Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.mft
File: otP5vJZWutwm594auw-nLD1yjdg.mft (raw, json)
Hash identifier: xHCwquX9mPElsk8PaIWM67K/hGCrbjdkHBKwr4WZXWA=
Subject key identifier: FD:41:40:2D:C7:FF:80:EA:44:74:B3:25:56:C4:E0:97:8C:B7:C4:6E
Authority key identifier: A2:D3:F9:BC:96:56:BA:DC:26:E7:DE:1A:BB:0F:A7:2C:3D:72:8D:D8
Certificate issuer: /CN=a2d3f9bc9656badc26e7de1abb0fa72c3d728dd8
Certificate serial: 019D258396DBD821903D38C11A71E172709A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/otP5vJZWutwm594auw-nLD1yjdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.mft
Manifest number: 04EB
Signing time: Wed 25 Mar 2026 15:01:13 +0000
Manifest this update: Wed 25 Mar 2026 15:01:13 +0000
Manifest next update: Thu 26 Mar 2026 15:01:13 +0000
Files and hashes: 1: otP5vJZWutwm594auw-nLD1yjdg.crl (hash: YneaIYUxDxCm39W3j0/yr63ZGV/qVmCfTmfF/nAKNxk=)
2: wq9tYLfVQC77CHQnEGOwVihriSc.roa (hash: tQsNymN61pdlaZw2p685YQ4hLAz1lZz1V7NLew6Ch8g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.mft
rsync://rpki.ripe.net/repository/DEFAULT/otP5vJZWutwm594auw-nLD1yjdg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:83:96:db:d8:21:90:3d:38:c1:1a:71:e1:72:70:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2d3f9bc9656badc26e7de1abb0fa72c3d728dd8
Validity
Not Before: Mar 25 15:01:13 2026 GMT
Not After : Mar 26 15:01:13 2026 GMT
Subject: CN=fd41402dc7ff80ea4474b32556c4e0978cb7c46e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:96:46:73:ec:af:9a:c6:a5:df:fe:65:68:73:
e7:42:1b:68:14:39:72:3b:07:5c:00:a4:6d:4f:7d:
f9:9f:07:25:53:46:97:ec:1e:6c:ee:2b:90:cb:db:
41:82:83:4f:aa:9d:8e:99:03:9c:e2:2a:be:8e:c6:
ce:b9:b0:70:d7:f4:e5:3d:e7:1a:16:4f:9e:b9:83:
60:ca:4e:d8:09:4a:71:7a:d8:07:60:66:42:82:da:
5e:6c:02:b9:4a:d0:fd:22:d2:0b:2b:53:a3:c1:ed:
ab:04:61:09:fa:85:68:e3:80:94:01:9f:63:b4:57:
f2:3c:60:2a:73:94:5b:53:8d:9c:a6:9c:60:e9:f1:
a6:a4:75:0a:5c:77:1f:7c:d7:82:a2:c9:7c:f1:dd:
35:fb:63:64:8f:85:3c:63:b8:b9:73:f0:c2:b3:1a:
56:47:7a:cd:73:46:a9:1c:7d:6d:74:44:8c:27:7f:
4f:2c:fb:d1:63:08:ce:a6:b2:3e:ac:0f:1a:7e:55:
67:5a:60:ae:f7:31:f2:20:d5:b7:a0:3c:0a:7d:05:
6d:ac:25:5a:ac:c0:f2:8f:4e:27:91:dd:1e:07:22:
80:69:29:58:8b:2a:91:1b:84:c4:93:1c:e0:c6:f2:
3b:47:68:8a:ec:02:ca:10:76:0f:6d:7e:e3:3c:47:
4b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:41:40:2D:C7:FF:80:EA:44:74:B3:25:56:C4:E0:97:8C:B7:C4:6E
X509v3 Authority Key Identifier:
keyid:A2:D3:F9:BC:96:56:BA:DC:26:E7:DE:1A:BB:0F:A7:2C:3D:72:8D:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/otP5vJZWutwm594auw-nLD1yjdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
