Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/317635-a90a-4704-9672-15f62c890af8/1/0LYdHx2czatrbY4UUMLJNtOX5nA.mft
File: 0LYdHx2czatrbY4UUMLJNtOX5nA.mft (raw, json)
Hash identifier: NkCbiJEWw4rU61GEUgHdvDE0abP0Tc9Mf3ev0Is/yA4=
Subject key identifier: CA:70:96:4E:98:39:9F:DA:F4:7C:FC:E0:91:A2:5F:4C:F7:CA:95:1A
Authority key identifier: D0:B6:1D:1F:1D:9C:CD:AB:6B:6D:8E:14:50:C2:C9:36:D3:97:E6:70
Certificate issuer: /CN=d0b61d1f1d9ccdab6b6d8e1450c2c936d397e670
Certificate serial: 019D375340AAB2782703B81FC50AD8A33CFE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0LYdHx2czatrbY4UUMLJNtOX5nA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/317635-a90a-4704-9672-15f62c890af8/1/0LYdHx2czatrbY4UUMLJNtOX5nA.mft
Manifest number: 057D
Signing time: Sun 29 Mar 2026 02:01:35 +0000
Manifest this update: Sun 29 Mar 2026 02:01:35 +0000
Manifest next update: Mon 30 Mar 2026 02:01:35 +0000
Files and hashes: 1: 0LYdHx2czatrbY4UUMLJNtOX5nA.crl (hash: kuHi2Rj+YKxyK+cg7ASifaIiiN2b7hAimi8xDE3E8qU=)
2: qNp8ahA7AQpar56QcdKxkJZKg7Y.roa (hash: N4ymgnHXQjJX3XM/o6TNcFhyTw/fE/l6XZfGmR2DY2I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/317635-a90a-4704-9672-15f62c890af8/1/0LYdHx2czatrbY4UUMLJNtOX5nA.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/317635-a90a-4704-9672-15f62c890af8/1/0LYdHx2czatrbY4UUMLJNtOX5nA.mft
rsync://rpki.ripe.net/repository/DEFAULT/0LYdHx2czatrbY4UUMLJNtOX5nA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 02:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:53:40:aa:b2:78:27:03:b8:1f:c5:0a:d8:a3:3c:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0b61d1f1d9ccdab6b6d8e1450c2c936d397e670
Validity
Not Before: Mar 29 02:01:35 2026 GMT
Not After : Mar 30 02:01:35 2026 GMT
Subject: CN=ca70964e98399fdaf47cfce091a25f4cf7ca951a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:be:ed:cb:a0:4e:5f:2d:14:51:dd:1d:61:57:
bb:52:23:d7:df:a1:bb:39:a9:b3:11:60:82:a0:79:
27:fa:4c:22:c8:c9:1f:d7:13:19:ff:79:ec:40:6f:
d2:89:cc:ae:ed:89:96:23:c5:39:68:f8:11:32:86:
f0:b1:e9:e2:b4:59:1b:26:1f:ca:f3:eb:18:c4:c8:
42:7a:52:cd:de:5f:15:80:a3:e0:f8:97:d2:4f:84:
a4:7b:8c:dd:a5:97:59:cd:1e:bb:8b:bf:5a:18:28:
97:9c:21:86:87:b2:55:6e:7b:3e:c1:9d:a7:8a:5a:
76:56:a2:03:35:e1:16:5e:84:1e:76:47:6b:9a:d3:
bb:9d:38:55:fa:aa:3a:a9:a4:eb:78:bb:c3:a3:3f:
70:4f:b4:8d:af:85:dd:e5:bb:b6:fd:4b:9a:85:cf:
83:f7:45:97:d1:2c:e7:91:bd:31:91:48:cf:13:13:
c6:4f:7c:6b:cb:d9:7f:2e:81:98:8c:f8:4c:51:6d:
db:68:82:97:c1:84:87:72:91:7f:ff:b2:b7:f2:ad:
79:7b:0d:42:8b:57:f1:c6:04:2f:55:37:20:9a:c1:
20:e1:71:f7:11:24:c7:dd:01:86:3c:59:f2:2d:2d:
a3:2e:28:23:34:c1:54:86:79:ab:b3:cb:67:ba:b4:
1d:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:70:96:4E:98:39:9F:DA:F4:7C:FC:E0:91:A2:5F:4C:F7:CA:95:1A
X509v3 Authority Key Identifier:
keyid:D0:B6:1D:1F:1D:9C:CD:AB:6B:6D:8E:14:50:C2:C9:36:D3:97:E6:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0LYdHx2czatrbY4UUMLJNtOX5nA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/317635-a90a-4704-9672-15f62c890af8/1/0LYdHx2czatrbY4UUMLJNtOX5nA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/317635-a90a-4704-9672-15f62c890af8/1/0LYdHx2czatrbY4UUMLJNtOX5nA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
30:07:4e:6b:f0:5c:60:5c:99:2c:56:03:5a:1b:03:57:b3:0c:
41:68:94:ea:57:2e:f7:09:56:99:f1:65:c1:ab:03:71:ad:4c:
f0:e3:6d:73:1a:a8:d3:26:b0:ae:c1:09:13:95:10:39:13:89:
4e:a1:c9:8e:a4:8d:1e:a3:8f:77:a0:b2:c0:3f:0d:03:fd:9e:
bf:e9:d7:ea:d4:64:7a:3b:72:35:bb:02:0b:14:32:f3:64:67:
50:ff:a5:e9:1f:1f:3d:ce:2a:8f:03:1e:0a:ef:56:a5:d9:c8:
7c:d8:14:5f:9a:c1:48:25:78:40:b7:3b:b6:c5:1b:73:85:7a:
e6:8e:d9:ee:e8:c9:83:91:14:bb:d7:28:3b:1e:96:b6:7c:2e:
9b:6f:c2:0d:9a:ae:80:e8:62:e1:f6:0a:7d:7a:32:80:4f:35:
69:b0:1a:3f:3d:35:aa:40:f1:60:dc:d5:76:0f:35:ea:2e:00:
0c:31:25:92:0f:81:61:73:75:7c:61:71:15:df:02:b1:81:47:
3e:e5:53:0b:b5:93:6a:77:36:c2:e3:db:45:a3:79:77:44:8b:
93:a5:7c:1e:76:f4:fe:44:65:e5:10:c8:68:7f:b4:29:b9:22:
8b:3a:ba:0c:ed:1e:c8:9c:6a:65:d3:3b:ed:67:f7:0f:8c:ad:
e3:d8:e5:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03U0CqsngnA7gfxQrYozz+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwYjYxZDFmMWQ5Y2NkYWI2YjZkOGUxNDUwYzJjOTM2ZDM5
N2U2NzAwHhcNMjYwMzI5MDIwMTM1WhcNMjYwMzMwMDIwMTM1WjAzMTEwLwYDVQQD
EyhjYTcwOTY0ZTk4Mzk5ZmRhZjQ3Y2ZjZTA5MWEyNWY0Y2Y3Y2E5NTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4b7ty6BOXy0UUd0dYVe7UiPX36G7
OamzEWCCoHkn+kwiyMkf1xMZ/3nsQG/Sicyu7YmWI8U5aPgRMobwsenitFkbJh/K
8+sYxMhCelLN3l8VgKPg+JfST4Ske4zdpZdZzR67i79aGCiXnCGGh7JVbns+wZ2n
ilp2VqIDNeEWXoQedkdrmtO7nThV+qo6qaTreLvDoz9wT7SNr4Xd5bu2/Uuahc+D
90WX0Sznkb0xkUjPExPGT3xry9l/LoGYjPhMUW3baIKXwYSHcpF//7K38q15ew1C
i1fxxgQvVTcgmsEg4XH3ESTH3QGGPFnyLS2jLigjNMFUhnmrs8tnurQdFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMpwlk6YOZ/a9Hz84JGiX0z3ypUaMB8GA1UdIwQY
MBaAFNC2HR8dnM2ra22OFFDCyTbTl+ZwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMExZZEh4MmN6YXRyYlk0VVVNTEpOdE9YNW5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8zMTc2MzUtYTkwYS00NzA0LTk2NzIt
MTVmNjJjODkwYWY4LzEvMExZZEh4MmN6YXRyYlk0VVVNTEpOdE9YNW5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8zMTc2MzUtYTkwYS00NzA0LTk2NzItMTVmNjJjODkwYWY4
LzEvMExZZEh4MmN6YXRyYlk0VVVNTEpOdE9YNW5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMAdOa/Bc
YFyZLFYDWhsDV7MMQWiU6lcu9wlWmfFlwasDca1M8ONtcxqo0yawrsEJE5UQOROJ
TqHJjqSNHqOPd6CywD8NA/2ev+nX6tRkejtyNbsCCxQy82RnUP+l6R8fPc4qjwMe
Cu9WpdnIfNgUX5rBSCV4QLc7tsUbc4V65o7Z7ujJg5EUu9coOx6Wtnwum2/CDZqu
gOhi4fYKfXoygE81abAaPz01qkDxYNzVdg816i4ADDElkg+BYXN1fGFxFd8CsYFH
PuVTC7WTanc2wuPbRaN5d0SLk6V8Hnb0/kRl5RDIaH+0Kbkiizq6DO0eyJxqZdM7
7Wf3D4yt49jlew==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:29:14 2026 by rpki-client