Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.mft
File: RDTtvhtBAbKKviMvK88qAUiXglo.mft (raw, json)
Hash identifier: a9hzsReaf5u6zdT5MtD7zMqp34mipPq1tlgBCLlJ+GI=
Subject key identifier: C6:C1:66:0B:A5:3E:23:90:27:7F:EB:04:A8:29:73:8E:61:6F:B0:9E
Authority key identifier: 44:34:ED:BE:1B:41:01:B2:8A:BE:23:2F:2B:CF:2A:01:48:97:82:5A
Certificate issuer: /CN=4434edbe1b4101b28abe232f2bcf2a014897825a
Certificate serial: 019D2A3BDF3A0DE7D829AA2174A269F4DF25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RDTtvhtBAbKKviMvK88qAUiXglo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.mft
Manifest number: 1273
Signing time: Thu 26 Mar 2026 13:00:59 +0000
Manifest this update: Thu 26 Mar 2026 13:00:59 +0000
Manifest next update: Fri 27 Mar 2026 13:00:59 +0000
Files and hashes: 1: 0RKDNEhHY3U7JF4bDR-bWWyiJjU.roa (hash: 49fHIUMiegzFY7JDd1vv16iA2bhJSfLTshnAhqZJFTQ=)
2: RDTtvhtBAbKKviMvK88qAUiXglo.crl (hash: /g1O3DJJvqg/XGM2BISbWJxIedyzqh3VyzSdxpe4tTI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.mft
rsync://rpki.ripe.net/repository/DEFAULT/RDTtvhtBAbKKviMvK88qAUiXglo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 13:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:3b:df:3a:0d:e7:d8:29:aa:21:74:a2:69:f4:df:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4434edbe1b4101b28abe232f2bcf2a014897825a
Validity
Not Before: Mar 26 13:00:59 2026 GMT
Not After : Mar 27 13:00:59 2026 GMT
Subject: CN=c6c1660ba53e2390277feb04a829738e616fb09e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:c1:3a:63:cc:dd:e7:97:0e:64:22:89:37:85:
35:3a:46:df:07:09:0c:e6:2b:ac:fa:40:da:ed:5d:
d8:c3:e5:07:8b:08:65:cf:52:08:fd:7f:46:aa:6d:
4f:82:a2:3d:5c:af:4c:50:5b:77:96:c6:95:ba:ae:
f0:77:f3:bc:40:7e:4f:a8:6c:71:88:ae:43:cb:af:
b3:8c:bb:df:a9:6c:5a:62:c1:68:34:a8:0f:c3:80:
b9:fd:8e:3f:5a:1e:47:30:80:80:2b:cb:66:8f:46:
07:9c:e2:8f:36:83:41:00:16:56:10:22:b9:60:e3:
5b:0d:eb:e3:cf:9a:39:84:4f:39:f2:27:7b:9b:5f:
c0:b2:ed:a8:fa:e8:95:87:02:53:be:43:a6:2f:1a:
90:00:09:92:1f:a9:09:b2:25:69:c9:79:f3:8d:c3:
0e:05:a2:53:79:b6:a4:83:ea:21:07:08:07:4a:ad:
a1:90:d0:2a:98:5c:ef:46:9e:bb:69:b9:80:70:5a:
b8:78:fc:2b:4b:3e:c3:a6:01:2a:c3:44:47:ab:94:
ef:c4:3a:e4:d3:1b:27:ce:c9:fa:ef:2a:bf:67:68:
4b:9f:7d:0c:38:e2:e8:19:8f:61:37:e7:34:18:45:
7c:71:52:22:9d:a0:1e:f8:66:b6:5b:2b:6e:9d:77:
47:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:C1:66:0B:A5:3E:23:90:27:7F:EB:04:A8:29:73:8E:61:6F:B0:9E
X509v3 Authority Key Identifier:
