Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/e4ca56-1386-432c-96cb-65a9a4dfad9e/1/r7ALKTlueAM-26yv75hQsbDjUyM.mft
File: r7ALKTlueAM-26yv75hQsbDjUyM.mft (raw, json)
Hash identifier: hvQQstn9247nQ4tXzlzAgxKa8eGKDMVSXmZVGo7wVXY=
Subject key identifier: BB:9F:73:55:71:17:77:AD:D6:51:FD:1B:7E:F0:BB:31:2F:8B:88:CF
Authority key identifier: AF:B0:0B:29:39:6E:78:03:3E:DB:AC:AF:EF:98:50:B1:B0:E3:53:23
Certificate issuer: /CN=afb00b29396e78033edbacafef9850b1b0e35323
Certificate serial: 019CABA21028BABF8D70EF96306DA4F73F16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r7ALKTlueAM-26yv75hQsbDjUyM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/e4ca56-1386-432c-96cb-65a9a4dfad9e/1/r7ALKTlueAM-26yv75hQsbDjUyM.mft
Manifest number: 10F4
Signing time: Sun 01 Mar 2026 23:00:50 +0000
Manifest this update: Sun 01 Mar 2026 23:00:50 +0000
Manifest next update: Mon 02 Mar 2026 23:00:50 +0000
Files and hashes: 1: BqKXTfV1zxu7JcLG72Zso4SHOOg.roa (hash: T8VlSosgzu97SNLjSfAlphc7hdN+zQvpmKY8/+PTx/s=)
2: r7ALKTlueAM-26yv75hQsbDjUyM.crl (hash: c/NrSieI7S84NFXN6iLPlyfehnZgVjhmxPd9gNl1Xcw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/e4ca56-1386-432c-96cb-65a9a4dfad9e/1/r7ALKTlueAM-26yv75hQsbDjUyM.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/e4ca56-1386-432c-96cb-65a9a4dfad9e/1/r7ALKTlueAM-26yv75hQsbDjUyM.mft
rsync://rpki.ripe.net/repository/DEFAULT/r7ALKTlueAM-26yv75hQsbDjUyM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 23:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:a2:10:28:ba:bf:8d:70:ef:96:30:6d:a4:f7:3f:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afb00b29396e78033edbacafef9850b1b0e35323
Validity
Not Before: Mar 1 23:00:50 2026 GMT
Not After : Mar 2 23:00:50 2026 GMT
Subject: CN=bb9f7355711777add651fd1b7ef0bb312f8b88cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:d0:ee:8d:26:61:ad:55:67:48:aa:a3:0c:f3:
23:41:70:8c:64:4e:6f:ce:52:c1:cd:b8:b9:76:b0:
b7:63:15:0a:11:80:a8:ac:d0:f4:26:f3:7e:14:28:
1f:40:14:bc:d0:2b:95:88:40:7d:e2:1a:77:af:44:
ea:99:13:f3:c2:b0:db:45:3e:89:32:66:7e:b4:6f:
41:b7:fe:2d:7c:b7:1b:dd:67:bc:56:08:2f:b4:6f:
f0:b1:cc:24:7f:1c:fd:9c:e6:61:78:88:63:f2:1c:
1c:b3:74:cf:51:84:70:8d:dd:7f:57:4e:6d:36:71:
cd:de:fc:85:00:9c:93:5f:ca:04:08:10:1b:d0:d5:
80:43:7d:dd:c3:1e:0e:61:e6:2c:3d:1e:ba:29:fa:
b0:03:dc:a7:b5:6c:0e:1f:1f:6b:29:89:82:8a:d1:
93:a8:a4:b2:2d:12:dd:43:f2:f7:a4:c0:aa:f0:0d:
1b:1c:4e:99:6e:77:e1:e8:4c:6f:de:a3:ca:0d:42:
f0:20:6c:d1:ab:ce:ad:4f:eb:d0:cc:96:8d:cb:62:
01:2c:80:a5:96:9c:fa:4a:34:44:f1:bd:73:c6:ac:
72:81:ef:94:38:61:b1:38:de:77:6d:4f:b7:19:f0:
00:d5:72:b3:13:32:4d:b5:1a:c4:d0:d5:bf:a3:22:
1b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:9F:73:55:71:17:77:AD:D6:51:FD:1B:7E:F0:BB:31:2F:8B:88:CF
X509v3 Authority Key Identifier:
