Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
File: ao33d2sW0oLgTGluJYqk-fnOnJg.mft (raw, json)
Hash identifier: uRzK3fHaI//NsNcuGz/IFzgCF2R5WC+q2KwmE8qNYXI=
Subject key identifier: 38:12:AF:F4:07:E4:CF:92:A9:C7:D3:58:32:95:BD:0B:43:B2:4F:3F
Authority key identifier: 6A:8D:F7:77:6B:16:D2:82:E0:4C:69:6E:25:8A:A4:F9:F9:CE:9C:98
Certificate issuer: /CN=6a8df7776b16d282e04c696e258aa4f9f9ce9c98
Certificate serial: 019E30E08D05C6AFBCC3712E49EB26EF07C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
Manifest number: 0D01
Signing time: Sat 16 May 2026 13:01:22 +0000
Manifest this update: Sat 16 May 2026 13:01:22 +0000
Manifest next update: Sun 17 May 2026 13:01:22 +0000
Files and hashes: 1: GmFXXmDlxbUAsewZb2XP6yyDi4w.roa (hash: t86pSAuRTeL1p9o68CyCCsghXoQGwpFAgB1l7sjE7zs=)
2: ao33d2sW0oLgTGluJYqk-fnOnJg.crl (hash: p3f8fr7UZhRoB1rN7AQb0wMDwO+BZ/EAkGZ7HmmVank=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 17 May 2026 13:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:30:e0:8d:05:c6:af:bc:c3:71:2e:49:eb:26:ef:07:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a8df7776b16d282e04c696e258aa4f9f9ce9c98
Validity
Not Before: May 16 13:01:22 2026 GMT
Not After : May 17 13:01:22 2026 GMT
Subject: CN=3812aff407e4cf92a9c7d3583295bd0b43b24f3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:81:34:37:4a:7f:66:7c:bc:3f:f0:f7:0e:5e:
b1:fa:09:2e:26:f4:b5:53:61:b6:9f:03:51:ae:e4:
e4:bc:d6:7f:ea:d7:98:7c:b3:5f:c9:06:c8:76:fe:
f7:9a:0e:e9:f0:18:27:d6:3f:83:8d:ed:d4:72:2c:
57:d3:79:9a:cf:98:2c:21:d8:60:44:99:cf:0f:c8:
ba:18:40:e5:57:6b:d8:d7:f0:6c:b8:41:19:17:a4:
3f:6f:dd:d8:1b:bb:86:f3:ef:cd:26:9c:43:95:04:
81:3f:8a:31:8d:fb:81:ef:8f:39:47:51:a1:d6:d1:
a3:16:ff:f7:b1:6f:18:0d:cd:f9:1e:a9:09:f8:c6:
00:16:cd:ac:71:7d:53:9e:6a:2c:70:b8:61:20:f0:
18:1f:2b:87:76:f4:a4:58:90:c2:b9:69:8f:e8:a5:
e6:ea:41:01:32:fb:9b:b4:2f:59:12:d1:32:44:2f:
ae:76:47:97:db:f0:ab:43:c3:20:43:39:a5:0d:2d:
d0:cf:eb:df:c5:4d:0f:3f:ac:de:37:ae:a0:94:dd:
36:1e:54:bc:3e:d7:85:47:27:05:1f:5e:fa:8e:a2:
4b:86:4a:2f:9d:4a:76:71:8f:2c:01:b0:65:06:6a:
6c:8d:c6:10:15:4a:84:2b:8a:55:f5:1e:fc:06:ec:
97:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:12:AF:F4:07:E4:CF:92:A9:C7:D3:58:32:95:BD:0B:43:B2:4F:3F
X509v3 Authority Key Identifier:
keyid:6A:8D:F7:77:6B:16:D2:82:E0:4C:69:6E:25:8A:A4:F9:F9:CE:9C:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
