Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft
File: 23DOek5uSrOk6p8IH1kupfbSuao.mft (raw, json)
Hash identifier: VelE+gVbZm6uoa60sASwJrXgk9rn8EyOGEdOLEg0uL0=
Subject key identifier: 3C:08:9B:41:61:21:54:68:5B:4F:8A:EF:9D:36:E6:94:0E:1C:6E:56
Authority key identifier: DB:70:CE:7A:4E:6E:4A:B3:A4:EA:9F:08:1F:59:2E:A5:F6:D2:B9:AA
Certificate issuer: /CN=db70ce7a4e6e4ab3a4ea9f081f592ea5f6d2b9aa
Certificate serial: 019D27DFF5E6FBB155368213E4581D99A397
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft
Manifest number: 08CA
Signing time: Thu 26 Mar 2026 02:01:22 +0000
Manifest this update: Thu 26 Mar 2026 02:01:22 +0000
Manifest next update: Fri 27 Mar 2026 02:01:22 +0000
Files and hashes: 1: 23DOek5uSrOk6p8IH1kupfbSuao.crl (hash: Hp7JXPn+3TevotF7ddi1+pmuCK3+TZoQIhpG0PTfax0=)
2: hhh3z06Bpe2m47ehC44Gk6XsxWY.roa (hash: D+hS8HY9ljD+1P/aopr0G/yuhchBVZY0zZMSPMrBOWg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft
rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:df:f5:e6:fb:b1:55:36:82:13:e4:58:1d:99:a3:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db70ce7a4e6e4ab3a4ea9f081f592ea5f6d2b9aa
Validity
Not Before: Mar 26 02:01:22 2026 GMT
Not After : Mar 27 02:01:22 2026 GMT
Subject: CN=3c089b41612154685b4f8aef9d36e6940e1c6e56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:a8:67:29:7a:9f:7e:7a:e9:79:71:b6:1c:78:
4c:24:ec:83:8a:04:06:75:74:63:78:c6:65:43:05:
c4:c3:fa:ee:fa:58:7c:69:e7:18:a7:64:70:48:b2:
2d:f4:8f:3a:07:0d:f8:38:1e:dd:19:9f:72:bc:13:
3e:03:2a:7c:56:2d:29:a0:cb:93:77:0e:e8:44:95:
bd:93:9b:5b:4b:df:3e:b5:25:b6:d2:2f:6a:af:eb:
da:a6:2e:9f:d6:aa:d2:72:df:f4:a5:6e:1f:69:ea:
56:dd:87:24:1a:91:7e:70:29:38:11:47:9f:35:b7:
eb:42:3f:31:1d:39:45:cf:bd:85:f0:5e:7b:dc:4d:
d4:b6:84:88:c0:14:80:10:b3:4b:50:85:8d:86:d2:
69:70:41:d6:46:33:e9:93:56:b8:ca:19:f0:b5:f5:
21:0d:a6:d2:d0:5e:e8:68:22:d0:50:d3:e8:bc:87:
4a:d3:3f:6a:16:98:36:c5:fa:96:98:d4:7f:c4:2e:
d9:a7:50:6c:f1:d5:b2:7c:3f:25:cc:a2:62:3a:a4:
c2:44:48:e6:85:ad:f9:9e:17:f5:ef:ad:c0:f9:d5:
ad:8f:77:57:cb:3b:af:64:2c:38:8e:45:c7:d7:d4:
d3:39:96:86:87:fa:b7:80:de:6a:9b:27:aa:09:b6:
6c:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:08:9B:41:61:21:54:68:5B:4F:8A:EF:9D:36:E6:94:0E:1C:6E:56
X509v3 Authority Key Identifier:
keyid:DB:70:CE:7A:4E:6E:4A:B3:A4:EA:9F:08:1F:59:2E:A5:F6:D2:B9:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6b:3f:7e:e5:f3:fd:25:13:40:b1:87:67:a7:99:fd:72:6a:b4:
