Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft
File: 0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft (raw, json)
Hash identifier: KRs/4gxycGJcytzFNUc+C5cDestocwf1LMAGVz7YXIU=
Subject key identifier: BB:A2:64:C6:CE:67:CF:FC:68:98:98:43:2E:41:C8:84:D2:26:C3:BD
Authority key identifier: D2:70:2A:3B:27:CE:9B:D0:4D:DC:A2:8C:21:D9:D0:F5:FF:32:A9:09
Certificate issuer: /CN=d2702a3b27ce9bd04ddca28c21d9d0f5ff32a909
Certificate serial: 019D26283CF7278A5C903E31A82CAC61041D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft
Manifest number: 1884
Signing time: Wed 25 Mar 2026 18:01:04 +0000
Manifest this update: Wed 25 Mar 2026 18:01:04 +0000
Manifest next update: Thu 26 Mar 2026 18:01:04 +0000
Files and hashes: 1: 0nAqOyfOm9BN3KKMIdnQ9f8yqQk.crl (hash: 7QJrON2K8w/gd8KMuDZ6sZnUidbtyC1/LVSlSVkgeAc=)
2: qB-yYmmoZAETKywXU4O90SMz9p4.roa (hash: zSfrh0GvpLorIoRjiLIdctGLnu0vrYxfcdrku/RI+Pw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft
rsync://rpki.ripe.net/repository/DEFAULT/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 18:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:28:3c:f7:27:8a:5c:90:3e:31:a8:2c:ac:61:04:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2702a3b27ce9bd04ddca28c21d9d0f5ff32a909
Validity
Not Before: Mar 25 18:01:04 2026 GMT
Not After : Mar 26 18:01:04 2026 GMT
Subject: CN=bba264c6ce67cffc689898432e41c884d226c3bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:74:72:c7:bf:07:42:81:19:36:99:cb:df:82:
16:b7:58:51:a2:8d:c2:c6:fd:6e:4f:c1:41:37:6c:
26:b1:05:4d:e9:fa:b0:b8:78:79:32:1f:55:b9:38:
d9:9f:b3:d6:63:74:08:f4:07:e1:11:82:02:7b:c1:
69:b6:1f:b3:cd:64:29:a7:23:02:74:d3:17:bc:36:
35:e0:20:15:e3:c4:46:4b:81:66:08:16:70:56:7f:
fc:c0:e3:bb:ec:cb:ac:e7:1a:e5:09:7d:23:bc:fc:
ab:7f:1d:c7:db:04:a1:9e:a7:9a:5e:a9:98:a2:06:
4b:a5:89:f8:9d:72:c4:cb:f8:3a:8a:2d:2b:36:1c:
9b:c4:62:b7:df:be:ef:02:b2:06:0f:b8:20:86:62:
16:3f:79:02:03:c5:c5:67:b5:00:3d:9e:fb:5a:c6:
ea:ea:1f:e1:73:41:76:05:0f:89:41:63:be:b1:1f:
65:2a:3f:93:cc:13:5b:85:2b:d8:ee:70:bd:7b:b2:
8b:64:e3:d5:9b:d2:52:d7:f7:e5:10:4f:e2:4e:f7:
a7:ac:4e:5c:05:0a:ee:98:c8:b5:af:da:b0:d0:b4:
78:35:12:bd:a8:9b:f6:9f:54:8e:fa:67:6e:73:bf:
c8:12:cf:95:9f:2e:b0:c2:27:08:76:19:f4:37:80:
b3:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:A2:64:C6:CE:67:CF:FC:68:98:98:43:2E:41:C8:84:D2:26:C3:BD
X509v3 Authority Key Identifier:
keyid:D2:70:2A:3B:27:CE:9B:D0:4D:DC:A2:8C:21:D9:D0:F5:FF:32:A9:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7d:6b:d4:78:11:92:69:85:e2:31:ad:70:7e:f2:39:06:51:23:
