Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/d9e87b-450a-4152-a242-d6910b21ab42/1/oTRxtQAqTrZJYSXPWHN_Deutrns.mft
File: oTRxtQAqTrZJYSXPWHN_Deutrns.mft (raw, json)
Hash identifier: oApn8VjNl22eD03AaLSpHFaPjCmP8Qa1ea62TD4uZ+w=
Subject key identifier: 1D:BF:5E:CA:30:38:B0:C6:37:FE:BE:18:9D:AC:D6:AC:90:D6:18:34
Authority key identifier: A1:34:71:B5:00:2A:4E:B6:49:61:25:CF:58:73:7F:0D:EB:AD:AE:7B
Certificate issuer: /CN=a13471b5002a4eb6496125cf58737f0debadae7b
Certificate serial: 019D3752970BDEBC21B7FB019AB67CE8AD3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oTRxtQAqTrZJYSXPWHN_Deutrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/d9e87b-450a-4152-a242-d6910b21ab42/1/oTRxtQAqTrZJYSXPWHN_Deutrns.mft
Manifest number: 0815
Signing time: Sun 29 Mar 2026 02:00:52 +0000
Manifest this update: Sun 29 Mar 2026 02:00:52 +0000
Manifest next update: Mon 30 Mar 2026 02:00:52 +0000
Files and hashes: 1: YMlojSojXsI2HBIediVAZQR53Uw.roa (hash: JmufbrfZpdywXGEriwFTpVhWPjQ10Wi0s4R9uPOJmgM=)
2: oTRxtQAqTrZJYSXPWHN_Deutrns.crl (hash: BeBfMfRyBywbiCvmmU/BRl1W5dkHedtLnSPIjJA/SFI=)
3: ofNUkXwRdU2CygbCJb-JHa2iVxk.asa (hash: 2CgpH6bf+b3jg+rggjhpByWihzKk9amkpphMJMuERmU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/d9e87b-450a-4152-a242-d6910b21ab42/1/oTRxtQAqTrZJYSXPWHN_Deutrns.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/d9e87b-450a-4152-a242-d6910b21ab42/1/oTRxtQAqTrZJYSXPWHN_Deutrns.mft
rsync://rpki.ripe.net/repository/DEFAULT/oTRxtQAqTrZJYSXPWHN_Deutrns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 02:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:52:97:0b:de:bc:21:b7:fb:01:9a:b6:7c:e8:ad:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a13471b5002a4eb6496125cf58737f0debadae7b
Validity
Not Before: Mar 29 02:00:52 2026 GMT
Not After : Mar 30 02:00:52 2026 GMT
Subject: CN=1dbf5eca3038b0c637febe189dacd6ac90d61834
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ed:e4:44:70:24:6b:a6:2d:2f:cd:a9:fa:39:
48:28:cd:fa:cf:ec:c2:29:ce:fe:46:54:12:30:1c:
b4:61:ef:b0:23:76:a2:2c:b8:03:f3:7f:ed:de:6f:
ae:1e:63:58:90:e7:70:b5:d5:51:c7:e6:5d:56:33:
94:e6:6c:1e:e0:9a:d7:20:47:6d:80:31:d9:92:ec:
b8:85:a2:c8:a2:31:b5:be:b6:12:4c:91:a7:1b:96:
ae:36:54:ab:9a:1e:a6:2d:6b:a6:cd:04:56:6a:e3:
81:8b:02:1e:82:c3:61:39:84:da:5c:89:88:ec:d6:
bd:82:fa:c2:f3:38:bc:56:d9:b7:61:97:ce:7b:f5:
e7:bb:64:1e:b2:ca:87:17:80:8c:41:60:65:5e:85:
5f:15:84:77:12:03:9a:94:5d:b4:a8:1d:fa:39:49:
1b:49:d4:cf:92:f9:79:86:ea:0a:cc:72:11:30:8a:
fc:d0:fa:b7:de:4d:f3:20:b2:20:93:a8:c6:ae:8b:
e7:f7:6c:83:18:f8:84:c6:b2:aa:4e:1c:d1:f0:b9:
4e:56:59:15:5a:97:a5:e2:c0:04:b0:52:77:be:e9:
0c:0c:e6:e5:57:e9:b5:91:50:02:b0:1e:3f:80:2f:
12:be:e9:a9:ae:8f:30:ec:20:b1:d0:c7:e1:27:27:
a5:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:BF:5E:CA:30:38:B0:C6:37:FE:BE:18:9D:AC:D6:AC:90:D6:18:34
X509v3 Authority Key Identifier:
keyid:A1:34:71:B5:00:2A:4E:B6:49:61:25:CF:58:73:7F:0D:EB:AD:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oTRxtQAqTrZJYSXPWHN_Deutrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/d9e87b-450a-4152-a242-d6910b21ab42/1/oTRxtQAqTrZJYSXPWHN_Deutrns.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/d9e87b-450a-4152-a242-d6910b21ab42/1/oTRxtQAqTrZJYSXPWHN_Deutrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
63:d5:53:db:58:72:f8:af:29:68:d3:15:91:f2:74:b3:8f:44:
dc:b6:3e:38:b1:95:64:fe:d9:a0:b1:3b:1e:f9:d9:33:2b:c5:
86:17:21:38:0b:ad:8f:35:93:31:29:bf:7f:28:72:57:be:69:
aa:d3:3b:ae:1b:87:1d:ec:ec:07:27:59:04:41:88:73:cc:b3:
54:78:12:bb:f4:66:d7:15:22:1c:3a:cb:70:24:45:a4:ba:a5:
c2:20:15:40:3b:33:49:5a:a6:c1:6a:50:1b:54:ae:13:69:0a:
36:5d:3d:99:bc:0a:af:13:cb:6a:f1:57:20:e7:50:f4:4b:52:
31:55:91:66:18:3f:d7:d6:e7:ca:7b:a6:77:4d:ca:cd:5f:8e:
bc:29:88:60:c3:12:f7:2a:95:ce:5b:4a:a6:90:d1:1e:bc:ba:
fa:a5:35:27:fb:72:b6:9f:09:2f:dd:c7:1d:d9:2f:2c:31:7e:
57:93:d2:65:42:5b:d7:71:ad:ff:22:cb:df:c5:59:d5:c5:d2:
6b:6a:f6:c6:5f:0f:b2:42:1c:42:eb:56:77:a0:20:75:87:ef:
6b:2b:8b:40:1b:c1:be:54:48:32:89:3d:56:15:62:6c:b1:41:
5a:e7:8d:ee:b8:65:d5:a4:75:9a:40:e3:c3:93:cc:43:8c:08:
d2:0d:4a:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UpcL3rwht/sBmrZ86K08MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMzQ3MWI1MDAyYTRlYjY0OTYxMjVjZjU4NzM3ZjBkZWJh
ZGFlN2IwHhcNMjYwMzI5MDIwMDUyWhcNMjYwMzMwMDIwMDUyWjAzMTEwLwYDVQQD
EygxZGJmNWVjYTMwMzhiMGM2MzdmZWJlMTg5ZGFjZDZhYzkwZDYxODM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2u3kRHAka6YtL82p+jlIKM36z+zC
Kc7+RlQSMBy0Ye+wI3aiLLgD83/t3m+uHmNYkOdwtdVRx+ZdVjOU5mwe4JrXIEdt
gDHZkuy4haLIojG1vrYSTJGnG5auNlSrmh6mLWumzQRWauOBiwIegsNhOYTaXImI
7Na9gvrC8zi8Vtm3YZfOe/Xnu2QessqHF4CMQWBlXoVfFYR3EgOalF20qB36OUkb
SdTPkvl5huoKzHIRMIr80Pq33k3zILIgk6jGrovn92yDGPiExrKqThzR8LlOVlkV
Wpel4sAEsFJ3vukMDOblV+m1kVACsB4/gC8Svumpro8w7CCx0MfhJyelPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB2/XsowOLDGN/6+GJ2s1qyQ1hg0MB8GA1UdIwQY
MBaAFKE0cbUAKk62SWElz1hzfw3rra57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1RSeHRRQXFUclpKWVNYUFdITl9EZXV0cm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9kOWU4N2ItNDUwYS00MTUyLWEyNDIt
ZDY5MTBiMjFhYjQyLzEvb1RSeHRRQXFUclpKWVNYUFdITl9EZXV0cm5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9kOWU4N2ItNDUwYS00MTUyLWEyNDItZDY5MTBiMjFhYjQy
LzEvb1RSeHRRQXFUclpKWVNYUFdITl9EZXV0cm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY9VT21hy
+K8paNMVkfJ0s49E3LY+OLGVZP7ZoLE7HvnZMyvFhhchOAutjzWTMSm/fyhyV75p
qtM7rhuHHezsBydZBEGIc8yzVHgSu/Rm1xUiHDrLcCRFpLqlwiAVQDszSVqmwWpQ
G1SuE2kKNl09mbwKrxPLavFXIOdQ9EtSMVWRZhg/19bnynumd03KzV+OvCmIYMMS
9yqVzltKppDRHry6+qU1J/tytp8JL93HHdkvLDF+V5PSZUJb13Gt/yLL38VZ1cXS
a2r2xl8PskIcQutWd6AgdYfvayuLQBvBvlRIMok9VhVibLFBWueN7rhl1aR1mkDj
w5PMQ4wI0g1K5A==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:14:00 2026 by rpki-client