Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/d5fde6-1951-47b8-a325-4cb257ee192c/1/25ebiYwPWDTLyDimmgXjq-jAKQM.mft
File: 25ebiYwPWDTLyDimmgXjq-jAKQM.mft (raw, json)
Hash identifier: P0yiR6gqHcecyUXwbD54vYdTGENPjaWNsGU/c75+HiA=
Subject key identifier: F1:B0:69:36:46:D4:DA:32:12:7E:E9:14:F3:60:3B:19:DD:37:B5:E8
Authority key identifier: DB:97:9B:89:8C:0F:58:34:CB:C8:38:A6:9A:05:E3:AB:E8:C0:29:03
Certificate issuer: /CN=db979b898c0f5834cbc838a69a05e3abe8c02903
Certificate serial: 019D390A164C126AC28866B2DFD9F3D9A19E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/25ebiYwPWDTLyDimmgXjq-jAKQM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/d5fde6-1951-47b8-a325-4cb257ee192c/1/25ebiYwPWDTLyDimmgXjq-jAKQM.mft
Manifest number: 0C22
Signing time: Sun 29 Mar 2026 10:00:55 +0000
Manifest this update: Sun 29 Mar 2026 10:00:55 +0000
Manifest next update: Mon 30 Mar 2026 10:00:55 +0000
Files and hashes: 1: 25ebiYwPWDTLyDimmgXjq-jAKQM.crl (hash: txG17e0iIQzlfAFxDEGxMhA7rTaIokIAddpEAnsoxkQ=)
2: FjKOaSffmodjULE60Uqyds_9UrY.roa (hash: Cvv1kQqsgheFH6HLElDwGFzdf6a+v+I+lfZ3+Gpg/Ko=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/d5fde6-1951-47b8-a325-4cb257ee192c/1/25ebiYwPWDTLyDimmgXjq-jAKQM.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/d5fde6-1951-47b8-a325-4cb257ee192c/1/25ebiYwPWDTLyDimmgXjq-jAKQM.mft
rsync://rpki.ripe.net/repository/DEFAULT/25ebiYwPWDTLyDimmgXjq-jAKQM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:0a:16:4c:12:6a:c2:88:66:b2:df:d9:f3:d9:a1:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db979b898c0f5834cbc838a69a05e3abe8c02903
Validity
Not Before: Mar 29 10:00:55 2026 GMT
Not After : Mar 30 10:00:55 2026 GMT
Subject: CN=f1b0693646d4da32127ee914f3603b19dd37b5e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b8:d2:98:9d:ca:fb:d8:20:2d:aa:9f:e5:92:
7d:2f:4a:c0:72:c8:39:e3:62:ec:fd:c1:7f:6c:83:
0f:e6:d5:6e:00:bc:66:fa:f5:45:c4:c0:af:bb:de:
10:b2:17:0c:62:a5:34:67:51:39:56:fa:ae:ee:54:
05:79:ac:ce:7a:c8:42:df:a5:9a:5f:8d:f5:42:e8:
9d:74:80:89:41:77:78:8e:c8:50:67:d0:3f:ee:f4:
82:b4:16:44:0e:e4:27:a2:32:69:9c:1f:86:e5:cf:
ef:d8:df:59:78:b8:12:2a:3e:76:81:43:c6:9f:c3:
cf:09:b5:41:08:aa:5a:07:21:05:ae:52:cc:4b:02:
71:e1:90:55:60:d5:f9:38:f9:81:56:82:f9:1a:7f:
b1:23:69:75:8a:96:f4:89:64:44:60:fc:6b:7c:a5:
5a:b8:67:7c:a6:41:8a:1a:e6:5b:4f:5c:32:5d:db:
63:2b:f7:fa:51:bd:7d:e1:d3:2e:e9:34:8c:d4:e0:
5e:ee:b9:59:9e:5a:52:fb:86:9e:ce:c6:0d:12:77:
58:60:a9:54:fc:e8:60:52:47:ef:2f:56:d1:8d:35:
34:1e:a3:0d:b5:ec:93:e3:dc:03:fa:24:0d:81:e4:
6d:26:7e:a2:47:58:d7:ed:62:7d:1c:7d:14:2c:3e:
03:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:B0:69:36:46:D4:DA:32:12:7E:E9:14:F3:60:3B:19:DD:37:B5:E8
X509v3 Authority Key Identifier:
keyid:DB:97:9B:89:8C:0F:58:34:CB:C8:38:A6:9A:05:E3:AB:E8:C0:29:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/25ebiYwPWDTLyDimmgXjq-jAKQM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/d5fde6-1951-47b8-a325-4cb257ee192c/1/25ebiYwPWDTLyDimmgXjq-jAKQM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/d5fde6-1951-47b8-a325-4cb257ee192c/1/25ebiYwPWDTLyDimmgXjq-jAKQM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
58:94:79:7d:74:ae:27:8a:0d:f0:92:c4:d4:e8:5a:a7:e2:28:
13:ab:3a:a0:4c:95:89:7e:fc:eb:02:7d:d3:7a:d4:9c:33:a6:
aa:16:94:5d:16:57:8e:9f:f5:a0:25:b1:69:37:68:70:bd:69:
be:10:71:64:d1:0e:ed:36:2c:94:a3:f9:48:d5:76:76:29:55:
af:95:7f:95:eb:d5:52:63:10:91:b1:a3:89:4d:78:64:fe:ee:
2e:ac:99:d6:7f:f7:b8:be:57:64:2a:cc:75:fd:72:2d:5c:d7:
17:8a:b5:f3:25:17:1c:5c:56:ec:9a:bb:c6:60:83:ba:93:81:
4d:44:b1:07:e8:1c:f2:be:55:41:3e:33:1d:33:a1:19:2e:fe:
7d:3a:af:ea:54:63:eb:74:97:5e:2e:f2:aa:1a:61:ea:b5:d4:
57:45:cf:c1:77:29:35:34:2e:b4:20:8d:ec:25:6f:0a:94:ef:
64:f4:7e:3b:be:85:99:19:c9:0f:25:fc:ad:54:e3:2a:ec:33:
4b:a2:a0:3a:8d:f1:e6:ff:6c:da:93:d8:5c:6f:58:52:bd:23:
b8:cc:6b:71:7a:22:73:ae:00:78:fe:61:fc:53:e1:b9:2e:4a:
50:b3:65:d4:43:e7:cc:c8:51:3d:b8:33:7e:5c:65:c7:36:a0:
75:cd:6c:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05ChZMEmrCiGay39nz2aGeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOTc5Yjg5OGMwZjU4MzRjYmM4MzhhNjlhMDVlM2FiZThj
MDI5MDMwHhcNMjYwMzI5MTAwMDU1WhcNMjYwMzMwMTAwMDU1WjAzMTEwLwYDVQQD
EyhmMWIwNjkzNjQ2ZDRkYTMyMTI3ZWU5MTRmMzYwM2IxOWRkMzdiNWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bjSmJ3K+9ggLaqf5ZJ9L0rAcsg5
42Ls/cF/bIMP5tVuALxm+vVFxMCvu94QshcMYqU0Z1E5Vvqu7lQFeazOeshC36Wa
X431QuiddICJQXd4jshQZ9A/7vSCtBZEDuQnojJpnB+G5c/v2N9ZeLgSKj52gUPG
n8PPCbVBCKpaByEFrlLMSwJx4ZBVYNX5OPmBVoL5Gn+xI2l1ipb0iWREYPxrfKVa
uGd8pkGKGuZbT1wyXdtjK/f6Ub194dMu6TSM1OBe7rlZnlpS+4aezsYNEndYYKlU
/OhgUkfvL1bRjTU0HqMNteyT49wD+iQNgeRtJn6iR1jX7WJ9HH0ULD4DowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPGwaTZG1NoyEn7pFPNgOxndN7XoMB8GA1UdIwQY
MBaAFNuXm4mMD1g0y8g4ppoF46vowCkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjVlYmlZd1BXRFRMeURpbW1nWGpxLWpBS1FNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9kNWZkZTYtMTk1MS00N2I4LWEzMjUt
NGNiMjU3ZWUxOTJjLzEvMjVlYmlZd1BXRFRMeURpbW1nWGpxLWpBS1FNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9kNWZkZTYtMTk1MS00N2I4LWEzMjUtNGNiMjU3ZWUxOTJj
LzEvMjVlYmlZd1BXRFRMeURpbW1nWGpxLWpBS1FNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWJR5fXSu
J4oN8JLE1Ohap+IoE6s6oEyViX786wJ903rUnDOmqhaUXRZXjp/1oCWxaTdocL1p
vhBxZNEO7TYslKP5SNV2dilVr5V/levVUmMQkbGjiU14ZP7uLqyZ1n/3uL5XZCrM
df1yLVzXF4q18yUXHFxW7Jq7xmCDupOBTUSxB+gc8r5VQT4zHTOhGS7+fTqv6lRj
63SXXi7yqhph6rXUV0XPwXcpNTQutCCN7CVvCpTvZPR+O76FmRnJDyX8rVTjKuwz
S6KgOo3x5v9s2pPYXG9YUr0juMxrcXoic64AeP5h/FPhuS5KULNl1EPnzMhRPbgz
flxlxzagdc1suw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:47:21 2026 by rpki-client