Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft
File: 0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft (raw, json)
Hash identifier: 4etKYuqVdVisY7+odRwWd0iHTUrwTy+++5UvDbcV1R0=
Subject key identifier: 53:91:E0:EE:42:A9:13:56:5B:C4:D3:1B:1B:43:C4:4C:CA:A9:3B:47
Authority key identifier: D2:48:18:59:56:E4:43:B5:5B:06:22:00:F9:64:53:7B:C1:0B:C1:30
Certificate issuer: /CN=d248185956e443b55b062200f964537bc10bc130
Certificate serial: 019D3AF80D1C11AEC590FC96C10CAC39B5E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft
Manifest number: 0500
Signing time: Sun 29 Mar 2026 19:00:27 +0000
Manifest this update: Sun 29 Mar 2026 19:00:27 +0000
Manifest next update: Mon 30 Mar 2026 19:00:27 +0000
Files and hashes: 1: 0kgYWVbkQ7VbBiIA-WRTe8ELwTA.crl (hash: rVl8cGlhYJnOpSDESoH15yvfy158PfvLimlGbl0h7jo=)
2: Xudz0hLe8s3SLmiPVONXMND3hRM.roa (hash: oORSmt43XgnSynXZgH2ISuQJ8Cm/DBrmnJwy75rrXHU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft
rsync://rpki.ripe.net/repository/DEFAULT/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 16:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3a:f8:0d:1c:11:ae:c5:90:fc:96:c1:0c:ac:39:b5:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d248185956e443b55b062200f964537bc10bc130
Validity
Not Before: Mar 29 19:00:27 2026 GMT
Not After : Mar 30 19:00:27 2026 GMT
Subject: CN=5391e0ee42a913565bc4d31b1b43c44ccaa93b47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:2b:43:61:92:99:fa:3b:71:30:31:cd:e2:67:
ce:51:8b:24:7f:2c:48:d4:ba:64:b3:0b:54:0c:83:
4d:59:ee:39:fa:e4:8d:62:7b:9a:72:db:77:39:86:
4f:17:e0:67:d8:ec:7e:fe:89:aa:a1:eb:60:20:c1:
05:2f:e0:cd:c0:9e:fd:04:89:66:ed:ac:bb:f9:95:
3d:9e:9a:40:3a:1b:30:30:d9:73:70:ec:7e:e1:b9:
28:f9:82:d5:cf:a2:dd:82:12:72:17:b9:88:ad:b4:
c2:c1:93:97:1a:a2:8a:1a:e6:c3:34:22:e3:eb:25:
ca:5d:74:b1:f8:aa:ad:04:8a:50:7f:2e:de:b7:fa:
17:c0:12:9b:07:72:a8:4f:1c:90:ba:d8:ea:88:7b:
9c:2e:a0:f9:d7:cd:05:70:4c:3f:3f:0f:b9:a0:88:
37:be:6d:87:58:63:43:86:6f:14:7d:a2:e9:75:dc:
72:ce:ee:64:a8:e1:2a:b7:31:66:ab:a4:3b:89:32:
09:6c:a6:bc:f7:a1:41:83:a2:30:5c:6a:a9:0d:63:
49:c1:70:a9:8b:49:83:6b:a9:be:a2:fb:7c:2b:13:
8f:2a:1f:40:00:76:05:48:1f:2b:1c:d6:73:83:f3:
02:2d:e8:c5:a4:74:c7:e4:70:ad:da:9c:06:f7:1c:
fc:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:91:E0:EE:42:A9:13:56:5B:C4:D3:1B:1B:43:C4:4C:CA:A9:3B:47
X509v3 Authority Key Identifier:
keyid:D2:48:18:59:56:E4:43:B5:5B:06:22:00:F9:64:53:7B:C1:0B:C1:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