80:c7:07:e9:48:49:0b:49:ec:32:5e:e2:ae:f0:68:c3:58:df:
18:ba:f0:36:98:01:14:b1:e2:a4:28:4c:bb:1d:68:87:7d:ff:
32:52:61:ee:6f:0d:bf:cf:65:3c:97:43:63:7b:7e:3a:80:f4:
03:e7:dc:b8:3b:31:c3:94:d7:91:63:9c:e6:0e:76:b8:c2:69:
3c:41:4b:eb:cb:35:ff:7b:68:aa:76:36:4a:18:9b:80:dc:0d:
c7:3e:78:7b:03:30:0e:5b:27:5e:04:f5:09:7c:78:82:fb:b6:
f7:88:4e:69:b8:e1:4b:c8:87:b0:8e:8b:08:12:b9:5d:94:2c:
5b:b3:0d:21:95:c1:eb:b6:cc:33:28:1a:23:d0:f3:e8:61:dc:
f3:49:ad:31:75:e5:b3:63:b9:6d:38:46:65:40:5a:24:a5:9e:
32:c3:9f:0e:72:60:70:1b:9c:79:35:5c:bc:04:55:c2:46:15:
51:bb:c4:3a:7d:87:51:85:77:6f:d3:d2:22:b9:d5:33:ad:24:
30:4c:8c:aa:13:1b:a6:2a:94:da:1a:8b:bb:1f:e7:4c:14:62:
d1:8a:15:e9:16:44:83:c9:53:cc:11:29:cd:95:43:c6:1f:08:
ed:ff:ae:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mKDz3J4pckD4xqCysYQQdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNzAyYTNiMjdjZTliZDA0ZGRjYTI4YzIxZDlkMGY1ZmYz
MmE5MDkwHhcNMjYwMzI1MTgwMTA0WhcNMjYwMzI2MTgwMTA0WjAzMTEwLwYDVQQD
EyhiYmEyNjRjNmNlNjdjZmZjNjg5ODk4NDMyZTQxYzg4NGQyMjZjM2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXRyx78HQoEZNpnL34IWt1hRoo3C
xv1uT8FBN2wmsQVN6fqwuHh5Mh9VuTjZn7PWY3QI9AfhEYICe8Fpth+zzWQppyMC
dNMXvDY14CAV48RGS4FmCBZwVn/8wOO77Mus5xrlCX0jvPyrfx3H2wShnqeaXqmY
ogZLpYn4nXLEy/g6ii0rNhybxGK3377vArIGD7gghmIWP3kCA8XFZ7UAPZ77Wsbq
6h/hc0F2BQ+JQWO+sR9lKj+TzBNbhSvY7nC9e7KLZOPVm9JS1/flEE/iTvenrE5c
BQrumMi1r9qw0LR4NRK9qJv2n1SO+mduc7/IEs+Vny6wwicIdhn0N4Cz5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLuiZMbOZ8/8aJiYQy5ByITSJsO9MB8GA1UdIwQY
MBaAFNJwKjsnzpvQTdyijCHZ0PX/MqkJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG5BcU95Zk9tOUJOM0tLTUlkblE5Zjh5cVFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi80OWY1MjgtZTcyZi00ZGE3LTkwMmUt
Njk3NWNhZGIyMjYyLzEvMG5BcU95Zk9tOUJOM0tLTUlkblE5Zjh5cVFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi80OWY1MjgtZTcyZi00ZGE3LTkwMmUtNjk3NWNhZGIyMjYy
LzEvMG5BcU95Zk9tOUJOM0tLTUlkblE5Zjh5cVFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfWvUeBGS
aYXiMa1wfvI5BlEjgMcH6UhJC0nsMl7irvBow1jfGLrwNpgBFLHipChMux1oh33/
MlJh7m8Nv89lPJdDY3t+OoD0A+fcuDsxw5TXkWOc5g52uMJpPEFL68s1/3toqnY2
ShibgNwNxz54ewMwDlsnXgT1CXx4gvu294hOabjhS8iHsI6LCBK5XZQsW7MNIZXB
67bMMygaI9Dz6GHc80mtMXXls2O5bThGZUBaJKWeMsOfDnJgcBuceTVcvARVwkYV
UbvEOn2HUYV3b9PSIrnVM60kMEyMqhMbpiqU2hqLux/nTBRi0YoV6RZEg8lTzBEp
zZVDxh8I7f+uGw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:26:11 2026 by rpki-client