Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7a1a62-e481-4a14-ad6e-35bff96da4c5/1/0cpnYQKGq3OPhs6TX99e1iDwLZY.mft
File: 0cpnYQKGq3OPhs6TX99e1iDwLZY.mft (raw, json)
Hash identifier: tHgawcj6UKHbNeNOL7XQFBt2P36NwGoeYESfyRGjKF8=
Subject key identifier: 86:0C:19:0F:73:4A:B7:E9:6F:6E:F6:91:C5:47:92:0E:1D:8E:67:05
Authority key identifier: D1:CA:67:61:02:86:AB:73:8F:86:CE:93:5F:DF:5E:D6:20:F0:2D:96
Certificate issuer: /CN=d1ca67610286ab738f86ce935fdf5ed620f02d96
Certificate serial: 019D27DFCFF263235E9520280E6A44714180
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0cpnYQKGq3OPhs6TX99e1iDwLZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7a1a62-e481-4a14-ad6e-35bff96da4c5/1/0cpnYQKGq3OPhs6TX99e1iDwLZY.mft
Manifest number: 0780
Signing time: Thu 26 Mar 2026 02:01:12 +0000
Manifest this update: Thu 26 Mar 2026 02:01:12 +0000
Manifest next update: Fri 27 Mar 2026 02:01:12 +0000
Files and hashes: 1: 02YEKq1IDPEF8lBAQFD4RLUmuKw.roa (hash: TS/pQGf2LaMx5573KYxQQhCXKrO448hCMH6JUvctiu8=)
2: 0cpnYQKGq3OPhs6TX99e1iDwLZY.crl (hash: aHnfDzdEWTZeUlRPqJ3j8Q0ejLWbvwp7aFp1DQ7ARgI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/7a1a62-e481-4a14-ad6e-35bff96da4c5/1/0cpnYQKGq3OPhs6TX99e1iDwLZY.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/7a1a62-e481-4a14-ad6e-35bff96da4c5/1/0cpnYQKGq3OPhs6TX99e1iDwLZY.mft
rsync://rpki.ripe.net/repository/DEFAULT/0cpnYQKGq3OPhs6TX99e1iDwLZY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:df:cf:f2:63:23:5e:95:20:28:0e:6a:44:71:41:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1ca67610286ab738f86ce935fdf5ed620f02d96
Validity
Not Before: Mar 26 02:01:12 2026 GMT
Not After : Mar 27 02:01:12 2026 GMT
Subject: CN=860c190f734ab7e96f6ef691c547920e1d8e6705
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:9d:23:69:1a:db:a9:c0:6b:2e:ea:38:d3:6f:
76:69:7d:9c:77:c9:41:39:12:0c:88:4f:48:3d:00:
c2:de:a4:01:15:56:fb:7a:fc:06:f5:4c:32:0b:89:
83:13:4a:a7:c1:30:04:97:b6:94:82:34:4d:6a:05:
ee:a4:7b:0a:50:52:6c:48:c4:f8:6b:85:53:92:06:
d0:1d:59:2f:58:2c:62:76:ff:ef:07:45:22:cc:22:
b6:80:e5:d0:57:53:75:a8:8f:c6:80:df:fb:96:9a:
29:11:a9:62:4d:66:38:13:b2:db:a4:fe:e4:5c:28:
fd:fe:df:f0:82:bc:9e:76:05:55:3c:7a:a5:50:93:
d6:58:ac:13:45:ab:35:09:48:79:2a:98:0b:04:c9:
d3:1f:1e:1e:64:1c:3e:c9:47:3d:c6:89:af:71:00:
09:5a:a4:13:b2:6f:f2:56:97:f0:71:3f:8c:12:8d:
36:fe:c9:4b:bb:72:b0:76:29:c3:2f:cc:90:ba:ff:
12:7e:81:1f:78:5f:fe:2c:86:43:00:6c:ea:73:b7:
c9:ed:e9:f4:35:07:07:ef:33:28:60:67:c9:b4:cf:
0c:20:7f:49:08:c2:d1:7b:36:af:e3:81:5b:56:2e:
2b:aa:7f:e5:fb:34:f1:1a:13:88:26:e5:19:25:ee:
19:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:0C:19:0F:73:4A:B7:E9:6F:6E:F6:91:C5:47:92:0E:1D:8E:67:05
X509v3 Authority Key Identifier:
