Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/0be9d0-999a-449a-8519-3523e3030be4/1/d0HROhWph91gAZwCZdLs7EhAlEo.mft
File: d0HROhWph91gAZwCZdLs7EhAlEo.mft (raw, json)
Hash identifier: WruUGO3auK4dWcVLNZ3uQ4E51/TyrHCgbdFWijcUVbQ=
Subject key identifier: EA:3C:6F:38:B1:A0:2D:EF:55:92:B7:5A:0C:F7:8E:BC:6B:A6:3C:FE
Authority key identifier: 77:41:D1:3A:15:A9:87:DD:60:01:9C:02:65:D2:EC:EC:48:40:94:4A
Certificate issuer: /CN=7741d13a15a987dd60019c0265d2ecec4840944a
Certificate serial: 019D28BB188AD36204E17A7FD032EC7C63FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d0HROhWph91gAZwCZdLs7EhAlEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/0be9d0-999a-449a-8519-3523e3030be4/1/d0HROhWph91gAZwCZdLs7EhAlEo.mft
Manifest number: 099B
Signing time: Thu 26 Mar 2026 06:00:43 +0000
Manifest this update: Thu 26 Mar 2026 06:00:43 +0000
Manifest next update: Fri 27 Mar 2026 06:00:43 +0000
Files and hashes: 1: 2aVju54fgg9bD1JRsSNN37U-9Hk.roa (hash: gQ2ZXX3Kuvxj5T+dbec4hU1fv3yACHxOQmVvGeAb560=)
2: d0HROhWph91gAZwCZdLs7EhAlEo.crl (hash: ID2yWazQ2m4t4GpFgC19r6OmrqMnxly9dsPRQqQUgJ4=)
3: sRYXppUiSNJrW5d1MVXqJ1v0U0g.roa (hash: e8cW0JrKBdNEagEPQSlGciScba5vYX0jEPFos43/Uno=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/0be9d0-999a-449a-8519-3523e3030be4/1/d0HROhWph91gAZwCZdLs7EhAlEo.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/0be9d0-999a-449a-8519-3523e3030be4/1/d0HROhWph91gAZwCZdLs7EhAlEo.mft
rsync://rpki.ripe.net/repository/DEFAULT/d0HROhWph91gAZwCZdLs7EhAlEo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:bb:18:8a:d3:62:04:e1:7a:7f:d0:32:ec:7c:63:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7741d13a15a987dd60019c0265d2ecec4840944a
Validity
Not Before: Mar 26 06:00:43 2026 GMT
Not After : Mar 27 06:00:43 2026 GMT
Subject: CN=ea3c6f38b1a02def5592b75a0cf78ebc6ba63cfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:3c:57:11:5e:f4:37:24:d2:cf:5f:14:9a:33:
34:42:69:2d:54:ea:64:36:09:a4:fd:b6:90:52:97:
0d:0c:ef:9e:48:b3:76:8a:35:e8:93:17:da:cd:0d:
ca:4b:eb:f7:59:86:a6:42:44:f2:57:b1:6e:7b:35:
e8:06:df:3d:ea:9d:ed:82:0f:f5:7c:0d:cf:89:ab:
bd:3b:0a:f7:a7:ed:7a:ad:5d:8b:8e:db:2f:54:34:
b6:46:bf:de:67:2b:9c:f1:ac:70:bd:0b:bd:c1:5d:
c6:c2:30:b1:ed:50:a7:2b:c0:d2:97:44:dc:21:02:
6c:09:85:cd:3e:46:77:52:a6:38:1f:88:15:64:0b:
53:c5:a2:d0:45:06:81:72:eb:cf:a5:24:f5:a8:52:
a7:27:18:aa:c0:bc:8d:71:d5:63:6a:e6:2a:82:18:
22:91:2c:9b:2e:70:18:a6:da:f3:71:b4:03:4e:e5:
a8:42:8b:15:cb:2c:d9:a5:46:f2:e9:93:0b:34:3e:
2e:61:ed:01:75:be:1e:4c:e4:94:42:10:69:f3:e0:
3e:7b:92:ef:87:5b:54:9c:91:d7:22:ac:b8:7d:7b:
ba:0a:7b:22:ab:13:8e:c1:93:6b:23:2e:ca:f1:c3:
7b:f3:4c:b4:91:db:96:0d:3d:02:f7:23:13:df:76:
f6:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:3C:6F:38:B1:A0:2D:EF:55:92:B7:5A:0C:F7:8E:BC:6B:A6:3C:FE
X509v3 Authority Key Identifier:
keyid:77:41:D1:3A:15:A9:87:DD:60:01:9C:02:65:D2:EC:EC:48:40:94:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0HROhWph91gAZwCZdLs7EhAlEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/0be9d0-999a-449a-8519-3523e3030be4/1/d0HROhWph91gAZwCZdLs7EhAlEo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/0be9d0-999a-449a-8519-3523e3030be4/1/d0HROhWph91gAZwCZdLs7EhAlEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8b:48:d8:7b:73:38:74:e5:ae:b8:a4:92:1b:3d:3f:9d:da:eb:
c3:c5:d6:a4:f5:a9:e1:9c:1d:55:cd:70:33:f0:4f:e1:91:88:
8b:11:f6:8c:2f:49:2b:7a:f1:36:f4:88:fb:dd:97:c4:bc:10:
69:33:00:71:30:25:8e:f2:83:79:bd:79:57:ab:88:b5:63:17:
f4:8d:ec:0e:ab:ee:42:5b:b1:cc:9b:ab:cb:7b:2b:3f:71:69:
74:bd:46:7e:c4:2b:20:38:0c:0f:ba:fb:fb:ac:63:92:f7:8c:
09:33:ef:94:20:06:d6:b5:67:f4:ed:19:9c:b9:76:18:c4:90:
98:e8:60:d4:0b:ad:63:1a:b5:a7:15:a3:44:06:e1:f5:0e:b0:
93:6c:94:c0:6c:28:57:95:9e:f5:62:21:fd:79:36:08:4c:97:
c3:ba:44:5c:6b:02:7b:2e:3b:80:c1:e8:f8:a5:09:14:ba:74:
15:a6:e7:12:2f:73:76:1f:ee:02:0a:80:7f:77:5c:5a:08:d6:
ca:d6:10:68:59:71:2c:5a:e1:ae:2a:62:a0:1c:56:a8:a1:01:
90:37:c4:49:8a:cd:03:e7:60:c2:51:96:72:19:1d:c8:51:68:
46:6a:11:d8:af:00:5f:14:67:2c:53:e3:00:1a:23:a0:00:33:
f8:75:40:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ouxiK02IE4Xp/0DLsfGP9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NDFkMTNhMTVhOTg3ZGQ2MDAxOWMwMjY1ZDJlY2VjNDg0
MDk0NGEwHhcNMjYwMzI2MDYwMDQzWhcNMjYwMzI3MDYwMDQzWjAzMTEwLwYDVQQD
EyhlYTNjNmYzOGIxYTAyZGVmNTU5MmI3NWEwY2Y3OGViYzZiYTYzY2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjxXEV70NyTSz18UmjM0QmktVOpk
Ngmk/baQUpcNDO+eSLN2ijXokxfazQ3KS+v3WYamQkTyV7FuezXoBt896p3tgg/1
fA3Piau9Owr3p+16rV2LjtsvVDS2Rr/eZyuc8axwvQu9wV3GwjCx7VCnK8DSl0Tc
IQJsCYXNPkZ3UqY4H4gVZAtTxaLQRQaBcuvPpST1qFKnJxiqwLyNcdVjauYqghgi
kSybLnAYptrzcbQDTuWoQosVyyzZpUby6ZMLND4uYe0Bdb4eTOSUQhBp8+A+e5Lv
h1tUnJHXIqy4fXu6CnsiqxOOwZNrIy7K8cN780y0kduWDT0C9yMT33b2EwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOo8bzixoC3vVZK3Wgz3jrxrpjz+MB8GA1UdIwQY
MBaAFHdB0ToVqYfdYAGcAmXS7OxIQJRKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDBIUk9oV3BoOTFnQVp3Q1pkTHM3RWhBbEVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8wYmU5ZDAtOTk5YS00NDlhLTg1MTkt
MzUyM2UzMDMwYmU0LzEvZDBIUk9oV3BoOTFnQVp3Q1pkTHM3RWhBbEVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8wYmU5ZDAtOTk5YS00NDlhLTg1MTktMzUyM2UzMDMwYmU0
LzEvZDBIUk9oV3BoOTFnQVp3Q1pkTHM3RWhBbEVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi0jYe3M4
dOWuuKSSGz0/ndrrw8XWpPWp4ZwdVc1wM/BP4ZGIixH2jC9JK3rxNvSI+92XxLwQ
aTMAcTAljvKDeb15V6uItWMX9I3sDqvuQluxzJury3srP3FpdL1GfsQrIDgMD7r7
+6xjkveMCTPvlCAG1rVn9O0ZnLl2GMSQmOhg1AutYxq1pxWjRAbh9Q6wk2yUwGwo
V5We9WIh/Xk2CEyXw7pEXGsCey47gMHo+KUJFLp0FabnEi9zdh/uAgqAf3dcWgjW
ytYQaFlxLFrhripioBxWqKEBkDfESYrNA+dgwlGWchkdyFFoRmoR2K8AXxRnLFPj
ABojoAAz+HVA9g==
-----END CERTIFICATE-----
Generated at Thu Mar 26 10:50:47 2026 by rpki-client