Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.mft
File: D5x3odzbju1izTyoClFE3E4kP04.mft (raw, json)
Hash identifier: D2YIYNyPmuPvU7Um+3yhi53jTIhHE5TxOYWEhFBEyBY=
Subject key identifier: 3F:90:EB:8E:50:19:7E:3E:63:ED:95:07:3F:DD:87:56:1C:91:4A:BA
Authority key identifier: 0F:9C:77:A1:DC:DB:8E:ED:62:CD:3C:A8:0A:51:44:DC:4E:24:3F:4E
Certificate issuer: /CN=0f9c77a1dcdb8eed62cd3ca80a5144dc4e243f4e
Certificate serial: 019D28BBBCD73506B3706873DAD6C12A349A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D5x3odzbju1izTyoClFE3E4kP04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.mft
Manifest number: 1892
Signing time: Thu 26 Mar 2026 06:01:25 +0000
Manifest this update: Thu 26 Mar 2026 06:01:25 +0000
Manifest next update: Fri 27 Mar 2026 06:01:25 +0000
Files and hashes: 1: D5x3odzbju1izTyoClFE3E4kP04.crl (hash: l0red+FbTs2UwznNdkQsrui82gya+KC/UY73zrKlaC0=)
2: Mgm2FMvEWQvAKDRyHQNdXSs8Gk8.roa (hash: YvcWkgvU2zBPk1+mekhJs/OPMV1l8zTWtIoK9RU96lk=)
3: O103OuQ4IixndGyKa3UX3V5e3WQ.roa (hash: TcKGNvz82Ie8m+YB2xFxcsRcNfeQxqqzYWZzRclot5E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.mft
rsync://rpki.ripe.net/repository/DEFAULT/D5x3odzbju1izTyoClFE3E4kP04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:bb:bc:d7:35:06:b3:70:68:73:da:d6:c1:2a:34:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f9c77a1dcdb8eed62cd3ca80a5144dc4e243f4e
Validity
Not Before: Mar 26 06:01:25 2026 GMT
Not After : Mar 27 06:01:25 2026 GMT
Subject: CN=3f90eb8e50197e3e63ed95073fdd87561c914aba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:cc:1c:3e:01:6b:0a:9f:18:83:1d:c6:0b:dd:
c4:26:03:18:83:ca:00:6a:1d:a8:4b:5e:07:7f:00:
b9:7a:90:a5:43:3c:93:81:20:1b:0f:46:d8:5a:31:
ba:21:de:21:5f:e2:65:8a:c3:61:89:c9:d6:1e:51:
04:93:64:c9:38:19:e5:26:a6:25:e9:9a:c6:68:75:
29:2f:8c:35:74:29:da:17:f9:23:14:2d:25:09:bb:
00:c2:7b:bb:28:09:ab:bb:96:a4:ac:2e:d1:ac:72:
c8:8f:33:5e:87:fc:b2:25:2d:e4:96:da:e4:c8:e3:
d1:1e:53:d1:5c:66:b0:ad:85:23:cd:86:24:25:5a:
df:7e:09:58:27:ae:1f:c9:e1:8d:ce:b7:3c:94:eb:
fc:fd:b1:ce:7e:a4:41:90:56:47:0a:df:d2:f0:15:
87:7e:ef:96:96:f2:af:fd:87:dc:a7:d5:9b:39:da:
50:fd:a6:97:88:12:49:2b:c0:87:43:ed:ac:33:48:
10:45:91:89:2c:aa:88:26:29:b3:66:ee:9b:83:11:
d2:31:ea:83:a1:96:3c:41:90:f8:02:fe:a6:f3:bb:
33:55:74:df:5f:07:ec:64:9b:71:94:98:b3:5d:03:
de:e9:54:fe:6a:06:4b:98:ac:80:8f:17:f9:37:f5:
87:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:90:EB:8E:50:19:7E:3E:63:ED:95:07:3F:DD:87:56:1C:91:4A:BA
X509v3 Authority Key Identifier:
keyid:0F:9C:77:A1:DC:DB:8E:ED:62:CD:3C:A8:0A:51:44:DC:4E:24:3F:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D5x3odzbju1izTyoClFE3E4kP04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:92:1e:77:a9:ec:a1:9a:01:2c:ea:1a:55:62:f1:bf:97:40:
63:56:ca:ef:ab:00:cc:27:9b:2c:8c:8c:00:5b:d7:e5:3e:f2:
b3:2e:05:c0:c1:eb:4f:e0:e6:d1:7d:05:a3:fc:89:46:5d:50:
65:fb:03:e2:3b:d3:4d:96:43:8b:86:83:d6:ea:e2:60:15:8c:
27:c8:50:a2:bf:95:73:9f:5b:08:e6:3e:0b:12:84:23:7f:8d:
f9:04:fe:4d:e1:17:ee:d7:90:de:17:dd:77:6c:ff:44:f1:12:
0e:b6:a0:a4:dd:b1:ac:93:9e:f9:1d:6e:87:48:46:d1:de:28:
a3:83:65:92:ef:4a:f0:6c:25:6f:b4:c8:43:78:7d:de:6d:0f:
41:45:01:21:05:a0:f3:19:a2:a4:48:a6:62:12:ca:30:02:93:
2e:3d:22:03:f9:3e:60:0a:83:eb:4e:a0:ee:bd:ed:01:5e:72:
43:2c:73:57:f2:bd:97:dd:7a:e6:25:e6:d4:23:12:34:7e:e1:
b2:f8:7e:63:44:29:ec:ae:ef:53:bc:19:55:7f:75:98:5d:df:
47:7d:a0:fe:bf:df:10:34:4f:38:64:84:5c:f2:fc:b6:c6:5b:
97:2d:07:18:f7:4a:a4:8d:4b:02:c6:9c:e4:bb:b3:bd:d6:d8:
85:94:2b:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ou7zXNQazcGhz2tbBKjSaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmOWM3N2ExZGNkYjhlZWQ2MmNkM2NhODBhNTE0NGRjNGUy
NDNmNGUwHhcNMjYwMzI2MDYwMTI1WhcNMjYwMzI3MDYwMTI1WjAzMTEwLwYDVQQD
EygzZjkwZWI4ZTUwMTk3ZTNlNjNlZDk1MDczZmRkODc1NjFjOTE0YWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArswcPgFrCp8Ygx3GC93EJgMYg8oA
ah2oS14HfwC5epClQzyTgSAbD0bYWjG6Id4hX+JlisNhicnWHlEEk2TJOBnlJqYl
6ZrGaHUpL4w1dCnaF/kjFC0lCbsAwnu7KAmru5akrC7RrHLIjzNeh/yyJS3kltrk
yOPRHlPRXGawrYUjzYYkJVrffglYJ64fyeGNzrc8lOv8/bHOfqRBkFZHCt/S8BWH
fu+WlvKv/Yfcp9WbOdpQ/aaXiBJJK8CHQ+2sM0gQRZGJLKqIJimzZu6bgxHSMeqD
oZY8QZD4Av6m87szVXTfXwfsZJtxlJizXQPe6VT+agZLmKyAjxf5N/WHlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD+Q645QGX4+Y+2VBz/dh1YckUq6MB8GA1UdIwQY
MBaAFA+cd6Hc247tYs08qApRRNxOJD9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDV4M29kemJqdTFpelR5b0NsRkUzRTRrUDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85ZDBlMTQtMTEzYi00Y2JhLTgzMDgt
YWNjNTY5NzdiNmY0LzEvRDV4M29kemJqdTFpelR5b0NsRkUzRTRrUDA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85ZDBlMTQtMTEzYi00Y2JhLTgzMDgtYWNjNTY5NzdiNmY0
LzEvRDV4M29kemJqdTFpelR5b0NsRkUzRTRrUDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW5Ied6ns
oZoBLOoaVWLxv5dAY1bK76sAzCebLIyMAFvX5T7ysy4FwMHrT+Dm0X0Fo/yJRl1Q
ZfsD4jvTTZZDi4aD1uriYBWMJ8hQor+Vc59bCOY+CxKEI3+N+QT+TeEX7teQ3hfd
d2z/RPESDragpN2xrJOe+R1uh0hG0d4oo4Nlku9K8Gwlb7TIQ3h93m0PQUUBIQWg
8xmipEimYhLKMAKTLj0iA/k+YAqD606g7r3tAV5yQyxzV/K9l9165iXm1CMSNH7h
svh+Y0Qp7K7vU7wZVX91mF3fR32g/r/fEDRPOGSEXPL8tsZbly0HGPdKpI1LAsac
5LuzvdbYhZQrmw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:16:03 2026 by rpki-client