Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.mft
File: dOQ_nlrj9ur7UGiuiPGMKeRDWQc.mft (raw, json)
Hash identifier: 08Kgsdku2mnuF/y6iA7VQhdSJI24hLgw+mnOU/JrUqw=
Subject key identifier: 34:F7:BD:1B:DD:E8:29:B5:C4:10:61:70:85:8E:3B:86:2B:B2:22:EC
Authority key identifier: 74:E4:3F:9E:5A:E3:F6:EA:FB:50:68:AE:88:F1:8C:29:E4:43:59:07
Certificate issuer: /CN=74e43f9e5ae3f6eafb5068ae88f18c29e4435907
Certificate serial: 019EB80EBAF818F4B3C31E0EB4E350557BA6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.mft
Manifest number: 1954
Signing time: Thu 11 Jun 2026 19:00:33 +0000
Manifest this update: Thu 11 Jun 2026 19:00:33 +0000
Manifest next update: Fri 12 Jun 2026 19:00:33 +0000
Files and hashes: 1: T4BJnDBfE6AyBSAWAjPZ1GzLlMM.roa (hash: SXBhd3/vnyIoPB/kDRi62FVnMbysfno7J5T9Eftc8tY=)
2: dOQ_nlrj9ur7UGiuiPGMKeRDWQc.crl (hash: gimqh7o8PoTIFWSgrvu0MMdWRatOx+KeSed9bv61djY=)
3: tSpDrZGtdp0mH1aXKivR6nDrhuY.roa (hash: xkSEr+C7WhhCLocSo1zhSLhZi6gcFYi1jnV4sR3gnUE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.mft
rsync://rpki.ripe.net/repository/DEFAULT/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 19:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b8:0e:ba:f8:18:f4:b3:c3:1e:0e:b4:e3:50:55:7b:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74e43f9e5ae3f6eafb5068ae88f18c29e4435907
Validity
Not Before: Jun 11 19:00:33 2026 GMT
Not After : Jun 12 19:00:33 2026 GMT
Subject: CN=34f7bd1bdde829b5c4106170858e3b862bb222ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:85:25:a6:11:d5:4a:ee:ca:02:ec:a6:0e:a0:
ab:16:c6:e4:51:fb:3f:5a:46:ec:7e:33:4f:d0:81:
49:e7:0a:d0:42:60:f7:63:28:dc:61:64:1f:26:ea:
31:98:f6:37:be:67:c1:10:87:1d:b4:53:83:44:7c:
e7:06:5f:35:9a:88:34:3f:a4:b4:4f:32:4e:6d:22:
1c:90:4e:aa:e1:80:d9:48:a2:16:87:e4:20:18:55:
1d:95:fc:d2:a5:e6:51:21:ee:f0:98:71:9e:58:83:
1c:cc:4f:0e:b9:0d:a4:c3:76:2c:30:4e:d3:55:83:
a0:69:8c:72:ab:f9:d0:c4:5d:1c:e3:d4:99:83:94:
1a:3d:72:fd:89:f5:96:c3:a7:65:67:b6:2d:77:96:
68:ef:96:0a:80:d6:e2:9a:37:6b:04:20:6e:3c:19:
b7:c5:e0:07:f4:c6:6a:5f:00:57:b8:88:d2:8e:14:
c5:6f:6f:c6:d9:09:f9:24:d9:15:e5:47:ce:15:8d:
07:b8:70:c8:1c:5d:81:83:a1:21:4f:cc:55:72:79:
22:66:1a:d4:bc:68:b7:a2:b4:07:14:f4:7d:bc:36:
3a:cd:76:db:b2:ad:87:8a:82:94:f1:a4:33:6d:93:
bf:5e:35:62:ee:a4:83:7b:8b:d6:10:4d:df:36:48:
72:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:F7:BD:1B:DD:E8:29:B5:C4:10:61:70:85:8E:3B:86:2B:B2:22:EC
X509v3 Authority Key Identifier:
keyid:74:E4:3F:9E:5A:E3:F6:EA:FB:50:68:AE:88:F1:8C:29:E4:43:59:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
