Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.mft
File: D6j7U5miekMK5yfFMs0iSZnohk8.mft (raw, json)
Hash identifier: EA7If25GDoYZWxh1zwmrDhI41sd/V/7iPcINUcSa2M0=
Subject key identifier: 16:B0:2D:63:6C:F1:38:F1:95:F0:43:E4:FF:2C:B0:EB:5E:5D:72:08
Authority key identifier: 0F:A8:FB:53:99:A2:7A:43:0A:E7:27:C5:32:CD:22:49:99:E8:86:4F
Certificate issuer: /CN=0fa8fb5399a27a430ae727c532cd224999e8864f
Certificate serial: 019D2816CF8203D32EFB2E9104E84AA325B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D6j7U5miekMK5yfFMs0iSZnohk8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.mft
Manifest number: 0511
Signing time: Thu 26 Mar 2026 03:01:16 +0000
Manifest this update: Thu 26 Mar 2026 03:01:16 +0000
Manifest next update: Fri 27 Mar 2026 03:01:16 +0000
Files and hashes: 1: D6j7U5miekMK5yfFMs0iSZnohk8.crl (hash: HTDDyqT6YPI+sVxffQ+wlzQSPpnwKw1DrhmHgxRRkNs=)
2: N3bXffW8yKFqU5UMm7fvxG-jz6A.roa (hash: bdRoY8TZDQQa0PscQFcX1AU8tV8n2oKXvuQ9ADHxYzU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.mft
rsync://rpki.ripe.net/repository/DEFAULT/D6j7U5miekMK5yfFMs0iSZnohk8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:16:cf:82:03:d3:2e:fb:2e:91:04:e8:4a:a3:25:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0fa8fb5399a27a430ae727c532cd224999e8864f
Validity
Not Before: Mar 26 03:01:16 2026 GMT
Not After : Mar 27 03:01:16 2026 GMT
Subject: CN=16b02d636cf138f195f043e4ff2cb0eb5e5d7208
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:85:6e:0a:3c:bf:f5:e0:73:1c:59:36:28:a8:
4e:d7:35:e4:5e:ca:5a:5e:ea:06:8c:13:e4:ab:2a:
f6:cc:b2:21:25:44:57:69:cd:3f:c4:7a:e4:bb:5b:
17:dd:1b:52:8d:09:b1:59:6a:23:2a:54:25:35:46:
4b:2c:5d:2c:8f:d5:c9:20:9a:73:c8:af:33:04:32:
f1:41:68:df:e0:09:5d:89:c2:61:92:18:94:0d:1c:
d7:3b:63:9c:44:9e:e2:85:6c:24:67:d9:2d:a2:0f:
36:76:61:fc:1c:0a:75:84:f2:48:bc:3b:fe:b5:e7:
bd:6d:6e:c1:44:b1:d4:3b:0c:5c:53:3c:ed:31:92:
fa:49:a2:ed:54:46:8f:6e:ac:a2:fc:39:69:c7:dc:
d5:ff:27:19:48:ce:3d:78:cc:6e:b9:a6:ad:66:1e:
f5:cf:9c:e6:35:7c:15:07:0a:d2:b2:d6:c3:f8:3b:
44:1b:c1:c0:28:2f:98:f8:eb:d6:d6:ef:c9:91:cd:
8a:79:6d:42:9c:7b:3d:42:82:92:8b:a8:e2:38:38:
32:f4:f0:8c:22:86:fb:25:c1:16:f9:9b:14:30:32:
f9:c3:20:e2:26:fa:6d:94:21:dc:9b:7a:ee:8b:5d:
08:3e:a2:ca:bb:a2:d6:2a:7d:2a:47:8a:b1:ce:e7:
42:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:B0:2D:63:6C:F1:38:F1:95:F0:43:E4:FF:2C:B0:EB:5E:5D:72:08
X509v3 Authority Key Identifier:
keyid:0F:A8:FB:53:99:A2:7A:43:0A:E7:27:C5:32:CD:22:49:99:E8:86:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D6j7U5miekMK5yfFMs0iSZnohk8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5a:01:fa:4a:fe:4a:62:7f:d4:fd:76:68:59:0e:6b:7f:a1:7a:
1f:66:6a:5a:f6:ef:7c:88:fe:96:85:08:8d:43:8b:66:d1:04:
d1:bd:55:52:63:ba:3c:f4:a1:68:16:8d:8c:71:16:01:cd:b7:
e5:8b:16:0d:f5:d8:47:9a:78:40:ed:e9:da:e2:55:0d:75:b0:
f3:5f:f6:fa:7a:cf:5c:e6:4f:5b:e4:02:d6:75:d0:7a:ad:d0:
dd:13:d7:40:fd:d8:48:45:2a:35:45:78:a9:2e:31:70:93:8a:
0c:57:0b:53:1a:c3:b6:44:83:ce:52:48:56:c2:0e:aa:e6:d8:
bb:89:0f:e6:e5:dc:9d:30:bc:05:ef:13:e5:15:fc:f8:fc:49:
b3:1e:cc:b0:15:b2:41:98:f6:d3:50:2e:e9:46:b8:c8:05:0e:
11:40:bd:b9:ee:40:e7:cb:fa:c5:e3:ff:a5:a5:b3:7a:ed:97:
f6:7c:e1:87:db:4a:eb:80:4a:9d:05:aa:25:47:f4:1c:e7:0a:
d2:cd:65:c0:b6:c4:47:f5:66:a5:31:9b:15:d8:7d:26:1a:61:
28:eb:dd:7f:8e:de:70:c0:10:3c:47:87:70:c2:de:df:29:9e:
c9:b1:1d:fb:5a:72:7a:f2:36:32:a4:f8:d4:70:6d:2c:8b:38:
ac:5b:ef:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oFs+CA9Mu+y6RBOhKoyW4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmYThmYjUzOTlhMjdhNDMwYWU3MjdjNTMyY2QyMjQ5OTll
ODg2NGYwHhcNMjYwMzI2MDMwMTE2WhcNMjYwMzI3MDMwMTE2WjAzMTEwLwYDVQQD
EygxNmIwMmQ2MzZjZjEzOGYxOTVmMDQzZTRmZjJjYjBlYjVlNWQ3MjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2YVuCjy/9eBzHFk2KKhO1zXkXspa
XuoGjBPkqyr2zLIhJURXac0/xHrku1sX3RtSjQmxWWojKlQlNUZLLF0sj9XJIJpz
yK8zBDLxQWjf4AldicJhkhiUDRzXO2OcRJ7ihWwkZ9ktog82dmH8HAp1hPJIvDv+
tee9bW7BRLHUOwxcUzztMZL6SaLtVEaPbqyi/Dlpx9zV/ycZSM49eMxuuaatZh71
z5zmNXwVBwrSstbD+DtEG8HAKC+Y+OvW1u/Jkc2KeW1CnHs9QoKSi6jiODgy9PCM
Iob7JcEW+ZsUMDL5wyDiJvptlCHcm3rui10IPqLKu6LWKn0qR4qxzudCmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBawLWNs8TjxlfBD5P8ssOteXXIIMB8GA1UdIwQY
MBaAFA+o+1OZonpDCucnxTLNIkmZ6IZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDZqN1U1bWlla01LNXlmRk1zMGlTWm5vaGs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8zODZmODEtYjEzOS00OGFmLWJjZWEt
YTcxZmI0NjM1MDY1LzEvRDZqN1U1bWlla01LNXlmRk1zMGlTWm5vaGs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8zODZmODEtYjEzOS00OGFmLWJjZWEtYTcxZmI0NjM1MDY1
LzEvRDZqN1U1bWlla01LNXlmRk1zMGlTWm5vaGs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWgH6Sv5K
Yn/U/XZoWQ5rf6F6H2ZqWvbvfIj+loUIjUOLZtEE0b1VUmO6PPShaBaNjHEWAc23
5YsWDfXYR5p4QO3p2uJVDXWw81/2+nrPXOZPW+QC1nXQeq3Q3RPXQP3YSEUqNUV4
qS4xcJOKDFcLUxrDtkSDzlJIVsIOqubYu4kP5uXcnTC8Be8T5RX8+PxJsx7MsBWy
QZj201Au6Ua4yAUOEUC9ue5A58v6xeP/paWzeu2X9nzhh9tK64BKnQWqJUf0HOcK
0s1lwLbER/VmpTGbFdh9JhphKOvdf47ecMAQPEeHcMLe3ymeybEd+1pyevI2MqT4
1HBtLIs4rFvvzg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:06:56 2026 by rpki-client