Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.mft
File: _ThaYWOY5BbHDcsyJWb5Pj0vvxM.mft (raw, json)
Hash identifier: dO4Bm9nJaJuY3hUuhEwy+vS/z1arjJWC4XwaYgh3k84=
Subject key identifier: 12:59:A8:B9:BD:0E:2C:CE:3D:57:6C:42:6A:0D:B1:96:5D:52:B7:9E
Authority key identifier: FD:38:5A:61:63:98:E4:16:C7:0D:CB:32:25:66:F9:3E:3D:2F:BF:13
Certificate issuer: /CN=fd385a616398e416c70dcb322566f93e3d2fbf13
Certificate serial: 019D375327398D0B23F87D5B51CBEC527F01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.mft
Manifest number: 1002
Signing time: Sun 29 Mar 2026 02:01:29 +0000
Manifest this update: Sun 29 Mar 2026 02:01:29 +0000
Manifest next update: Mon 30 Mar 2026 02:01:29 +0000
Files and hashes: 1: GY4EnPb_q6Zazu0CJu5dhVQR9FU.roa (hash: cIwRyJ89jjJ0ifkb1iiXIh0uKnfN3IaxGiXjhh7yXZA=)
2: _ThaYWOY5BbHDcsyJWb5Pj0vvxM.crl (hash: llTtgaJ94I6LBXMCeSS9INMrJdW2ZwCpG9psLU9zHaw=)
3: pa8B-FlOx--Ut2_es5oAJhA0FCA.roa (hash: ajOY0LcVIPOyQGKjIC9aKFEQAKswVywtezhougW9o5M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.mft
rsync://rpki.ripe.net/repository/DEFAULT/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 02:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:53:27:39:8d:0b:23:f8:7d:5b:51:cb:ec:52:7f:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd385a616398e416c70dcb322566f93e3d2fbf13
Validity
Not Before: Mar 29 02:01:29 2026 GMT
Not After : Mar 30 02:01:29 2026 GMT
Subject: CN=1259a8b9bd0e2cce3d576c426a0db1965d52b79e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:de:99:db:2b:1b:7b:a8:d9:32:53:02:ee:29:
a4:80:db:94:11:4a:25:0a:92:a3:2b:f1:01:99:c3:
bb:f7:21:e6:6e:44:2f:3d:49:9e:18:e3:22:e5:87:
17:2e:5f:20:32:46:ed:38:01:8a:2d:dd:6e:d2:73:
e2:0a:cb:89:bb:7e:d3:39:da:57:e6:1a:d2:7d:85:
21:d9:c3:92:cc:ef:5f:c6:ee:5a:87:fb:8d:24:9c:
25:60:9b:a1:0c:3c:04:4d:84:68:ec:51:44:c8:c2:
89:cb:32:46:95:87:19:fa:d0:52:c7:8a:ca:03:83:
72:0f:0a:3f:98:e8:01:e9:37:e4:23:6a:b6:2d:50:
91:e3:47:35:f9:78:7a:81:e0:35:90:f5:42:96:35:
1a:e2:40:6f:e5:00:fa:a5:88:6d:6c:56:39:75:c8:
69:09:24:8f:b1:24:cf:83:82:77:62:16:67:e9:39:
94:b8:12:0c:59:de:41:0f:e4:dd:32:c8:5a:00:c2:
74:5e:81:5c:eb:a7:9f:46:d0:f8:f3:d9:3f:6f:d0:
bf:43:fd:1d:bc:69:33:64:30:62:62:ba:5f:11:84:
a9:ba:ff:3d:91:4a:63:64:f6:ff:47:fd:06:a4:c4:
57:61:d3:62:9e:fa:65:67:d9:36:2c:ec:72:84:33:
ce:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:59:A8:B9:BD:0E:2C:CE:3D:57:6C:42:6A:0D:B1:96:5D:52:B7:9E
X509v3 Authority Key Identifier:
keyid:FD:38:5A:61:63:98:E4:16:C7:0D:CB:32:25:66:F9:3E:3D:2F:BF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/257fd7-a9f7-4284-acf3-34304f5cda98/1/_ThaYWOY5BbHDcsyJWb5Pj0vvxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
