Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.mft
File: DTM_ctnilFQ4Jb5jcp-ANKRRcJA.mft (raw, json)
Hash identifier: n2xZ9x27NnE8Jpx0m9uk96EJsqF78iKrEClFs2Yvc/U=
Subject key identifier: D0:C8:41:55:4C:3C:6A:85:36:99:64:77:B4:72:9F:B2:DA:4F:15:AF
Authority key identifier: 0D:33:3F:72:D9:E2:94:54:38:25:BE:63:72:9F:80:34:A4:51:70:90
Certificate issuer: /CN=0d333f72d9e294543825be63729f8034a4517090
Certificate serial: 019D3977D7C8EAF4716C5F76D13B27A63B75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.mft
Manifest number: 0C86
Signing time: Sun 29 Mar 2026 12:00:48 +0000
Manifest this update: Sun 29 Mar 2026 12:00:48 +0000
Manifest next update: Mon 30 Mar 2026 12:00:48 +0000
Files and hashes: 1: DTM_ctnilFQ4Jb5jcp-ANKRRcJA.crl (hash: r+/7FTFYyj4K4ZtNCpB4R8e7bXwHpjVZmtrhEfEAKD0=)
2: EPJNcfb9BYVxiCOl5XxrpQOfiyc.roa (hash: 3iBYjsoElN4nFr95B9VrvRH80hKHxRpzggq/IbclLdo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.mft
rsync://rpki.ripe.net/repository/DEFAULT/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 12:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:77:d7:c8:ea:f4:71:6c:5f:76:d1:3b:27:a6:3b:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d333f72d9e294543825be63729f8034a4517090
Validity
Not Before: Mar 29 12:00:48 2026 GMT
Not After : Mar 30 12:00:48 2026 GMT
Subject: CN=d0c841554c3c6a8536996477b4729fb2da4f15af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a0:a6:79:cc:3a:e2:c9:e8:93:ee:48:9e:94:
10:5e:7d:50:88:3a:b5:41:1c:cb:28:d2:90:9a:43:
f6:82:a1:88:8a:37:6b:81:24:58:13:31:00:33:72:
e7:a5:d1:18:55:8b:e3:5e:dd:00:89:87:1d:cd:6f:
eb:4c:76:8c:75:66:4c:9f:88:16:70:7f:5f:68:79:
04:5a:43:51:50:f6:12:5e:07:a3:e9:e1:70:35:0c:
24:b7:aa:3f:59:1d:3d:9d:93:b2:4e:6a:c8:5d:11:
3d:18:0b:48:fb:17:09:41:fc:bf:b1:e5:8b:11:49:
49:db:68:91:a1:b7:c6:19:3e:b8:ba:7f:ef:f8:eb:
46:94:e9:28:cd:01:64:d2:6a:30:e4:2e:07:48:9f:
a0:94:46:da:8f:15:48:dd:34:31:ec:10:6d:d1:3a:
8e:48:d9:cd:76:d6:b4:bb:3c:b6:d6:fb:e9:d3:6a:
1d:cf:cd:17:6f:9b:48:ef:f5:c8:0d:2a:9e:98:90:
67:0c:a4:37:2b:10:ab:3c:d6:6a:e9:2c:12:a8:91:
94:73:d8:d1:42:38:3e:4d:66:3c:88:79:13:fa:91:
e8:e0:0c:d8:9b:cf:05:c0:34:35:45:3f:79:9c:11:
60:40:67:8d:8a:db:22:b8:bb:ad:3a:ba:83:92:d5:
bc:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:C8:41:55:4C:3C:6A:85:36:99:64:77:B4:72:9F:B2:DA:4F:15:AF
X509v3 Authority Key Identifier:
keyid:0D:33:3F:72:D9:E2:94:54:38:25:BE:63:72:9F:80:34:A4:51:70:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:05:bc:b9:cc:69:29:f7:2b:05:4b:8d:59:4b:12:88:cc:0a:
84:c0:16:5b:53:c7:ee:d3:7b:34:4f:c9:b1:b0:9b:17:07:95:
50:01:eb:d1:72:f6:02:28:84:8c:38:75:31:6b:33:9e:d8:3d:
5f:33:12:c8:76:e8:7a:e8:f1:38:ad:93:b9:c4:3f:6f:24:05:
34:bb:60:7b:d9:9f:ef:3c:5a:65:a5:08:10:d2:bd:e8:50:85:
ae:0a:4e:50:98:ee:9a:2f:c3:76:28:a0:c3:1b:e4:5c:3b:49:
87:96:3d:26:a0:02:c6:5e:72:97:ca:a5:f9:86:e4:fd:fb:b5:
40:35:e8:5c:c7:fb:3f:50:4b:15:a3:d0:72:3f:d6:63:b9:4f:
a9:2c:92:4f:5b:b8:ed:ab:38:41:cc:a7:07:05:c0:58:c5:f0:
8f:12:25:e5:26:57:63:7b:36:1f:95:0f:3b:4e:36:ba:6c:4a:
f4:ca:49:33:f6:a1:9e:b7:19:73:1c:fb:94:b8:c0:00:e2:a9:
51:a1:4b:82:1e:bd:08:10:62:0c:20:70:7e:d5:19:26:29:47:
a7:30:2e:48:43:df:a0:42:10:97:bc:c6:00:57:0a:2d:8e:fe:
85:fb:48:cd:1c:6a:f7:77:6a:4c:68:eb:6d:3f:78:5f:0a:40:
ee:38:70:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d9fI6vRxbF920Tsnpjt1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMzMzZjcyZDllMjk0NTQzODI1YmU2MzcyOWY4MDM0YTQ1
MTcwOTAwHhcNMjYwMzI5MTIwMDQ4WhcNMjYwMzMwMTIwMDQ4WjAzMTEwLwYDVQQD
EyhkMGM4NDE1NTRjM2M2YTg1MzY5OTY0NzdiNDcyOWZiMmRhNGYxNWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqCmecw64snok+5InpQQXn1QiDq1
QRzLKNKQmkP2gqGIijdrgSRYEzEAM3LnpdEYVYvjXt0AiYcdzW/rTHaMdWZMn4gW
cH9faHkEWkNRUPYSXgej6eFwNQwkt6o/WR09nZOyTmrIXRE9GAtI+xcJQfy/seWL
EUlJ22iRobfGGT64un/v+OtGlOkozQFk0mow5C4HSJ+glEbajxVI3TQx7BBt0TqO
SNnNdta0uzy21vvp02odz80Xb5tI7/XIDSqemJBnDKQ3KxCrPNZq6SwSqJGUc9jR
Qjg+TWY8iHkT+pHo4AzYm88FwDQ1RT95nBFgQGeNitsiuLutOrqDktW82wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNDIQVVMPGqFNplkd7Ryn7LaTxWvMB8GA1UdIwQY
MBaAFA0zP3LZ4pRUOCW+Y3KfgDSkUXCQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFRNX2N0bmlsRlE0SmI1amNwLUFOS1JSY0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC82NWZlYTItYTNkOS00OTJmLThlNDQt
ODk0ZGZhNWRmMDE3LzEvRFRNX2N0bmlsRlE0SmI1amNwLUFOS1JSY0pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC82NWZlYTItYTNkOS00OTJmLThlNDQtODk0ZGZhNWRmMDE3
LzEvRFRNX2N0bmlsRlE0SmI1amNwLUFOS1JSY0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApAW8ucxp
KfcrBUuNWUsSiMwKhMAWW1PH7tN7NE/JsbCbFweVUAHr0XL2AiiEjDh1MWszntg9
XzMSyHboeujxOK2TucQ/byQFNLtge9mf7zxaZaUIENK96FCFrgpOUJjumi/Ddiig
wxvkXDtJh5Y9JqACxl5yl8ql+Ybk/fu1QDXoXMf7P1BLFaPQcj/WY7lPqSyST1u4
7as4QcynBwXAWMXwjxIl5SZXY3s2H5UPO042umxK9MpJM/ahnrcZcxz7lLjAAOKp
UaFLgh69CBBiDCBwftUZJilHpzAuSEPfoEIQl7zGAFcKLY7+hftIzRxq93dqTGjr
bT94XwpA7jhwuQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 20:25:41 2026 by rpki-client