Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/b92d9d-21a8-4522-97de-0fbe2de0636d/1/97FD9k1RC6MSl8uuVoL9QbLIEZY.mft
File: 97FD9k1RC6MSl8uuVoL9QbLIEZY.mft (raw, json)
Hash identifier: +ZetgWKxe/b6O7lQnV1fv5SThQwtAd0Iw5knJd50W5E=
Subject key identifier: 95:A8:DE:E4:D5:70:06:25:02:8A:86:98:5B:4C:03:D8:CE:DB:89:39
Authority key identifier: F7:B1:43:F6:4D:51:0B:A3:12:97:CB:AE:56:82:FD:41:B2:C8:11:96
Certificate issuer: /CN=f7b143f64d510ba31297cbae5682fd41b2c81196
Certificate serial: 019CABA23FD9499425D308EFA74761572A69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/97FD9k1RC6MSl8uuVoL9QbLIEZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/b92d9d-21a8-4522-97de-0fbe2de0636d/1/97FD9k1RC6MSl8uuVoL9QbLIEZY.mft
Manifest number: 0BE3
Signing time: Sun 01 Mar 2026 23:01:02 +0000
Manifest this update: Sun 01 Mar 2026 23:01:02 +0000
Manifest next update: Mon 02 Mar 2026 23:01:02 +0000
Files and hashes: 1: 97FD9k1RC6MSl8uuVoL9QbLIEZY.crl (hash: k/7uWSUtnfozJXJD/20+NyqYW40x7WpooE71Ib84Pnc=)
2: uIJ0IS79WDVVxYIbBz_R4fqspJQ.roa (hash: h35WdtQ05WmybDkYDylEfj+xzINWR/bUtvARmeLtlc8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/b92d9d-21a8-4522-97de-0fbe2de0636d/1/97FD9k1RC6MSl8uuVoL9QbLIEZY.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/b92d9d-21a8-4522-97de-0fbe2de0636d/1/97FD9k1RC6MSl8uuVoL9QbLIEZY.mft
rsync://rpki.ripe.net/repository/DEFAULT/97FD9k1RC6MSl8uuVoL9QbLIEZY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 23:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:a2:3f:d9:49:94:25:d3:08:ef:a7:47:61:57:2a:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7b143f64d510ba31297cbae5682fd41b2c81196
Validity
Not Before: Mar 1 23:01:02 2026 GMT
Not After : Mar 2 23:01:02 2026 GMT
Subject: CN=95a8dee4d5700625028a86985b4c03d8cedb8939
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:0d:a1:84:c9:cc:55:27:c0:25:e0:70:44:ae:
79:12:e9:7d:5b:cc:33:ee:32:fe:7e:82:e5:28:20:
7a:4f:c5:fc:49:fb:34:ec:6b:20:73:70:dd:35:7a:
51:2a:16:1c:1d:8f:d7:fc:33:6f:0a:b9:9e:aa:1f:
a8:cb:fa:99:e2:74:b0:96:a1:fe:e3:f1:fb:ac:af:
f6:65:4e:dd:c6:44:3c:0a:c6:f3:42:82:66:35:2e:
94:0e:b2:56:1e:be:55:d7:fb:53:6b:1a:ca:37:7c:
83:11:14:5c:38:9d:df:58:8a:1d:68:a4:e2:9c:49:
62:95:23:00:d7:84:15:15:86:c1:8f:95:e2:29:e7:
aa:f6:07:5d:50:28:91:37:62:c4:6d:81:73:39:15:
2d:fe:ab:f5:97:52:b3:5e:64:2a:52:e3:c1:f6:5d:
19:7b:d6:4d:9b:be:ae:98:e7:56:88:53:d3:ea:59:
77:4b:aa:69:64:69:fa:bd:1d:82:f2:1d:79:6d:be:
a9:cc:96:15:c3:d9:91:0d:1f:71:ae:20:79:83:5d:
51:9d:07:ca:bc:1d:97:4f:a9:b2:95:2a:d2:d0:eb:
67:cc:df:cf:23:08:61:1b:8b:9d:d0:10:f8:6d:8d:
b3:b4:2e:03:29:42:5b:cc:2b:f6:16:e2:24:d8:3e:
c9:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:A8:DE:E4:D5:70:06:25:02:8A:86:98:5B:4C:03:D8:CE:DB:89:39
X509v3 Authority Key Identifier:
keyid:F7:B1:43:F6:4D:51:0B:A3:12:97:CB:AE:56:82:FD:41:B2:C8:11:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/97FD9k1RC6MSl8uuVoL9QbLIEZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/b92d9d-21a8-4522-97de-0fbe2de0636d/1/97FD9k1RC6MSl8uuVoL9QbLIEZY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/b92d9d-21a8-4522-97de-0fbe2de0636d/1/97FD9k1RC6MSl8uuVoL9QbLIEZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
40:ba:90:e1:11:69:20:04:79:0b:06:dd:7f:47:4e:6f:f1:f6:
35:cc:6e:62:ae:99:f8:33:ac:42:01:d8:2b:3b:3e:e0:98:79:
aa:a5:a2:77:35:4b:eb:ee:f4:66:03:3e:07:d6:d8:9a:7c:8c:
f5:04:f5:04:83:31:33:a5:3f:51:1b:8f:8a:08:25:14:f1:bc:
9f:f3:3f:8f:34:1d:20:90:e9:e0:1e:f7:f0:a3:b8:f3:10:9c:
03:3e:c5:bb:6d:46:52:7f:99:00:ed:67:12:be:b4:8c:6c:7d:
c1:e5:4b:65:42:07:42:30:20:bd:3a:a5:c2:d8:14:e3:5c:5d:
d4:83:4d:6c:24:e7:10:2d:a2:81:d5:9c:7f:5a:86:52:0e:47:
8f:05:74:53:eb:a4:df:80:b0:f0:98:39:df:0d:a3:3d:a8:92:
46:e7:4e:6d:79:14:5d:a5:b9:8b:34:99:79:bd:b3:8f:12:85:
b9:a9:ef:b8:97:bb:8c:70:88:90:2f:b3:7b:b9:81:03:1e:fd:
bf:21:ad:29:7e:ad:a0:6d:ef:99:b6:f3:17:95:3b:aa:69:72:
05:76:81:f4:20:ff:ab:62:51:cf:be:83:4b:17:68:52:7b:7a:
ec:0d:b6:a0:e6:58:5f:e9:ad:a2:75:09:21:a0:a6:4c:79:2e:
00:a9:8b:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyroj/ZSZQl0wjvp0dhVyppMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YjE0M2Y2NGQ1MTBiYTMxMjk3Y2JhZTU2ODJmZDQxYjJj
ODExOTYwHhcNMjYwMzAxMjMwMTAyWhcNMjYwMzAyMjMwMTAyWjAzMTEwLwYDVQQD
Eyg5NWE4ZGVlNGQ1NzAwNjI1MDI4YTg2OTg1YjRjMDNkOGNlZGI4OTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQ2hhMnMVSfAJeBwRK55Eul9W8wz
7jL+foLlKCB6T8X8Sfs07Gsgc3DdNXpRKhYcHY/X/DNvCrmeqh+oy/qZ4nSwlqH+
4/H7rK/2ZU7dxkQ8CsbzQoJmNS6UDrJWHr5V1/tTaxrKN3yDERRcOJ3fWIodaKTi
nElilSMA14QVFYbBj5XiKeeq9gddUCiRN2LEbYFzORUt/qv1l1KzXmQqUuPB9l0Z
e9ZNm76umOdWiFPT6ll3S6ppZGn6vR2C8h15bb6pzJYVw9mRDR9xriB5g11RnQfK
vB2XT6mylSrS0OtnzN/PIwhhG4ud0BD4bY2ztC4DKUJbzCv2FuIk2D7JNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJWo3uTVcAYlAoqGmFtMA9jO24k5MB8GA1UdIwQY
MBaAFPexQ/ZNUQujEpfLrlaC/UGyyBGWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTdGRDlrMVJDNk1TbDh1dVZvTDlRYkxJRVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9iOTJkOWQtMjFhOC00NTIyLTk3ZGUt
MGZiZTJkZTA2MzZkLzEvOTdGRDlrMVJDNk1TbDh1dVZvTDlRYkxJRVpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9iOTJkOWQtMjFhOC00NTIyLTk3ZGUtMGZiZTJkZTA2MzZk
LzEvOTdGRDlrMVJDNk1TbDh1dVZvTDlRYkxJRVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQLqQ4RFp
IAR5Cwbdf0dOb/H2NcxuYq6Z+DOsQgHYKzs+4Jh5qqWidzVL6+70ZgM+B9bYmnyM
9QT1BIMxM6U/URuPigglFPG8n/M/jzQdIJDp4B738KO48xCcAz7Fu21GUn+ZAO1n
Er60jGx9weVLZUIHQjAgvTqlwtgU41xd1INNbCTnEC2igdWcf1qGUg5HjwV0U+uk
34Cw8Jg53w2jPaiSRudObXkUXaW5izSZeb2zjxKFuanvuJe7jHCIkC+ze7mBAx79
vyGtKX6toG3vmbbzF5U7qmlyBXaB9CD/q2JRz76DSxdoUnt67A22oOZYX+mtonUJ
IaCmTHkuAKmLDg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:46:45 2026 by rpki-client