
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/6cd366-3557-42b2-885b-3d46439aa41c/1/DbPDFk09jCZEzymzI2dhpXHuWLo.mft
File: DbPDFk09jCZEzymzI2dhpXHuWLo.mft (raw, json)
Hash identifier: S7ASYxZWnOOdnSt8Hfb9xli5qAA5gf/7I2jnahz4bJI=
Subject key identifier: F3:B6:C4:86:56:C2:45:DF:30:EA:15:E9:9D:29:B5:72:46:4D:40:BC
Authority key identifier: 0D:B3:C3:16:4D:3D:8C:26:44:CF:29:B3:23:67:61:A5:71:EE:58:BA
Certificate issuer: /CN=0db3c3164d3d8c2644cf29b3236761a571ee58ba
Certificate serial: 019D2A3C0FFB7F4BB77FF0457397D797E832
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DbPDFk09jCZEzymzI2dhpXHuWLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/6cd366-3557-42b2-885b-3d46439aa41c/1/DbPDFk09jCZEzymzI2dhpXHuWLo.mft
Manifest number: 0E8F
Signing time: Thu 26 Mar 2026 13:01:12 +0000
Manifest this update: Thu 26 Mar 2026 13:01:12 +0000
Manifest next update: Fri 27 Mar 2026 13:01:12 +0000
Files and hashes: 1: AV8o_HRJCYQ0OsTpD-wRX5B7CZE.roa (hash: IbeU1AeOys6rseJf5ugRnLAWWP/7mZIxuUtqX7netkk=)
2: DbPDFk09jCZEzymzI2dhpXHuWLo.crl (hash: zYWO79tzX07Gnp6cOQWB1HQciA8JXv44uTI5uZRYhPo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/6cd366-3557-42b2-885b-3d46439aa41c/1/DbPDFk09jCZEzymzI2dhpXHuWLo.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/6cd366-3557-42b2-885b-3d46439aa41c/1/DbPDFk09jCZEzymzI2dhpXHuWLo.mft
rsync://rpki.ripe.net/repository/DEFAULT/DbPDFk09jCZEzymzI2dhpXHuWLo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:3c:0f:fb:7f:4b:b7:7f:f0:45:73:97:d7:97:e8:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0db3c3164d3d8c2644cf29b3236761a571ee58ba
Validity
Not Before: Mar 26 13:01:12 2026 GMT
Not After : Mar 27 13:01:12 2026 GMT
Subject: CN=f3b6c48656c245df30ea15e99d29b572464d40bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:3a:ce:db:97:22:f3:c0:20:d6:93:23:55:b4:
10:bf:b8:0f:e6:f7:54:d3:a7:fd:35:a8:f1:b7:48:
e4:b7:74:6d:92:62:cf:78:1a:d0:7a:fe:00:05:ce:
bb:6b:eb:76:4e:ec:3d:ea:4c:6b:16:ae:a2:45:d1:
25:96:c2:46:64:9c:67:d2:2d:9d:76:fe:52:64:36:
06:29:7e:38:fa:5c:0b:43:2e:7e:44:28:9b:89:77:
89:f2:a9:4a:50:33:29:42:ad:08:10:cb:c3:02:33:
ec:1f:f9:b2:d3:d5:79:b0:ac:c6:a0:6b:98:99:f3:
99:8b:54:f7:0c:a1:7b:e8:fe:31:d1:07:54:70:80:
01:d6:0b:c6:e0:cf:7a:16:3b:29:35:0e:30:fc:71:
2f:4f:4a:4f:87:23:d6:5f:10:1e:2c:6b:80:fc:43:
1f:93:79:e7:f9:02:55:84:af:3a:ee:81:55:5a:0c:
7b:8b:7a:8f:74:64:06:f8:9e:3f:2a:a5:65:e4:32:
cb:d5:15:95:6c:c1:d4:7c:cc:97:77:3e:2b:dc:9a:
0c:9e:35:c0:6a:bb:f1:cc:5c:1f:15:ab:fa:3a:96:
fa:eb:48:c6:48:22:4a:31:fa:fd:d3:01:5f:d5:64:
80:ff:33:3c:6e:22:df:ba:4b:bf:e9:73:5f:84:f6:
f6:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:B6:C4:86:56:C2:45:DF:30:EA:15:E9:9D:29:B5:72:46:4D:40:BC
X509v3 Authority Key Identifier:
