Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/s90R00a2O7HrIqB8JswSkaKgaJU.mft
File: s90R00a2O7HrIqB8JswSkaKgaJU.mft (raw, json)
Hash identifier: IXEsjhOarzEiUi6dXtZwiN78/fmgAdy28FV0AmBw/8o=
Subject key identifier: 6C:13:E2:8F:23:93:E3:F3:DC:38:20:6D:7E:63:6A:D5:D6:FC:0B:DF
Authority key identifier: B3:DD:11:D3:46:B6:3B:B1:EB:22:A0:7C:26:CC:12:91:A2:A0:68:95
Certificate issuer: /CN=b3dd11d346b63bb1eb22a07c26cc1291a2a06895
Certificate serial: 019D38D3B581CC964AD80C4EE21191C3D876
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s90R00a2O7HrIqB8JswSkaKgaJU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/s90R00a2O7HrIqB8JswSkaKgaJU.mft
Manifest number: 109B
Signing time: Sun 29 Mar 2026 09:01:31 +0000
Manifest this update: Sun 29 Mar 2026 09:01:31 +0000
Manifest next update: Mon 30 Mar 2026 09:01:31 +0000
Files and hashes: 1: 5ota0RfhjZz2hNNE6eZISPQx9aY.roa (hash: 2LChLKKq1XMWPsCrL3MehZ/KDhh1BEtuZKbswEOScV8=)
2: W1I4zwk5u62kEWKU3w3ttcGBy2k.roa (hash: m2lBjL0FDEr7OnguUKCR+j/T0K4u4HNIAXm6k1LnPZo=)
3: s90R00a2O7HrIqB8JswSkaKgaJU.crl (hash: sPdyD48EEvt19BRP6xirn8UFin1z/D8gwYIBi66dnAk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/s90R00a2O7HrIqB8JswSkaKgaJU.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/s90R00a2O7HrIqB8JswSkaKgaJU.mft
rsync://rpki.ripe.net/repository/DEFAULT/s90R00a2O7HrIqB8JswSkaKgaJU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:b5:81:cc:96:4a:d8:0c:4e:e2:11:91:c3:d8:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3dd11d346b63bb1eb22a07c26cc1291a2a06895
Validity
Not Before: Mar 29 09:01:31 2026 GMT
Not After : Mar 30 09:01:31 2026 GMT
Subject: CN=6c13e28f2393e3f3dc38206d7e636ad5d6fc0bdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:27:e2:b6:7a:8d:8f:82:a4:5c:5e:af:cc:2a:
c2:b7:8d:7e:5a:6c:eb:6e:7b:a9:ff:f0:f3:da:59:
e0:f6:3e:a6:56:0b:42:8a:ef:4f:02:90:32:d7:03:
3b:93:c9:17:d8:b1:c1:3b:d9:93:08:16:a1:cf:a6:
42:e4:e2:fc:c3:4a:0e:4c:3d:e2:15:6b:08:90:6c:
7a:e6:9d:ee:49:48:de:3a:3c:ca:65:15:2c:84:e4:
d1:b8:1c:62:d0:bd:e1:c5:84:24:65:5c:22:d1:ad:
d3:44:0f:f0:c4:46:9d:75:48:49:36:61:be:e0:3b:
12:c8:79:c0:a2:8f:be:42:e1:e9:a7:30:62:43:71:
fe:b0:6f:d8:c8:6e:ac:a2:94:96:8b:6f:04:f0:a7:
80:69:1c:af:a9:6b:c4:41:17:4a:4f:19:54:65:58:
d9:11:87:03:37:97:92:1e:ef:08:aa:c9:8b:3e:34:
fa:ce:0a:f8:90:db:9b:90:96:dc:44:03:5a:78:dc:
0e:44:cf:c2:3d:dd:28:a5:34:85:f8:b9:3c:55:cf:
85:03:92:ac:74:40:d5:75:32:57:c5:f4:4f:55:f0:
91:08:f6:8c:50:62:98:54:45:4c:44:1c:03:e7:b2:
e1:93:db:36:58:64:d7:c2:48:d8:01:5d:02:d9:0d:
06:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:13:E2:8F:23:93:E3:F3:DC:38:20:6D:7E:63:6A:D5:D6:FC:0B:DF
X509v3 Authority Key Identifier:
keyid:B3:DD:11:D3:46:B6:3B:B1:EB:22:A0:7C:26:CC:12:91:A2:A0:68:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s90R00a2O7HrIqB8JswSkaKgaJU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/s90R00a2O7HrIqB8JswSkaKgaJU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/s90R00a2O7HrIqB8JswSkaKgaJU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7c:e4:e5:c8:95:92:a3:28:39:9b:dd:11:f2:0a:d5:68:ba:61:
6c:69:af:16:61:dd:c1:d1:ac:98:b3:6b:e4:71:52:c1:ed:2c:
4a:d9:0b:fa:c9:01:c2:bd:f9:d5:32:fe:cc:9b:cb:ad:15:2e:
eb:71:fd:07:73:7a:92:22:f7:ed:d4:4b:ed:ec:52:f8:5b:ce:
e3:7d:ae:18:a3:d4:4a:c6:b1:6f:68:76:a4:1b:cd:f2:e0:c4:
84:fa:58:71:3f:a5:bb:52:a2:49:44:c5:74:c2:70:d3:b5:b5:
5f:87:f4:ba:00:32:3a:72:95:44:b7:5e:19:12:90:52:03:b5:
85:94:5e:5e:4d:0f:aa:4e:16:e7:f1:91:f5:77:09:05:e2:85:
15:a0:93:83:0d:5b:97:20:83:db:ea:e4:7f:94:f4:b5:14:27:
aa:b5:03:5a:89:a0:6f:99:71:8e:b6:fe:b5:37:07:6e:58:ed:
26:a8:47:f4:0c:11:c1:31:a8:bd:97:b6:48:4a:46:3c:31:a1:
01:f1:60:9e:e8:36:c4:69:9d:68:a7:21:29:d7:2e:aa:06:06:
9b:12:27:c4:19:1c:ed:03:0b:66:ae:84:c7:2e:ee:87:12:c7:
19:f3:cd:02:e1:b6:20:4a:ae:c6:02:31:77:06:97:83:25:0c:
a3:5f:49:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0407WBzJZK2AxO4hGRw9h2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZGQxMWQzNDZiNjNiYjFlYjIyYTA3YzI2Y2MxMjkxYTJh
MDY4OTUwHhcNMjYwMzI5MDkwMTMxWhcNMjYwMzMwMDkwMTMxWjAzMTEwLwYDVQQD
Eyg2YzEzZTI4ZjIzOTNlM2YzZGMzODIwNmQ3ZTYzNmFkNWQ2ZmMwYmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2yfitnqNj4KkXF6vzCrCt41+Wmzr
bnup//Dz2lng9j6mVgtCiu9PApAy1wM7k8kX2LHBO9mTCBahz6ZC5OL8w0oOTD3i
FWsIkGx65p3uSUjeOjzKZRUshOTRuBxi0L3hxYQkZVwi0a3TRA/wxEaddUhJNmG+
4DsSyHnAoo++QuHppzBiQ3H+sG/YyG6sopSWi28E8KeAaRyvqWvEQRdKTxlUZVjZ
EYcDN5eSHu8IqsmLPjT6zgr4kNubkJbcRANaeNwORM/CPd0opTSF+Lk8Vc+FA5Ks
dEDVdTJXxfRPVfCRCPaMUGKYVEVMRBwD57Lhk9s2WGTXwkjYAV0C2Q0GXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGwT4o8jk+Pz3DggbX5jatXW/AvfMB8GA1UdIwQY
MBaAFLPdEdNGtjux6yKgfCbMEpGioGiVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczkwUjAwYTJPN0hySXFCOEpzd1NrYUtnYUpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hNDE4OTgtZGEwOC00NjlkLWJlMWEt
OGJiYzIyNmU2YzQ1LzEvczkwUjAwYTJPN0hySXFCOEpzd1NrYUtnYUpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hNDE4OTgtZGEwOC00NjlkLWJlMWEtOGJiYzIyNmU2YzQ1
LzEvczkwUjAwYTJPN0hySXFCOEpzd1NrYUtnYUpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfOTlyJWS
oyg5m90R8grVaLphbGmvFmHdwdGsmLNr5HFSwe0sStkL+skBwr351TL+zJvLrRUu
63H9B3N6kiL37dRL7exS+FvO432uGKPUSsaxb2h2pBvN8uDEhPpYcT+lu1KiSUTF
dMJw07W1X4f0ugAyOnKVRLdeGRKQUgO1hZReXk0Pqk4W5/GR9XcJBeKFFaCTgw1b
lyCD2+rkf5T0tRQnqrUDWomgb5lxjrb+tTcHbljtJqhH9AwRwTGovZe2SEpGPDGh
AfFgnug2xGmdaKchKdcuqgYGmxInxBkc7QMLZq6Exy7uhxLHGfPNAuG2IEquxgIx
dwaXgyUMo19J+g==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:14:22 2026 by rpki-client