Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
File: 2O6Q00LYZepn8rDS-3TAOfg-Skg.mft (raw, json)
Hash identifier: FJQ3E37L2WMt/y2Ccnk3HvHMxv1hePtx/sGU5cfMinY=
Subject key identifier: 6F:AA:92:00:EA:E2:42:F9:C9:16:47:3A:38:82:B2:A9:07:EA:A0:F3
Authority key identifier: D8:EE:90:D3:42:D8:65:EA:67:F2:B0:D2:FB:74:C0:39:F8:3E:4A:48
Certificate issuer: /CN=d8ee90d342d865ea67f2b0d2fb74c039f83e4a48
Certificate serial: 019D3866B9D1079200B9AE6492DB9674C7A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
Manifest number: 05B2
Signing time: Sun 29 Mar 2026 07:02:29 +0000
Manifest this update: Sun 29 Mar 2026 07:02:29 +0000
Manifest next update: Mon 30 Mar 2026 07:02:29 +0000
Files and hashes: 1: 2O6Q00LYZepn8rDS-3TAOfg-Skg.crl (hash: pR+BDuu2kejQQ//b5FbX1VyVv7o4WTl80cNq16yx/nM=)
2: OExalT86I2jE92WcpxOz8v2EM5M.roa (hash: 4ql4+dXrno2rRd9rLsGdlFCa1N0RlG63lEsTRJIQb8w=)
3: jkJ-dpXyGf9S_poPiFsD4kU6mb4.roa (hash: cQtWmc7dZO030WCUTKzMCSngnAwQZjveS+i9Nuw4lVc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:66:b9:d1:07:92:00:b9:ae:64:92:db:96:74:c7:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8ee90d342d865ea67f2b0d2fb74c039f83e4a48
Validity
Not Before: Mar 29 07:02:29 2026 GMT
Not After : Mar 30 07:02:29 2026 GMT
Subject: CN=6faa9200eae242f9c916473a3882b2a907eaa0f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ac:46:47:97:21:cd:94:f7:21:79:a8:75:e6:
ec:c2:e0:75:39:ef:25:b9:a6:73:ea:e7:90:71:2a:
08:69:a2:8c:ad:6b:2c:35:d4:94:06:3d:65:5a:b7:
3c:a7:be:3e:98:2c:90:f2:12:6d:3f:3b:1c:7f:2c:
a2:09:1c:1b:be:09:b0:3e:e1:36:82:e0:3f:58:55:
c9:f1:23:36:7f:89:62:9f:1d:e1:13:d0:b7:c0:50:
23:73:c0:b4:0c:36:29:74:81:c3:08:9c:85:d8:1c:
a2:41:ca:17:43:38:ff:24:5f:27:9e:19:00:ae:06:
74:a6:92:c2:9f:d3:11:b7:ce:36:17:ae:28:83:16:
cc:72:4a:6f:ea:10:9a:95:c8:c6:8e:19:98:39:22:
6d:a6:0a:42:1f:6f:f3:a6:f6:af:e2:32:13:f5:f1:
44:bf:4e:f6:21:fc:b5:8f:c2:b5:9c:ee:ec:6e:6f:
e6:38:3a:9b:dd:6d:38:e5:a0:4d:69:6a:33:ec:e2:
bc:fb:7f:fb:80:10:16:38:5b:a6:94:23:29:ff:63:
35:b8:89:8a:7e:ac:e5:07:bc:6e:7a:7b:43:19:6d:
e0:41:84:e2:ec:f5:99:2a:48:d4:8d:c2:53:27:ce:
5d:82:5d:c1:04:2c:22:33:18:b8:ca:99:59:2b:c4:
5e:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:AA:92:00:EA:E2:42:F9:C9:16:47:3A:38:82:B2:A9:07:EA:A0:F3
X509v3 Authority Key Identifier:
