Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.mft
File: duK6XMFQs1PL00ufBF6gUJdAhE0.mft (raw, json)
Hash identifier: /cJ31AGC61Gl3ZoFSsC+rfXAfPOJos+eIKhLAza1Yu8=
Subject key identifier: A5:C7:DF:08:FE:9D:FC:D3:63:EA:AB:AE:7A:01:68:12:DC:42:E3:6E
Authority key identifier: 76:E2:BA:5C:C1:50:B3:53:CB:D3:4B:9F:04:5E:A0:50:97:40:84:4D
Certificate issuer: /CN=76e2ba5cc150b353cbd34b9f045ea0509740844d
Certificate serial: 019D265EE418B33D7943A3C2D48CE9A63ED8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/duK6XMFQs1PL00ufBF6gUJdAhE0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.mft
Manifest number: 1887
Signing time: Wed 25 Mar 2026 19:00:46 +0000
Manifest this update: Wed 25 Mar 2026 19:00:46 +0000
Manifest next update: Thu 26 Mar 2026 19:00:46 +0000
Files and hashes: 1: 9pt3MDCay7srVLLtOW6VihLRgqg.roa (hash: t8waBrYlHxhkv2G7wxFbB2b8tWVcdcespy2BiSBs4U8=)
2: duK6XMFQs1PL00ufBF6gUJdAhE0.crl (hash: 9G+TOBfK2FhaND+n7xuFd/B4xPQvlgiJpYdn4vmzEJ8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.mft
rsync://rpki.ripe.net/repository/DEFAULT/duK6XMFQs1PL00ufBF6gUJdAhE0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:5e:e4:18:b3:3d:79:43:a3:c2:d4:8c:e9:a6:3e:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76e2ba5cc150b353cbd34b9f045ea0509740844d
Validity
Not Before: Mar 25 19:00:46 2026 GMT
Not After : Mar 26 19:00:46 2026 GMT
Subject: CN=a5c7df08fe9dfcd363eaabae7a016812dc42e36e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:96:f5:0e:d7:ef:5b:32:52:63:59:ff:c3:d8:
2b:26:01:df:81:98:4e:26:5e:45:dc:45:80:06:9a:
36:56:79:b1:fb:71:65:6a:b9:d5:38:63:46:35:e5:
fe:85:59:fd:05:84:f3:fd:ef:a6:0e:8b:fb:b1:16:
25:4e:fc:42:33:35:ae:06:59:8b:21:96:76:22:a2:
f7:f8:d3:b4:8f:6e:11:a1:77:75:b2:0c:6a:88:66:
42:b0:ff:99:ec:ca:8b:d8:2e:95:e8:90:31:d1:79:
79:42:8e:3f:01:0c:c2:a5:77:54:f1:7f:3c:6e:5d:
13:f7:26:2b:9e:93:93:77:e6:85:0a:c2:67:d8:66:
46:1d:7b:c6:74:7b:37:2f:1c:f6:95:df:38:7f:7a:
d1:9f:d2:d9:ba:c6:8d:46:63:8c:16:50:1f:3f:e0:
b8:14:76:0f:fa:24:67:46:ce:15:71:51:dc:0f:8f:
66:6f:c1:d0:45:de:9a:b4:c6:f2:3b:2c:c4:d4:fd:
31:f7:5e:27:3d:78:0a:bf:20:3e:53:3a:7c:ec:5d:
f4:97:00:2c:8f:8f:a1:dd:2f:07:fc:e0:d4:3d:25:
ed:76:cf:6f:b6:6a:51:36:de:7f:27:7a:20:11:09:
7b:7a:30:db:31:40:ef:5d:9a:bc:09:63:1a:4b:db:
a7:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:C7:DF:08:FE:9D:FC:D3:63:EA:AB:AE:7A:01:68:12:DC:42:E3:6E
X509v3 Authority Key Identifier:
