Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
File: ao33d2sW0oLgTGluJYqk-fnOnJg.mft (raw, json)
Hash identifier: QRtXuDDkQq5qn89Trp2453jVQ8oTU2BXPMO7TEuYgOU=
Subject key identifier: 8E:02:AB:52:16:3A:C0:F2:09:E3:F2:66:47:25:F9:42:C9:A4:75:FE
Authority key identifier: 6A:8D:F7:77:6B:16:D2:82:E0:4C:69:6E:25:8A:A4:F9:F9:CE:9C:98
Certificate issuer: /CN=6a8df7776b16d282e04c696e258aa4f9f9ce9c98
Certificate serial: 019D39AEA69CEAFA853E7EC79EE53DBA4156
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
Manifest number: 0C81
Signing time: Sun 29 Mar 2026 13:00:40 +0000
Manifest this update: Sun 29 Mar 2026 13:00:40 +0000
Manifest next update: Mon 30 Mar 2026 13:00:40 +0000
Files and hashes: 1: GmFXXmDlxbUAsewZb2XP6yyDi4w.roa (hash: t86pSAuRTeL1p9o68CyCCsghXoQGwpFAgB1l7sjE7zs=)
2: ao33d2sW0oLgTGluJYqk-fnOnJg.crl (hash: 89HJ6BgrwKFixUlK8KG0RicUjmS9LrqwxJDY98ebQcQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 08:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:ae:a6:9c:ea:fa:85:3e:7e:c7:9e:e5:3d:ba:41:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a8df7776b16d282e04c696e258aa4f9f9ce9c98
Validity
Not Before: Mar 29 13:00:40 2026 GMT
Not After : Mar 30 13:00:40 2026 GMT
Subject: CN=8e02ab52163ac0f209e3f2664725f942c9a475fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:62:28:be:90:4e:68:89:6b:e3:7d:5c:cd:90:
7b:54:4d:0f:27:81:d6:a9:05:4d:6b:79:37:fa:90:
3e:22:37:e2:66:3a:38:d6:cf:91:7d:a5:f8:b2:c7:
0a:e8:df:6d:de:70:37:27:17:c0:97:40:7c:e5:1a:
70:5f:26:bd:31:88:e0:60:53:da:6e:02:53:c6:c5:
29:1f:38:88:51:76:af:78:b2:ed:fe:d7:11:5c:ea:
35:77:7d:c4:0d:33:74:d8:14:e3:ab:a6:d7:18:8f:
ec:38:94:ab:4f:01:f5:f2:11:c9:68:04:c1:6d:2c:
be:fe:3a:d7:fb:13:88:a8:00:5d:5a:1e:20:73:8d:
20:20:72:e7:bb:63:27:80:35:2c:cd:ae:c5:7e:2a:
6f:94:fe:86:c8:4d:22:50:3c:c9:f4:26:e1:f2:29:
9b:29:7c:05:40:b8:9b:b2:7e:8e:ab:ed:62:1b:da:
0d:1a:c2:96:c0:e5:dd:36:50:ae:0b:af:c6:ea:de:
6c:df:bb:ac:06:33:31:ec:a5:dc:5e:14:32:a7:3a:
0f:41:6b:17:bf:e9:7d:09:0d:d1:10:d9:29:4a:8d:
c9:e4:99:4e:0f:4f:0c:36:63:f5:55:9f:b0:20:28:
2b:66:1a:b1:e0:e3:f7:30:e6:d5:a7:c2:63:f6:f4:
38:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:02:AB:52:16:3A:C0:F2:09:E3:F2:66:47:25:F9:42:C9:A4:75:FE
X509v3 Authority Key Identifier:
keyid:6A:8D:F7:77:6B:16:D2:82:E0:4C:69:6E:25:8A:A4:F9:F9:CE:9C:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