keyid:D8:EE:90:D3:42:D8:65:EA:67:F2:B0:D2:FB:74:C0:39:F8:3E:4A:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b9:da:39:d6:d7:46:bc:1e:37:46:45:4e:18:7d:59:2b:cd:dc:
d9:0b:46:7b:eb:de:b0:60:98:9a:2f:23:b9:ab:d5:80:c6:fb:
e1:78:02:39:96:86:9c:b1:4e:e2:90:6f:4b:3e:81:0a:07:80:
29:43:47:a5:89:cf:e1:79:ee:d0:1d:e1:bc:7d:1a:32:bf:13:
d2:a5:08:2a:f1:f1:ff:fc:0f:42:7f:f8:cd:c3:a1:29:7f:3c:
18:18:a6:01:2f:f7:db:f2:bd:08:30:b0:bc:83:0c:dd:7e:37:
54:46:7e:ee:06:2c:d4:e2:ac:c0:be:58:c9:08:3f:c0:62:de:
f8:d4:c2:6b:d8:2a:30:45:6b:af:ba:b9:41:d9:05:42:7b:1a:
24:90:45:76:c5:3e:0f:48:da:8c:8c:0b:3c:63:fa:21:55:c5:
2c:ac:c7:79:f2:f2:5a:0e:38:2b:6f:39:67:f8:b0:f5:84:5a:
19:f6:0f:4d:99:47:5b:01:62:67:5e:fb:7e:38:73:56:44:86:
a2:69:b9:08:af:13:43:5d:ce:6e:25:3b:8e:2c:37:1f:e2:52:
ca:2c:98:3b:95:bc:11:86:10:1e:9a:fc:52:3e:7a:f7:8d:47:
e7:8f:cc:d1:c7:e2:a4:e4:dd:bb:98:06:36:e2:7f:91:c4:41:
1b:47:52:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZrnRB5IAua5kktuWdMekMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZWU5MGQzNDJkODY1ZWE2N2YyYjBkMmZiNzRjMDM5Zjgz
ZTRhNDgwHhcNMjYwMzI5MDcwMjI5WhcNMjYwMzMwMDcwMjI5WjAzMTEwLwYDVQQD
Eyg2ZmFhOTIwMGVhZTI0MmY5YzkxNjQ3M2EzODgyYjJhOTA3ZWFhMGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3axGR5chzZT3IXmodebswuB1Oe8l
uaZz6ueQcSoIaaKMrWssNdSUBj1lWrc8p74+mCyQ8hJtPzscfyyiCRwbvgmwPuE2
guA/WFXJ8SM2f4linx3hE9C3wFAjc8C0DDYpdIHDCJyF2ByiQcoXQzj/JF8nnhkA
rgZ0ppLCn9MRt842F64ogxbMckpv6hCalcjGjhmYOSJtpgpCH2/zpvav4jIT9fFE
v072Ify1j8K1nO7sbm/mODqb3W045aBNaWoz7OK8+3/7gBAWOFumlCMp/2M1uImK
fqzlB7xuentDGW3gQYTi7PWZKkjUjcJTJ85dgl3BBCwiMxi4yplZK8ReqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG+qkgDq4kL5yRZHOjiCsqkH6qDzMB8GA1UdIwQY
MBaAFNjukNNC2GXqZ/Kw0vt0wDn4PkpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9jZjVjMTAtMjEzMS00MTE2LWI2Zjkt
NTEwNTI1YzQ3NDRjLzEvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9jZjVjMTAtMjEzMS00MTE2LWI2ZjktNTEwNTI1YzQ3NDRj
LzEvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAudo51tdG
vB43RkVOGH1ZK83c2QtGe+vesGCYmi8juavVgMb74XgCOZaGnLFO4pBvSz6BCgeA
KUNHpYnP4Xnu0B3hvH0aMr8T0qUIKvHx//wPQn/4zcOhKX88GBimAS/32/K9CDCw
vIMM3X43VEZ+7gYs1OKswL5YyQg/wGLe+NTCa9gqMEVrr7q5QdkFQnsaJJBFdsU+
D0jajIwLPGP6IVXFLKzHefLyWg44K285Z/iw9YRaGfYPTZlHWwFiZ177fjhzVkSG
omm5CK8TQ13ObiU7jiw3H+JSyiyYO5W8EYYQHpr8Uj56941H54/M0cfipOTdu5gG
NuJ/kcRBG0dSEQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:56:52 2026 by rpki-client