Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.mft
File: DUHQpubfLhjCVnMjaNbnaCiTExA.mft (raw, json)
Hash identifier: oX+gbva9twUWLIwlhP+550Lp8U3nirv7cvHpwAwQu5M=
Subject key identifier: D8:5E:43:8D:85:AF:85:0A:9D:80:5E:30:D6:5C:EB:EE:BE:7F:BE:77
Authority key identifier: 0D:41:D0:A6:E6:DF:2E:18:C2:56:73:23:68:D6:E7:68:28:93:13:10
Certificate issuer: /CN=0d41d0a6e6df2e18c256732368d6e76828931310
Certificate serial: 019D296077C0F64067AD5A77B6C5DA32DF12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DUHQpubfLhjCVnMjaNbnaCiTExA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.mft
Manifest number: 11CF
Signing time: Thu 26 Mar 2026 09:01:21 +0000
Manifest this update: Thu 26 Mar 2026 09:01:21 +0000
Manifest next update: Fri 27 Mar 2026 09:01:21 +0000
Files and hashes: 1: DUHQpubfLhjCVnMjaNbnaCiTExA.crl (hash: qQVFOm6nv2uk03NE1Sddw3HxVtc8COGElV0HBrJFRbY=)
2: gQCK6BeO-j5lVpUt90LH641D-Do.roa (hash: IdvQ6sUh6mIJW4ddDEmtmONm3UtG6O5w53GtVLTmX/w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.mft
rsync://rpki.ripe.net/repository/DEFAULT/DUHQpubfLhjCVnMjaNbnaCiTExA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:60:77:c0:f6:40:67:ad:5a:77:b6:c5:da:32:df:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d41d0a6e6df2e18c256732368d6e76828931310
Validity
Not Before: Mar 26 09:01:21 2026 GMT
Not After : Mar 27 09:01:21 2026 GMT
Subject: CN=d85e438d85af850a9d805e30d65cebeebe7fbe77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:9d:e5:8c:92:4b:5e:10:8d:c6:b6:ff:ce:1e:
ae:5a:56:ee:b6:41:55:e1:c3:37:63:fa:dd:59:4a:
39:63:7e:fe:0d:88:bc:6f:7c:ad:fc:14:3a:25:68:
5d:21:f3:95:3f:78:1c:d9:e7:58:8f:d2:6f:48:2d:
ca:db:47:b8:e7:d7:1b:75:4d:ec:af:e5:48:51:44:
66:82:d9:f4:70:91:05:03:75:c8:3b:61:05:0d:19:
20:36:7e:6a:79:bc:e3:d7:7c:a9:a8:e4:d3:82:2b:
45:9d:24:ad:98:35:ff:b2:c3:80:fa:21:70:78:05:
b4:57:ca:6c:ef:c8:df:bb:e9:61:53:51:a2:b4:eb:
16:bf:a6:94:2a:3d:b7:b4:6e:28:ab:0c:e6:fe:7e:
38:14:3e:50:82:19:ff:59:88:82:3d:fd:04:03:a5:
83:b7:37:07:d4:10:dc:02:cc:1d:0f:df:83:40:46:
3f:31:b8:89:af:42:65:9e:f1:3e:da:3d:e5:5a:ed:
42:af:01:6f:e7:bb:bc:73:99:c2:33:20:b5:a4:84:
21:65:f4:26:6b:42:ac:76:94:08:c2:14:0b:1a:34:
7b:82:c9:de:99:02:60:11:33:5e:4f:c8:d0:ea:43:
e6:87:11:10:be:4d:6e:83:e6:ec:d2:62:70:33:a6:
f5:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:5E:43:8D:85:AF:85:0A:9D:80:5E:30:D6:5C:EB:EE:BE:7F:BE:77
X509v3 Authority Key Identifier:
