Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.mft
File: DkOg3wWaUlGkALWh8TIboA0xINI.mft (raw, json)
Hash identifier: uChyh0FQ01ZWuQjsO3/9Xguk+xmPSR50DCOukFRo4jo=
Subject key identifier: 12:98:1F:DE:07:90:73:DC:F8:0C:68:4D:1F:AB:B7:52:6D:76:36:2A
Authority key identifier: 0E:43:A0:DF:05:9A:52:51:A4:00:B5:A1:F1:32:1B:A0:0D:31:20:D2
Certificate issuer: /CN=0e43a0df059a5251a400b5a1f1321ba00d3120d2
Certificate serial: 019D3A1C6351471DF8B8F20A511AD7EDF22F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DkOg3wWaUlGkALWh8TIboA0xINI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.mft
Manifest number: 1892
Signing time: Sun 29 Mar 2026 15:00:32 +0000
Manifest this update: Sun 29 Mar 2026 15:00:32 +0000
Manifest next update: Mon 30 Mar 2026 15:00:32 +0000
Files and hashes: 1: 4dMXi4_OZ1hIYb5lfSEix8dXAV4.roa (hash: pso0l4AjjbTbnTQh+xQFS2oQ9IVZGMVy1LttU/eMjhU=)
2: DkOg3wWaUlGkALWh8TIboA0xINI.crl (hash: PvUyCj6JP8mZsACB6Viphb++96whbphwwR+NQf9D1hM=)
3: X5rHphgjA2Ovs-Yct52WJKfW_k8.roa (hash: fS9NXooFPX4VLQ4SoiMsokXMu0rmiVlmUkYsHNO+cLI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.mft
rsync://rpki.ripe.net/repository/DEFAULT/DkOg3wWaUlGkALWh8TIboA0xINI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 08:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3a:1c:63:51:47:1d:f8:b8:f2:0a:51:1a:d7:ed:f2:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e43a0df059a5251a400b5a1f1321ba00d3120d2
Validity
Not Before: Mar 29 15:00:32 2026 GMT
Not After : Mar 30 15:00:32 2026 GMT
Subject: CN=12981fde079073dcf80c684d1fabb7526d76362a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:39:4f:39:d7:f1:19:e0:97:25:91:0b:29:9e:
64:04:38:5b:5a:11:58:52:32:89:e8:64:5e:10:04:
5c:02:ec:f8:ae:46:ba:35:0f:39:66:6d:58:6a:4a:
bf:65:15:48:40:53:a7:72:3b:45:9f:f6:e5:c6:9d:
a2:99:54:3a:1f:db:5e:10:2c:23:c9:f9:b6:85:c4:
e1:b6:b9:4a:78:89:d0:61:ac:75:a7:3a:76:eb:8f:
7e:3a:ab:bc:c9:52:c6:dc:2e:07:26:45:fd:4f:c8:
f1:64:65:d2:4a:cc:53:9b:18:20:0e:54:0d:ae:2d:
31:0f:9c:7c:d4:7e:99:a8:05:c6:b0:4a:09:25:dc:
10:84:a5:a6:28:e5:5e:ab:14:41:37:eb:fa:52:75:
f9:64:02:c9:fa:4c:ba:b2:8d:a8:e8:c2:ab:27:8b:
a6:0f:55:05:fb:56:6e:c7:23:f2:7f:a1:90:33:3b:
50:38:a9:f8:29:fe:db:8e:72:49:68:23:1a:25:0c:
69:3c:c7:6c:0f:7b:75:11:5c:cd:e0:a8:7b:2c:06:
58:5a:b6:17:33:4f:fd:ae:41:41:b7:ae:6c:23:77:
63:f0:60:c2:1f:49:53:3b:6f:5f:cb:3d:46:7f:36:
80:06:39:5c:be:43:af:c3:12:ae:12:f3:ed:90:2c:
40:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:98:1F:DE:07:90:73:DC:F8:0C:68:4D:1F:AB:B7:52:6D:76:36:2A
X509v3 Authority Key Identifier:
