Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/5ea569-f174-45c5-9db7-2af095ffc9bb/1/0fmHr1rbIwTUJvVA3l1lBUUjHlA.mft
File: 0fmHr1rbIwTUJvVA3l1lBUUjHlA.mft (raw, json)
Hash identifier: O6ZqF/l5tzkzb6wNntECcW6YbIjUyVSCjNAH8BH0MaA=
Subject key identifier: A4:73:27:E7:93:7C:59:0D:B2:A0:B5:D6:CF:72:DA:0B:76:C0:6B:FE
Authority key identifier: D1:F9:87:AF:5A:DB:23:04:D4:26:F5:40:DE:5D:65:05:45:23:1E:50
Certificate issuer: /CN=d1f987af5adb2304d426f540de5d650545231e50
Certificate serial: 019D29291B19996CE0FF970CB7273BC10440
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0fmHr1rbIwTUJvVA3l1lBUUjHlA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/5ea569-f174-45c5-9db7-2af095ffc9bb/1/0fmHr1rbIwTUJvVA3l1lBUUjHlA.mft
Manifest number: 0D6F
Signing time: Thu 26 Mar 2026 08:00:52 +0000
Manifest this update: Thu 26 Mar 2026 08:00:52 +0000
Manifest next update: Fri 27 Mar 2026 08:00:52 +0000
Files and hashes: 1: 0fmHr1rbIwTUJvVA3l1lBUUjHlA.crl (hash: RP0nouY2HESorad6mU9BObzhBznqVo2Ew1OTdyUM0NY=)
2: 7pW6N95SBaarNHlJ5YSAoacd8ao.roa (hash: AtmfAacFc/GQg4xtQsWYFmleTITIVH1hzZmgjZL4+MI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/5ea569-f174-45c5-9db7-2af095ffc9bb/1/0fmHr1rbIwTUJvVA3l1lBUUjHlA.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/5ea569-f174-45c5-9db7-2af095ffc9bb/1/0fmHr1rbIwTUJvVA3l1lBUUjHlA.mft
rsync://rpki.ripe.net/repository/DEFAULT/0fmHr1rbIwTUJvVA3l1lBUUjHlA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 08:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:29:1b:19:99:6c:e0:ff:97:0c:b7:27:3b:c1:04:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1f987af5adb2304d426f540de5d650545231e50
Validity
Not Before: Mar 26 08:00:52 2026 GMT
Not After : Mar 27 08:00:52 2026 GMT
Subject: CN=a47327e7937c590db2a0b5d6cf72da0b76c06bfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1e:ae:53:e8:c7:cd:9d:24:aa:9c:4d:99:d8:
e2:7c:3a:c0:bc:1f:01:52:8e:28:9d:01:5b:95:4a:
6d:e3:ec:84:43:f3:2f:36:95:08:0c:bf:db:33:47:
e4:85:41:a6:62:b6:58:32:e8:e9:57:92:8f:b9:59:
6a:fc:2d:08:5b:fc:1a:cb:cf:d3:92:01:01:23:7b:
24:14:77:a0:0d:3c:d7:fd:eb:23:37:c8:25:e0:2e:
19:a9:18:e7:a8:54:7a:98:25:ac:aa:30:02:de:31:
c4:08:19:a3:40:d7:9b:9c:e2:20:b7:1a:d2:8c:de:
d5:3e:97:ec:2a:45:09:3b:d1:83:2d:0e:76:e4:00:
42:56:b0:4a:cb:e2:22:1b:ec:93:53:b3:53:da:7b:
39:64:b9:a9:d7:75:7a:8b:03:62:da:08:2b:c7:6a:
e3:af:a0:52:ea:3c:51:c0:f8:8e:5e:f1:00:e6:71:
0d:09:e9:0e:39:90:18:64:58:f8:50:e9:90:19:d2:
94:35:79:b1:2a:db:b9:a1:68:4d:44:55:3a:65:47:
e6:e9:82:8c:94:44:51:ec:f8:24:99:5d:6b:01:dd:
66:a3:36:a5:f4:47:6c:07:d3:a2:68:5f:6a:86:8d:
50:e6:26:3a:6c:5b:89:69:69:31:24:37:37:9b:01:
75:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:73:27:E7:93:7C:59:0D:B2:A0:B5:D6:CF:72:DA:0B:76:C0:6B:FE
X509v3 Authority Key Identifier:
keyid:D1:F9:87:AF:5A:DB:23:04:D4:26:F5:40:DE:5D:65:05:45:23:1E:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0fmHr1rbIwTUJvVA3l1lBUUjHlA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/5ea569-f174-45c5-9db7-2af095ffc9bb/1/0fmHr1rbIwTUJvVA3l1lBUUjHlA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/5ea569-f174-45c5-9db7-2af095ffc9bb/1/0fmHr1rbIwTUJvVA3l1lBUUjHlA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
47:31:7c:e7:4a:50:98:f9:06:d6:c2:aa:7b:98:4a:af:5a:da:
5d:e2:1c:76:94:b3:95:10:e4:94:84:96:94:a7:9b:2c:bf:0a:
d9:e5:e9:07:f3:c9:eb:73:cd:f3:da:a9:5d:8f:95:b8:eb:8e:
ee:96:27:7e:9d:9d:0a:9f:9f:74:44:3a:8f:09:fc:7c:55:ce:
50:92:c1:66:e6:65:76:36:d4:68:ee:f2:a2:cf:a1:dd:45:cd:
30:f4:94:49:00:d0:15:3c:ea:de:85:11:88:7c:ec:93:40:8b:
a8:a6:0e:64:97:94:7a:28:0e:07:0d:eb:a0:c7:5c:56:ec:ee:
09:38:68:41:f1:7b:01:dd:17:ba:aa:85:0c:ab:0f:64:fe:9c:
4a:e4:15:85:75:74:da:fd:6d:87:12:88:ea:23:41:e5:74:09:
31:db:68:e8:55:47:b5:bc:b7:c0:ca:ec:71:dc:48:f2:e1:3f:
19:67:5d:7f:15:f2:de:7b:3e:02:07:75:92:8a:e3:64:6b:cd:
e0:84:12:6c:37:97:02:10:96:fa:ec:1b:42:dc:89:71:46:70:
90:1e:6d:c8:e0:fa:c9:5c:9a:53:d9:93:a0:44:2e:93:8c:a3:
53:86:d8:8b:a2:1e:b1:e7:43:5c:76:76:0a:29:1d:c5:82:38:
5a:df:ee:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pKRsZmWzg/5cMtyc7wQRAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZjk4N2FmNWFkYjIzMDRkNDI2ZjU0MGRlNWQ2NTA1NDUy
MzFlNTAwHhcNMjYwMzI2MDgwMDUyWhcNMjYwMzI3MDgwMDUyWjAzMTEwLwYDVQQD
EyhhNDczMjdlNzkzN2M1OTBkYjJhMGI1ZDZjZjcyZGEwYjc2YzA2YmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApR6uU+jHzZ0kqpxNmdjifDrAvB8B
Uo4onQFblUpt4+yEQ/MvNpUIDL/bM0fkhUGmYrZYMujpV5KPuVlq/C0IW/way8/T
kgEBI3skFHegDTzX/esjN8gl4C4ZqRjnqFR6mCWsqjAC3jHECBmjQNebnOIgtxrS
jN7VPpfsKkUJO9GDLQ525ABCVrBKy+IiG+yTU7NT2ns5ZLmp13V6iwNi2ggrx2rj
r6BS6jxRwPiOXvEA5nENCekOOZAYZFj4UOmQGdKUNXmxKtu5oWhNRFU6ZUfm6YKM
lERR7PgkmV1rAd1mozal9EdsB9OiaF9qho1Q5iY6bFuJaWkxJDc3mwF1OQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKRzJ+eTfFkNsqC11s9y2gt2wGv+MB8GA1UdIwQY
MBaAFNH5h69a2yME1Cb1QN5dZQVFIx5QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGZtSHIxcmJJd1RVSnZWQTNsMWxCVVVqSGxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS81ZWE1NjktZjE3NC00NWM1LTlkYjct
MmFmMDk1ZmZjOWJiLzEvMGZtSHIxcmJJd1RVSnZWQTNsMWxCVVVqSGxBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS81ZWE1NjktZjE3NC00NWM1LTlkYjctMmFmMDk1ZmZjOWJi
LzEvMGZtSHIxcmJJd1RVSnZWQTNsMWxCVVVqSGxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARzF850pQ
mPkG1sKqe5hKr1raXeIcdpSzlRDklISWlKebLL8K2eXpB/PJ63PN89qpXY+VuOuO
7pYnfp2dCp+fdEQ6jwn8fFXOUJLBZuZldjbUaO7yos+h3UXNMPSUSQDQFTzq3oUR
iHzsk0CLqKYOZJeUeigOBw3roMdcVuzuCThoQfF7Ad0XuqqFDKsPZP6cSuQVhXV0
2v1thxKI6iNB5XQJMdto6FVHtby3wMrscdxI8uE/GWddfxXy3ns+Agd1korjZGvN
4IQSbDeXAhCW+uwbQtyJcUZwkB5tyOD6yVyaU9mToEQuk4yjU4bYi6IesedDXHZ2
CikdxYI4Wt/uJg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 18:31:51 2026 by rpki-client