Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
File: ao33d2sW0oLgTGluJYqk-fnOnJg.mft (raw, json)
Hash identifier: jO5lOdBdFZVPf4n1qw1jx+F49OTOHk2EhBaDRPznNuk=
Subject key identifier: F3:6A:DF:42:34:C3:6E:C7:96:A1:77:9F:46:FE:54:3B:A0:68:D5:74
Authority key identifier: 6A:8D:F7:77:6B:16:D2:82:E0:4C:69:6E:25:8A:A4:F9:F9:CE:9C:98
Certificate issuer: /CN=6a8df7776b16d282e04c696e258aa4f9f9ce9c98
Certificate serial: 019D265F32CF26A6BD74F8BE39B11F3201DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
Manifest number: 0C77
Signing time: Wed 25 Mar 2026 19:01:06 +0000
Manifest this update: Wed 25 Mar 2026 19:01:06 +0000
Manifest next update: Thu 26 Mar 2026 19:01:06 +0000
Files and hashes: 1: GmFXXmDlxbUAsewZb2XP6yyDi4w.roa (hash: t86pSAuRTeL1p9o68CyCCsghXoQGwpFAgB1l7sjE7zs=)
2: ao33d2sW0oLgTGluJYqk-fnOnJg.crl (hash: kBI39eVyuzgQO5zUt3UCaqiKl0jbDhBd13pUdEgSwag=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:5f:32:cf:26:a6:bd:74:f8:be:39:b1:1f:32:01:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a8df7776b16d282e04c696e258aa4f9f9ce9c98
Validity
Not Before: Mar 25 19:01:06 2026 GMT
Not After : Mar 26 19:01:06 2026 GMT
Subject: CN=f36adf4234c36ec796a1779f46fe543ba068d574
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:5a:30:a6:f6:07:4e:68:1c:7a:65:91:cc:73:
83:65:e8:49:6b:a3:d1:96:29:6f:5b:27:b9:f3:17:
70:db:a8:69:f0:c0:a5:64:10:64:0f:19:4e:f1:e0:
14:cd:33:48:66:0d:de:9e:83:67:02:e3:41:fc:a8:
0a:f3:31:bb:aa:15:24:fa:8b:4d:2a:11:0f:9e:41:
0d:d7:e6:76:05:1e:7b:d0:8a:c8:4b:b8:20:ec:23:
7c:b2:58:4d:54:8d:e0:d7:cc:77:b1:26:9e:b0:00:
7f:e8:29:bd:d5:4c:d8:d5:23:44:89:14:e0:9b:c9:
24:f2:c6:a3:d3:f8:de:85:1e:58:e5:03:83:db:b4:
c0:d6:2d:6b:06:19:d4:3f:58:35:c5:4b:b0:29:e7:
83:ee:5f:82:7f:3e:7d:59:62:b8:64:2d:df:c8:db:
b4:43:6c:ae:6d:5c:e1:b7:dc:41:fa:eb:3f:14:a5:
f1:81:5a:c6:6a:f0:a3:a3:e5:85:69:54:e6:3e:7a:
17:39:96:69:b1:b4:f4:0b:6c:53:34:33:cb:79:89:
85:35:2a:17:2c:72:79:1e:b0:75:f4:3d:66:b4:be:
f4:51:30:8f:f8:c0:4d:75:9b:6b:9a:c9:a4:77:f3:
59:d4:ca:52:b5:94:c3:8b:56:8d:a9:9f:45:f2:04:
07:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:6A:DF:42:34:C3:6E:C7:96:A1:77:9F:46:FE:54:3B:A0:68:D5:74
X509v3 Authority Key Identifier:
keyid:6A:8D:F7:77:6B:16:D2:82:E0:4C:69:6E:25:8A:A4:F9:F9:CE:9C:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3d:2c:43:cd:d3:8f:c7:c5:73:06:98:75:b6:5a:20:e3:9c:3a:
60:7f:d4:27:82:d3:83:24:79:4f:b6:a7:31:94:47:00:fb:96:
d7:8f:7d:65:3b:29:15:0f:a6:ad:66:fd:d8:18:85:d5:54:35:
94:da:81:2b:28:ea:54:e9:6d:c6:88:48:3a:78:e0:74:0d:0f:
7c:09:bb:66:67:d4:cd:dd:ff:a1:32:5e:c5:52:86:f5:b7:e8:
71:f2:e0:5b:8a:b9:59:a8:37:fc:24:95:31:b7:64:37:e8:e9:
b2:d0:cf:f8:05:df:8f:33:02:ab:89:c9:99:87:fc:16:1f:76:
ec:88:6d:3d:36:fc:29:0a:52:93:96:05:8b:d0:9e:4a:5b:18:
ea:94:5a:ae:81:7c:dd:14:f2:51:84:e0:67:66:21:04:f6:e2:
2e:40:99:f7:a5:a0:ad:51:a3:86:c6:65:e7:46:4e:9f:8c:5c:
fc:32:f9:f3:e7:78:a0:64:0f:02:c6:96:ea:69:85:7b:e9:f6:
64:95:2a:6e:7e:a0:fa:b7:84:2e:8a:99:f0:48:dd:6d:85:e2:
fa:80:86:7f:dd:20:7a:f5:9d:7a:01:a1:77:ac:2c:b4:e8:cb:
71:2b:7c:7b:3f:bf:aa:67:ff:f7:07:02:e9:5f:3a:ad:d4:b8:
a8:60:86:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mXzLPJqa9dPi+ObEfMgHaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhOGRmNzc3NmIxNmQyODJlMDRjNjk2ZTI1OGFhNGY5Zjlj
ZTljOTgwHhcNMjYwMzI1MTkwMTA2WhcNMjYwMzI2MTkwMTA2WjAzMTEwLwYDVQQD
EyhmMzZhZGY0MjM0YzM2ZWM3OTZhMTc3OWY0NmZlNTQzYmEwNjhkNTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4VowpvYHTmgcemWRzHODZehJa6PR
lilvWye58xdw26hp8MClZBBkDxlO8eAUzTNIZg3enoNnAuNB/KgK8zG7qhUk+otN
KhEPnkEN1+Z2BR570IrIS7gg7CN8slhNVI3g18x3sSaesAB/6Cm91UzY1SNEiRTg
m8kk8saj0/jehR5Y5QOD27TA1i1rBhnUP1g1xUuwKeeD7l+Cfz59WWK4ZC3fyNu0
Q2yubVzht9xB+us/FKXxgVrGavCjo+WFaVTmPnoXOZZpsbT0C2xTNDPLeYmFNSoX
LHJ5HrB19D1mtL70UTCP+MBNdZtrmsmkd/NZ1MpStZTDi1aNqZ9F8gQHCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPNq30I0w27HlqF3n0b+VDugaNV0MB8GA1UdIwQY
MBaAFGqN93drFtKC4ExpbiWKpPn5zpyYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kMzAxY2QtZjUxMy00OTk1LTlkNTUt
MWIzOGIwMjI0NWMxLzEvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kMzAxY2QtZjUxMy00OTk1LTlkNTUtMWIzOGIwMjI0NWMx
LzEvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPSxDzdOP
x8VzBph1tlog45w6YH/UJ4LTgyR5T7anMZRHAPuW1499ZTspFQ+mrWb92BiF1VQ1
lNqBKyjqVOltxohIOnjgdA0PfAm7ZmfUzd3/oTJexVKG9bfocfLgW4q5Wag3/CSV
MbdkN+jpstDP+AXfjzMCq4nJmYf8Fh927IhtPTb8KQpSk5YFi9CeSlsY6pRaroF8
3RTyUYTgZ2YhBPbiLkCZ96WgrVGjhsZl50ZOn4xc/DL58+d4oGQPAsaW6mmFe+n2
ZJUqbn6g+reELoqZ8EjdbYXi+oCGf90gevWdegGhd6wstOjLcSt8ez+/qmf/9wcC
6V86rdS4qGCG1A==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:21:18 2026 by rpki-client