61:a0:9e:1e:6e:4c:b8:ae:ba:44:8e:01:4a:31:18:10:8d:1d:
f1:5e:13:0c:b3:7f:4f:ea:41:3a:82:d1:74:f1:d1:59:41:c4:
b5:98:56:bb:f1:a2:b3:43:5c:eb:fb:7d:88:6d:27:be:5a:55:
e5:ae:1d:40:c4:96:88:ce:35:fe:54:4a:29:02:f5:21:5a:0f:
66:75:39:bb:aa:4b:1a:8f:48:11:79:b6:f4:25:fc:92:42:75:
d4:c3:b9:d1:ef:0d:83:0d:87:71:7f:c1:9c:4c:35:8a:b2:46:
61:a2:08:2e:0e:98:11:47:2f:6d:2b:59:19:ee:ff:91:e8:6a:
bb:71:5b:08:6e:3e:aa:b3:d8:98:35:76:c5:83:94:32:78:b3:
d9:c6:d2:5a:99:35:67:08:bf:79:3d:3b:90:c8:bf:1b:50:ee:
e6:e9:88:14:bf:54:ab:7c:f6:06:8b:56:a7:91:a2:a0:df:0f:
57:f9:ce:fa:af:2e:a1:d9:ab:73:78:17:3a:b0:91:85:68:d3:
99:9a:64:12:bc:30:da:0f:f8:bc:91:e2:47:85:e0:5f:84:dd:
f9:69:05:d4:ab:26:4a:9e:84:69:0f:3f:29:85:60:68:bd:9f:
22:5e:1f:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n3/Xm+7FVNoIT5FgdmaOXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNzBjZTdhNGU2ZTRhYjNhNGVhOWYwODFmNTkyZWE1ZjZk
MmI5YWEwHhcNMjYwMzI2MDIwMTIyWhcNMjYwMzI3MDIwMTIyWjAzMTEwLwYDVQQD
EygzYzA4OWI0MTYxMjE1NDY4NWI0ZjhhZWY5ZDM2ZTY5NDBlMWM2ZTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3KhnKXqffnrpeXG2HHhMJOyDigQG
dXRjeMZlQwXEw/ru+lh8aecYp2RwSLIt9I86Bw34OB7dGZ9yvBM+Ayp8Vi0poMuT
dw7oRJW9k5tbS98+tSW20i9qr+vapi6f1qrSct/0pW4faepW3YckGpF+cCk4EUef
NbfrQj8xHTlFz72F8F573E3UtoSIwBSAELNLUIWNhtJpcEHWRjPpk1a4yhnwtfUh
DabS0F7oaCLQUNPovIdK0z9qFpg2xfqWmNR/xC7Zp1Bs8dWyfD8lzKJiOqTCREjm
ha35nhf1763A+dWtj3dXyzuvZCw4jkXH19TTOZaGh/q3gN5qmyeqCbZsjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDwIm0FhIVRoW0+K75025pQOHG5WMB8GA1UdIwQY
MBaAFNtwznpObkqzpOqfCB9ZLqX20rmqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjNET2VrNXVTck9rNnA4SUgxa3VwZmJTdWFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi85ZGE2MDEtNjM1ZS00ZDA3LTgwOTYt
MmNiMTdiN2JjNjE4LzEvMjNET2VrNXVTck9rNnA4SUgxa3VwZmJTdWFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi85ZGE2MDEtNjM1ZS00ZDA3LTgwOTYtMmNiMTdiN2JjNjE4
LzEvMjNET2VrNXVTck9rNnA4SUgxa3VwZmJTdWFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaz9+5fP9
JRNAsYdnp5n9cmq0YaCeHm5MuK66RI4BSjEYEI0d8V4TDLN/T+pBOoLRdPHRWUHE
tZhWu/Gis0Nc6/t9iG0nvlpV5a4dQMSWiM41/lRKKQL1IVoPZnU5u6pLGo9IEXm2
9CX8kkJ11MO50e8Ngw2HcX/BnEw1irJGYaIILg6YEUcvbStZGe7/kehqu3FbCG4+
qrPYmDV2xYOUMniz2cbSWpk1Zwi/eT07kMi/G1Du5umIFL9Uq3z2BotWp5GioN8P
V/nO+q8uodmrc3gXOrCRhWjTmZpkErww2g/4vJHiR4XgX4Td+WkF1KsmSp6EaQ8/
KYVgaL2fIl4fJQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 10:09:00 2026 by rpki-client