keyid:D1:CA:67:61:02:86:AB:73:8F:86:CE:93:5F:DF:5E:D6:20:F0:2D:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0cpnYQKGq3OPhs6TX99e1iDwLZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7a1a62-e481-4a14-ad6e-35bff96da4c5/1/0cpnYQKGq3OPhs6TX99e1iDwLZY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7a1a62-e481-4a14-ad6e-35bff96da4c5/1/0cpnYQKGq3OPhs6TX99e1iDwLZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
95:16:8a:92:93:2c:97:b6:b8:98:d1:b3:3f:ef:57:a1:b8:98:
b7:6f:79:5b:fe:ed:5b:fe:83:7b:83:af:bc:32:c1:b3:cc:6e:
d0:2f:96:85:04:14:44:60:c6:ba:fb:a1:65:a0:7c:a7:2e:ba:
c8:24:36:85:14:f4:45:cd:77:bc:39:a2:01:aa:99:46:44:c7:
e2:ff:8d:c9:58:13:30:37:07:98:7a:b0:af:75:95:86:5c:f7:
c4:2e:f5:e2:fc:7f:d7:ba:fe:23:df:8b:83:fe:f0:04:33:4c:
05:27:b2:ba:ec:f3:a6:49:1d:48:7d:05:2a:ea:0a:37:91:d5:
20:f7:2a:47:f4:32:6c:97:2b:7e:e6:68:40:01:40:5a:64:bc:
d6:fe:fc:bb:c0:53:ee:8b:8f:59:e3:77:b7:97:65:83:f5:8e:
a0:4d:89:bb:c4:cc:1b:b7:0e:fc:d4:8f:21:d5:1d:1a:f5:80:
a1:25:02:9e:d4:2e:07:6d:82:cc:b5:ca:b1:3a:9a:0c:80:6e:
b5:f6:65:66:bc:e5:cd:cb:be:18:ee:67:e6:82:0f:13:34:fb:
db:a2:f6:82:b0:f7:e3:d4:8b:24:3d:cb:d3:cc:b9:9e:4d:6a:
e6:10:fb:e5:4b:b1:6b:87:e7:d0:c0:56:5e:ea:1d:ce:d0:41:
15:d5:b4:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n38/yYyNelSAoDmpEcUGAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxY2E2NzYxMDI4NmFiNzM4Zjg2Y2U5MzVmZGY1ZWQ2MjBm
MDJkOTYwHhcNMjYwMzI2MDIwMTEyWhcNMjYwMzI3MDIwMTEyWjAzMTEwLwYDVQQD
Eyg4NjBjMTkwZjczNGFiN2U5NmY2ZWY2OTFjNTQ3OTIwZTFkOGU2NzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0J0jaRrbqcBrLuo40292aX2cd8lB
ORIMiE9IPQDC3qQBFVb7evwG9UwyC4mDE0qnwTAEl7aUgjRNagXupHsKUFJsSMT4
a4VTkgbQHVkvWCxidv/vB0UizCK2gOXQV1N1qI/GgN/7lpopEaliTWY4E7LbpP7k
XCj9/t/wgryedgVVPHqlUJPWWKwTRas1CUh5KpgLBMnTHx4eZBw+yUc9xomvcQAJ
WqQTsm/yVpfwcT+MEo02/slLu3KwdinDL8yQuv8SfoEfeF/+LIZDAGzqc7fJ7en0
NQcH7zMoYGfJtM8MIH9JCMLRezav44FbVi4rqn/l+zTxGhOIJuUZJe4Z9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIYMGQ9zSrfpb272kcVHkg4djmcFMB8GA1UdIwQY
MBaAFNHKZ2EChqtzj4bOk1/fXtYg8C2WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGNwbllRS0dxM09QaHM2VFg5OWUxaUR3TFpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YTFhNjItZTQ4MS00YTE0LWFkNmUt
MzViZmY5NmRhNGM1LzEvMGNwbllRS0dxM09QaHM2VFg5OWUxaUR3TFpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YTFhNjItZTQ4MS00YTE0LWFkNmUtMzViZmY5NmRhNGM1
LzEvMGNwbllRS0dxM09QaHM2VFg5OWUxaUR3TFpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlRaKkpMs
l7a4mNGzP+9XobiYt295W/7tW/6De4OvvDLBs8xu0C+WhQQURGDGuvuhZaB8py66
yCQ2hRT0Rc13vDmiAaqZRkTH4v+NyVgTMDcHmHqwr3WVhlz3xC714vx/17r+I9+L
g/7wBDNMBSeyuuzzpkkdSH0FKuoKN5HVIPcqR/QybJcrfuZoQAFAWmS81v78u8BT
7ouPWeN3t5dlg/WOoE2Ju8TMG7cO/NSPIdUdGvWAoSUCntQuB22CzLXKsTqaDIBu
tfZlZrzlzcu+GO5n5oIPEzT726L2grD349SLJD3L08y5nk1q5hD75Uuxa4fn0MBW
XuodztBBFdW0fg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:58:25 2026 by rpki-client