Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
File: 20IFnOKR1Jpmkgcxx2faVj7yESQ.mft (raw, json)
Hash identifier: V3y85+tCLPPuUObFMIfePkQW3hkcgHPN0LazCYHaoxQ=
Subject key identifier: A6:91:E0:D5:7E:13:09:1C:E9:D3:85:18:65:51:02:4F:BC:2A:CD:A8
Authority key identifier: DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24
Certificate issuer: /CN=db42059ce291d49a66920731c767da563ef21124
Certificate serial: 019D38D3AAD001D7DCB381E5730E19BCE776
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
Manifest number: 0B8C
Signing time: Sun 29 Mar 2026 09:01:29 +0000
Manifest this update: Sun 29 Mar 2026 09:01:29 +0000
Manifest next update: Mon 30 Mar 2026 09:01:29 +0000
Files and hashes: 1: 20IFnOKR1Jpmkgcxx2faVj7yESQ.crl (hash: qHxMY1MJrmJvkjt5I8XB9rFTsoS/PXMeH4IYHHXA1NM=)
2: K_G3q1oHoFkLaOnMyEVLIcn7Qmw.roa (hash: /NaxyStNTlcpIpTarZjjR+9kQ6m4FlTTRFr5N6+rcrM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:aa:d0:01:d7:dc:b3:81:e5:73:0e:19:bc:e7:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db42059ce291d49a66920731c767da563ef21124
Validity
Not Before: Mar 29 09:01:29 2026 GMT
Not After : Mar 30 09:01:29 2026 GMT
Subject: CN=a691e0d57e13091ce9d385186551024fbc2acda8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:23:80:f0:f7:de:6e:86:30:5d:06:66:c2:3f:
5d:58:8f:f4:1b:e6:78:48:53:16:f7:da:af:03:f2:
e9:eb:d0:6c:48:8c:ce:d1:53:47:93:bd:5e:46:68:
72:ca:dc:20:51:50:9b:58:72:81:59:54:fd:11:b6:
44:11:7d:5d:f7:00:57:23:df:9a:17:60:d5:a6:5a:
e4:ac:57:ad:73:24:1c:98:0d:11:2e:7c:65:6d:49:
5c:1f:d0:4c:76:4d:16:65:2c:d6:d4:9a:fc:16:21:
53:65:e2:ba:2d:94:4a:8c:3f:82:6c:32:e9:aa:36:
fa:cc:fc:48:e4:67:6f:6e:d5:38:37:a8:63:1d:f4:
74:bb:4c:25:50:c7:81:ba:6b:40:35:f0:cc:cf:3b:
30:55:ea:c2:98:5c:7e:a4:55:f3:c7:52:4f:b7:99:
3e:63:f6:13:e1:8b:7a:69:42:c0:cb:0f:11:bd:3e:
28:2b:7e:91:dc:43:f6:d9:c8:cc:e9:1f:a2:1b:25:
fa:f8:02:2f:45:9a:9a:c1:59:31:63:ef:3c:b0:b4:
1f:2b:95:c4:35:86:14:0a:c6:bb:1c:6a:5d:c3:42:
e5:de:86:08:ba:b7:19:be:c8:86:d4:ec:8a:e3:84:
39:e4:09:eb:72:e5:2c:c0:e7:2a:bc:9e:58:d0:4f:
7b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:91:E0:D5:7E:13:09:1C:E9:D3:85:18:65:51:02:4F:BC:2A:CD:A8
X509v3 Authority Key Identifier:
keyid:DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
95:b6:59:83:f9:85:47:d7:59:d0:84:d8:c9:06:cb:8a:d6:c4:
6f:7e:d3:4c:f6:a3:c9:2a:22:1a:1b:36:9d:21:4d:a3:64:19:
8d:97:b4:14:bc:5a:1f:46:6c:f4:5a:3b:13:63:fd:d3:2f:ba:
5d:43:51:a1:0f:ad:92:28:c7:a8:53:e5:fa:91:c2:4b:3b:94:
cd:19:60:52:d9:38:8c:5d:64:a1:68:76:52:ab:ef:43:ab:3e:
ba:90:59:8e:b7:29:60:2d:a6:b9:db:d2:74:1b:77:cd:25:bc:
89:62:32:92:bd:b9:55:e0:ba:06:35:d2:12:5d:19:d5:aa:57:
f2:61:2d:e1:85:4c:5f:bd:75:c2:f2:fb:12:2a:2b:fe:8f:ce:
da:b0:59:5d:1f:93:f5:48:d2:60:ef:b7:4d:32:c7:50:30:02:
8b:f5:2b:28:1b:b1:a1:24:d5:db:56:9a:d5:a0:aa:63:19:11:
82:ac:79:96:49:a3:77:cc:40:c0:9d:af:ef:07:59:55:fe:fc:
1f:cb:1d:20:75:05:e7:7c:12:7e:40:a2:33:d9:de:b1:ca:76:
99:28:bd:21:16:15:2a:2e:56:2a:23:47:46:b6:8c:3d:49:f2:
d1:dd:42:96:4c:6a:82:f4:eb:9a:06:a6:aa:66:15:e5:b5:d3:
ea:2e:de:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0406rQAdfcs4Hlcw4ZvOd2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNDIwNTljZTI5MWQ0OWE2NjkyMDczMWM3NjdkYTU2M2Vm
MjExMjQwHhcNMjYwMzI5MDkwMTI5WhcNMjYwMzMwMDkwMTI5WjAzMTEwLwYDVQQD
EyhhNjkxZTBkNTdlMTMwOTFjZTlkMzg1MTg2NTUxMDI0ZmJjMmFjZGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4yOA8PfeboYwXQZmwj9dWI/0G+Z4
SFMW99qvA/Lp69BsSIzO0VNHk71eRmhyytwgUVCbWHKBWVT9EbZEEX1d9wBXI9+a
F2DVplrkrFetcyQcmA0RLnxlbUlcH9BMdk0WZSzW1Jr8FiFTZeK6LZRKjD+CbDLp
qjb6zPxI5GdvbtU4N6hjHfR0u0wlUMeBumtANfDMzzswVerCmFx+pFXzx1JPt5k+
Y/YT4Yt6aULAyw8RvT4oK36R3EP22cjM6R+iGyX6+AIvRZqawVkxY+88sLQfK5XE
NYYUCsa7HGpdw0Ll3oYIurcZvsiG1OyK44Q55AnrcuUswOcqvJ5Y0E97SQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKaR4NV+Ewkc6dOFGGVRAk+8Ks2oMB8GA1UdIwQY
MBaAFNtCBZzikdSaZpIHMcdn2lY+8hEkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzIt
OTMxMmQwODdkZmNhLzEvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzItOTMxMmQwODdkZmNh
LzEvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlbZZg/mF
R9dZ0ITYyQbLitbEb37TTPajySoiGhs2nSFNo2QZjZe0FLxaH0Zs9Fo7E2P90y+6
XUNRoQ+tkijHqFPl+pHCSzuUzRlgUtk4jF1koWh2UqvvQ6s+upBZjrcpYC2mudvS
dBt3zSW8iWIykr25VeC6BjXSEl0Z1apX8mEt4YVMX711wvL7Eior/o/O2rBZXR+T
9UjSYO+3TTLHUDACi/UrKBuxoSTV21aa1aCqYxkRgqx5lkmjd8xAwJ2v7wdZVf78
H8sdIHUF53wSfkCiM9nescp2mSi9IRYVKi5WKiNHRraMPUny0d1ClkxqgvTrmgam
qmYV5bXT6i7eFw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:34:00 2026 by rpki-client