Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.mft
File: DTM_ctnilFQ4Jb5jcp-ANKRRcJA.mft (raw, json)
Hash identifier: 9v7X4KcNnshzjUCUMBPbZj/IsDtlZYJJZ/PDvDuPD9I=
Subject key identifier: 40:AC:40:B1:7B:F8:47:C6:41:2D:7F:EE:6A:23:1D:85:F0:E2:67:83
Authority key identifier: 0D:33:3F:72:D9:E2:94:54:38:25:BE:63:72:9F:80:34:A4:51:70:90
Certificate issuer: /CN=0d333f72d9e294543825be63729f8034a4517090
Certificate serial: 019F18678CA3030F5DA330F9E07CFE55BF15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.mft
Manifest number: 0D7E
Signing time: Tue 30 Jun 2026 12:01:07 +0000
Manifest this update: Tue 30 Jun 2026 12:01:07 +0000
Manifest next update: Wed 01 Jul 2026 12:01:07 +0000
Files and hashes: 1: DTM_ctnilFQ4Jb5jcp-ANKRRcJA.crl (hash: PzniL2L6czA8AUnBzKJ99AWHgjx0CozWOwbxkZ100zc=)
2: EPJNcfb9BYVxiCOl5XxrpQOfiyc.roa (hash: 3iBYjsoElN4nFr95B9VrvRH80hKHxRpzggq/IbclLdo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.mft
rsync://rpki.ripe.net/repository/DEFAULT/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 12:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:18:67:8c:a3:03:0f:5d:a3:30:f9:e0:7c:fe:55:bf:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d333f72d9e294543825be63729f8034a4517090
Validity
Not Before: Jun 30 12:01:07 2026 GMT
Not After : Jul 1 12:01:07 2026 GMT
Subject: CN=40ac40b17bf847c6412d7fee6a231d85f0e26783
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d3:bc:6c:a3:13:6f:8e:b0:59:e3:cf:20:77:
9d:a8:c8:14:9f:0a:84:92:e0:41:83:9f:93:28:52:
9c:6d:8d:60:4a:6f:ff:82:d4:15:bd:b7:bc:c9:9a:
5f:61:0b:e4:11:24:78:20:e0:19:42:a1:4d:29:bf:
f7:4b:9b:d0:24:7e:a2:b4:a5:e1:b4:2c:a4:ea:91:
bf:56:dd:a7:11:3e:4b:a0:89:62:cb:80:4f:17:b7:
2b:f6:0f:14:7d:25:d5:7c:26:66:76:9e:7c:86:ea:
58:c3:cc:6a:14:81:36:92:1b:a8:c5:55:a0:13:5e:
4b:fc:f6:3e:11:39:83:18:2d:9b:2a:dc:84:e8:f2:
65:01:91:68:67:2e:e2:61:42:33:bb:8d:51:a6:fc:
f0:ee:66:00:73:25:37:b4:7a:4d:b2:2a:16:a1:2c:
ac:c1:d2:23:18:eb:ac:d7:de:c3:1a:aa:2f:a5:97:
a9:d8:18:cf:75:df:b2:3d:d1:c6:07:01:54:42:db:
ea:28:50:0b:bc:d5:df:f2:ec:98:66:4c:43:2e:94:
15:c1:10:80:55:84:6c:0c:bf:1f:9a:1c:f7:a4:00:
a2:42:e8:b2:ce:4a:88:89:76:5d:98:a4:62:c5:12:
6d:d6:8f:07:91:8e:e7:31:c5:70:1e:9c:21:e6:ba:
7f:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:AC:40:B1:7B:F8:47:C6:41:2D:7F:EE:6A:23:1D:85:F0:E2:67:83
X509v3 Authority Key Identifier:
keyid:0D:33:3F:72:D9:E2:94:54:38:25:BE:63:72:9F:80:34:A4:51:70:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
