Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/4559fd-b409-479c-a40f-2255585ddecb/1/0jtkd-HIT1KQfNYMY-qD715Kx4I.mft
File: 0jtkd-HIT1KQfNYMY-qD715Kx4I.mft (raw, json)
Hash identifier: kgk4iX98DvHSvpPWjgj8VhY5W3QeXpuJi9CG3AWeCq0=
Subject key identifier: 0C:2D:46:44:BE:B7:35:5C:7A:93:20:E2:25:F4:F8:68:AA:B5:82:BA
Authority key identifier: D2:3B:64:77:E1:C8:4F:52:90:7C:D6:0C:63:EA:83:EF:5E:4A:C7:82
Certificate issuer: /CN=d23b6477e1c84f52907cd60c63ea83ef5e4ac782
Certificate serial: 019D37533AE50A8C82B063FD682DCCFA6BB3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0jtkd-HIT1KQfNYMY-qD715Kx4I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/4559fd-b409-479c-a40f-2255585ddecb/1/0jtkd-HIT1KQfNYMY-qD715Kx4I.mft
Manifest number: 0BDB
Signing time: Sun 29 Mar 2026 02:01:34 +0000
Manifest this update: Sun 29 Mar 2026 02:01:34 +0000
Manifest next update: Mon 30 Mar 2026 02:01:34 +0000
Files and hashes: 1: 0jtkd-HIT1KQfNYMY-qD715Kx4I.crl (hash: uVCDSrhuCKqdlX8yjZBWux+96iSdbkLFGqGP86p8we8=)
2: u74Y2DtNYCrFLzeUZsDA2ek1RJQ.roa (hash: v4D4CGF7IK7jFQI/k7wDX6FIFSnqg7cuKSN4Jo5u5mc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/4559fd-b409-479c-a40f-2255585ddecb/1/0jtkd-HIT1KQfNYMY-qD715Kx4I.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/4559fd-b409-479c-a40f-2255585ddecb/1/0jtkd-HIT1KQfNYMY-qD715Kx4I.mft
rsync://rpki.ripe.net/repository/DEFAULT/0jtkd-HIT1KQfNYMY-qD715Kx4I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 02:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:53:3a:e5:0a:8c:82:b0:63:fd:68:2d:cc:fa:6b:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d23b6477e1c84f52907cd60c63ea83ef5e4ac782
Validity
Not Before: Mar 29 02:01:34 2026 GMT
Not After : Mar 30 02:01:34 2026 GMT
Subject: CN=0c2d4644beb7355c7a9320e225f4f868aab582ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:9c:fa:37:41:63:b4:6f:c1:22:e8:ac:85:72:
87:d5:85:19:b6:fb:09:e6:f6:49:7c:de:4a:7d:93:
db:59:06:94:74:0f:ac:2b:a7:52:3e:59:58:a1:d6:
00:8a:51:9e:2e:03:37:f4:7d:0c:9a:21:b1:e9:18:
a5:b0:8f:fa:9b:54:24:25:6f:ac:1e:fc:4d:9d:4c:
c3:78:ee:a8:71:02:df:60:c3:d3:db:7e:82:bb:e0:
39:14:54:1d:19:aa:6a:d8:7c:06:33:34:3d:a2:4f:
71:ac:78:9e:01:93:5d:56:83:fd:da:6e:34:a2:06:
cc:78:2c:17:3f:b9:8a:40:3b:cf:9c:93:e2:e9:47:
05:d4:ac:b0:22:c8:ae:95:75:32:8f:d4:73:6f:a2:
95:c7:6d:12:47:37:94:fe:62:2a:f0:50:64:1d:33:
1d:8f:8b:ac:b4:78:ee:34:c4:9e:63:a4:d5:da:54:
94:1e:34:b8:3f:6f:6b:11:b8:b7:53:52:27:e1:1f:
04:98:b9:1e:03:aa:b5:f0:b9:1e:8b:7a:3c:53:ee:
3f:66:eb:9f:6f:5f:fe:60:ae:0f:ca:f5:8a:2c:b7:
5f:a8:40:7b:25:f2:c6:4b:e9:8d:59:c4:80:e1:41:
d3:bb:9f:47:89:76:13:73:c8:e8:d0:70:81:55:f4:
82:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:2D:46:44:BE:B7:35:5C:7A:93:20:E2:25:F4:F8:68:AA:B5:82:BA
X509v3 Authority Key Identifier:
