ3IFBuTBgg9v4I_3ym4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/d3377a-8d38-4235-aa73-7e89b720190d/1/h30YEASPQ3IFBuTBgg9v4I_3ym4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
36:79:e1:24:3f:aa:7b:46:60:73:a2:bc:11:10:d5:29:f7:21:
63:bd:57:9a:66:69:e4:c2:e0:93:63:d4:bb:1e:d9:f1:8f:9c:
02:a6:a5:c1:3e:e5:cc:4a:12:9a:db:a9:74:fb:39:2e:3b:5c:
91:98:e8:14:16:5b:f5:18:69:6b:fd:ca:06:1b:65:80:c5:a0:
21:d2:b3:f3:92:8d:70:89:5b:0c:18:61:08:94:fc:04:7e:b5:
a4:be:e7:f5:3b:3e:77:53:2d:ad:59:46:5b:fe:3b:84:b7:0f:
b9:85:e0:25:1f:bc:37:1d:d9:66:09:2e:15:36:26:86:60:22:
21:e0:be:66:31:ba:44:89:f3:d4:f0:f2:5c:b6:73:78:10:c7:
69:b9:71:fa:da:17:4b:10:c6:47:3b:28:fe:81:d5:a3:34:7e:
16:64:01:66:57:ad:e6:a0:66:9b:24:c6:eb:f5:a9:ef:8f:a9:
dd:94:ad:62:dd:cb:2a:9c:c0:2e:dc:49:0d:ed:f9:2e:04:30:
1c:63:a2:70:6b:54:4f:a7:d2:28:ee:4e:53:76:91:dd:f3:23:
44:09:e7:e8:f4:26:5e:a4:8f:67:94:6c:47:21:3d:88:c6:ec:
b4:da:9c:3b:4e:38:cc:31:18:0c:2b:04:43:99:ab:2d:af:87:
ec:c2:a5:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyvEMtcm71R2uTNslfMSCVjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3N2QxODEwMDQ4ZjQzNzIwNTA2ZTRjMTgyMGY2ZmUwOGZm
N2NhNmUwHhcNMjYwMzAyMTUwMDM5WhcNMjYwMzAzMTUwMDM5WjAzMTEwLwYDVQQD
Eyg0MDA4YzAxZjM1ODc1NzMwMDczMjMyOGY4MDIyNTM2ZjM3MzMxZDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b8GEX4fucUoIIWzsctTle8ZJF0m
bP5REH/QKpoU+ULkMu1LsxS09XTBo0bQ5wiSrODy3SNdNeJx2nfSjqR+gOUxd4UC
6xsGf4eSrHWv5ReVbXq5ACX0Cv76J4GxSVKS8GkWJjl8LNXQyuh5L2zmOhQohfjQ
74rBhUSpupwGKvwjDQn+7DZUWFqzrAO4/ZVwVQg/MZSwAw1E4E6eq8Ujnb2yVU8z
Hp0xbgVbZ5hDL/TmksCRZZ25dD62g/o1yJ9QqJJUb1vUIWQ3WJiIWab/meLzQ7ae
2m2HfFwthg61Y5Au6jQ7RykgfE+wKnw357B/MQS1gfiqANcFurWPh5n+FwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEAIwB81h1cwBzIyj4AiU283Mx16MB8GA1UdIwQY
MBaAFId9GBAEj0NyBQbkwYIPb+CP98puMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDMwWUVBU1BRM0lGQnVUQmdnOXY0SV8zeW00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9kMzM3N2EtOGQzOC00MjM1LWFhNzMt
N2U4OWI3MjAxOTBkLzEvaDMwWUVBU1BRM0lGQnVUQmdnOXY0SV8zeW00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9kMzM3N2EtOGQzOC00MjM1LWFhNzMtN2U4OWI3MjAxOTBk
LzEvaDMwWUVBU1BRM0lGQnVUQmdnOXY0SV8zeW00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANnnhJD+q
e0Zgc6K8ERDVKfchY71XmmZp5MLgk2PUux7Z8Y+cAqalwT7lzEoSmtupdPs5Ljtc
kZjoFBZb9Rhpa/3KBhtlgMWgIdKz85KNcIlbDBhhCJT8BH61pL7n9Ts+d1MtrVlG
W/47hLcPuYXgJR+8Nx3ZZgkuFTYmhmAiIeC+ZjG6RInz1PDyXLZzeBDHablx+toX
SxDGRzso/oHVozR+FmQBZlet5qBmmyTG6/Wp74+p3ZStYt3LKpzALtxJDe35LgQw
HGOicGtUT6fSKO5OU3aR3fMjRAnn6PQmXqSPZ5RsRyE9iMbstNqcO044zDEYDCsE
Q5mrLa+H7MKlPg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 20:56:56 2026 by rpki-client