Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/be3e00-3c96-4cde-b81a-14c6b954d976/1/aDsz3HIYs_6IPElQUTTLOaZk_Sg.mft
File: aDsz3HIYs_6IPElQUTTLOaZk_Sg.mft (raw, json)
Hash identifier: FlmOEVqo0lQPW2JjCxu8y9xwrW1GgD+brjcEMcrBNYs=
Subject key identifier: 4F:36:AE:A5:A5:BA:AA:02:CF:08:6E:72:7C:A6:01:9A:92:4C:9B:47
Authority key identifier: 68:3B:33:DC:72:18:B3:FE:88:3C:49:50:51:34:CB:39:A6:64:FD:28
Certificate issuer: /CN=683b33dc7218b3fe883c49505134cb39a664fd28
Certificate serial: 019D389BF4304A9EEA6070DCEBDA7DC9D9EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aDsz3HIYs_6IPElQUTTLOaZk_Sg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/be3e00-3c96-4cde-b81a-14c6b954d976/1/aDsz3HIYs_6IPElQUTTLOaZk_Sg.mft
Manifest number: 0CF9
Signing time: Sun 29 Mar 2026 08:00:37 +0000
Manifest this update: Sun 29 Mar 2026 08:00:37 +0000
Manifest next update: Mon 30 Mar 2026 08:00:37 +0000
Files and hashes: 1: UBtkAIZtogJrMhGvbs0CbonHTS4.roa (hash: jo8TUuFmHzrj5Su3sdBnCB1ATJWy2tfFfxqEhpA5v6A=)
2: aDsz3HIYs_6IPElQUTTLOaZk_Sg.crl (hash: Zh5sQVL0gNe1M0+U6LxkqMVDVpLcJ1MBztaVAVA1l+I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/be3e00-3c96-4cde-b81a-14c6b954d976/1/aDsz3HIYs_6IPElQUTTLOaZk_Sg.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/be3e00-3c96-4cde-b81a-14c6b954d976/1/aDsz3HIYs_6IPElQUTTLOaZk_Sg.mft
rsync://rpki.ripe.net/repository/DEFAULT/aDsz3HIYs_6IPElQUTTLOaZk_Sg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9b:f4:30:4a:9e:ea:60:70:dc:eb:da:7d:c9:d9:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=683b33dc7218b3fe883c49505134cb39a664fd28
Validity
Not Before: Mar 29 08:00:37 2026 GMT
Not After : Mar 30 08:00:37 2026 GMT
Subject: CN=4f36aea5a5baaa02cf086e727ca6019a924c9b47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:5b:f1:c4:8f:f3:79:ef:90:9d:27:e4:6a:80:
10:b2:43:1e:06:66:29:39:b4:34:66:db:54:0c:d4:
0d:a6:56:fd:b0:fe:73:e0:84:a4:bf:4e:5a:a4:82:
23:fe:ec:6d:d7:87:0c:10:3b:19:58:36:b1:1c:18:
37:ad:57:46:d5:a4:62:ab:e4:52:3f:85:f2:75:59:
08:6e:bd:69:35:9a:ef:81:25:d0:c4:12:b6:bb:75:
41:bf:fb:0b:cc:2a:5d:80:74:5e:06:42:d8:93:43:
06:2e:de:15:3b:f5:a8:ed:a9:5e:20:c6:59:90:a6:
c7:c3:70:f1:c8:6e:09:8a:6b:05:29:dd:dd:90:68:
91:38:4a:16:4e:7a:80:e8:70:bd:36:76:51:c8:5d:
64:52:be:92:52:22:0a:63:2b:71:ca:4e:d4:4b:29:
eb:b8:f8:19:f2:45:09:5f:6b:b9:eb:ee:3e:5f:48:
48:30:a0:c3:33:a5:be:53:67:99:05:14:6c:b0:25:
5f:6f:d7:1a:e6:b0:49:fb:e1:1d:84:2a:6e:27:60:
19:e4:88:3d:b6:54:01:64:79:cf:9c:69:51:fd:0f:
4c:04:a9:aa:7f:fb:19:36:eb:39:47:21:ae:67:b0:
99:bc:62:97:5f:13:86:c9:79:bc:73:26:54:e1:45:
2b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:36:AE:A5:A5:BA:AA:02:CF:08:6E:72:7C:A6:01:9A:92:4C:9B:47
X509v3 Authority Key Identifier:
keyid:68:3B:33:DC:72:18:B3:FE:88:3C:49:50:51:34:CB:39:A6:64:FD:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDsz3HIYs_6IPElQUTTLOaZk_Sg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/be3e00-3c96-4cde-b81a-14c6b954d976/1/aDsz3HIYs_6IPElQUTTLOaZk_Sg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/be3e00-3c96-4cde-b81a-14c6b954d976/1/aDsz3HIYs_6IPElQUTTLOaZk_Sg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
97:cd:16:0e:55:28:86:31:b0:28:26:5d:76:86:53:6a:e7:bf:
ec:00:e6:73:6a:4c:16:66:dc:ec:f9:cc:82:d1:ae:84:df:64:
19:07:47:ce:e5:c4:4f:88:32:02:ca:da:2c:15:df:31:84:47:
5d:ad:f6:c8:8a:a8:78:c5:20:98:35:c1:95:69:0f:9c:49:70:
7d:72:c8:fe:ab:ab:04:10:12:2d:27:ae:fa:f2:e2:2c:17:61:
ca:91:bf:d2:4e:4f:bb:36:b9:48:75:0e:be:45:d1:53:55:c7:
de:58:aa:ca:94:53:2b:cc:2e:11:6f:da:ac:56:6c:b7:aa:fd:
48:e2:89:e7:36:c0:fd:fc:30:71:1d:80:e2:e7:e4:e9:c3:72:
f1:e7:45:ec:c8:c9:cd:e8:e9:99:c2:91:f8:86:32:9c:dc:d1:
74:07:25:09:76:45:71:fa:69:9f:f9:c7:e0:d4:66:43:9c:3c:
c0:29:7d:9a:7e:94:dd:4f:8d:a9:23:66:1c:06:05:bf:e1:03:
a7:67:cb:ed:2f:d5:96:a5:7e:37:ae:fa:9e:37:2d:07:13:b7:
0b:14:92:bd:41:e3:0b:1b:f8:8b:fa:11:65:19:60:38:6c:d1:
fb:19:c5:af:31:3d:07:bb:82:81:ee:3f:d4:43:d5:8c:82:5c:
62:3a:bb:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m/QwSp7qYHDc69p9ydnqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4M2IzM2RjNzIxOGIzZmU4ODNjNDk1MDUxMzRjYjM5YTY2
NGZkMjgwHhcNMjYwMzI5MDgwMDM3WhcNMjYwMzMwMDgwMDM3WjAzMTEwLwYDVQQD
Eyg0ZjM2YWVhNWE1YmFhYTAyY2YwODZlNzI3Y2E2MDE5YTkyNGM5YjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplvxxI/zee+QnSfkaoAQskMeBmYp
ObQ0ZttUDNQNplb9sP5z4ISkv05apIIj/uxt14cMEDsZWDaxHBg3rVdG1aRiq+RS
P4XydVkIbr1pNZrvgSXQxBK2u3VBv/sLzCpdgHReBkLYk0MGLt4VO/Wo7aleIMZZ
kKbHw3DxyG4JimsFKd3dkGiROEoWTnqA6HC9NnZRyF1kUr6SUiIKYytxyk7USynr
uPgZ8kUJX2u56+4+X0hIMKDDM6W+U2eZBRRssCVfb9ca5rBJ++EdhCpuJ2AZ5Ig9
tlQBZHnPnGlR/Q9MBKmqf/sZNus5RyGuZ7CZvGKXXxOGyXm8cyZU4UUr4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE82rqWluqoCzwhucnymAZqSTJtHMB8GA1UdIwQY
MBaAFGg7M9xyGLP+iDxJUFE0yzmmZP0oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURzejNISVlzXzZJUEVsUVVUVExPYVprX1NnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9iZTNlMDAtM2M5Ni00Y2RlLWI4MWEt
MTRjNmI5NTRkOTc2LzEvYURzejNISVlzXzZJUEVsUVVUVExPYVprX1NnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9iZTNlMDAtM2M5Ni00Y2RlLWI4MWEtMTRjNmI5NTRkOTc2
LzEvYURzejNISVlzXzZJUEVsUVVUVExPYVprX1NnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl80WDlUo
hjGwKCZddoZTaue/7ADmc2pMFmbc7PnMgtGuhN9kGQdHzuXET4gyAsraLBXfMYRH
Xa32yIqoeMUgmDXBlWkPnElwfXLI/qurBBASLSeu+vLiLBdhypG/0k5Puza5SHUO
vkXRU1XH3liqypRTK8wuEW/arFZst6r9SOKJ5zbA/fwwcR2A4ufk6cNy8edF7MjJ
zejpmcKR+IYynNzRdAclCXZFcfppn/nH4NRmQ5w8wCl9mn6U3U+NqSNmHAYFv+ED
p2fL7S/VlqV+N676njctBxO3CxSSvUHjCxv4i/oRZRlgOGzR+xnFrzE9B7uCge4/
1EPVjIJcYjq7wg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:17:48 2026 by rpki-client