78:2f:21:3d:02:32:34:ab:ae:91:14:82:81:93:5e:5e:af:21:
00:78:3a:99:e6:88:33:80:9b:8e:eb:e5:0f:90:53:9c:90:2f:
1a:dd:b2:32:88:cd:56:51:7e:c1:2a:44:5f:89:19:68:41:9c:
c9:7d:77:46:b5:df:ac:f3:e0:39:e9:c7:d9:7b:ef:9f:20:d5:
40:b3:57:87:f5:1f:ac:4f:33:07:a8:9c:67:ad:27:f7:a8:57:
41:03:2d:f6:9c:3c:8e:50:f1:b9:0f:ad:26:23:e9:97:38:63:
61:88:a5:f5:54:95:b3:10:01:17:91:5a:71:44:3f:73:4b:db:
cf:0c:81:ae:74:d1:fe:dc:fe:21:b3:d3:df:ca:bc:dd:3c:5b:
59:c5:6b:07:24:51:9d:0d:64:0e:fc:d6:bc:56:80:be:f3:32:
6a:09:19:44:bc:3b:cc:09:cf:09:0e:b3:9c:9a:3f:b5:30:de:
24:99:82:85:5d:21:17:a8:ca:79:ae:15:98:d0:c7:b5:e2:21:
2e:9e:47:cb:c7:42:7e:48:8e:ef:09:40:cd:67:84:e5:04:ad:
a2:a8:36:2c:93:df:86:01:0b:2f:d2:14:2b:8c:dd:9a:b6:dd:
75:17:0e:4f:44:97:8f:99:3b:01:76:29:24:ea:a2:06:1f:4d:
fd:90:67:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4w4I0Fxq+8w3EuSesm7wfCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhOGRmNzc3NmIxNmQyODJlMDRjNjk2ZTI1OGFhNGY5Zjlj
ZTljOTgwHhcNMjYwNTE2MTMwMTIyWhcNMjYwNTE3MTMwMTIyWjAzMTEwLwYDVQQD
EygzODEyYWZmNDA3ZTRjZjkyYTljN2QzNTgzMjk1YmQwYjQzYjI0ZjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3IE0N0p/Zny8P/D3Dl6x+gkuJvS1
U2G2nwNRruTkvNZ/6teYfLNfyQbIdv73mg7p8Bgn1j+Dje3UcixX03maz5gsIdhg
RJnPD8i6GEDlV2vY1/BsuEEZF6Q/b93YG7uG8+/NJpxDlQSBP4oxjfuB7485R1Gh
1tGjFv/3sW8YDc35HqkJ+MYAFs2scX1TnmoscLhhIPAYHyuHdvSkWJDCuWmP6KXm
6kEBMvubtC9ZEtEyRC+udkeX2/CrQ8MgQzmlDS3Qz+vfxU0PP6zeN66glN02HlS8
PteFRycFH176jqJLhkovnUp2cY8sAbBlBmpsjcYQFUqEK4pV9R78BuyXbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDgSr/QH5M+SqcfTWDKVvQtDsk8/MB8GA1UdIwQY
MBaAFGqN93drFtKC4ExpbiWKpPn5zpyYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kMzAxY2QtZjUxMy00OTk1LTlkNTUt
MWIzOGIwMjI0NWMxLzEvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kMzAxY2QtZjUxMy00OTk1LTlkNTUtMWIzOGIwMjI0NWMx
LzEvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeC8hPQIy
NKuukRSCgZNeXq8hAHg6meaIM4CbjuvlD5BTnJAvGt2yMojNVlF+wSpEX4kZaEGc
yX13RrXfrPPgOenH2XvvnyDVQLNXh/UfrE8zB6icZ60n96hXQQMt9pw8jlDxuQ+t
JiPplzhjYYil9VSVsxABF5FacUQ/c0vbzwyBrnTR/tz+IbPT38q83TxbWcVrByRR
nQ1kDvzWvFaAvvMyagkZRLw7zAnPCQ6znJo/tTDeJJmChV0hF6jKea4VmNDHteIh
Lp5Hy8dCfkiO7wlAzWeE5QStoqg2LJPfhgELL9IUK4zdmrbddRcOT0SXj5k7AXYp
JOqiBh9N/ZBnJg==
-----END CERTIFICATE-----
Generated at Sat May 16 22:42:20 2026 by rpki-client