Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/d0be06-ef5f-4418-af1c-320936288e95/1/668NIPmOOiBVDJltdCkmiPDSJ50.mft
File: 668NIPmOOiBVDJltdCkmiPDSJ50.mft (raw, json)
Hash identifier: CpFMw5JaoDNFRs3q+3qogZ6yCFMDX4llb9iwK3BI5Gk=
Subject key identifier: 73:CB:86:46:CB:FC:81:08:45:87:9A:0B:16:AA:C1:97:3E:74:CE:F8
Authority key identifier: EB:AF:0D:20:F9:8E:3A:20:55:0C:99:6D:74:29:26:88:F0:D2:27:9D
Certificate issuer: /CN=ebaf0d20f98e3a20550c996d74292688f0d2279d
Certificate serial: 019D009B0EB44C1DF1EB5A6366FD0B1E87C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/668NIPmOOiBVDJltdCkmiPDSJ50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/d0be06-ef5f-4418-af1c-320936288e95/1/668NIPmOOiBVDJltdCkmiPDSJ50.mft
Manifest number: 3B
Signing time: Wed 18 Mar 2026 11:00:54 +0000
Manifest this update: Wed 18 Mar 2026 11:00:54 +0000
Manifest next update: Thu 19 Mar 2026 11:00:54 +0000
Files and hashes: 1: 668NIPmOOiBVDJltdCkmiPDSJ50.crl (hash: LsdTtNBFJllUvJY3HrzadCRGFrYQZNwiAzYQoMQ/h6w=)
2: pKEJ7DFWHbBkVzp3bQLrdzxNPJY.roa (hash: TMTD7mh7ooZTdBqCU8hqfvjG3It5Zy3T0eHIJx3jzjI=)
3: yk3NAuQ0NoST9PEW0vgb3LGhviE.roa (hash: VQ5a/vSth0KQuphYV4DJB31TjGhP1sRfoX91QXXY+ws=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/d0be06-ef5f-4418-af1c-320936288e95/1/668NIPmOOiBVDJltdCkmiPDSJ50.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/d0be06-ef5f-4418-af1c-320936288e95/1/668NIPmOOiBVDJltdCkmiPDSJ50.mft
rsync://rpki.ripe.net/repository/DEFAULT/668NIPmOOiBVDJltdCkmiPDSJ50.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Mar 2026 11:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:00:9b:0e:b4:4c:1d:f1:eb:5a:63:66:fd:0b:1e:87:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebaf0d20f98e3a20550c996d74292688f0d2279d
Validity
Not Before: Mar 18 11:00:54 2026 GMT
Not After : Mar 19 11:00:54 2026 GMT
Subject: CN=73cb8646cbfc810845879a0b16aac1973e74cef8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:9c:da:51:d9:5d:02:de:7c:71:34:1e:c2:71:
92:83:70:9d:26:a1:a6:dc:44:f0:0d:3b:28:64:4d:
ac:d7:33:a6:11:68:89:7a:77:01:db:6e:a6:b7:25:
36:fe:74:61:12:55:80:b4:68:f6:a7:a8:d6:06:c0:
b5:a1:3f:78:51:25:78:c6:89:40:1c:06:e0:2b:d6:
10:33:cb:47:a0:4d:a1:50:f1:64:a8:c0:07:01:66:
a9:00:b4:ea:2a:05:a6:f9:0c:a9:47:d9:08:9d:ef:
41:39:3f:af:60:99:85:a8:0a:46:9d:af:5b:41:b0:
66:6b:7e:9f:b6:70:3c:dc:8e:fc:99:b6:dd:de:2a:
19:57:f0:92:ad:d6:f7:64:42:90:2b:85:4b:a1:f6:
a8:12:db:00:a1:47:b7:31:4c:6a:27:19:43:f4:7c:
91:9d:53:ea:de:9c:0f:88:8c:80:63:17:4c:d5:87:
6b:d9:6d:b1:aa:a6:90:86:33:23:e1:68:26:ba:0a:
7a:f1:fb:bd:24:fc:9e:4b:f1:bf:32:a9:68:85:0c:
5e:aa:ec:b0:f4:ce:b0:1e:da:21:64:c4:17:23:07:
47:3e:c6:02:4c:0e:92:c8:d4:dd:7a:13:8b:18:ab:
f7:ee:fb:1e:05:ff:ef:96:ad:3e:c4:f9:75:8a:9b:
11:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:CB:86:46:CB:FC:81:08:45:87:9A:0B:16:AA:C1:97:3E:74:CE:F8
X509v3 Authority Key Identifier:
