Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
File: a0P3ovQ2ixel4DXOS9km-KFC1os.mft (raw, json)
Hash identifier: Ldl3svT9lNEk+jv20j8/d5UoGS2yf7s0LLBdtpp/DhY=
Subject key identifier: E3:50:10:AC:ED:B1:60:E9:95:7C:8A:30:EB:CE:B2:1B:F6:87:D8:2A
Authority key identifier: 6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B
Certificate issuer: /CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b
Certificate serial: 019D26CD2E2EE97846CEBD6E85B62D97F9F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
Manifest number: 1885
Signing time: Wed 25 Mar 2026 21:01:13 +0000
Manifest this update: Wed 25 Mar 2026 21:01:13 +0000
Manifest next update: Thu 26 Mar 2026 21:01:13 +0000
Files and hashes: 1: MuWBM4y_8sU7g6FEyEJdZpch7MA.roa (hash: polciHBhuEIudcpVsohkilsNPMnWK3IMSBDrJXYyToE=)
2: a0P3ovQ2ixel4DXOS9km-KFC1os.crl (hash: bpxoPd4OHtLmO95KdBl1D3AgXytR0VVCFPFV6SVpGSg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 21:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:cd:2e:2e:e9:78:46:ce:bd:6e:85:b6:2d:97:f9:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b
Validity
Not Before: Mar 25 21:01:13 2026 GMT
Not After : Mar 26 21:01:13 2026 GMT
Subject: CN=e35010acedb160e9957c8a30ebceb21bf687d82a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2c:9c:bb:20:de:29:71:72:5e:e4:c8:07:7a:
bc:be:62:b3:3b:e2:77:bc:e0:87:0c:80:54:d3:f2:
a5:64:07:4b:84:4a:80:0e:9e:08:00:10:b4:bf:a6:
b9:40:c2:31:33:e8:c8:43:0c:70:a9:74:fa:08:38:
fa:1b:dc:f8:82:a2:44:4b:8c:37:99:14:27:e9:5f:
04:ff:6b:2b:b4:42:4b:4e:bb:b8:11:44:ab:11:b7:
4e:83:63:fb:71:81:b5:f9:33:d8:ef:8b:e2:8b:1a:
7d:91:10:94:6d:59:1a:cc:c8:93:1b:5e:e6:7f:e7:
17:5c:6a:6f:44:a5:e9:df:1c:38:b9:29:0c:3b:3b:
47:f4:2c:24:73:3f:51:6c:b6:cf:be:c6:f7:0e:48:
04:d2:ef:e5:ce:82:c6:76:de:82:4f:fd:1f:fe:8e:
f1:56:f8:96:8e:29:a0:d7:16:79:5b:5d:75:98:5c:
04:87:c2:6d:a3:95:e8:2f:c2:d4:bc:0e:b4:76:5a:
2d:26:d4:55:5f:77:88:2a:8a:d9:3c:cb:96:cf:a2:
6b:2a:d3:23:53:37:00:bb:13:4c:dd:f1:1d:ff:3f:
74:ab:11:8b:13:47:93:66:46:df:60:a3:03:32:dd:
96:08:56:65:6c:9a:01:93:43:79:c3:ba:dd:70:49:
b0:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:50:10:AC:ED:B1:60:E9:95:7C:8A:30:EB:CE:B2:1B:F6:87:D8:2A
X509v3 Authority Key Identifier:
keyid:6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
72:ab:26:6d:a3:6b:ba:b5:c1:cc:98:b8:dd:06:ca:ee:2e:85:
a9:60:56:f3:19:a4:07:df:2e:7b:36:6c:39:bc:25:d1:41:d2:
6a:e6:75:da:d7:ab:64:61:48:2c:d7:e9:ff:d4:f3:c2:46:df:
92:c0:ac:c4:c3:dc:9f:f8:23:94:e3:d3:16:62:2f:89:e7:3d:
a8:15:e7:60:92:20:52:1b:82:8a:7b:36:ff:74:dd:3c:20:3e:
62:a7:60:d1:a3:dd:ce:d8:fe:49:58:37:cf:9f:0a:9d:a9:af:
92:a2:56:45:14:75:d8:77:dc:b4:30:e9:08:69:64:c1:c2:d3:
e2:79:13:a6:14:d4:d4:99:6e:cb:af:5d:04:0c:1a:85:ce:0f:
5d:d8:7f:4c:18:84:54:f9:04:c5:44:96:0d:42:09:23:7b:ce:
e7:0f:57:67:d1:aa:23:72:9c:f4:88:ff:6d:22:6c:88:fe:8d:
2f:44:98:5e:bc:ad:57:03:1d:e8:fd:56:46:be:a0:b8:73:10:
bd:5f:ae:b7:0a:d3:fb:e9:31:ac:85:77:1d:0f:69:c3:eb:45:
0d:6e:e1:0f:61:03:59:36:49:bf:6c:10:db:65:4f:d8:8f:25:
9c:40:5b:d1:0f:9a:aa:05:1a:61:e7:7d:19:21:40:b0:58:93:
c7:ce:0e:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mzS4u6XhGzr1uhbYtl/n4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNDNmN2EyZjQzNjhiMTdhNWUwMzVjZTRiZDkyNmY4YTE0
MmQ2OGIwHhcNMjYwMzI1MjEwMTEzWhcNMjYwMzI2MjEwMTEzWjAzMTEwLwYDVQQD
EyhlMzUwMTBhY2VkYjE2MGU5OTU3YzhhMzBlYmNlYjIxYmY2ODdkODJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiycuyDeKXFyXuTIB3q8vmKzO+J3
vOCHDIBU0/KlZAdLhEqADp4IABC0v6a5QMIxM+jIQwxwqXT6CDj6G9z4gqJES4w3
mRQn6V8E/2srtEJLTru4EUSrEbdOg2P7cYG1+TPY74viixp9kRCUbVkazMiTG17m
f+cXXGpvRKXp3xw4uSkMOztH9Cwkcz9RbLbPvsb3DkgE0u/lzoLGdt6CT/0f/o7x
VviWjimg1xZ5W111mFwEh8Jto5XoL8LUvA60dlotJtRVX3eIKorZPMuWz6JrKtMj
UzcAuxNM3fEd/z90qxGLE0eTZkbfYKMDMt2WCFZlbJoBk0N5w7rdcEmwyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFONQEKztsWDplXyKMOvOshv2h9gqMB8GA1UdIwQY
MBaAFGtD96L0NosXpeA1zkvZJvihQtaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMt
MzViMDMxMzZkZDAzLzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMtMzViMDMxMzZkZDAz
LzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcqsmbaNr
urXBzJi43QbK7i6FqWBW8xmkB98uezZsObwl0UHSauZ12terZGFILNfp/9Tzwkbf
ksCsxMPcn/gjlOPTFmIviec9qBXnYJIgUhuCins2/3TdPCA+Yqdg0aPdztj+SVg3
z58KnamvkqJWRRR12HfctDDpCGlkwcLT4nkTphTU1Jluy69dBAwahc4PXdh/TBiE
VPkExUSWDUIJI3vO5w9XZ9GqI3Kc9Ij/bSJsiP6NL0SYXrytVwMd6P1WRr6guHMQ
vV+utwrT++kxrIV3HQ9pw+tFDW7hD2EDWTZJv2wQ22VP2I8lnEBb0Q+aqgUaYed9
GSFAsFiTx84OFw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:44:09 2026 by rpki-client