Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
File: 2O6Q00LYZepn8rDS-3TAOfg-Skg.mft (raw, json)
Hash identifier: By5vnQP6N6SFmM8M1+hBttSu4xs1g9E8CKG7DmGNg2k=
Subject key identifier: 14:9D:60:58:33:E2:CB:97:B8:B8:41:8C:68:65:29:C7:B9:98:4F:9D
Authority key identifier: D8:EE:90:D3:42:D8:65:EA:67:F2:B0:D2:FB:74:C0:39:F8:3E:4A:48
Certificate issuer: /CN=d8ee90d342d865ea67f2b0d2fb74c039f83e4a48
Certificate serial: 019D2AE1033F6A5EEE03ABBE4EF46D5BD109
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
Manifest number: 05AB
Signing time: Thu 26 Mar 2026 16:01:22 +0000
Manifest this update: Thu 26 Mar 2026 16:01:22 +0000
Manifest next update: Fri 27 Mar 2026 16:01:22 +0000
Files and hashes: 1: 2O6Q00LYZepn8rDS-3TAOfg-Skg.crl (hash: 1h1BtLsWE0ZdXpgOaMJtKkLsZihxtMTtupSnJFCr2Cs=)
2: OExalT86I2jE92WcpxOz8v2EM5M.roa (hash: 4ql4+dXrno2rRd9rLsGdlFCa1N0RlG63lEsTRJIQb8w=)
3: jkJ-dpXyGf9S_poPiFsD4kU6mb4.roa (hash: cQtWmc7dZO030WCUTKzMCSngnAwQZjveS+i9Nuw4lVc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:e1:03:3f:6a:5e:ee:03:ab:be:4e:f4:6d:5b:d1:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8ee90d342d865ea67f2b0d2fb74c039f83e4a48
Validity
Not Before: Mar 26 16:01:22 2026 GMT
Not After : Mar 27 16:01:22 2026 GMT
Subject: CN=149d605833e2cb97b8b8418c686529c7b9984f9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:1f:e1:b0:60:fa:7e:67:6e:57:55:41:3c:5f:
ea:17:11:79:22:17:75:50:91:c4:24:52:c6:9e:ea:
0e:7c:16:1b:2c:7b:23:9f:49:fc:d2:ac:de:f6:a0:
48:ac:4a:10:32:d9:56:eb:d6:25:80:05:55:0c:ff:
89:02:81:d1:05:fe:5b:f0:6c:43:67:53:3f:a8:f9:
89:89:62:22:ce:a7:74:bf:3c:a5:12:2a:81:07:b6:
64:e1:98:e3:0b:78:be:21:82:2e:ce:03:2d:a2:5c:
7e:e8:ea:ec:2e:fe:a6:f4:19:c3:7c:85:29:41:aa:
b4:8f:56:2a:e0:86:dd:1a:82:a1:16:93:6d:eb:30:
87:c5:67:21:6d:ec:39:f8:9f:b9:a6:78:93:fb:24:
2a:de:8e:36:03:30:ea:7b:8e:dc:ea:81:5d:1c:b3:
17:0d:9d:4d:24:a4:ed:23:14:f5:9a:14:6e:3c:17:
6a:69:34:ec:69:d7:88:e0:07:b0:84:73:ba:49:2c:
fb:67:8a:0b:80:10:2d:85:cc:ab:80:3d:f4:b6:09:
01:7f:60:62:e3:bb:20:2c:0d:cb:c8:8a:78:ae:76:
c5:f1:c7:ea:31:8d:85:f6:eb:af:79:3f:f1:d3:57:
f9:42:5f:37:28:41:8a:f2:3f:1b:7c:7b:bb:62:a4:
5e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:9D:60:58:33:E2:CB:97:B8:B8:41:8C:68:65:29:C7:B9:98:4F:9D
X509v3 Authority Key Identifier:
keyid:D8:EE:90:D3:42:D8:65:EA:67:F2:B0:D2:FB:74:C0:39:F8:3E:4A:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