14:a2:8e:96:07:fa:48:7c:6a:03:b2:fe:d8:2f:0f:70:bd:19:
29:1e:e2:1a:45:9c:7a:f4:0d:c8:71:5e:19:93:06:ed:55:5d:
ff:5b:b1:e2:01:b9:b2:8a:de:17:3d:1c:12:dd:74:d3:6d:2c:
9c:8e:a2:ac:b6:bb:f9:2d:21:c3:65:f9:f9:33:74:0b:81:d7:
fc:98:48:a7:e0:d7:b1:29:1d:75:a5:86:67:e4:a0:e0:80:88:
19:c8:0f:59:58:1c:64:99:47:ac:a8:45:ba:04:85:1c:3e:1a:
bb:09:89:e5:3f:55:09:fc:86:5e:1e:37:41:37:3e:2a:93:6e:
5b:a2:2a:ca:00:af:9f:f8:97:98:e4:c0:a5:8d:af:3c:76:3f:
50:d0:af:df:7e:aa:98:87:df:0c:ab:e8:06:50:43:5c:1b:18:
ca:6c:c6:6f:01:38:db:24:00:64:11:f5:e5:17:da:e3:da:bb:
b5:81:2f:e5:fe:52:f8:b1:ca:35:f1:14:28:69:92:0b:8d:a4:
1c:73:ba:24:bf:46:a8:33:da:19:02:54:c1:e7:d3:9c:d4:63:
67:6b:37:0f:2a:80:ae:98:53:22:e9:68:d7:61:3b:2f:fb:cb:
33:88:60:3d:17:83:9c:dc:a4:2d:8b:7f:8d:1e:c4:3b:d2:c7:
d4:f7:b4:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ64Drr4GPSzwx4OtONQVXumMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZTQzZjllNWFlM2Y2ZWFmYjUwNjhhZTg4ZjE4YzI5ZTQ0
MzU5MDcwHhcNMjYwNjExMTkwMDMzWhcNMjYwNjEyMTkwMDMzWjAzMTEwLwYDVQQD
EygzNGY3YmQxYmRkZTgyOWI1YzQxMDYxNzA4NThlM2I4NjJiYjIyMmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIUlphHVSu7KAuymDqCrFsbkUfs/
WkbsfjNP0IFJ5wrQQmD3YyjcYWQfJuoxmPY3vmfBEIcdtFODRHznBl81mog0P6S0
TzJObSIckE6q4YDZSKIWh+QgGFUdlfzSpeZRIe7wmHGeWIMczE8OuQ2kw3YsME7T
VYOgaYxyq/nQxF0c49SZg5QaPXL9ifWWw6dlZ7Ytd5Zo75YKgNbimjdrBCBuPBm3
xeAH9MZqXwBXuIjSjhTFb2/G2Qn5JNkV5UfOFY0HuHDIHF2Bg6EhT8xVcnkiZhrU
vGi3orQHFPR9vDY6zXbbsq2HioKU8aQzbZO/XjVi7qSDe4vWEE3fNkhyMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDT3vRvd6Cm1xBBhcIWOO4YrsiLsMB8GA1UdIwQY
MBaAFHTkP55a4/bq+1BorojxjCnkQ1kHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE9RX25scmo5dXI3VUdpdWlQR01LZVJEV1FjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kYTMzYWUtMTZjYy00YzlhLWJmOWMt
NzE3OTk4YWEzY2ZmLzEvZE9RX25scmo5dXI3VUdpdWlQR01LZVJEV1FjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kYTMzYWUtMTZjYy00YzlhLWJmOWMtNzE3OTk4YWEzY2Zm
LzEvZE9RX25scmo5dXI3VUdpdWlQR01LZVJEV1FjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFKKOlgf6
SHxqA7L+2C8PcL0ZKR7iGkWcevQNyHFeGZMG7VVd/1ux4gG5soreFz0cEt10020s
nI6irLa7+S0hw2X5+TN0C4HX/JhIp+DXsSkddaWGZ+Sg4ICIGcgPWVgcZJlHrKhF
ugSFHD4auwmJ5T9VCfyGXh43QTc+KpNuW6IqygCvn/iXmOTApY2vPHY/UNCv336q
mIffDKvoBlBDXBsYymzGbwE42yQAZBH15Rfa49q7tYEv5f5S+LHKNfEUKGmSC42k
HHO6JL9GqDPaGQJUwefTnNRjZ2s3DyqArphTIulo12E7L/vLM4hgPReDnNykLYt/
jR7EO9LH1Pe05g==
-----END CERTIFICATE-----
Generated at Thu Jun 11 23:55:29 2026 by rpki-client