keyid:0E:43:A0:DF:05:9A:52:51:A4:00:B5:A1:F1:32:1B:A0:0D:31:20:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DkOg3wWaUlGkALWh8TIboA0xINI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
94:6b:e8:3a:b7:4b:63:52:c7:37:f4:60:f7:71:c0:ca:39:03:
ed:de:bb:a4:43:dd:5b:f0:73:62:e6:db:84:19:9e:0a:4f:d9:
12:d8:03:51:45:74:a8:f5:25:38:cf:af:69:2d:c3:97:72:98:
d1:60:be:21:8c:eb:dd:4a:83:0a:93:2b:1f:24:31:f3:06:97:
e9:38:88:d0:9f:c9:52:fe:8b:c4:a2:8b:52:e7:b7:43:1f:c6:
44:c3:2e:7a:7e:4d:20:c8:ed:a0:31:3e:15:1b:71:89:f2:dc:
f4:19:35:16:2a:bf:fe:69:9b:b4:3e:2e:21:3f:6a:99:4e:22:
17:59:2c:2f:4f:31:ff:c9:10:c1:ae:0c:14:e8:a1:1c:68:21:
e2:6e:71:ca:c1:ff:f1:d6:18:52:91:6a:9e:74:37:14:84:18:
b9:c0:27:76:db:30:9b:71:58:50:70:5a:91:a5:46:2e:9d:69:
aa:01:6f:16:3a:1c:34:da:1f:58:8b:1a:1b:2d:70:19:f1:35:
e3:cd:80:73:21:a5:bd:77:65:0f:b3:1c:47:28:5c:d7:a3:ef:
d0:48:8e:60:d1:85:dd:d1:11:2f:b8:6c:4f:f6:c0:f6:fb:42:
53:44:b7:dc:51:b6:01:36:d4:5a:91:d9:4d:55:5b:53:d6:6d:
74:66:aa:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06HGNRRx34uPIKURrX7fIvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNDNhMGRmMDU5YTUyNTFhNDAwYjVhMWYxMzIxYmEwMGQz
MTIwZDIwHhcNMjYwMzI5MTUwMDMyWhcNMjYwMzMwMTUwMDMyWjAzMTEwLwYDVQQD
EygxMjk4MWZkZTA3OTA3M2RjZjgwYzY4NGQxZmFiYjc1MjZkNzYzNjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDlPOdfxGeCXJZELKZ5kBDhbWhFY
UjKJ6GReEARcAuz4rka6NQ85Zm1Yakq/ZRVIQFOncjtFn/blxp2imVQ6H9teECwj
yfm2hcThtrlKeInQYax1pzp2649+Oqu8yVLG3C4HJkX9T8jxZGXSSsxTmxggDlQN
ri0xD5x81H6ZqAXGsEoJJdwQhKWmKOVeqxRBN+v6UnX5ZALJ+ky6so2o6MKrJ4um
D1UF+1ZuxyPyf6GQMztQOKn4Kf7bjnJJaCMaJQxpPMdsD3t1EVzN4Kh7LAZYWrYX
M0/9rkFBt65sI3dj8GDCH0lTO29fyz1GfzaABjlcvkOvwxKuEvPtkCxARwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBKYH94HkHPc+AxoTR+rt1JtdjYqMB8GA1UdIwQY
MBaAFA5DoN8FmlJRpAC1ofEyG6ANMSDSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGtPZzN3V2FVbEdrQUxXaDhUSWJvQTB4SU5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wYmIzM2ItNjhmNy00NzQ4LTg0YWMt
MDA0ZmU0MzNjN2M4LzEvRGtPZzN3V2FVbEdrQUxXaDhUSWJvQTB4SU5JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wYmIzM2ItNjhmNy00NzQ4LTg0YWMtMDA0ZmU0MzNjN2M4
LzEvRGtPZzN3V2FVbEdrQUxXaDhUSWJvQTB4SU5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlGvoOrdL
Y1LHN/Rg93HAyjkD7d67pEPdW/BzYubbhBmeCk/ZEtgDUUV0qPUlOM+vaS3Dl3KY
0WC+IYzr3UqDCpMrHyQx8waX6TiI0J/JUv6LxKKLUue3Qx/GRMMuen5NIMjtoDE+
FRtxifLc9Bk1Fiq//mmbtD4uIT9qmU4iF1ksL08x/8kQwa4MFOihHGgh4m5xysH/
8dYYUpFqnnQ3FIQYucAndtswm3FYUHBakaVGLp1pqgFvFjocNNofWIsaGy1wGfE1
482AcyGlvXdlD7McRyhc16Pv0EiOYNGF3dERL7hsT/bA9vtCU0S33FG2ATbUWpHZ
TVVbU9ZtdGaqrQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 18:50:55 2026 by rpki-client