53:28:2b:37:b4:bb:0d:9b:82:5d:b0:dc:8b:80:81:8d:cd:c0:
61:b1:66:83:ca:88:7e:17:e9:57:d2:88:d1:f7:38:32:53:8b:
17:07:ca:30:46:58:93:49:fc:f4:8c:ce:42:11:15:7f:62:df:
28:b1:b6:c8:74:ce:28:67:2d:82:a6:8a:ca:fe:40:63:ca:c8:
7b:ce:a9:22:54:b4:90:7c:8d:79:78:18:f5:46:0c:5d:30:68:
73:52:64:e7:18:89:ee:47:c9:e5:52:a2:ad:2c:cc:b0:2a:bc:
46:8d:ba:01:6a:5c:74:be:ad:2d:07:f4:a5:97:12:6a:ce:fb:
25:01:09:cb:0d:0f:47:37:bf:9a:c5:31:bd:1f:cc:52:45:61:
7c:d2:03:6c:e6:1c:b0:a9:0d:dc:2b:6f:b4:c0:15:a0:04:65:
80:9e:cf:f8:64:18:44:a7:04:30:ab:3a:fc:59:3d:90:a6:12:
6d:06:fd:dc:f6:f1:87:16:c9:de:ac:a0:24:c6:03:b7:8a:88:
8a:d7:fd:19:c7:b9:c6:28:d6:58:a6:d5:15:f2:0e:b1:05:3a:
ee:c1:fb:2f:5b:22:00:fc:73:71:61:fe:ca:b5:9a:21:6f:64:
ff:9c:5a:d6:b4:9d:36:24:9b:50:40:89:c1:99:37:db:2a:07:
38:b5:d0:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4QM/al7uA6u+TvRtW9EJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZWU5MGQzNDJkODY1ZWE2N2YyYjBkMmZiNzRjMDM5Zjgz
ZTRhNDgwHhcNMjYwMzI2MTYwMTIyWhcNMjYwMzI3MTYwMTIyWjAzMTEwLwYDVQQD
EygxNDlkNjA1ODMzZTJjYjk3YjhiODQxOGM2ODY1MjljN2I5OTg0ZjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtR/hsGD6fmduV1VBPF/qFxF5Ihd1
UJHEJFLGnuoOfBYbLHsjn0n80qze9qBIrEoQMtlW69YlgAVVDP+JAoHRBf5b8GxD
Z1M/qPmJiWIizqd0vzylEiqBB7Zk4ZjjC3i+IYIuzgMtolx+6OrsLv6m9BnDfIUp
Qaq0j1Yq4IbdGoKhFpNt6zCHxWchbew5+J+5pniT+yQq3o42AzDqe47c6oFdHLMX
DZ1NJKTtIxT1mhRuPBdqaTTsadeI4AewhHO6SSz7Z4oLgBAthcyrgD30tgkBf2Bi
47sgLA3LyIp4rnbF8cfqMY2F9uuveT/x01f5Ql83KEGK8j8bfHu7YqReuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBSdYFgz4suXuLhBjGhlKce5mE+dMB8GA1UdIwQY
MBaAFNjukNNC2GXqZ/Kw0vt0wDn4PkpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9jZjVjMTAtMjEzMS00MTE2LWI2Zjkt
NTEwNTI1YzQ3NDRjLzEvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9jZjVjMTAtMjEzMS00MTE2LWI2ZjktNTEwNTI1YzQ3NDRj
LzEvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUygrN7S7
DZuCXbDci4CBjc3AYbFmg8qIfhfpV9KI0fc4MlOLFwfKMEZYk0n89IzOQhEVf2Lf
KLG2yHTOKGctgqaKyv5AY8rIe86pIlS0kHyNeXgY9UYMXTBoc1Jk5xiJ7kfJ5VKi
rSzMsCq8Ro26AWpcdL6tLQf0pZcSas77JQEJyw0PRze/msUxvR/MUkVhfNIDbOYc
sKkN3CtvtMAVoARlgJ7P+GQYRKcEMKs6/Fk9kKYSbQb93PbxhxbJ3qygJMYDt4qI
itf9Gce5xijWWKbVFfIOsQU67sH7L1siAPxzcWH+yrWaIW9k/5xa1rSdNiSbUECJ
wZk32yoHOLXQIw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 21:55:06 2026 by rpki-client