keyid:D2:3B:64:77:E1:C8:4F:52:90:7C:D6:0C:63:EA:83:EF:5E:4A:C7:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0jtkd-HIT1KQfNYMY-qD715Kx4I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/4559fd-b409-479c-a40f-2255585ddecb/1/0jtkd-HIT1KQfNYMY-qD715Kx4I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/4559fd-b409-479c-a40f-2255585ddecb/1/0jtkd-HIT1KQfNYMY-qD715Kx4I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4d:a3:1b:67:03:df:04:a6:18:a6:43:63:a7:9f:a2:28:ed:d2:
c0:39:05:43:d2:b6:89:c4:51:cf:b0:cb:72:ec:04:74:9d:fe:
8b:a7:4c:91:e8:5f:5d:34:bb:bd:a1:c3:c7:83:8c:8b:29:26:
50:e2:f6:7c:be:25:1f:6f:e3:38:d2:a8:f6:79:0b:f7:f9:e2:
fe:92:4b:2f:45:80:f0:44:10:8a:11:e4:04:1f:f6:70:17:f2:
96:7a:af:7a:b8:2f:ee:6b:d7:54:2f:30:14:dd:5f:4a:a4:d7:
72:84:0c:8c:7f:f5:aa:e6:4a:75:a3:c2:61:a7:3a:73:7c:b6:
ce:bc:f9:ae:f0:0c:fb:e0:88:2b:7a:50:6a:77:2a:2a:02:69:
1d:11:c1:3e:0d:85:de:f8:88:18:21:8c:3b:37:86:78:fb:62:
00:d3:de:44:f3:a0:ab:25:97:40:3f:52:b2:5e:48:32:66:7e:
c8:f5:b9:85:63:97:50:a2:41:4a:19:3b:4d:2e:b5:19:74:87:
60:05:d1:0d:1a:77:9e:7d:59:9d:ff:08:f3:25:fe:9e:14:7b:
05:6a:a7:e8:d4:dd:09:7c:56:e0:ab:06:0a:35:ed:a1:75:5b:
88:39:9e:4d:a0:42:a3:d3:61:0f:64:77:c5:07:e2:a1:ed:81:
d7:73:6e:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UzrlCoyCsGP9aC3M+muzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyM2I2NDc3ZTFjODRmNTI5MDdjZDYwYzYzZWE4M2VmNWU0
YWM3ODIwHhcNMjYwMzI5MDIwMTM0WhcNMjYwMzMwMDIwMTM0WjAzMTEwLwYDVQQD
EygwYzJkNDY0NGJlYjczNTVjN2E5MzIwZTIyNWY0Zjg2OGFhYjU4MmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpz6N0FjtG/BIuishXKH1YUZtvsJ
5vZJfN5KfZPbWQaUdA+sK6dSPllYodYAilGeLgM39H0MmiGx6RilsI/6m1QkJW+s
HvxNnUzDeO6ocQLfYMPT236Cu+A5FFQdGapq2HwGMzQ9ok9xrHieAZNdVoP92m40
ogbMeCwXP7mKQDvPnJPi6UcF1KywIsiulXUyj9Rzb6KVx20SRzeU/mIq8FBkHTMd
j4ustHjuNMSeY6TV2lSUHjS4P29rEbi3U1In4R8EmLkeA6q18Lkei3o8U+4/Zuuf
b1/+YK4PyvWKLLdfqEB7JfLGS+mNWcSA4UHTu59HiXYTc8jo0HCBVfSCnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAwtRkS+tzVcepMg4iX0+GiqtYK6MB8GA1UdIwQY
MBaAFNI7ZHfhyE9SkHzWDGPqg+9eSseCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGp0a2QtSElUMUtRZk5ZTVktcUQ3MTVLeDRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS80NTU5ZmQtYjQwOS00NzljLWE0MGYt
MjI1NTU4NWRkZWNiLzEvMGp0a2QtSElUMUtRZk5ZTVktcUQ3MTVLeDRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS80NTU5ZmQtYjQwOS00NzljLWE0MGYtMjI1NTU4NWRkZWNi
LzEvMGp0a2QtSElUMUtRZk5ZTVktcUQ3MTVLeDRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATaMbZwPf
BKYYpkNjp5+iKO3SwDkFQ9K2icRRz7DLcuwEdJ3+i6dMkehfXTS7vaHDx4OMiykm
UOL2fL4lH2/jONKo9nkL9/ni/pJLL0WA8EQQihHkBB/2cBfylnqvergv7mvXVC8w
FN1fSqTXcoQMjH/1quZKdaPCYac6c3y2zrz5rvAM++CIK3pQancqKgJpHRHBPg2F
3viIGCGMOzeGePtiANPeRPOgqyWXQD9Ssl5IMmZ+yPW5hWOXUKJBShk7TS61GXSH
YAXRDRp3nn1Znf8I8yX+nhR7BWqn6NTdCXxW4KsGCjXtoXVbiDmeTaBCo9NhD2R3
xQfioe2B13NuqQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:26:15 2026 by rpki-client