keyid:EB:AF:0D:20:F9:8E:3A:20:55:0C:99:6D:74:29:26:88:F0:D2:27:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/668NIPmOOiBVDJltdCkmiPDSJ50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/d0be06-ef5f-4418-af1c-320936288e95/1/668NIPmOOiBVDJltdCkmiPDSJ50.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/d0be06-ef5f-4418-af1c-320936288e95/1/668NIPmOOiBVDJltdCkmiPDSJ50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
05:77:c9:4c:54:45:2c:ab:5e:06:e5:ed:da:7f:fa:18:df:7b:
09:bd:64:6b:b2:dd:f3:b4:e9:f6:17:e8:8c:db:fe:e3:3d:c6:
9d:66:63:70:d0:15:e0:9c:b6:1d:51:74:b7:43:f1:19:a4:ad:
63:23:fc:f0:19:e2:4a:d5:7c:92:85:5c:3a:84:af:17:d9:cb:
ab:e2:6f:4c:9f:81:de:30:a2:2a:45:f3:2c:b6:0e:34:6a:e0:
80:9e:f8:cb:b0:fe:3b:8a:c4:c2:5c:b8:be:a1:59:b3:7c:fe:
e6:03:6b:f9:24:09:12:88:d0:14:d0:3e:bf:67:45:3c:21:c0:
59:13:5a:1c:a1:65:04:dd:d1:c2:92:0f:8d:c3:1e:9d:da:3c:
8e:c0:e0:18:d7:48:b7:88:3c:8c:a1:78:dd:19:eb:bc:c9:29:
9d:cf:9c:2b:a2:cb:e6:67:78:0e:74:40:e6:8b:c7:d8:eb:ce:
e5:10:09:33:b1:56:c1:18:3c:4f:f8:16:68:38:79:e1:29:8c:
2d:b8:e8:3d:27:2e:d5:05:15:29:f8:36:f5:01:01:ba:d7:d4:
08:41:d9:db:d0:39:c2:47:e5:3d:be:3a:ba:01:47:3a:c1:11:
79:f5:cf:74:12:95:ae:6f:fc:19:b5:21:3d:03:e8:e9:c7:25:
b4:9f:2a:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0Amw60TB3x61pjZv0LHofCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViYWYwZDIwZjk4ZTNhMjA1NTBjOTk2ZDc0MjkyNjg4ZjBk
MjI3OWQwHhcNMjYwMzE4MTEwMDU0WhcNMjYwMzE5MTEwMDU0WjAzMTEwLwYDVQQD
Eyg3M2NiODY0NmNiZmM4MTA4NDU4NzlhMGIxNmFhYzE5NzNlNzRjZWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5zaUdldAt58cTQewnGSg3CdJqGm
3ETwDTsoZE2s1zOmEWiJencB226mtyU2/nRhElWAtGj2p6jWBsC1oT94USV4xolA
HAbgK9YQM8tHoE2hUPFkqMAHAWapALTqKgWm+QypR9kIne9BOT+vYJmFqApGna9b
QbBma36ftnA83I78mbbd3ioZV/CSrdb3ZEKQK4VLofaoEtsAoUe3MUxqJxlD9HyR
nVPq3pwPiIyAYxdM1Ydr2W2xqqaQhjMj4Wgmugp68fu9JPyeS/G/MqlohQxequyw
9M6wHtohZMQXIwdHPsYCTA6SyNTdehOLGKv37vseBf/vlq0+xPl1ipsR0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHPLhkbL/IEIRYeaCxaqwZc+dM74MB8GA1UdIwQY
MBaAFOuvDSD5jjogVQyZbXQpJojw0iedMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjY4TklQbU9PaUJWREpsdGRDa21pUERTSjUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9kMGJlMDYtZWY1Zi00NDE4LWFmMWMt
MzIwOTM2Mjg4ZTk1LzEvNjY4TklQbU9PaUJWREpsdGRDa21pUERTSjUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9kMGJlMDYtZWY1Zi00NDE4LWFmMWMtMzIwOTM2Mjg4ZTk1
LzEvNjY4TklQbU9PaUJWREpsdGRDa21pUERTSjUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABXfJTFRF
LKteBuXt2n/6GN97Cb1ka7Ld87Tp9hfojNv+4z3GnWZjcNAV4Jy2HVF0t0PxGaSt
YyP88BniStV8koVcOoSvF9nLq+JvTJ+B3jCiKkXzLLYONGrggJ74y7D+O4rEwly4
vqFZs3z+5gNr+SQJEojQFNA+v2dFPCHAWRNaHKFlBN3RwpIPjcMendo8jsDgGNdI
t4g8jKF43RnrvMkpnc+cK6LL5md4DnRA5ovH2OvO5RAJM7FWwRg8T/gWaDh54SmM
LbjoPScu1QUVKfg29QEButfUCEHZ29A5wkflPb46ugFHOsERefXPdBKVrm/8GbUh
PQPo6ccltJ8qug==
-----END CERTIFICATE-----
Generated at Wed Mar 18 15:41:47 2026 by rpki-client