85:0b:d3:37:44:b7:49:81:9a:93:a0:45:68:29:73:f3:df:77:
51:0f:b5:74:67:d9:c7:74:6a:75:47:a4:f5:3b:b1:cd:36:0a:
d6:2f:91:f1:40:86:29:b9:f6:40:de:c4:8a:f2:e0:9e:04:a6:
4d:e3:81:08:f3:87:5c:d3:25:0c:02:2f:f8:0d:fc:9f:3f:6d:
4c:8c:e0:a8:56:ba:94:86:cf:90:39:ff:46:9e:fd:9b:bd:da:
55:0d:21:20:43:98:d3:a7:99:49:3c:83:03:a4:59:26:bc:2d:
73:34:91:d0:74:32:69:9b:29:1d:1d:ed:65:3b:4a:6b:66:30:
ea:66:a5:2e:f2:38:5e:c7:9a:d2:4a:94:15:bb:f0:87:30:5f:
cc:86:54:24:3d:4d:22:2e:85:fb:5c:f7:7b:ca:34:97:e1:f5:
2d:da:c6:d7:26:d2:ca:f8:28:d6:82:8a:18:1f:61:7c:87:e1:
a7:1d:42:6c:c7:e6:00:04:26:4e:e9:cc:5e:b9:9f:77:3f:97:
8f:f7:e2:2f:2e:90:1d:56:d6:dd:11:6f:6f:bb:d6:e6:b3:e5:
ed:93:9d:87:4a:a0:9c:1f:83:67:38:5a:3f:14:86:4f:90:1e:
dc:6f:a0:0b:e8:5d:a9:e4:14:78:e6:c4:63:17:c5:39:42:32:
65:20:2f:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lg5bb2CGQPTjBGnHhcnCaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZDNmOWJjOTY1NmJhZGMyNmU3ZGUxYWJiMGZhNzJjM2Q3
MjhkZDgwHhcNMjYwMzI1MTUwMTEzWhcNMjYwMzI2MTUwMTEzWjAzMTEwLwYDVQQD
EyhmZDQxNDAyZGM3ZmY4MGVhNDQ3NGIzMjU1NmM0ZTA5NzhjYjdjNDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJZGc+yvmsal3/5laHPnQhtoFDly
OwdcAKRtT335nwclU0aX7B5s7iuQy9tBgoNPqp2OmQOc4iq+jsbOubBw1/TlPeca
Fk+euYNgyk7YCUpxetgHYGZCgtpebAK5StD9ItILK1Ojwe2rBGEJ+oVo44CUAZ9j
tFfyPGAqc5RbU42cppxg6fGmpHUKXHcffNeCosl88d01+2Nkj4U8Y7i5c/DCsxpW
R3rNc0apHH1tdESMJ39PLPvRYwjOprI+rA8aflVnWmCu9zHyINW3oDwKfQVtrCVa
rMDyj04nkd0eByKAaSlYiyqRG4TEkxzgxvI7R2iK7ALKEHYPbX7jPEdLcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP1BQC3H/4DqRHSzJVbE4JeMt8RuMB8GA1UdIwQY
MBaAFKLT+byWVrrcJufeGrsPpyw9co3YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3RQNXZKWld1dHdtNTk0YXV3LW5MRDF5amRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82OGZkMGYtMmI4Ny00NzA0LWEzMmYt
ZDcxMWU4NGMyOWExLzEvb3RQNXZKWld1dHdtNTk0YXV3LW5MRDF5amRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82OGZkMGYtMmI4Ny00NzA0LWEzMmYtZDcxMWU4NGMyOWEx
LzEvb3RQNXZKWld1dHdtNTk0YXV3LW5MRDF5amRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhQvTN0S3
SYGak6BFaClz8993UQ+1dGfZx3RqdUek9TuxzTYK1i+R8UCGKbn2QN7EivLgngSm
TeOBCPOHXNMlDAIv+A38nz9tTIzgqFa6lIbPkDn/Rp79m73aVQ0hIEOY06eZSTyD
A6RZJrwtczSR0HQyaZspHR3tZTtKa2Yw6malLvI4Xsea0kqUFbvwhzBfzIZUJD1N
Ii6F+1z3e8o0l+H1LdrG1ybSyvgo1oKKGB9hfIfhpx1CbMfmAAQmTunMXrmfdz+X
j/fiLy6QHVbW3RFvb7vW5rPl7ZOdh0qgnB+DZzhaPxSGT5Ae3G+gC+hdqeQUeObE
YxfFOUIyZSAvDA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:37:11 2026 by rpki-client