Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.mft
File: 0AL76fCkE2A-3vtzOlMfLiwOnAY.mft (raw, json)
Hash identifier: +Gdo8Rua0oAd1a0Hegof5oxXig3ELH82BC6NW0gu5U8=
Subject key identifier: FF:B2:97:80:96:56:C8:0D:2E:31:32:00:00:7C:3C:11:74:DB:11:27
Authority key identifier: D0:02:FB:E9:F0:A4:13:60:3E:DE:FB:73:3A:53:1F:2E:2C:0E:9C:06
Certificate issuer: /CN=d002fbe9f0a413603edefb733a531f2e2c0e9c06
Certificate serial: 019D37898409089603B85861CB5633CE1466
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0AL76fCkE2A-3vtzOlMfLiwOnAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.mft
Manifest number: 188E
Signing time: Sun 29 Mar 2026 03:00:52 +0000
Manifest this update: Sun 29 Mar 2026 03:00:52 +0000
Manifest next update: Mon 30 Mar 2026 03:00:52 +0000
Files and hashes: 1: 0AL76fCkE2A-3vtzOlMfLiwOnAY.crl (hash: fQcmIgSR7oyj79x21Au8OHpuHZRju8k+aQu/BmCD/uY=)
2: dsXROTd2qvJarDLFNerpFXp5tvM.roa (hash: g4jlzZr8kyp6l2Rwmj8PdLtnag5RCNjP07Ftz4rMi7Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.mft
rsync://rpki.ripe.net/repository/DEFAULT/0AL76fCkE2A-3vtzOlMfLiwOnAY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 03:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:89:84:09:08:96:03:b8:58:61:cb:56:33:ce:14:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d002fbe9f0a413603edefb733a531f2e2c0e9c06
Validity
Not Before: Mar 29 03:00:52 2026 GMT
Not After : Mar 30 03:00:52 2026 GMT
Subject: CN=ffb297809656c80d2e313200007c3c1174db1127
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:c0:73:f1:e3:de:52:ca:0a:5e:12:72:ad:b2:
da:4e:02:40:5d:51:4c:3f:68:a8:74:80:38:17:78:
f6:21:89:56:af:a9:b7:be:54:b8:bd:61:eb:9c:43:
6b:9a:86:75:4f:5d:dd:a3:fc:a4:ce:51:9d:f1:73:
3a:17:7a:16:df:33:c2:cd:66:f1:19:ec:01:ae:28:
f4:4c:a8:b3:07:eb:44:70:31:06:f9:96:f2:d5:e3:
1e:7a:c9:dd:66:d5:7c:55:4a:cf:d7:13:4a:ef:92:
79:57:31:29:df:0c:d4:6e:0b:9b:1f:bd:4d:4e:69:
d7:c1:70:9d:44:f3:8c:9c:7a:22:84:5c:31:2b:0f:
08:a5:19:e2:0f:ac:e9:62:98:c5:94:bf:ff:81:4f:
b9:3d:ce:51:ee:64:ef:5c:4a:9b:bb:b2:0a:fa:9b:
86:1b:fe:fc:f4:a0:87:40:7d:9d:26:4b:3d:94:5f:
f1:24:a9:ad:34:87:5f:96:31:95:4f:27:56:d0:2b:
40:10:a1:4a:96:af:a1:7c:dc:be:af:17:50:29:b3:
a5:eb:37:ad:29:4f:a3:75:8a:25:50:f7:76:35:c6:
50:bd:b6:36:05:35:5b:69:9c:51:c3:be:6b:c8:19:
74:3a:06:f2:6d:93:8a:bf:6b:c2:b0:b3:ee:27:85:
ac:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:B2:97:80:96:56:C8:0D:2E:31:32:00:00:7C:3C:11:74:DB:11:27
X509v3 Authority Key Identifier:
keyid:D0:02:FB:E9:F0:A4:13:60:3E:DE:FB:73:3A:53:1F:2E:2C:0E:9C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0AL76fCkE2A-3vtzOlMfLiwOnAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
55:b7:2c:c0:22:8f:1c:21:b8:42:b0:8e:0e:30:d0:3d:d2:90:
81:ea:83:93:62:b0:5d:6b:3a:1f:56:6e:43:09:da:c3:2e:ea:
4b:8e:69:b2:1c:68:c0:19:95:d8:ec:be:ad:0d:dd:0e:8d:e0:
36:a6:c3:27:3e:b5:60:5b:ea:11:7c:f1:e3:08:b7:d8:ca:54:
9e:9f:04:e4:15:29:8b:00:a4:07:ef:2e:98:f4:4e:05:b4:2e:
ea:ce:b3:cf:b1:93:1e:c0:15:a7:db:9e:ec:13:e0:66:23:23:
5d:78:8b:f7:06:fc:0c:c6:44:ec:e9:01:89:4b:c8:ce:6e:70:
cd:9f:58:53:27:6c:b9:b0:13:5f:6b:48:a2:e1:04:07:d4:a5:
1a:fd:1a:d0:a6:88:c7:19:aa:7b:d4:13:90:37:41:b5:ca:48:
53:64:81:1d:10:e0:47:8c:94:be:df:8f:f4:e9:50:d3:8b:5d:
04:6e:60:8b:45:e7:06:36:16:cd:71:ce:8e:60:1f:54:d7:f0:
bb:d8:bb:c6:87:89:9b:0c:d5:a5:2b:1a:78:b6:64:62:d1:fc:
58:ed:f6:41:a7:d1:14:61:d4:22:d7:d0:89:0b:3a:45:2c:30:
6e:b9:0d:3a:c1:1c:7a:b2:45:5f:d6:d8:7b:c3:43:98:5d:aa:
fa:b0:ca:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iYQJCJYDuFhhy1YzzhRmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMDJmYmU5ZjBhNDEzNjAzZWRlZmI3MzNhNTMxZjJlMmMw
ZTljMDYwHhcNMjYwMzI5MDMwMDUyWhcNMjYwMzMwMDMwMDUyWjAzMTEwLwYDVQQD
EyhmZmIyOTc4MDk2NTZjODBkMmUzMTMyMDAwMDdjM2MxMTc0ZGIxMTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3cBz8ePeUsoKXhJyrbLaTgJAXVFM
P2iodIA4F3j2IYlWr6m3vlS4vWHrnENrmoZ1T13do/ykzlGd8XM6F3oW3zPCzWbx
GewBrij0TKizB+tEcDEG+Zby1eMeesndZtV8VUrP1xNK75J5VzEp3wzUbgubH71N
TmnXwXCdRPOMnHoihFwxKw8IpRniD6zpYpjFlL//gU+5Pc5R7mTvXEqbu7IK+puG
G/789KCHQH2dJks9lF/xJKmtNIdfljGVTydW0CtAEKFKlq+hfNy+rxdQKbOl6zet
KU+jdYolUPd2NcZQvbY2BTVbaZxRw75ryBl0OgbybZOKv2vCsLPuJ4WslwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP+yl4CWVsgNLjEyAAB8PBF02xEnMB8GA1UdIwQY
MBaAFNAC++nwpBNgPt77czpTHy4sDpwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFMNzZmQ2tFMkEtM3Z0ek9sTWZMaXdPbkFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS85YmFmYjEtMGM0Mi00MjViLWFhMjkt
MTljMDQ1YzZhMTRmLzEvMEFMNzZmQ2tFMkEtM3Z0ek9sTWZMaXdPbkFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS85YmFmYjEtMGM0Mi00MjViLWFhMjktMTljMDQ1YzZhMTRm
LzEvMEFMNzZmQ2tFMkEtM3Z0ek9sTWZMaXdPbkFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVbcswCKP
HCG4QrCODjDQPdKQgeqDk2KwXWs6H1ZuQwnawy7qS45pshxowBmV2Oy+rQ3dDo3g
NqbDJz61YFvqEXzx4wi32MpUnp8E5BUpiwCkB+8umPROBbQu6s6zz7GTHsAVp9ue
7BPgZiMjXXiL9wb8DMZE7OkBiUvIzm5wzZ9YUydsubATX2tIouEEB9SlGv0a0KaI
xxmqe9QTkDdBtcpIU2SBHRDgR4yUvt+P9OlQ04tdBG5gi0XnBjYWzXHOjmAfVNfw
u9i7xoeJmwzVpSsaeLZkYtH8WO32QafRFGHUItfQiQs6RSwwbrkNOsEcerJFX9bY
e8NDmF2q+rDKNg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:14:21 2026 by rpki-client