Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/98a661-44f5-4a05-acaa-e67582f23097/1/DoMf1wxr03oqddeg6sAxyS2o4YU.mft
File: DoMf1wxr03oqddeg6sAxyS2o4YU.mft (raw, json)
Hash identifier: AC3iY7bhdjvpkqZdhLeh60vOU3osrOyNnPsn+sQmF2A=
Subject key identifier: 35:FE:B7:56:82:F6:D8:5C:ED:19:2E:3C:2B:14:E8:A3:07:62:14:C4
Authority key identifier: 0E:83:1F:D7:0C:6B:D3:7A:2A:75:D7:A0:EA:C0:31:C9:2D:A8:E1:85
Certificate issuer: /CN=0e831fd70c6bd37a2a75d7a0eac031c92da8e185
Certificate serial: 019D2960BAE5057312D5CCA9486EA5E74340
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DoMf1wxr03oqddeg6sAxyS2o4YU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/98a661-44f5-4a05-acaa-e67582f23097/1/DoMf1wxr03oqddeg6sAxyS2o4YU.mft
Manifest number: 150A
Signing time: Thu 26 Mar 2026 09:01:38 +0000
Manifest this update: Thu 26 Mar 2026 09:01:38 +0000
Manifest next update: Fri 27 Mar 2026 09:01:38 +0000
Files and hashes: 1: DoMf1wxr03oqddeg6sAxyS2o4YU.crl (hash: /30iolyn7EdHKjLw9+fMm6xumStEGmQxsnBabxoCcac=)
2: E0z3igtUq_zoGuy11MZm46qUA0k.roa (hash: zMUnBno+JucV/paZ21Lh4Pgqfjfx+DUy9tc50u1XZBc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/98a661-44f5-4a05-acaa-e67582f23097/1/DoMf1wxr03oqddeg6sAxyS2o4YU.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/98a661-44f5-4a05-acaa-e67582f23097/1/DoMf1wxr03oqddeg6sAxyS2o4YU.mft
rsync://rpki.ripe.net/repository/DEFAULT/DoMf1wxr03oqddeg6sAxyS2o4YU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:60:ba:e5:05:73:12:d5:cc:a9:48:6e:a5:e7:43:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e831fd70c6bd37a2a75d7a0eac031c92da8e185
Validity
Not Before: Mar 26 09:01:38 2026 GMT
Not After : Mar 27 09:01:38 2026 GMT
Subject: CN=35feb75682f6d85ced192e3c2b14e8a3076214c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:96:2c:5a:b0:c5:76:1b:95:85:76:02:78:8c:
f5:54:7d:ce:7c:83:d2:f0:a2:da:03:4e:0e:13:c7:
58:1e:fb:75:d4:93:83:bc:c7:97:70:8c:fc:8c:f5:
b9:b2:ae:59:6d:35:28:2d:23:2d:c6:93:d2:d2:fe:
b3:18:8a:13:52:6d:b7:58:ca:6e:d0:5f:7b:8f:42:
3c:f3:09:78:2f:04:14:66:25:9b:f3:47:93:96:33:
e1:20:82:41:fa:40:15:ad:e2:6a:ef:ed:1e:64:fa:
51:ce:e9:6f:ca:a2:65:46:df:99:b3:72:d3:e1:52:
94:75:1f:be:49:86:f4:17:02:7f:c3:2e:01:39:34:
5b:b1:2c:74:4b:4b:bd:ae:d0:2e:13:b8:80:2b:43:
f6:7e:c7:77:5f:0c:7d:56:96:52:f7:09:b0:05:ae:
64:af:be:0c:6a:d6:7d:1d:51:90:29:89:6d:24:8b:
9d:95:11:9e:75:e9:ba:6a:6c:60:66:f7:7d:14:7f:
50:e6:fd:1b:92:1f:cf:44:fa:cb:31:bd:54:ca:61:
00:5b:aa:21:63:6e:d1:3e:a2:d9:26:14:dc:3e:61:
c1:98:d5:01:ab:d2:98:4d:76:c7:a7:42:d6:1a:92:
0c:f4:aa:b7:46:9f:0d:41:24:dd:d5:ce:78:67:fe:
46:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:FE:B7:56:82:F6:D8:5C:ED:19:2E:3C:2B:14:E8:A3:07:62:14:C4
X509v3 Authority Key Identifier:
keyid:0E:83:1F:D7:0C:6B:D3:7A:2A:75:D7:A0:EA:C0:31:C9:2D:A8:E1:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DoMf1wxr03oqddeg6sAxyS2o4YU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/98a661-44f5-4a05-acaa-e67582f23097/1/DoMf1wxr03oqddeg6sAxyS2o4YU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/98a661-44f5-4a05-acaa-e67582f23097/1/DoMf1wxr03oqddeg6sAxyS2o4YU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2c:95:b1:ee:ef:59:41:47:aa:bb:38:62:d9:6d:91:7c:0b:04:
89:bd:4e:91:f0:71:59:75:cd:c1:99:ee:3d:a9:9a:76:3f:5a:
1f:1a:34:5a:5e:65:c2:1a:9c:2c:da:06:43:e7:ac:4e:99:a0:
4c:9d:cb:a6:1c:42:f6:67:e9:40:fe:4b:cd:b7:ba:bc:dc:af:
a3:41:f2:78:b9:c0:19:c5:ea:47:56:da:d3:a3:2d:6f:aa:9f:
a4:4f:a9:ce:df:9f:e3:e2:ec:19:91:2e:cc:58:a1:be:75:1f:
e2:4c:ed:4a:ac:e0:2f:44:69:ee:3f:fb:87:e6:86:a8:4f:bb:
06:56:4a:78:fb:21:39:61:32:49:cc:16:fc:7b:b5:38:3e:c2:
ba:87:7c:33:00:07:57:58:a2:39:03:58:fa:d8:ab:1d:d7:19:
64:00:38:cc:78:6e:03:d4:59:94:40:bc:0b:53:80:e9:0a:e7:
26:22:74:dd:78:67:7d:f8:e1:f5:7e:fb:45:a7:b9:55:02:46:
12:6f:18:71:4a:41:12:85:9d:f2:3d:75:b3:0f:18:5f:b6:11:
4b:95:30:e9:79:27:46:68:47:9b:da:cf:d8:f6:c2:30:9b:6c:
2b:d2:70:c2:f5:c9:3c:67:90:d2:0a:7e:e0:95:60:4b:c3:55:
b0:4b:fd:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYLrlBXMS1cypSG6l50NAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlODMxZmQ3MGM2YmQzN2EyYTc1ZDdhMGVhYzAzMWM5MmRh
OGUxODUwHhcNMjYwMzI2MDkwMTM4WhcNMjYwMzI3MDkwMTM4WjAzMTEwLwYDVQQD
EygzNWZlYjc1NjgyZjZkODVjZWQxOTJlM2MyYjE0ZThhMzA3NjIxNGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZYsWrDFdhuVhXYCeIz1VH3OfIPS
8KLaA04OE8dYHvt11JODvMeXcIz8jPW5sq5ZbTUoLSMtxpPS0v6zGIoTUm23WMpu
0F97j0I88wl4LwQUZiWb80eTljPhIIJB+kAVreJq7+0eZPpRzulvyqJlRt+Zs3LT
4VKUdR++SYb0FwJ/wy4BOTRbsSx0S0u9rtAuE7iAK0P2fsd3Xwx9VpZS9wmwBa5k
r74MatZ9HVGQKYltJIudlRGedem6amxgZvd9FH9Q5v0bkh/PRPrLMb1UymEAW6oh
Y27RPqLZJhTcPmHBmNUBq9KYTXbHp0LWGpIM9Kq3Rp8NQSTd1c54Z/5GiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDX+t1aC9thc7RkuPCsU6KMHYhTEMB8GA1UdIwQY
MBaAFA6DH9cMa9N6KnXXoOrAMcktqOGFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG9NZjF3eHIwM29xZGRlZzZzQXh5UzJvNFlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS85OGE2NjEtNDRmNS00YTA1LWFjYWEt
ZTY3NTgyZjIzMDk3LzEvRG9NZjF3eHIwM29xZGRlZzZzQXh5UzJvNFlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS85OGE2NjEtNDRmNS00YTA1LWFjYWEtZTY3NTgyZjIzMDk3
LzEvRG9NZjF3eHIwM29xZGRlZzZzQXh5UzJvNFlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALJWx7u9Z
QUequzhi2W2RfAsEib1OkfBxWXXNwZnuPamadj9aHxo0Wl5lwhqcLNoGQ+esTpmg
TJ3LphxC9mfpQP5Lzbe6vNyvo0HyeLnAGcXqR1ba06Mtb6qfpE+pzt+f4+LsGZEu
zFihvnUf4kztSqzgL0Rp7j/7h+aGqE+7BlZKePshOWEyScwW/Hu1OD7Cuod8MwAH
V1iiOQNY+tirHdcZZAA4zHhuA9RZlEC8C1OA6QrnJiJ03Xhnffjh9X77Rae5VQJG
Em8YcUpBEoWd8j11sw8YX7YRS5Uw6XknRmhHm9rP2PbCMJtsK9JwwvXJPGeQ0gp+
4JVgS8NVsEv92g==
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:48:14 2026 by rpki-client