Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/317635-a90a-4704-9672-15f62c890af8/1/0LYdHx2czatrbY4UUMLJNtOX5nA.mft
File: 0LYdHx2czatrbY4UUMLJNtOX5nA.mft (raw, json)
Hash identifier: rrlIiRH20ctL0ii72rOlRyVFTrkEz5iEcEkdehg9ntc=
Subject key identifier: 3B:A4:85:E0:B0:5D:8E:8C:4B:1A:6B:ED:4B:B4:F6:FC:FD:50:E6:BD
Authority key identifier: D0:B6:1D:1F:1D:9C:CD:AB:6B:6D:8E:14:50:C2:C9:36:D3:97:E6:70
Certificate issuer: /CN=d0b61d1f1d9ccdab6b6d8e1450c2c936d397e670
Certificate serial: 019D28BB0E0F1E2F4BB9EEF89FF78804F021
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0LYdHx2czatrbY4UUMLJNtOX5nA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/317635-a90a-4704-9672-15f62c890af8/1/0LYdHx2czatrbY4UUMLJNtOX5nA.mft
Manifest number: 0575
Signing time: Thu 26 Mar 2026 06:00:40 +0000
Manifest this update: Thu 26 Mar 2026 06:00:40 +0000
Manifest next update: Fri 27 Mar 2026 06:00:40 +0000
Files and hashes: 1: 0LYdHx2czatrbY4UUMLJNtOX5nA.crl (hash: zz7mTRkad9R4ztH5/2XslM80KeaWapZZIytMndK8sIc=)
2: piwBwz4HJGYBENTFdgGuRDrHazc.roa (hash: HyV9rRZkFNwRRX6HGBAQRpmfS8v8I2SCJ4CVMaujnWU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/317635-a90a-4704-9672-15f62c890af8/1/0LYdHx2czatrbY4UUMLJNtOX5nA.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/317635-a90a-4704-9672-15f62c890af8/1/0LYdHx2czatrbY4UUMLJNtOX5nA.mft
rsync://rpki.ripe.net/repository/DEFAULT/0LYdHx2czatrbY4UUMLJNtOX5nA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:bb:0e:0f:1e:2f:4b:b9:ee:f8:9f:f7:88:04:f0:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0b61d1f1d9ccdab6b6d8e1450c2c936d397e670
Validity
Not Before: Mar 26 06:00:40 2026 GMT
Not After : Mar 27 06:00:40 2026 GMT
Subject: CN=3ba485e0b05d8e8c4b1a6bed4bb4f6fcfd50e6bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:07:d7:60:5c:c3:ea:ba:75:fb:e5:e6:c0:75:
6a:0f:39:74:44:ca:6f:39:41:bf:1c:1d:34:ae:9d:
29:89:bb:38:5b:28:2a:0e:e6:f7:6f:c5:ce:79:5d:
07:81:e2:fa:b2:bf:95:7e:86:82:28:f7:19:cc:c0:
77:f6:ce:58:fe:dd:19:67:f3:6f:e3:1d:b4:60:2c:
51:e0:66:dc:8b:44:13:5f:a9:a7:d4:03:d0:bd:71:
5c:d3:07:56:c0:ad:60:88:3d:2b:e6:f4:ea:3c:5c:
e3:57:57:cc:54:a8:64:83:a0:ec:0a:e8:76:91:be:
2d:82:0b:5c:66:40:d8:bf:98:4a:66:16:90:70:6c:
c3:d6:f6:6b:b3:ca:cf:0c:8e:a4:6c:e7:a8:03:e4:
27:f6:12:f6:82:a1:aa:67:d9:cf:80:bf:ee:2f:ce:
2f:c0:7d:f6:b4:f1:12:73:ef:b7:bf:d3:3b:08:6e:
2a:9a:9c:16:1c:0b:16:78:43:9b:84:72:ac:60:2d:
63:72:b1:cb:e2:61:70:0a:c9:3b:36:67:7d:de:e4:
61:64:43:a2:f0:15:b2:e0:30:d2:a7:7d:0e:f1:7f:
ba:1a:f1:da:81:61:fa:73:93:d3:0e:e2:ea:f4:b3:
21:00:4f:f9:7e:3b:bd:e8:0f:4d:88:80:03:0e:91:
31:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:A4:85:E0:B0:5D:8E:8C:4B:1A:6B:ED:4B:B4:F6:FC:FD:50:E6:BD
X509v3 Authority Key Identifier:
keyid:D0:B6:1D:1F:1D:9C:CD:AB:6B:6D:8E:14:50:C2:C9:36:D3:97:E6:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0LYdHx2czatrbY4UUMLJNtOX5nA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/317635-a90a-4704-9672-15f62c890af8/1/0LYdHx2czatrbY4UUMLJNtOX5nA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/317635-a90a-4704-9672-15f62c890af8/1/0LYdHx2czatrbY4UUMLJNtOX5nA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
03:c2:f1:ab:10:11:e7:51:75:15:ab:64:23:f7:b3:bf:6d:be:
7f:c3:d6:07:3c:a1:4d:d4:14:fc:00:bc:d6:21:cf:ef:e3:d3:
0f:f2:01:02:81:62:7d:95:80:e9:61:b1:13:3a:c6:ef:59:78:
04:76:b8:b0:38:fc:9e:d9:4a:93:ac:86:34:26:8b:10:c0:20:
f9:e6:cc:3f:09:17:1a:ed:14:3e:3b:f1:7b:9e:54:64:92:0f:
aa:67:a5:4c:0a:40:85:51:67:88:39:20:95:30:e6:e0:8d:1c:
97:9d:03:1d:9e:d7:c9:9d:5f:23:06:8e:c4:8c:b2:c8:e9:85:
7e:fb:89:c5:6c:de:82:05:09:c3:7c:b8:69:27:d2:76:29:1e:
c3:79:b6:cc:c0:87:ff:ad:1a:80:7e:e5:a9:3f:84:44:51:22:
a6:86:10:a2:aa:80:1e:2d:af:9e:ec:d9:1d:67:fa:b3:14:17:
c6:76:b3:67:cb:3c:e4:e2:9b:00:9a:c7:5a:33:45:80:58:ca:
c0:26:57:ee:9d:e8:d6:0e:02:34:d8:04:45:78:5e:c5:e1:71:
b9:19:da:4d:f9:8c:9d:0c:a6:29:d0:57:85:da:77:26:da:a5:
43:9b:8d:02:3d:42:d1:d9:11:bc:2e:b5:a9:9b:c0:24:9b:a5:
99:4f:1c:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ouw4PHi9Lue74n/eIBPAhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwYjYxZDFmMWQ5Y2NkYWI2YjZkOGUxNDUwYzJjOTM2ZDM5
N2U2NzAwHhcNMjYwMzI2MDYwMDQwWhcNMjYwMzI3MDYwMDQwWjAzMTEwLwYDVQQD
EygzYmE0ODVlMGIwNWQ4ZThjNGIxYTZiZWQ0YmI0ZjZmY2ZkNTBlNmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgfXYFzD6rp1++XmwHVqDzl0RMpv
OUG/HB00rp0pibs4WygqDub3b8XOeV0HgeL6sr+VfoaCKPcZzMB39s5Y/t0ZZ/Nv
4x20YCxR4Gbci0QTX6mn1APQvXFc0wdWwK1giD0r5vTqPFzjV1fMVKhkg6DsCuh2
kb4tggtcZkDYv5hKZhaQcGzD1vZrs8rPDI6kbOeoA+Qn9hL2gqGqZ9nPgL/uL84v
wH32tPESc++3v9M7CG4qmpwWHAsWeEObhHKsYC1jcrHL4mFwCsk7Nmd93uRhZEOi
8BWy4DDSp30O8X+6GvHagWH6c5PTDuLq9LMhAE/5fju96A9NiIADDpExuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDukheCwXY6MSxpr7Uu09vz9UOa9MB8GA1UdIwQY
MBaAFNC2HR8dnM2ra22OFFDCyTbTl+ZwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMExZZEh4MmN6YXRyYlk0VVVNTEpOdE9YNW5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8zMTc2MzUtYTkwYS00NzA0LTk2NzIt
MTVmNjJjODkwYWY4LzEvMExZZEh4MmN6YXRyYlk0VVVNTEpOdE9YNW5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8zMTc2MzUtYTkwYS00NzA0LTk2NzItMTVmNjJjODkwYWY4
LzEvMExZZEh4MmN6YXRyYlk0VVVNTEpOdE9YNW5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA8LxqxAR
51F1FatkI/ezv22+f8PWBzyhTdQU/AC81iHP7+PTD/IBAoFifZWA6WGxEzrG71l4
BHa4sDj8ntlKk6yGNCaLEMAg+ebMPwkXGu0UPjvxe55UZJIPqmelTApAhVFniDkg
lTDm4I0cl50DHZ7XyZ1fIwaOxIyyyOmFfvuJxWzeggUJw3y4aSfSdikew3m2zMCH
/60agH7lqT+ERFEipoYQoqqAHi2vnuzZHWf6sxQXxnazZ8s85OKbAJrHWjNFgFjK
wCZX7p3o1g4CNNgERXhexeFxuRnaTfmMnQymKdBXhdp3JtqlQ5uNAj1C0dkRvC61
qZvAJJulmU8cXg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 10:51:52 2026 by rpki-client