Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.mft
File: rysOIXo1FoOSIGvac85hlTWgLzU.mft (raw, json)
Hash identifier: nDEInD9dhFvg4ZnLl89vQYPkhh1Ulml0dcZZqPCW08Y=
Subject key identifier: 9F:09:3D:90:56:4B:CC:B2:97:86:1A:1E:C2:E1:7D:C0:AC:42:62:C5
Authority key identifier: AF:2B:0E:21:7A:35:16:83:92:20:6B:DA:73:CE:61:95:35:A0:2F:35
Certificate issuer: /CN=af2b0e217a35168392206bda73ce619535a02f35
Certificate serial: 019D273B18684CE3BB9947163C731B7B1FC2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.mft
Manifest number: 0D2F
Signing time: Wed 25 Mar 2026 23:01:17 +0000
Manifest this update: Wed 25 Mar 2026 23:01:17 +0000
Manifest next update: Thu 26 Mar 2026 23:01:17 +0000
Files and hashes: 1: QBW11jyT74R8oUHhAinuj7gPXSk.asa (hash: yZJV0811rYsc05YANwSpX99f0QsW0swdHpcFUdFqr0Y=)
2: rysOIXo1FoOSIGvac85hlTWgLzU.crl (hash: NPQ+CmPmP+OsGQRKTfrvoA6MWCUe7T8PLXOjj2JGIkg=)
3: zakSxSI_wYoHQeaPnt8X9AknTHE.roa (hash: DFDQf/fadQ5V13foLZM1hVw4SY7MFQSi7KXroTzcGGo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.mft
rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:3b:18:68:4c:e3:bb:99:47:16:3c:73:1b:7b:1f:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af2b0e217a35168392206bda73ce619535a02f35
Validity
Not Before: Mar 25 23:01:17 2026 GMT
Not After : Mar 26 23:01:17 2026 GMT
Subject: CN=9f093d90564bccb297861a1ec2e17dc0ac4262c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:8d:3c:71:bc:14:1d:eb:ee:80:3e:51:61:a0:
cc:f1:5d:8d:e1:ae:a7:86:40:48:ce:fe:49:a6:fb:
3f:74:71:7f:8c:42:2f:95:bd:bf:ca:6a:c8:56:4d:
a1:06:f8:af:90:2f:f5:b5:2b:e6:5b:7e:29:23:a8:
b4:47:73:ea:5f:c3:0d:3d:b2:68:a8:c5:f5:cb:c3:
eb:80:e8:7d:b7:03:a9:26:5c:ef:bd:4a:8d:ea:16:
b8:77:cd:5b:5a:cc:2c:14:e3:33:ac:a7:82:65:dc:
b9:b0:2c:00:b6:6c:21:71:2e:e6:57:c3:e3:85:3d:
a6:1f:94:fb:0b:77:f0:b6:74:05:96:cd:5f:f5:a4:
c1:29:1b:2d:4d:12:af:ff:a8:06:c3:31:3f:87:a0:
5a:7e:b5:3a:03:bf:68:2d:fd:8b:98:bd:11:28:7c:
b9:6a:b6:57:7a:0d:df:74:3d:bf:5e:ee:76:df:9c:
7d:0d:ba:71:fe:94:e6:b3:fa:73:aa:54:63:cd:66:
a5:3a:63:37:0c:9d:8a:26:a2:e5:94:1e:64:d4:99:
5c:e2:5e:df:40:41:fa:5a:06:9a:f1:04:04:f2:ec:
b0:e0:b0:ad:34:86:4b:4f:7b:d5:2f:f0:35:10:6b:
5d:2d:f5:41:6c:ca:56:0c:80:39:62:89:ae:70:a4:
56:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:09:3D:90:56:4B:CC:B2:97:86:1A:1E:C2:E1:7D:C0:AC:42:62:C5
X509v3 Authority Key Identifier:
