Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/14e4c2-8a98-456e-9612-9429da87bd50/1/dK6UGmgcFYY3ngckfcwZ8_QQNdg.mft
File: dK6UGmgcFYY3ngckfcwZ8_QQNdg.mft (raw, json)
Hash identifier: LFftbhA6skWhmGIfrlBxw7iSwmezXtG/+EktsFlw4i8=
Subject key identifier: 3A:43:95:29:FD:7E:88:A2:94:DD:DE:AC:C9:E3:71:67:C6:8B:0E:D3
Authority key identifier: 74:AE:94:1A:68:1C:15:86:37:9E:07:24:7D:CC:19:F3:F4:10:35:D8
Certificate issuer: /CN=74ae941a681c1586379e07247dcc19f3f41035d8
Certificate serial: 019D2471848A3FA5B3F0A7CF5BA041FAB8D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dK6UGmgcFYY3ngckfcwZ8_QQNdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/14e4c2-8a98-456e-9612-9429da87bd50/1/dK6UGmgcFYY3ngckfcwZ8_QQNdg.mft
Manifest number: 1023
Signing time: Wed 25 Mar 2026 10:01:52 +0000
Manifest this update: Wed 25 Mar 2026 10:01:52 +0000
Manifest next update: Thu 26 Mar 2026 10:01:52 +0000
Files and hashes: 1: DvoMmaNQLR-F0c_ZQLqJj27XJNw.asa (hash: mEX2A8L8N6B6jxBchbjmo4MApYmBl5md4ZvzoDkGIHk=)
2: OWX2u3h86crIqlZrJEDgTq1vnqE.roa (hash: LsGVcbsq1OthlSGdFhoXpBIhd+P4m0nMhxD/QuTqmCw=)
3: dK6UGmgcFYY3ngckfcwZ8_QQNdg.crl (hash: PVkuAnGE8VyadcWhYcTOFrrIumubLTNEujsp4bsPZiQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/14e4c2-8a98-456e-9612-9429da87bd50/1/dK6UGmgcFYY3ngckfcwZ8_QQNdg.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/14e4c2-8a98-456e-9612-9429da87bd50/1/dK6UGmgcFYY3ngckfcwZ8_QQNdg.mft
rsync://rpki.ripe.net/repository/DEFAULT/dK6UGmgcFYY3ngckfcwZ8_QQNdg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 10:01:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:24:71:84:8a:3f:a5:b3:f0:a7:cf:5b:a0:41:fa:b8:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74ae941a681c1586379e07247dcc19f3f41035d8
Validity
Not Before: Mar 25 10:01:52 2026 GMT
Not After : Mar 26 10:01:52 2026 GMT
Subject: CN=3a439529fd7e88a294dddeacc9e37167c68b0ed3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:2f:68:2b:2f:03:6c:d6:8a:5f:61:cd:5a:08:
ae:f6:fd:0c:64:a5:1c:0b:fd:cc:4d:19:53:ec:29:
9d:e3:08:99:07:4d:24:8a:a7:16:5c:14:68:62:0f:
12:da:e8:4f:64:8a:b9:5a:c2:00:06:76:6e:39:3b:
fc:21:4e:f2:0a:73:b7:89:04:15:c3:76:e2:ca:be:
2c:29:4e:46:68:f8:3b:76:19:1a:8d:9b:2f:4c:eb:
0c:da:a4:e8:0d:05:26:f3:46:f2:ff:a3:8f:27:d7:
6c:c6:38:ca:4a:1e:b2:d9:70:ea:64:52:ef:f6:c4:
07:e2:37:75:5d:35:2a:63:05:87:7f:83:07:c9:2f:
ae:95:05:c5:ec:a3:55:2a:13:57:1a:f8:09:ad:be:
90:53:e5:08:cf:74:0b:cf:f3:5b:41:0c:d2:5d:14:
70:a8:76:a3:45:21:e1:5e:2a:c3:eb:83:93:bb:f9:
92:b5:5e:ed:02:f0:44:79:d9:13:24:09:6a:97:ca:
08:56:27:2f:22:99:a4:63:2a:fb:e3:54:bb:d9:68:
f9:82:dd:5d:6e:0c:29:9a:50:30:02:50:1e:1e:17:
68:53:93:52:fa:46:ac:cc:21:7d:c7:f6:62:d3:af:
63:04:44:9f:ce:20:da:a1:81:2d:7e:27:17:48:7c:
e8:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:43:95:29:FD:7E:88:A2:94:DD:DE:AC:C9:E3:71:67:C6:8B:0E:D3
X509v3 Authority Key Identifier:
keyid:74:AE:94:1A:68:1C:15:86:37:9E:07:24:7D:CC:19:F3:F4:10:35:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dK6UGmgcFYY3ngckfcwZ8_QQNdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/14e4c2-8a98-456e-9612-9429da87bd50/1/dK6UGmgcFYY3ngckfcwZ8_QQNdg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/14e4c2-8a98-456e-9612-9429da87bd50/1/dK6UGmgcFYY3ngckfcwZ8_QQNdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
61:c6:b4:fc:1a:bc:b2:7e:bb:bc:28:83:b8:52:0b:88:49:dc:
15:78:7a:87:61:c1:d0:0c:db:48:a3:46:01:b9:66:30:44:8d:
08:10:f9:db:90:93:9b:47:15:61:d5:20:41:53:c1:df:7e:d2:
84:0e:44:25:74:44:ba:5c:6c:b6:d0:d0:a5:d8:52:9e:ad:e9:
75:a9:21:c5:3f:11:36:d9:f6:0f:91:14:a5:c7:6a:43:05:b6:
f0:f7:6f:05:a9:78:c4:d1:39:c7:b2:2e:a3:64:d9:f4:dc:1f:
75:76:9f:35:32:97:03:10:ba:76:14:67:77:22:42:63:7e:df:
da:c5:57:19:97:50:96:5a:c3:5f:99:b3:5c:7f:31:5c:f6:03:
90:d4:44:95:12:2a:d1:80:c8:72:53:4f:6b:23:95:58:5a:7a:
d2:68:70:fd:51:e2:80:1b:14:53:9d:db:0e:21:4c:3b:73:6d:
0d:d9:f2:55:ca:75:de:5b:91:9c:40:8f:36:a9:f8:e3:7c:c2:
42:47:93:65:71:bd:3e:48:6c:9c:e4:0d:6d:23:65:c4:b7:4f:
87:c1:3f:c8:9c:a6:20:7c:dd:a6:ae:f4:29:c5:6a:9c:08:68:
93:2a:6b:e0:c6:e3:e5:3b:20:11:53:b8:40:c2:7e:97:ad:f7:
72:d1:52:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0kcYSKP6Wz8KfPW6BB+rjZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YWU5NDFhNjgxYzE1ODYzNzllMDcyNDdkY2MxOWYzZjQx
MDM1ZDgwHhcNMjYwMzI1MTAwMTUyWhcNMjYwMzI2MTAwMTUyWjAzMTEwLwYDVQQD
EygzYTQzOTUyOWZkN2U4OGEyOTRkZGRlYWNjOWUzNzE2N2M2OGIwZWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyC9oKy8DbNaKX2HNWgiu9v0MZKUc
C/3MTRlT7Cmd4wiZB00kiqcWXBRoYg8S2uhPZIq5WsIABnZuOTv8IU7yCnO3iQQV
w3biyr4sKU5GaPg7dhkajZsvTOsM2qToDQUm80by/6OPJ9dsxjjKSh6y2XDqZFLv
9sQH4jd1XTUqYwWHf4MHyS+ulQXF7KNVKhNXGvgJrb6QU+UIz3QLz/NbQQzSXRRw
qHajRSHhXirD64OTu/mStV7tAvBEedkTJAlql8oIVicvIpmkYyr741S72Wj5gt1d
bgwpmlAwAlAeHhdoU5NS+kaszCF9x/Zi069jBESfziDaoYEtficXSHzokwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDpDlSn9foiilN3erMnjcWfGiw7TMB8GA1UdIwQY
MBaAFHSulBpoHBWGN54HJH3MGfP0EDXYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEs2VUdtZ2NGWVkzbmdja2Zjd1o4X1FRTmRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8xNGU0YzItOGE5OC00NTZlLTk2MTIt
OTQyOWRhODdiZDUwLzEvZEs2VUdtZ2NGWVkzbmdja2Zjd1o4X1FRTmRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8xNGU0YzItOGE5OC00NTZlLTk2MTItOTQyOWRhODdiZDUw
LzEvZEs2VUdtZ2NGWVkzbmdja2Zjd1o4X1FRTmRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYca0/Bq8
sn67vCiDuFILiEncFXh6h2HB0AzbSKNGAblmMESNCBD525CTm0cVYdUgQVPB337S
hA5EJXREulxsttDQpdhSnq3pdakhxT8RNtn2D5EUpcdqQwW28PdvBal4xNE5x7Iu
o2TZ9NwfdXafNTKXAxC6dhRndyJCY37f2sVXGZdQllrDX5mzXH8xXPYDkNRElRIq
0YDIclNPayOVWFp60mhw/VHigBsUU53bDiFMO3NtDdnyVcp13luRnECPNqn443zC
QkeTZXG9PkhsnOQNbSNlxLdPh8E/yJymIHzdpq70KcVqnAhokypr4Mbj5TsgEVO4
QMJ+l633ctFS2A==
-----END CERTIFICATE-----
Generated at Wed Mar 25 21:19:00 2026 by rpki-client