keyid:0D:41:D0:A6:E6:DF:2E:18:C2:56:73:23:68:D6:E7:68:28:93:13:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUHQpubfLhjCVnMjaNbnaCiTExA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8a:5c:90:6f:14:9a:9b:eb:be:39:d7:f4:39:54:74:8c:d7:5b:
1a:dd:af:cf:84:5e:a1:cb:f4:b7:c8:ef:80:7a:76:b2:b6:19:
a9:d6:cf:ad:70:9b:b3:64:9c:ef:c9:87:0e:63:12:01:b4:15:
ea:12:95:19:02:64:7b:98:6a:4c:0c:0d:63:13:47:c2:f1:84:
d0:93:73:13:31:2e:f9:4b:e4:6a:16:57:1c:26:a8:22:21:b0:
29:66:77:9a:1e:85:da:bb:ef:e8:bb:40:0d:0d:78:6e:25:15:
89:59:d0:05:07:26:3c:e3:16:ae:4a:68:b7:51:3d:d0:fd:9e:
6e:f1:9d:24:f9:71:7c:c4:43:c9:8f:a4:a8:4e:ed:fe:13:e5:
c8:db:d5:f4:81:6f:5e:33:1b:d4:1b:28:1f:d9:36:72:ec:ef:
f8:67:7c:7d:69:35:a3:2a:46:17:29:97:71:78:c4:1f:ce:02:
c7:5a:78:a0:8d:7d:5a:50:7c:71:82:39:94:36:73:22:de:0b:
23:d4:7e:24:04:13:0f:bd:09:d9:8b:c4:cb:73:22:9f:7b:c6:
7c:e7:bf:cf:7e:04:a9:c6:54:06:1e:5a:0d:7e:88:cb:b4:9c:
a9:7c:e8:ce:98:24:95:7d:6c:76:9c:2e:fc:48:ac:d7:25:76:
b3:ac:e8:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYHfA9kBnrVp3tsXaMt8SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNDFkMGE2ZTZkZjJlMThjMjU2NzMyMzY4ZDZlNzY4Mjg5
MzEzMTAwHhcNMjYwMzI2MDkwMTIxWhcNMjYwMzI3MDkwMTIxWjAzMTEwLwYDVQQD
EyhkODVlNDM4ZDg1YWY4NTBhOWQ4MDVlMzBkNjVjZWJlZWJlN2ZiZTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJ3ljJJLXhCNxrb/zh6uWlbutkFV
4cM3Y/rdWUo5Y37+DYi8b3yt/BQ6JWhdIfOVP3gc2edYj9JvSC3K20e459cbdU3s
r+VIUURmgtn0cJEFA3XIO2EFDRkgNn5qebzj13ypqOTTgitFnSStmDX/ssOA+iFw
eAW0V8ps78jfu+lhU1GitOsWv6aUKj23tG4oqwzm/n44FD5Qghn/WYiCPf0EA6WD
tzcH1BDcAswdD9+DQEY/MbiJr0JlnvE+2j3lWu1CrwFv57u8c5nCMyC1pIQhZfQm
a0KsdpQIwhQLGjR7gsnemQJgETNeT8jQ6kPmhxEQvk1ug+bs0mJwM6b1WwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNheQ42Fr4UKnYBeMNZc6+6+f753MB8GA1UdIwQY
MBaAFA1B0Kbm3y4YwlZzI2jW52gokxMQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFVIUXB1YmZMaGpDVm5NamFOYm5hQ2lURXhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85ODM3YjItMGRmMC00ZjVhLTgwZGIt
NjJiNjQwYjAyZTJiLzEvRFVIUXB1YmZMaGpDVm5NamFOYm5hQ2lURXhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85ODM3YjItMGRmMC00ZjVhLTgwZGItNjJiNjQwYjAyZTJi
LzEvRFVIUXB1YmZMaGpDVm5NamFOYm5hQ2lURXhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAilyQbxSa
m+u+Odf0OVR0jNdbGt2vz4Reocv0t8jvgHp2srYZqdbPrXCbs2Sc78mHDmMSAbQV
6hKVGQJke5hqTAwNYxNHwvGE0JNzEzEu+UvkahZXHCaoIiGwKWZ3mh6F2rvv6LtA
DQ14biUViVnQBQcmPOMWrkpot1E90P2ebvGdJPlxfMRDyY+kqE7t/hPlyNvV9IFv
XjMb1BsoH9k2cuzv+Gd8fWk1oypGFymXcXjEH84Cx1p4oI19WlB8cYI5lDZzIt4L
I9R+JAQTD70J2YvEy3Min3vGfOe/z34EqcZUBh5aDX6Iy7ScqXzozpgklX1sdpwu
/Eis1yV2s6zobQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:52:31 2026 by rpki-client