Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/49ace8-291d-4d4f-922e-eabcbc083f9b/1/D3Tlry-nIVykabJ8EHnx_9X8rvg.mft
File: D3Tlry-nIVykabJ8EHnx_9X8rvg.mft (raw, json)
Hash identifier: JrMrZA52vdISciKyZLLRGVp0re4y1TGSqDvz5C/UXt0=
Subject key identifier: 29:54:BF:B0:92:E7:D9:CE:5A:7A:12:D9:4B:A7:D8:9F:01:A3:75:12
Authority key identifier: 0F:74:E5:AF:2F:A7:21:5C:A4:69:B2:7C:10:79:F1:FF:D5:FC:AE:F8
Certificate issuer: /CN=0f74e5af2fa7215ca469b27c1079f1ffd5fcaef8
Certificate serial: 019D37C03549A80931C0057217EB82344A03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D3Tlry-nIVykabJ8EHnx_9X8rvg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/49ace8-291d-4d4f-922e-eabcbc083f9b/1/D3Tlry-nIVykabJ8EHnx_9X8rvg.mft
Manifest number: 0720
Signing time: Sun 29 Mar 2026 04:00:36 +0000
Manifest this update: Sun 29 Mar 2026 04:00:36 +0000
Manifest next update: Mon 30 Mar 2026 04:00:36 +0000
Files and hashes: 1: 6qWCpueTH15zed_1u4JRaf2a7QQ.roa (hash: wPaJ9em9JJwywgqatE6yZ7uDMay3QNlPb8TvcJD+KEU=)
2: D3Tlry-nIVykabJ8EHnx_9X8rvg.crl (hash: 1FyQUMnUIpqOo8zQ50hAa4EQQJyc9wgENPIoterHBNU=)
3: bym9GRTaQWoyTuXrKo4RqKoL5XU.roa (hash: /U5VFGEjkXG97DPwKGp9iZ6D0eP8N7dLqjJVI4Njw9s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/49ace8-291d-4d4f-922e-eabcbc083f9b/1/D3Tlry-nIVykabJ8EHnx_9X8rvg.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/49ace8-291d-4d4f-922e-eabcbc083f9b/1/D3Tlry-nIVykabJ8EHnx_9X8rvg.mft
rsync://rpki.ripe.net/repository/DEFAULT/D3Tlry-nIVykabJ8EHnx_9X8rvg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:35:49:a8:09:31:c0:05:72:17:eb:82:34:4a:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f74e5af2fa7215ca469b27c1079f1ffd5fcaef8
Validity
Not Before: Mar 29 04:00:36 2026 GMT
Not After : Mar 30 04:00:36 2026 GMT
Subject: CN=2954bfb092e7d9ce5a7a12d94ba7d89f01a37512
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b5:3d:4b:48:18:d1:8a:91:09:a9:be:a6:10:
11:4e:eb:29:77:01:dd:56:89:79:35:2e:85:6b:0f:
9e:9a:6a:29:01:4f:8e:33:81:2c:8f:5a:c2:39:f8:
62:4a:86:93:64:e0:5a:fb:a5:f7:d0:a0:0f:e4:e6:
6c:08:10:4b:c3:31:99:42:1d:46:39:ce:47:02:d4:
d1:02:24:e7:e8:7f:92:7a:97:5a:d4:66:5a:f3:61:
e3:cd:c1:db:37:c9:1d:58:6e:4e:8d:55:60:af:8e:
aa:84:17:09:4d:9b:2c:6f:7e:12:2a:ee:8b:1d:bd:
cc:51:21:73:37:d9:74:19:44:f3:e9:61:a9:7d:2f:
1f:3c:6d:8c:bb:dc:97:b4:3a:56:d8:82:33:ce:ae:
67:c8:1b:a6:42:5c:c7:ad:f0:a0:5b:1e:ad:17:b4:
06:1b:2e:bf:fa:0b:97:e2:54:3a:17:c6:0c:fa:9c:
1a:91:bf:ae:e4:9a:25:bc:43:78:a9:24:7b:7e:c9:
78:07:ac:6b:9f:1b:2a:15:56:b8:a0:34:c4:b6:f1:
cb:36:fb:00:96:62:47:27:a2:73:a2:92:dd:1b:74:
b6:83:60:e2:be:26:73:c9:aa:10:11:ce:b0:89:ca:
7f:03:b7:88:44:c8:52:a0:7e:e4:db:9e:ca:ea:36:
d2:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:54:BF:B0:92:E7:D9:CE:5A:7A:12:D9:4B:A7:D8:9F:01:A3:75:12
X509v3 Authority Key Identifier:
keyid:0F:74:E5:AF:2F:A7:21:5C:A4:69:B2:7C:10:79:F1:FF:D5:FC:AE:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D3Tlry-nIVykabJ8EHnx_9X8rvg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/49ace8-291d-4d4f-922e-eabcbc083f9b/1/D3Tlry-nIVykabJ8EHnx_9X8rvg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/49ace8-291d-4d4f-922e-eabcbc083f9b/1/D3Tlry-nIVykabJ8EHnx_9X8rvg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
08:5d:11:fc:f5:d9:6d:6b:e0:11:36:5b:93:6c:28:5a:48:e3:
83:05:e4:cf:d2:d7:d4:a3:fe:14:cb:1c:7d:b4:8a:34:1d:54:
de:79:7b:83:ac:b0:1a:2c:4e:8e:a3:0b:ac:93:86:86:79:a7:
ad:1f:f1:cb:65:c1:d9:67:7a:c1:e5:2c:46:13:97:d5:81:a1:
be:17:7c:e2:30:c4:50:bf:03:77:4f:ec:d0:7a:37:fd:61:c9:
a8:47:5c:b2:5d:50:ee:62:2d:2d:c4:c7:4f:20:82:85:df:13:
dc:88:47:09:84:db:9a:fc:94:64:8e:91:18:09:7f:7b:1e:b9:
02:6a:65:cd:18:bc:fc:a8:fc:9c:f7:73:6c:1c:08:0c:ad:87:
17:59:32:23:79:d1:11:dc:93:3c:aa:d1:e3:82:f3:0e:46:83:
24:53:a8:7a:2b:ef:24:d7:9f:20:0a:2f:eb:13:f4:86:e6:84:
ed:a3:7f:1c:a5:6f:03:1d:b3:94:23:ba:72:0b:94:2b:93:4c:
a1:a3:1c:28:bc:ab:c6:c1:e8:40:4c:0d:ea:41:cd:4a:d2:3c:
a2:8a:f9:ca:e4:14:c3:70:4e:d0:7e:a6:9a:67:9a:0a:64:14:
5b:c5:d1:18:cd:7b:ec:d1:e6:97:dc:30:ee:91:6a:97:50:3f:
54:b8:ed:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wDVJqAkxwAVyF+uCNEoDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNzRlNWFmMmZhNzIxNWNhNDY5YjI3YzEwNzlmMWZmZDVm
Y2FlZjgwHhcNMjYwMzI5MDQwMDM2WhcNMjYwMzMwMDQwMDM2WjAzMTEwLwYDVQQD
EygyOTU0YmZiMDkyZTdkOWNlNWE3YTEyZDk0YmE3ZDg5ZjAxYTM3NTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLU9S0gY0YqRCam+phARTuspdwHd
Vol5NS6Faw+emmopAU+OM4Esj1rCOfhiSoaTZOBa+6X30KAP5OZsCBBLwzGZQh1G
Oc5HAtTRAiTn6H+Sepda1GZa82HjzcHbN8kdWG5OjVVgr46qhBcJTZssb34SKu6L
Hb3MUSFzN9l0GUTz6WGpfS8fPG2Mu9yXtDpW2IIzzq5nyBumQlzHrfCgWx6tF7QG
Gy6/+guX4lQ6F8YM+pwakb+u5JolvEN4qSR7fsl4B6xrnxsqFVa4oDTEtvHLNvsA
lmJHJ6JzopLdG3S2g2DiviZzyaoQEc6wicp/A7eIRMhSoH7k257K6jbSvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFClUv7CS59nOWnoS2Uun2J8Bo3USMB8GA1UdIwQY
MBaAFA905a8vpyFcpGmyfBB58f/V/K74MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDNUbHJ5LW5JVnlrYWJKOEVIbnhfOVg4cnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC80OWFjZTgtMjkxZC00ZDRmLTkyMmUt
ZWFiY2JjMDgzZjliLzEvRDNUbHJ5LW5JVnlrYWJKOEVIbnhfOVg4cnZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC80OWFjZTgtMjkxZC00ZDRmLTkyMmUtZWFiY2JjMDgzZjli
LzEvRDNUbHJ5LW5JVnlrYWJKOEVIbnhfOVg4cnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACF0R/PXZ
bWvgETZbk2woWkjjgwXkz9LX1KP+FMscfbSKNB1U3nl7g6ywGixOjqMLrJOGhnmn
rR/xy2XB2Wd6weUsRhOX1YGhvhd84jDEUL8Dd0/s0Ho3/WHJqEdcsl1Q7mItLcTH
TyCChd8T3IhHCYTbmvyUZI6RGAl/ex65AmplzRi8/Kj8nPdzbBwIDK2HF1kyI3nR
EdyTPKrR44LzDkaDJFOoeivvJNefIAov6xP0huaE7aN/HKVvAx2zlCO6cguUK5NM
oaMcKLyrxsHoQEwN6kHNStI8oor5yuQUw3BO0H6mmmeaCmQUW8XRGM177NHml9ww
7pFql1A/VLjtKg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:03:28 2026 by rpki-client