keyid:AF:2B:0E:21:7A:35:16:83:92:20:6B:DA:73:CE:61:95:35:A0:2F:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
66:4c:28:14:14:02:1c:ef:03:32:3e:d7:63:e2:96:40:58:8c:
b1:7e:d2:dc:7a:31:ad:d0:b7:c3:52:ca:be:d9:19:41:9b:19:
54:49:a0:93:3a:d5:db:5b:82:01:c2:00:5f:58:7a:10:d8:94:
27:62:af:ce:28:2f:b0:76:01:cf:5a:ad:34:6c:93:e2:2e:fe:
16:d4:f7:c2:55:28:df:59:c7:84:e4:ca:6d:37:58:c9:f3:7c:
1e:1a:49:d8:10:66:e0:61:50:dd:78:55:ac:80:15:7f:d7:8f:
82:35:8e:f0:8f:fa:f5:92:63:f7:36:d8:1d:19:7d:c4:56:34:
72:a1:cd:7c:22:6a:79:82:1e:a7:d2:5b:6b:36:5b:fb:ea:ef:
06:e0:68:9d:58:b2:cd:c0:91:a0:61:c9:b9:05:e0:ed:52:19:
77:76:99:19:97:08:48:79:f8:d3:7e:f4:20:01:17:21:f5:c0:
e5:7c:b5:8a:66:e1:91:b4:65:31:21:84:5d:ef:9b:2d:e4:d1:
2f:58:83:32:07:98:38:7d:73:35:46:2e:2f:6f:01:49:78:17:
ec:a5:cf:fc:43:8e:25:21:d1:3e:3d:98:58:06:29:26:21:d6:
bf:71:7d:d0:d2:b5:08:e0:37:4c:ed:bd:f0:d7:54:96:3b:87:
ee:ca:2d:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nOxhoTOO7mUcWPHMbex/CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmIwZTIxN2EzNTE2ODM5MjIwNmJkYTczY2U2MTk1MzVh
MDJmMzUwHhcNMjYwMzI1MjMwMTE3WhcNMjYwMzI2MjMwMTE3WjAzMTEwLwYDVQQD
Eyg5ZjA5M2Q5MDU2NGJjY2IyOTc4NjFhMWVjMmUxN2RjMGFjNDI2MmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7408cbwUHevugD5RYaDM8V2N4a6n
hkBIzv5Jpvs/dHF/jEIvlb2/ymrIVk2hBvivkC/1tSvmW34pI6i0R3PqX8MNPbJo
qMX1y8PrgOh9twOpJlzvvUqN6ha4d81bWswsFOMzrKeCZdy5sCwAtmwhcS7mV8Pj
hT2mH5T7C3fwtnQFls1f9aTBKRstTRKv/6gGwzE/h6BafrU6A79oLf2LmL0RKHy5
arZXeg3fdD2/Xu5235x9Dbpx/pTms/pzqlRjzWalOmM3DJ2KJqLllB5k1Jlc4l7f
QEH6Wgaa8QQE8uyw4LCtNIZLT3vVL/A1EGtdLfVBbMpWDIA5YomucKRWiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ8JPZBWS8yyl4YaHsLhfcCsQmLFMB8GA1UdIwQY
MBaAFK8rDiF6NRaDkiBr2nPOYZU1oC81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9kMjU0MWUtNzU5Ny00ODIwLWJlZDct
ZjBkMTk4MDk4NzRhLzEvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9kMjU0MWUtNzU5Ny00ODIwLWJlZDctZjBkMTk4MDk4NzRh
LzEvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZkwoFBQC
HO8DMj7XY+KWQFiMsX7S3HoxrdC3w1LKvtkZQZsZVEmgkzrV21uCAcIAX1h6ENiU
J2KvzigvsHYBz1qtNGyT4i7+FtT3wlUo31nHhOTKbTdYyfN8HhpJ2BBm4GFQ3XhV
rIAVf9ePgjWO8I/69ZJj9zbYHRl9xFY0cqHNfCJqeYIep9JbazZb++rvBuBonViy
zcCRoGHJuQXg7VIZd3aZGZcISHn40370IAEXIfXA5Xy1imbhkbRlMSGEXe+bLeTR
L1iDMgeYOH1zNUYuL28BSXgX7KXP/EOOJSHRPj2YWAYpJiHWv3F90NK1COA3TO29
8NdUljuH7sotMQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:11:01 2026 by rpki-client