28:78:f2:66:17:e4:8f:15:56:00:fe:64:f2:c4:e0:17:c7:e2:
02:b7:13:03:c6:16:cf:fc:14:86:94:1a:a4:35:89:bf:98:28:
81:19:de:02:a3:e1:81:ec:f0:23:66:df:9b:aa:a3:9e:17:84:
ff:e7:e4:f2:cc:8f:f2:6b:e2:19:81:aa:98:aa:ba:8e:52:34:
8a:ec:2c:ce:a9:5a:5c:19:e6:ec:a2:3b:bc:65:d0:c3:0d:92:
22:39:08:79:1b:d9:fd:fb:32:24:8c:9f:f9:06:a5:ab:6e:77:
4d:a1:d5:11:3c:87:5b:23:bf:d2:38:36:63:99:b3:3c:d8:87:
39:cd:0f:c4:e2:68:3d:b9:ca:6d:79:44:95:57:06:c5:e2:ab:
d7:e3:62:dd:58:ef:33:59:70:57:55:90:4b:fa:5a:52:58:4f:
22:23:c8:c4:1e:89:a7:98:23:37:66:e8:cd:0e:6e:48:40:f4:
16:75:39:c4:96:9b:33:a2:7a:64:97:b9:bb:2c:12:b4:4d:ed:
a4:bc:09:0f:3a:55:2c:9d:2f:69:0e:64:6a:47:9f:62:56:6b:
59:d3:c6:d3:ff:c3:83:63:9d:ad:ad:5d:49:88:36:77:77:7c:
a8:41:5c:33:8d:1c:64:4c:da:41:34:a5:98:3d:29:c2:15:07:
46:f1:9d:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06+A0cEa7FkPyWwQysObXmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNDgxODU5NTZlNDQzYjU1YjA2MjIwMGY5NjQ1MzdiYzEw
YmMxMzAwHhcNMjYwMzI5MTkwMDI3WhcNMjYwMzMwMTkwMDI3WjAzMTEwLwYDVQQD
Eyg1MzkxZTBlZTQyYTkxMzU2NWJjNGQzMWIxYjQzYzQ0Y2NhYTkzYjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwytDYZKZ+jtxMDHN4mfOUYskfyxI
1LpkswtUDINNWe45+uSNYnuactt3OYZPF+Bn2Ox+/omqoetgIMEFL+DNwJ79BIlm
7ay7+ZU9nppAOhswMNlzcOx+4bko+YLVz6LdghJyF7mIrbTCwZOXGqKKGubDNCLj
6yXKXXSx+KqtBIpQfy7et/oXwBKbB3KoTxyQutjqiHucLqD5180FcEw/Pw+5oIg3
vm2HWGNDhm8UfaLpddxyzu5kqOEqtzFmq6Q7iTIJbKa896FBg6IwXGqpDWNJwXCp
i0mDa6m+ovt8KxOPKh9AAHYFSB8rHNZzg/MCLejFpHTH5HCt2pwG9xz8rQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFOR4O5CqRNWW8TTGxtDxEzKqTtHMB8GA1UdIwQY
MBaAFNJIGFlW5EO1WwYiAPlkU3vBC8EwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGtnWVdWYmtRN1ZiQmlJQS1XUlRlOEVMd1RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZTg3NWEtMDU3Ni00YTE1LWJlMjMt
YWVhMDU0Y2Y0M2JiLzEvMGtnWVdWYmtRN1ZiQmlJQS1XUlRlOEVMd1RBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZTg3NWEtMDU3Ni00YTE1LWJlMjMtYWVhMDU0Y2Y0M2Ji
LzEvMGtnWVdWYmtRN1ZiQmlJQS1XUlRlOEVMd1RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKHjyZhfk
jxVWAP5k8sTgF8fiArcTA8YWz/wUhpQapDWJv5gogRneAqPhgezwI2bfm6qjnheE
/+fk8syP8mviGYGqmKq6jlI0iuwszqlaXBnm7KI7vGXQww2SIjkIeRvZ/fsyJIyf
+Qalq253TaHVETyHWyO/0jg2Y5mzPNiHOc0PxOJoPbnKbXlElVcGxeKr1+Ni3Vjv
M1lwV1WQS/paUlhPIiPIxB6Jp5gjN2bozQ5uSED0FnU5xJabM6J6ZJe5uywStE3t
pLwJDzpVLJ0vaQ5kakefYlZrWdPG0//Dg2Odra1dSYg2d3d8qEFcM40cZEzaQTSl
mD0pwhUHRvGdBg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 20:25:42 2026 by rpki-client