40:f1:e2:92:5f:4a:ac:15:5f:dd:28:05:af:33:ee:15:d9:07:
03:2b:47:4b:51:e5:11:d4:06:5b:85:c1:43:e2:6c:f1:d6:37:
c6:62:78:f8:ad:a1:7a:fc:83:f3:00:e6:50:44:85:fb:17:6d:
dd:06:5d:38:2b:2b:19:51:dc:f9:9f:1e:41:ca:a1:f4:8b:e6:
b7:7e:66:90:5c:56:5d:3c:eb:cb:15:e6:24:fe:2d:a0:46:1f:
56:d3:ce:e7:f2:b3:a8:03:90:7b:1e:5d:3e:d6:c4:fb:f8:a0:
63:d4:0e:67:3e:1f:13:5b:bc:9b:a5:3f:ef:bc:2f:6d:40:4b:
07:dc:f4:c7:cf:a8:44:5b:d3:3d:81:15:21:85:17:c5:88:e2:
f7:2d:03:02:25:11:d7:fd:cc:a2:68:44:7c:4a:f2:14:7c:6c:
1c:b1:87:64:cf:ca:b3:b9:89:62:c6:98:bf:56:4e:b6:e3:d8:
24:c6:53:2f:2e:41:96:91:2a:1c:76:2a:af:83:ec:76:07:6d:
e4:68:46:b8:b9:13:0a:38:69:c4:d4:78:29:68:4a:21:c2:59:
58:86:63:0e:63:d9:b0:40:00:ff:5e:da:d6:34:3a:93:9f:df:
4b:e1:56:fe:fe:13:8f:5a:8b:04:a0:fe:dd:89:a4:3e:8e:55:
42:59:10:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8YZ4yjAw9dozD54Hz+Vb8VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMzMzZjcyZDllMjk0NTQzODI1YmU2MzcyOWY4MDM0YTQ1
MTcwOTAwHhcNMjYwNjMwMTIwMTA3WhcNMjYwNzAxMTIwMTA3WjAzMTEwLwYDVQQD
Eyg0MGFjNDBiMTdiZjg0N2M2NDEyZDdmZWU2YTIzMWQ4NWYwZTI2NzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttO8bKMTb46wWePPIHedqMgUnwqE
kuBBg5+TKFKcbY1gSm//gtQVvbe8yZpfYQvkESR4IOAZQqFNKb/3S5vQJH6itKXh
tCyk6pG/Vt2nET5LoIliy4BPF7cr9g8UfSXVfCZmdp58hupYw8xqFIE2khuoxVWg
E15L/PY+ETmDGC2bKtyE6PJlAZFoZy7iYUIzu41Rpvzw7mYAcyU3tHpNsioWoSys
wdIjGOus197DGqovpZep2BjPdd+yPdHGBwFUQtvqKFALvNXf8uyYZkxDLpQVwRCA
VYRsDL8fmhz3pACiQuiyzkqIiXZdmKRixRJt1o8HkY7nMcVwHpwh5rp/OQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFECsQLF7+EfGQS1/7mojHYXw4meDMB8GA1UdIwQY
MBaAFA0zP3LZ4pRUOCW+Y3KfgDSkUXCQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFRNX2N0bmlsRlE0SmI1amNwLUFOS1JSY0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC82NWZlYTItYTNkOS00OTJmLThlNDQt
ODk0ZGZhNWRmMDE3LzEvRFRNX2N0bmlsRlE0SmI1amNwLUFOS1JSY0pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC82NWZlYTItYTNkOS00OTJmLThlNDQtODk0ZGZhNWRmMDE3
LzEvRFRNX2N0bmlsRlE0SmI1amNwLUFOS1JSY0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQPHikl9K
rBVf3SgFrzPuFdkHAytHS1HlEdQGW4XBQ+Js8dY3xmJ4+K2hevyD8wDmUESF+xdt
3QZdOCsrGVHc+Z8eQcqh9Ivmt35mkFxWXTzryxXmJP4toEYfVtPO5/KzqAOQex5d
PtbE+/igY9QOZz4fE1u8m6U/77wvbUBLB9z0x8+oRFvTPYEVIYUXxYji9y0DAiUR
1/3MomhEfEryFHxsHLGHZM/Ks7mJYsaYv1ZOtuPYJMZTLy5BlpEqHHYqr4Psdgdt
5GhGuLkTCjhpxNR4KWhKIcJZWIZjDmPZsEAA/17a1jQ6k5/fS+FW/v4Tj1qLBKD+
3YmkPo5VQlkQTQ==
-----END CERTIFICATE-----
Generated at Tue Jun 30 18:24:19 2026 by rpki-client