keyid:76:E2:BA:5C:C1:50:B3:53:CB:D3:4B:9F:04:5E:A0:50:97:40:84:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/duK6XMFQs1PL00ufBF6gUJdAhE0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7d:02:32:dc:9a:6a:1d:75:b0:fd:82:f7:94:c5:1d:0e:ec:77:
b0:de:74:ae:79:04:7f:a0:ee:1a:34:e7:32:32:82:81:bf:ed:
4a:6b:33:3e:06:2b:a3:b6:1c:0d:f6:c5:5f:39:7f:4b:ee:90:
a7:d0:29:32:75:b4:0e:1b:66:e7:be:41:3b:8c:55:16:f3:c6:
b5:2a:66:5e:f2:6f:5e:13:9f:4f:ea:bb:5d:3f:05:9f:79:f9:
1a:4f:ab:2d:8e:80:e2:0a:b3:2c:c0:33:d8:02:7d:23:61:96:
0c:4b:50:e4:50:a1:e7:af:53:ba:8f:6f:38:99:4e:39:1e:25:
10:d8:f8:92:47:e0:b8:2e:91:9e:ac:7a:67:72:5b:35:1f:80:
fa:49:ae:a3:a4:e8:65:17:48:a8:22:f8:a4:52:5e:e4:3c:bd:
88:92:7a:ef:f5:13:6c:18:06:33:3c:9e:b6:44:87:30:b1:73:
8f:17:43:92:cd:61:e5:c5:ec:82:09:f9:a7:14:30:b7:0b:a4:
26:b0:3f:5f:ae:55:07:e2:d9:82:cc:44:cd:f3:0c:34:b8:95:
de:3b:46:05:de:fb:31:e5:b9:19:f4:14:72:d8:8c:cc:fd:7b:
bb:41:fe:10:b1:0c:e1:20:f9:50:6d:b3:a4:08:7d:b1:24:5f:
3e:67:cc:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mXuQYsz15Q6PC1Izppj7YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZTJiYTVjYzE1MGIzNTNjYmQzNGI5ZjA0NWVhMDUwOTc0
MDg0NGQwHhcNMjYwMzI1MTkwMDQ2WhcNMjYwMzI2MTkwMDQ2WjAzMTEwLwYDVQQD
EyhhNWM3ZGYwOGZlOWRmY2QzNjNlYWFiYWU3YTAxNjgxMmRjNDJlMzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJb1DtfvWzJSY1n/w9grJgHfgZhO
Jl5F3EWABpo2Vnmx+3FlarnVOGNGNeX+hVn9BYTz/e+mDov7sRYlTvxCMzWuBlmL
IZZ2IqL3+NO0j24RoXd1sgxqiGZCsP+Z7MqL2C6V6JAx0Xl5Qo4/AQzCpXdU8X88
bl0T9yYrnpOTd+aFCsJn2GZGHXvGdHs3Lxz2ld84f3rRn9LZusaNRmOMFlAfP+C4
FHYP+iRnRs4VcVHcD49mb8HQRd6atMbyOyzE1P0x914nPXgKvyA+Uzp87F30lwAs
j4+h3S8H/ODUPSXtds9vtmpRNt5/J3ogEQl7ejDbMUDvXZq8CWMaS9un6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKXH3wj+nfzTY+qrrnoBaBLcQuNuMB8GA1UdIwQY
MBaAFHbiulzBULNTy9NLnwReoFCXQIRNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHVLNlhNRlFzMVBMMDB1ZkJGNmdVSmRBaEUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8zMWQyZWQtOGUyZi00ZmE5LTgzY2Et
NzA0MDVlMzUyOGFmLzEvZHVLNlhNRlFzMVBMMDB1ZkJGNmdVSmRBaEUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8zMWQyZWQtOGUyZi00ZmE5LTgzY2EtNzA0MDVlMzUyOGFm
LzEvZHVLNlhNRlFzMVBMMDB1ZkJGNmdVSmRBaEUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfQIy3Jpq
HXWw/YL3lMUdDux3sN50rnkEf6DuGjTnMjKCgb/tSmszPgYro7YcDfbFXzl/S+6Q
p9ApMnW0Dhtm575BO4xVFvPGtSpmXvJvXhOfT+q7XT8Fn3n5Gk+rLY6A4gqzLMAz
2AJ9I2GWDEtQ5FCh569Tuo9vOJlOOR4lENj4kkfguC6Rnqx6Z3JbNR+A+kmuo6To
ZRdIqCL4pFJe5Dy9iJJ67/UTbBgGMzyetkSHMLFzjxdDks1h5cXsggn5pxQwtwuk
JrA/X65VB+LZgsxEzfMMNLiV3jtGBd77MeW5GfQUctiMzP17u0H+ELEM4SD5UG2z
pAh9sSRfPmfM7A==
-----END CERTIFICATE-----
Generated at Thu Mar 26 03:21:00 2026 by rpki-client