keyid:AF:B0:0B:29:39:6E:78:03:3E:DB:AC:AF:EF:98:50:B1:B0:E3:53:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r7ALKTlueAM-26yv75hQsbDjUyM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/e4ca56-1386-432c-96cb-65a9a4dfad9e/1/r7ALKTlueAM-26yv75hQsbDjUyM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/e4ca56-1386-432c-96cb-65a9a4dfad9e/1/r7ALKTlueAM-26yv75hQsbDjUyM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
32:38:cc:4b:82:3b:f9:db:cc:3e:53:83:80:86:7b:c2:0b:57:
8f:64:48:73:8c:a0:79:a2:d6:e4:28:fc:99:1d:02:69:dd:be:
eb:a8:ae:a8:e8:eb:2b:eb:27:7b:65:21:d8:12:86:7e:6c:8c:
7e:14:19:51:50:66:15:ea:f9:c6:3d:b3:05:16:24:c9:78:ab:
c6:cb:7d:f6:e3:43:7d:ec:87:62:53:c9:e0:2e:26:54:c6:50:
de:c7:11:55:2d:5b:f5:8c:18:4d:f1:45:ff:8d:40:6e:0b:c5:
c3:d9:42:9f:6a:29:1f:d8:04:d1:a1:6f:26:9f:f0:65:c3:b5:
57:a7:f0:0d:71:c7:fb:22:01:96:7f:48:75:92:44:27:a8:f0:
b7:48:95:2b:5d:1e:bf:29:d4:aa:c8:75:30:1c:c5:a2:04:ec:
98:d1:a9:f6:f0:d0:d3:d8:b6:9e:d1:ba:eb:6c:3c:37:71:8b:
3b:5b:50:c7:02:9c:1a:8a:4f:75:76:ca:18:08:c5:13:10:f7:
84:5d:8d:85:ec:a7:0a:74:53:68:dd:aa:a6:8b:36:2c:69:9d:
40:6a:ca:a3:1d:5f:cc:c8:97:95:cf:db:5b:6b:62:fe:02:5c:
e4:2d:0e:93:72:04:1d:c3:71:c9:d5:fe:95:c7:08:72:46:43:
cb:ab:e2:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrohAour+NcO+WMG2k9z8WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmYjAwYjI5Mzk2ZTc4MDMzZWRiYWNhZmVmOTg1MGIxYjBl
MzUzMjMwHhcNMjYwMzAxMjMwMDUwWhcNMjYwMzAyMjMwMDUwWjAzMTEwLwYDVQQD
EyhiYjlmNzM1NTcxMTc3N2FkZDY1MWZkMWI3ZWYwYmIzMTJmOGI4OGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4NDujSZhrVVnSKqjDPMjQXCMZE5v
zlLBzbi5drC3YxUKEYCorND0JvN+FCgfQBS80CuViEB94hp3r0TqmRPzwrDbRT6J
MmZ+tG9Bt/4tfLcb3We8VggvtG/wscwkfxz9nOZheIhj8hwcs3TPUYRwjd1/V05t
NnHN3vyFAJyTX8oECBAb0NWAQ33dwx4OYeYsPR66KfqwA9yntWwOHx9rKYmCitGT
qKSyLRLdQ/L3pMCq8A0bHE6Zbnfh6Exv3qPKDULwIGzRq86tT+vQzJaNy2IBLICl
lpz6SjRE8b1zxqxyge+UOGGxON53bU+3GfAA1XKzEzJNtRrE0NW/oyIbGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLufc1VxF3et1lH9G37wuzEvi4jPMB8GA1UdIwQY
MBaAFK+wCyk5bngDPtusr++YULGw41MjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjdBTEtUbHVlQU0tMjZ5djc1aFFzYkRqVXlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9lNGNhNTYtMTM4Ni00MzJjLTk2Y2It
NjVhOWE0ZGZhZDllLzEvcjdBTEtUbHVlQU0tMjZ5djc1aFFzYkRqVXlNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9lNGNhNTYtMTM4Ni00MzJjLTk2Y2ItNjVhOWE0ZGZhZDll
LzEvcjdBTEtUbHVlQU0tMjZ5djc1aFFzYkRqVXlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMjjMS4I7
+dvMPlODgIZ7wgtXj2RIc4ygeaLW5Cj8mR0Cad2+66iuqOjrK+sne2Uh2BKGfmyM
fhQZUVBmFer5xj2zBRYkyXirxst99uNDfeyHYlPJ4C4mVMZQ3scRVS1b9YwYTfFF
/41AbgvFw9lCn2opH9gE0aFvJp/wZcO1V6fwDXHH+yIBln9IdZJEJ6jwt0iVK10e
vynUqsh1MBzFogTsmNGp9vDQ09i2ntG662w8N3GLO1tQxwKcGopPdXbKGAjFExD3
hF2NheynCnRTaN2qpos2LGmdQGrKox1fzMiXlc/bW2ti/gJc5C0Ok3IEHcNxydX+
lccIckZDy6vi6w==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:07:51 2026 by rpki-client