keyid:44:34:ED:BE:1B:41:01:B2:8A:BE:23:2F:2B:CF:2A:01:48:97:82:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RDTtvhtBAbKKviMvK88qAUiXglo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
68:71:92:c4:f0:b4:e9:6d:e9:f6:6b:86:f6:a0:c6:fb:62:bc:
a6:f0:fe:83:c9:da:89:bc:c9:26:9f:ea:73:bf:53:78:e8:00:
6a:e3:ba:08:4d:fd:1d:02:2f:24:04:c5:8e:48:4f:d6:a3:33:
56:d0:3d:16:4f:cb:9c:4f:5a:4f:10:13:35:76:81:a5:0a:d2:
6e:43:cc:73:6e:4e:fd:e6:fc:ce:ed:0e:93:0c:d7:34:c7:96:
db:30:1d:f3:7c:18:05:5c:9c:cf:64:72:0b:c4:4d:b3:9e:53:
7a:c3:2c:61:93:fc:f5:d9:32:ff:df:a6:b8:35:7d:a4:29:e5:
67:bc:9a:15:0a:d2:0e:6a:cb:48:34:57:01:d9:1f:48:e1:84:
f9:72:7b:a8:a9:78:9b:e7:32:d9:78:e3:79:e6:b8:0a:58:7c:
19:c6:47:81:c8:b6:47:81:bb:6c:31:75:e3:91:e9:78:75:31:
5f:72:74:df:17:3d:d1:d7:19:08:29:83:7c:b6:77:70:39:21:
51:2c:67:22:33:6e:6a:d6:db:6a:3b:0a:8a:a6:42:47:7e:fb:
cc:84:04:0e:e1:45:c8:bd:0f:00:38:bc:8c:b1:31:d4:a9:8c:
f7:1d:b7:6a:f7:1f:31:2e:19:5a:d3:1c:73:e2:54:0c:ce:af:
3b:b3:7e:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qO986DefYKaohdKJp9N8lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MzRlZGJlMWI0MTAxYjI4YWJlMjMyZjJiY2YyYTAxNDg5
NzgyNWEwHhcNMjYwMzI2MTMwMDU5WhcNMjYwMzI3MTMwMDU5WjAzMTEwLwYDVQQD
EyhjNmMxNjYwYmE1M2UyMzkwMjc3ZmViMDRhODI5NzM4ZTYxNmZiMDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ME6Y8zd55cOZCKJN4U1OkbfBwkM
5ius+kDa7V3Yw+UHiwhlz1II/X9Gqm1PgqI9XK9MUFt3lsaVuq7wd/O8QH5PqGxx
iK5Dy6+zjLvfqWxaYsFoNKgPw4C5/Y4/Wh5HMICAK8tmj0YHnOKPNoNBABZWECK5
YONbDevjz5o5hE858id7m1/Asu2o+uiVhwJTvkOmLxqQAAmSH6kJsiVpyXnzjcMO
BaJTebakg+ohBwgHSq2hkNAqmFzvRp67abmAcFq4ePwrSz7DpgEqw0RHq5TvxDrk
0xsnzsn67yq/Z2hLn30MOOLoGY9hN+c0GEV8cVIinaAe+Ga2WytunXdHFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMbBZgulPiOQJ3/rBKgpc45hb7CeMB8GA1UdIwQY
MBaAFEQ07b4bQQGyir4jLyvPKgFIl4JaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkRUdHZodEJBYktLdmlNdks4OHFBVWlYZ2xvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC82MzlmNjQtMWRmMS00NmQ1LWFkZDkt
MTBjYWY1NDk4NmZmLzEvUkRUdHZodEJBYktLdmlNdks4OHFBVWlYZ2xvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC82MzlmNjQtMWRmMS00NmQ1LWFkZDktMTBjYWY1NDk4NmZm
LzEvUkRUdHZodEJBYktLdmlNdks4OHFBVWlYZ2xvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaHGSxPC0
6W3p9muG9qDG+2K8pvD+g8naibzJJp/qc79TeOgAauO6CE39HQIvJATFjkhP1qMz
VtA9Fk/LnE9aTxATNXaBpQrSbkPMc25O/eb8zu0OkwzXNMeW2zAd83wYBVycz2Ry
C8RNs55TesMsYZP89dky/9+muDV9pCnlZ7yaFQrSDmrLSDRXAdkfSOGE+XJ7qKl4
m+cy2Xjjeea4Clh8GcZHgci2R4G7bDF145HpeHUxX3J03xc90dcZCCmDfLZ3cDkh
USxnIjNuatbbajsKiqZCR377zIQEDuFFyL0PADi8jLEx1KmM9x23avcfMS4ZWtMc
c+JUDM6vO7N+GQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 23:49:04 2026 by rpki-client