72:ba:b2:e4:cb:c5:03:68:57:be:d0:15:f5:eb:c2:87:94:66:
ba:16:8c:e2:32:68:31:57:29:e8:6a:bc:da:d6:b7:c6:65:a4:
d4:59:b4:60:65:bf:11:c0:79:55:aa:fe:f5:2a:79:a5:3d:4e:
74:24:70:8d:a7:e7:67:38:32:36:1e:49:1f:47:07:bd:39:d4:
b9:f8:9c:7c:44:ac:8c:e5:a3:b3:2b:81:23:11:30:8e:ea:0e:
d7:48:ba:70:95:39:43:06:b0:8b:b7:3b:b4:a8:c4:6c:7e:65:
2a:d1:34:4c:14:fd:ea:95:aa:70:91:a3:de:57:58:90:14:ed:
d4:2f:0b:2f:2e:19:a7:f4:7d:dd:fa:56:89:23:61:84:1f:3d:
83:3d:cb:61:db:85:01:6e:5a:43:a8:cf:96:ac:32:d6:08:14:
d3:ad:d8:56:d1:02:c1:da:50:fa:2a:ac:7d:7a:e0:e7:9c:47:
e9:bf:d4:ba:85:78:1b:ba:e3:6a:f8:c4:84:45:8c:d9:53:7b:
50:28:01:ea:ca:94:3d:bf:f7:e4:c7:32:f1:c7:9a:10:ae:72:
32:3b:28:aa:5a:1b:95:05:87:04:10:86:99:53:6c:37:c7:92:
56:af:8c:12:4e:71:79:85:92:7e:c6:8e:63:ee:42:5e:15:59:
ec:d4:c8:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03Uyc5jQsj+H1bUcvsUn8BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMzg1YTYxNjM5OGU0MTZjNzBkY2IzMjI1NjZmOTNlM2Qy
ZmJmMTMwHhcNMjYwMzI5MDIwMTI5WhcNMjYwMzMwMDIwMTI5WjAzMTEwLwYDVQQD
EygxMjU5YThiOWJkMGUyY2NlM2Q1NzZjNDI2YTBkYjE5NjVkNTJiNzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm96Z2ysbe6jZMlMC7imkgNuUEUol
CpKjK/EBmcO79yHmbkQvPUmeGOMi5YcXLl8gMkbtOAGKLd1u0nPiCsuJu37TOdpX
5hrSfYUh2cOSzO9fxu5ah/uNJJwlYJuhDDwETYRo7FFEyMKJyzJGlYcZ+tBSx4rK
A4NyDwo/mOgB6TfkI2q2LVCR40c1+Xh6geA1kPVCljUa4kBv5QD6pYhtbFY5dchp
CSSPsSTPg4J3YhZn6TmUuBIMWd5BD+TdMshaAMJ0XoFc66efRtD489k/b9C/Q/0d
vGkzZDBiYrpfEYSpuv89kUpjZPb/R/0GpMRXYdNinvplZ9k2LOxyhDPO/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBJZqLm9DizOPVdsQmoNsZZdUreeMB8GA1UdIwQY
MBaAFP04WmFjmOQWxw3LMiVm+T49L78TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1RoYVlXT1k1QmJIRGNzeUpXYjVQajB2dnhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8yNTdmZDctYTlmNy00Mjg0LWFjZjMt
MzQzMDRmNWNkYTk4LzEvX1RoYVlXT1k1QmJIRGNzeUpXYjVQajB2dnhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8yNTdmZDctYTlmNy00Mjg0LWFjZjMtMzQzMDRmNWNkYTk4
LzEvX1RoYVlXT1k1QmJIRGNzeUpXYjVQajB2dnhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcrqy5MvF
A2hXvtAV9evCh5RmuhaM4jJoMVcp6Gq82ta3xmWk1Fm0YGW/EcB5Var+9Sp5pT1O
dCRwjafnZzgyNh5JH0cHvTnUuficfESsjOWjsyuBIxEwjuoO10i6cJU5Qwawi7c7
tKjEbH5lKtE0TBT96pWqcJGj3ldYkBTt1C8LLy4Zp/R93fpWiSNhhB89gz3LYduF
AW5aQ6jPlqwy1ggU063YVtECwdpQ+iqsfXrg55xH6b/UuoV4G7rjavjEhEWM2VN7
UCgB6sqUPb/35Mcy8ceaEK5yMjsoqloblQWHBBCGmVNsN8eSVq+MEk5xeYWSfsaO
Y+5CXhVZ7NTIEA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:13:58 2026 by rpki-client