keyid:0D:B3:C3:16:4D:3D:8C:26:44:CF:29:B3:23:67:61:A5:71:EE:58:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbPDFk09jCZEzymzI2dhpXHuWLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/6cd366-3557-42b2-885b-3d46439aa41c/1/DbPDFk09jCZEzymzI2dhpXHuWLo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/6cd366-3557-42b2-885b-3d46439aa41c/1/DbPDFk09jCZEzymzI2dhpXHuWLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:60:dd:9a:55:53:05:35:51:e7:94:a6:fb:a4:c0:b9:bf:ce:
cb:99:ef:b8:88:f9:9c:e6:2c:6b:7e:1d:95:2e:71:61:d8:ca:
22:32:54:d6:ca:1f:72:f7:c1:b0:65:d8:a7:6a:84:7e:17:87:
ac:36:8c:23:0d:d5:e0:98:8d:be:9c:16:50:cd:4b:e5:49:7b:
0b:16:86:d7:41:7b:fe:b6:88:30:ea:57:27:50:9a:2d:35:93:
70:3d:b1:4c:8f:45:95:64:65:93:f2:3f:c1:03:bc:17:70:18:
c9:87:e1:86:84:fb:cd:70:a3:14:fa:42:42:3d:ea:54:5d:ca:
ae:32:0f:2b:53:bd:c8:47:81:aa:79:f1:c3:d7:b4:72:c5:52:
19:ec:ec:3a:de:a8:48:35:ed:f8:8a:3b:f7:ae:27:ab:18:63:
7e:86:c8:11:d6:bf:f0:a3:84:c6:86:67:d9:f1:9a:f2:23:aa:
b9:4f:7e:04:88:55:ce:18:6b:0b:5f:58:3b:68:1d:8d:bf:8c:
39:b7:de:d1:1f:a1:e7:77:a5:81:ba:89:8a:16:20:06:39:f3:
e0:9e:e9:aa:40:15:4d:56:10:b0:3b:51:b4:36:40:d6:66:8e:
82:4c:49:5d:ad:54:9b:e4:76:15:2c:82:7d:63:89:73:c6:26:
df:b3:f5:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qPA/7f0u3f/BFc5fXl+gyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYjNjMzE2NGQzZDhjMjY0NGNmMjliMzIzNjc2MWE1NzFl
ZTU4YmEwHhcNMjYwMzI2MTMwMTEyWhcNMjYwMzI3MTMwMTEyWjAzMTEwLwYDVQQD
EyhmM2I2YzQ4NjU2YzI0NWRmMzBlYTE1ZTk5ZDI5YjU3MjQ2NGQ0MGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzrO25ci88Ag1pMjVbQQv7gP5vdU
06f9Najxt0jkt3RtkmLPeBrQev4ABc67a+t2Tuw96kxrFq6iRdEllsJGZJxn0i2d
dv5SZDYGKX44+lwLQy5+RCibiXeJ8qlKUDMpQq0IEMvDAjPsH/my09V5sKzGoGuY
mfOZi1T3DKF76P4x0QdUcIAB1gvG4M96FjspNQ4w/HEvT0pPhyPWXxAeLGuA/EMf
k3nn+QJVhK867oFVWgx7i3qPdGQG+J4/KqVl5DLL1RWVbMHUfMyXdz4r3JoMnjXA
arvxzFwfFav6Opb660jGSCJKMfr90wFf1WSA/zM8biLfuku/6XNfhPb2ywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPO2xIZWwkXfMOoV6Z0ptXJGTUC8MB8GA1UdIwQY
MBaAFA2zwxZNPYwmRM8psyNnYaVx7li6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGJQREZrMDlqQ1pFenltekkyZGhwWEh1V0xvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi82Y2QzNjYtMzU1Ny00MmIyLTg4NWIt
M2Q0NjQzOWFhNDFjLzEvRGJQREZrMDlqQ1pFenltekkyZGhwWEh1V0xvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi82Y2QzNjYtMzU1Ny00MmIyLTg4NWItM2Q0NjQzOWFhNDFj
LzEvRGJQREZrMDlqQ1pFenltekkyZGhwWEh1V0xvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEWDdmlVT
BTVR55Sm+6TAub/Oy5nvuIj5nOYsa34dlS5xYdjKIjJU1sofcvfBsGXYp2qEfheH
rDaMIw3V4JiNvpwWUM1L5Ul7CxaG10F7/raIMOpXJ1CaLTWTcD2xTI9FlWRlk/I/
wQO8F3AYyYfhhoT7zXCjFPpCQj3qVF3KrjIPK1O9yEeBqnnxw9e0csVSGezsOt6o
SDXt+Io7964nqxhjfobIEda/8KOExoZn2fGa8iOquU9+BIhVzhhrC19YO2gdjb+M
Obfe0R+h53elgbqJihYgBjnz4J7pqkAVTVYQsDtRtDZA1maOgkxJXa1Um+R2FSyC
fWOJc8Ym37P1hg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:20:07 2026 by rpki-client