Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.mft
File: DT66aHPFtQdbPEOff-61SvHxDak.mft (raw, json)
Hash identifier: hRulMPJEj4dgdTafjnCNNFJz951KmT1Ojc3YLYYO8qs=
Subject key identifier: 4B:E2:DD:90:07:2E:A0:99:91:46:9C:B1:D7:FC:B6:FD:79:2D:02:1D
Authority key identifier: 0D:3E:BA:68:73:C5:B5:07:5B:3C:43:9F:7F:EE:B5:4A:F1:F1:0D:A9
Certificate issuer: /CN=0d3eba6873c5b5075b3c439f7feeb54af1f10da9
Certificate serial: 019D371B76B01A1A9C1C3FEB593D4816417E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DT66aHPFtQdbPEOff-61SvHxDak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.mft
Manifest number: 1896
Signing time: Sun 29 Mar 2026 01:00:39 +0000
Manifest this update: Sun 29 Mar 2026 01:00:39 +0000
Manifest next update: Mon 30 Mar 2026 01:00:39 +0000
Files and hashes: 1: DT66aHPFtQdbPEOff-61SvHxDak.crl (hash: ROBEYTfxWQoVOe15Z9YKT3PWb1lp+SOBNp8dsI1eRmg=)
2: UHX8LoJItxLXbSSkLElmcrzzhts.roa (hash: j+K6pcnA4SNCVnoj07hqtnhu76mvNIjpIA6tG3zdI5o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.mft
rsync://rpki.ripe.net/repository/DEFAULT/DT66aHPFtQdbPEOff-61SvHxDak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 01:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:1b:76:b0:1a:1a:9c:1c:3f:eb:59:3d:48:16:41:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d3eba6873c5b5075b3c439f7feeb54af1f10da9
Validity
Not Before: Mar 29 01:00:39 2026 GMT
Not After : Mar 30 01:00:39 2026 GMT
Subject: CN=4be2dd90072ea09991469cb1d7fcb6fd792d021d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c6:d9:e1:cb:2b:3c:78:ae:3d:1a:4c:a3:13:
d0:7b:97:d8:68:1d:1d:72:ba:6c:ac:0a:ef:10:f1:
06:d2:ed:a4:5c:cf:1a:41:54:66:3e:dc:f9:47:39:
65:45:fb:cb:d8:1d:8e:5b:2a:77:e6:f0:f4:50:7b:
43:a6:86:5a:97:9b:39:3f:ef:ef:c8:9f:22:68:a5:
7c:af:5f:64:48:80:9d:24:01:70:5e:57:7a:31:cb:
c3:3a:0d:db:16:e2:56:a8:80:7e:17:95:77:05:19:
b5:e8:61:19:d2:5c:92:f4:b3:32:dd:28:44:9b:3e:
43:4a:8c:1a:eb:2b:c9:77:26:c0:84:f8:27:bd:b7:
e7:92:71:25:6d:98:d0:24:27:3c:23:2d:62:6a:12:
df:0f:78:0d:60:64:46:3b:73:1b:57:eb:4b:cd:7f:
fb:72:26:39:4f:79:70:8c:1d:e3:69:10:65:96:79:
c0:27:5d:5b:6d:66:83:6c:58:04:64:5d:08:2a:69:
cf:ac:8c:fd:e9:8f:c7:de:b0:9b:f1:81:21:54:52:
71:31:a1:c6:dd:93:85:e6:76:4c:12:2c:f5:77:a9:
18:b2:d1:59:2c:4d:f4:61:f4:ea:52:de:e8:57:a8:
65:87:67:c3:54:33:e0:09:24:13:ef:f5:68:3b:f1:
93:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:E2:DD:90:07:2E:A0:99:91:46:9C:B1:D7:FC:B6:FD:79:2D:02:1D
X509v3 Authority Key Identifier:
keyid:0D:3E:BA:68:73:C5:B5:07:5B:3C:43:9F:7F:EE:B5:4A:F1:F1:0D:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DT66aHPFtQdbPEOff-61SvHxDak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9d:36:7e:20:f1:e6:3e:ba:fd:28:de:16:fa:c1:a4:5b:b3:09:
73:51:dc:1f:63:5f:00:c9:5e:17:a5:56:56:56:aa:4a:2c:bc:
3f:dd:cb:76:e3:ba:27:96:a0:e1:79:e4:2c:a6:1e:41:41:a4:
3a:64:2c:4c:79:bb:17:08:38:6d:3d:65:fc:11:cd:95:e2:6e:
fc:1e:0f:31:c1:05:49:4d:37:29:56:ec:8f:49:2c:cf:9d:36:
f1:de:87:9d:04:e2:04:37:99:97:b7:85:78:58:dd:4b:08:26:
9a:8a:e1:c4:83:77:df:fd:64:1f:60:bd:4b:f9:8a:c7:ad:53:
e7:4a:fc:ae:6a:93:0b:c7:f7:d6:f3:b2:cc:3d:40:9e:ad:b5:
72:f3:8e:f1:89:db:25:47:68:b1:cc:da:aa:a3:ed:ff:d6:06:
29:fd:f7:59:b6:e2:db:c1:0d:6b:47:02:6e:38:30:1d:5b:e6:
4f:f6:05:5d:b9:7a:b9:27:09:4d:a8:a3:57:27:5f:19:d4:f8:
ae:0d:8b:53:28:e2:b5:0e:e1:1a:5e:1c:65:65:ca:e2:3d:95:
79:1f:24:a2:7b:ac:90:1a:3e:87:a8:60:42:9b:7f:1d:cb:e0:
b2:75:c6:4b:4b:cc:b3:82:48:fc:1e:6c:fc:b7:92:d0:0b:3d:
20:97:b2:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03G3awGhqcHD/rWT1IFkF+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkM2ViYTY4NzNjNWI1MDc1YjNjNDM5ZjdmZWViNTRhZjFm
MTBkYTkwHhcNMjYwMzI5MDEwMDM5WhcNMjYwMzMwMDEwMDM5WjAzMTEwLwYDVQQD
Eyg0YmUyZGQ5MDA3MmVhMDk5OTE0NjljYjFkN2ZjYjZmZDc5MmQwMjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcbZ4csrPHiuPRpMoxPQe5fYaB0d
crpsrArvEPEG0u2kXM8aQVRmPtz5RzllRfvL2B2OWyp35vD0UHtDpoZal5s5P+/v
yJ8iaKV8r19kSICdJAFwXld6McvDOg3bFuJWqIB+F5V3BRm16GEZ0lyS9LMy3ShE
mz5DSowa6yvJdybAhPgnvbfnknElbZjQJCc8Iy1iahLfD3gNYGRGO3MbV+tLzX/7
ciY5T3lwjB3jaRBllnnAJ11bbWaDbFgEZF0IKmnPrIz96Y/H3rCb8YEhVFJxMaHG
3ZOF5nZMEiz1d6kYstFZLE30YfTqUt7oV6hlh2fDVDPgCSQT7/VoO/GT6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEvi3ZAHLqCZkUacsdf8tv15LQIdMB8GA1UdIwQY
MBaAFA0+umhzxbUHWzxDn3/utUrx8Q2pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFQ2NmFIUEZ0UWRiUEVPZmYtNjFTdkh4RGFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8zMzgzZjEtMDQyOC00NjRiLWJkMWUt
Mjc5OThiZjE3NDY1LzEvRFQ2NmFIUEZ0UWRiUEVPZmYtNjFTdkh4RGFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8zMzgzZjEtMDQyOC00NjRiLWJkMWUtMjc5OThiZjE3NDY1
LzEvRFQ2NmFIUEZ0UWRiUEVPZmYtNjFTdkh4RGFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnTZ+IPHm
Prr9KN4W+sGkW7MJc1HcH2NfAMleF6VWVlaqSiy8P93LduO6J5ag4XnkLKYeQUGk
OmQsTHm7Fwg4bT1l/BHNleJu/B4PMcEFSU03KVbsj0ksz5028d6HnQTiBDeZl7eF
eFjdSwgmmorhxIN33/1kH2C9S/mKx61T50r8rmqTC8f31vOyzD1Anq21cvOO8Ynb
JUdosczaqqPt/9YGKf33Wbbi28ENa0cCbjgwHVvmT/YFXbl6uScJTaijVydfGdT4
rg2LUyjitQ7hGl4cZWXK4j2VeR8konuskBo+h6hgQpt/HcvgsnXGS0vMs4JI/B5s
/LeS0As9IJeybA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:14:18 2026 by rpki-client