Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/5ea569-f174-45c5-9db7-2af095ffc9bb/1/0fmHr1rbIwTUJvVA3l1lBUUjHlA.mft
File: 0fmHr1rbIwTUJvVA3l1lBUUjHlA.mft (raw, json)
Hash identifier: xGxjloeXPesX/2v968dKrpnYyoQ+GFO3pdYSuQsSa9o=
Subject key identifier: B5:9F:32:FD:4D:58:BF:7A:5D:38:F5:11:4F:E9:4C:8A:E0:45:DD:E3
Authority key identifier: D1:F9:87:AF:5A:DB:23:04:D4:26:F5:40:DE:5D:65:05:45:23:1E:50
Certificate issuer: /CN=d1f987af5adb2304d426f540de5d650545231e50
Certificate serial: 019E1C7E0CCB11C93822D4EAD87D6B63ADA0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0fmHr1rbIwTUJvVA3l1lBUUjHlA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/5ea569-f174-45c5-9db7-2af095ffc9bb/1/0fmHr1rbIwTUJvVA3l1lBUUjHlA.mft
Manifest number: 0DED
Signing time: Tue 12 May 2026 14:01:23 +0000
Manifest this update: Tue 12 May 2026 14:01:23 +0000
Manifest next update: Wed 13 May 2026 14:01:23 +0000
Files and hashes: 1: 0fmHr1rbIwTUJvVA3l1lBUUjHlA.crl (hash: /zn8whM+L+TbJa6xf5uyys9NRCKdijgWihcR3jZ/Xbo=)
2: 7pW6N95SBaarNHlJ5YSAoacd8ao.roa (hash: AtmfAacFc/GQg4xtQsWYFmleTITIVH1hzZmgjZL4+MI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/5ea569-f174-45c5-9db7-2af095ffc9bb/1/0fmHr1rbIwTUJvVA3l1lBUUjHlA.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/5ea569-f174-45c5-9db7-2af095ffc9bb/1/0fmHr1rbIwTUJvVA3l1lBUUjHlA.mft
rsync://rpki.ripe.net/repository/DEFAULT/0fmHr1rbIwTUJvVA3l1lBUUjHlA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1c:7e:0c:cb:11:c9:38:22:d4:ea:d8:7d:6b:63:ad:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1f987af5adb2304d426f540de5d650545231e50
Validity
Not Before: May 12 14:01:23 2026 GMT
Not After : May 13 14:01:23 2026 GMT
Subject: CN=b59f32fd4d58bf7a5d38f5114fe94c8ae045dde3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ab:24:1f:e9:78:23:e0:34:51:fe:e7:cb:28:
d3:21:58:d4:05:57:e4:f7:8c:b6:8d:c1:b1:6e:b6:
9d:9c:49:a7:d3:6e:dd:6b:0b:2f:4d:83:2d:18:e0:
8a:18:97:88:21:f9:d9:a7:9b:f9:2e:ac:d0:e8:85:
a8:7a:d7:ea:1d:6c:a6:54:0f:60:bd:3a:57:cf:71:
9d:ae:d4:a4:ff:01:f4:52:c3:e9:8e:40:b3:7d:9a:
fc:12:97:02:9c:b1:50:a9:34:71:d9:b6:dd:9e:f8:
67:bf:47:92:c0:49:fe:e5:3f:02:af:64:8a:6a:8c:
03:2e:4e:22:af:17:97:b6:15:7a:f5:56:d6:43:81:
55:dd:11:9e:06:1c:6f:4b:2b:0d:b3:12:a9:0e:ef:
29:e3:ed:7a:c1:a4:2c:ae:e2:fa:21:d8:97:c5:ad:
d4:f3:2f:ea:5d:d4:64:22:ab:ac:1a:b6:a2:64:0b:
31:47:89:38:a8:f7:2a:fd:7e:00:7d:aa:41:48:22:
68:ed:23:04:b1:b1:0a:20:4e:af:fd:9f:83:a2:c2:
fd:92:57:65:cf:60:89:29:02:7e:1c:bc:96:b9:71:
19:fe:1f:07:de:51:e1:e1:df:81:7e:cd:9f:b2:86:
4a:a9:3c:64:c6:a0:19:e5:70:96:15:0e:f9:80:fb:
a4:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:9F:32:FD:4D:58:BF:7A:5D:38:F5:11:4F:E9:4C:8A:E0:45:DD:E3
X509v3 Authority Key Identifier:
keyid:D1:F9:87:AF:5A:DB:23:04:D4:26:F5:40:DE:5D:65:05:45:23:1E:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0fmHr1rbIwTUJvVA3l1lBUUjHlA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/5ea569-f174-45c5-9db7-2af095ffc9bb/1/0fmHr1rbIwTUJvVA3l1lBUUjHlA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/5ea569-f174-45c5-9db7-2af095ffc9bb/1/0fmHr1rbIwTUJvVA3l1lBUUjHlA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
92:51:80:78:48:18:b7:8f:a3:a8:24:e2:6a:f2:97:12:42:ee:
43:16:db:33:cd:6b:d8:b2:31:8e:ba:e6:51:5b:a8:9e:1b:7d:
7d:2c:6c:57:17:0d:fe:1c:5a:eb:98:e9:5a:a9:1d:6c:a5:71:
1a:ef:7e:9f:87:86:1d:21:fc:d9:31:2d:20:98:9e:e8:c0:af:
d6:c8:7e:63:83:3f:ae:b8:48:70:77:71:46:e0:ea:a7:2c:32:
9a:8d:8a:d7:b8:49:d8:8e:1b:3c:0a:a0:ec:f7:07:47:93:75:
3e:84:7f:64:a5:2c:79:01:61:81:c8:e1:11:c2:f1:53:73:68:
3d:67:7b:ca:46:9f:87:4f:26:54:36:f4:3d:dc:f0:f7:ae:6a:
21:2d:12:e4:a4:5f:de:4a:4c:be:f2:c7:f6:c7:3b:fe:a6:32:
52:0b:6c:d7:91:47:7f:e9:84:70:08:e3:a6:92:84:5f:96:ed:
46:47:3b:1e:86:28:8d:f6:21:a8:f5:8c:93:fa:4b:ec:28:cb:
9a:fb:0f:be:c9:3a:5a:68:c8:2c:bd:7b:6a:ce:4f:7b:cc:e9:
ee:0b:5d:b7:db:97:32:9b:8d:5a:42:77:d5:0c:6e:c9:f1:e6:
bb:57:45:9e:35:63:d3:4c:a1:db:4e:0c:e1:b6:82:d8:9c:dc:
1d:82:5e:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4cfgzLEck4ItTq2H1rY62gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZjk4N2FmNWFkYjIzMDRkNDI2ZjU0MGRlNWQ2NTA1NDUy
MzFlNTAwHhcNMjYwNTEyMTQwMTIzWhcNMjYwNTEzMTQwMTIzWjAzMTEwLwYDVQQD
EyhiNTlmMzJmZDRkNThiZjdhNWQzOGY1MTE0ZmU5NGM4YWUwNDVkZGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKskH+l4I+A0Uf7nyyjTIVjUBVfk
94y2jcGxbradnEmn027dawsvTYMtGOCKGJeIIfnZp5v5LqzQ6IWoetfqHWymVA9g
vTpXz3GdrtSk/wH0UsPpjkCzfZr8EpcCnLFQqTRx2bbdnvhnv0eSwEn+5T8Cr2SK
aowDLk4irxeXthV69VbWQ4FV3RGeBhxvSysNsxKpDu8p4+16waQsruL6IdiXxa3U
8y/qXdRkIqusGraiZAsxR4k4qPcq/X4AfapBSCJo7SMEsbEKIE6v/Z+DosL9kldl
z2CJKQJ+HLyWuXEZ/h8H3lHh4d+Bfs2fsoZKqTxkxqAZ5XCWFQ75gPukIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLWfMv1NWL96XTj1EU/pTIrgRd3jMB8GA1UdIwQY
MBaAFNH5h69a2yME1Cb1QN5dZQVFIx5QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGZtSHIxcmJJd1RVSnZWQTNsMWxCVVVqSGxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS81ZWE1NjktZjE3NC00NWM1LTlkYjct
MmFmMDk1ZmZjOWJiLzEvMGZtSHIxcmJJd1RVSnZWQTNsMWxCVVVqSGxBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS81ZWE1NjktZjE3NC00NWM1LTlkYjctMmFmMDk1ZmZjOWJi
LzEvMGZtSHIxcmJJd1RVSnZWQTNsMWxCVVVqSGxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAklGAeEgY
t4+jqCTiavKXEkLuQxbbM81r2LIxjrrmUVuonht9fSxsVxcN/hxa65jpWqkdbKVx
Gu9+n4eGHSH82TEtIJie6MCv1sh+Y4M/rrhIcHdxRuDqpywymo2K17hJ2I4bPAqg
7PcHR5N1PoR/ZKUseQFhgcjhEcLxU3NoPWd7ykafh08mVDb0Pdzw965qIS0S5KRf
3kpMvvLH9sc7/qYyUgts15FHf+mEcAjjppKEX5btRkc7HoYojfYhqPWMk/pL7CjL
mvsPvsk6WmjILL17as5Pe8zp7gtdt9uXMpuNWkJ31QxuyfHmu1dFnjVj00yh204M
4baC2JzcHYJeeA==
-----END CERTIFICATE-----
Generated at Tue May 12 21:20:47 2026 by rpki-client