56:8b:19:f6:c7:af:78:92:d2:2a:40:04:45:04:07:09:a2:39:
50:8a:f9:5b:92:c3:7f:b0:8f:59:74:1a:90:f0:89:e8:dd:dd:
72:89:2e:e3:f0:3a:bd:3b:f6:51:f0:a2:dc:c0:85:33:7a:19:
7a:af:ad:be:d5:3c:f7:57:94:18:23:be:c2:b4:b0:21:be:d7:
3c:f4:ff:a2:ae:d1:03:64:2b:9b:eb:b8:be:39:bc:aa:f8:e8:
50:83:00:21:23:62:14:0b:8c:15:89:66:bb:0e:38:38:62:ce:
d6:69:28:04:43:53:f0:16:6c:10:3a:ac:70:a1:da:9e:6e:db:
04:c3:c2:9c:a4:79:16:3f:92:44:e9:91:5d:db:ce:f1:95:92:
5a:2a:5d:32:a6:03:4e:5c:a8:0a:5b:3a:36:12:f6:28:47:ec:
2f:57:dc:64:7a:4c:75:21:48:f7:5c:d2:29:60:d1:1d:82:2b:
2c:5d:77:42:de:6c:96:18:a1:9c:6a:07:4d:57:a7:40:62:08:
2f:74:39:13:ac:ac:f9:3d:15:81:b7:31:3a:99:5a:21:01:f0:
2e:2f:e3:99:c1:2f:2b:bf:66:d3:40:08:3b:bd:d5:31:35:18:
09:5e:fc:9c:fb:92:28:14:89:c7:1c:a3:0d:b6:af:b1:20:67:
3d:2d:15:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rqac6vqFPn7HnuU9ukFWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhOGRmNzc3NmIxNmQyODJlMDRjNjk2ZTI1OGFhNGY5Zjlj
ZTljOTgwHhcNMjYwMzI5MTMwMDQwWhcNMjYwMzMwMTMwMDQwWjAzMTEwLwYDVQQD
Eyg4ZTAyYWI1MjE2M2FjMGYyMDllM2YyNjY0NzI1Zjk0MmM5YTQ3NWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymIovpBOaIlr431czZB7VE0PJ4HW
qQVNa3k3+pA+IjfiZjo41s+RfaX4sscK6N9t3nA3JxfAl0B85RpwXya9MYjgYFPa
bgJTxsUpHziIUXaveLLt/tcRXOo1d33EDTN02BTjq6bXGI/sOJSrTwH18hHJaATB
bSy+/jrX+xOIqABdWh4gc40gIHLnu2MngDUsza7FfipvlP6GyE0iUDzJ9Cbh8imb
KXwFQLibsn6Oq+1iG9oNGsKWwOXdNlCuC6/G6t5s37usBjMx7KXcXhQypzoPQWsX
v+l9CQ3RENkpSo3J5JlOD08MNmP1VZ+wICgrZhqx4OP3MObVp8Jj9vQ4CwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI4Cq1IWOsDyCePyZkcl+ULJpHX+MB8GA1UdIwQY
MBaAFGqN93drFtKC4ExpbiWKpPn5zpyYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kMzAxY2QtZjUxMy00OTk1LTlkNTUt
MWIzOGIwMjI0NWMxLzEvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kMzAxY2QtZjUxMy00OTk1LTlkNTUtMWIzOGIwMjI0NWMx
LzEvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVosZ9sev
eJLSKkAERQQHCaI5UIr5W5LDf7CPWXQakPCJ6N3dcoku4/A6vTv2UfCi3MCFM3oZ
eq+tvtU891eUGCO+wrSwIb7XPPT/oq7RA2Qrm+u4vjm8qvjoUIMAISNiFAuMFYlm
uw44OGLO1mkoBENT8BZsEDqscKHanm7bBMPCnKR5Fj+SROmRXdvO8ZWSWipdMqYD
TlyoCls6NhL2KEfsL1fcZHpMdSFI91zSKWDRHYIrLF13Qt5slhihnGoHTVenQGII
L3Q5E6ys+T0VgbcxOplaIQHwLi/jmcEvK79m00AIO73VMTUYCV78nPuSKBSJxxyj
DbavsSBnPS0Vzw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 18:38:11 2026 by rpki-client