Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/rS044g8k0OMLhszYJhrAAX8XpaQ.mft
File: rS044g8k0OMLhszYJhrAAX8XpaQ.mft (raw, json)
Hash identifier: ZXzprFaTLfnYN84ijM4YUXawXZsWNOyOxSX5zEzlqEE=
Subject key identifier: D7:70:0B:EC:ED:3C:00:28:9E:49:A5:C2:04:13:25:35:64:1E:EB:C6
Authority key identifier: AD:2D:38:E2:0F:24:D0:E3:0B:86:CC:D8:26:1A:C0:01:7F:17:A5:A4
Certificate issuer: /CN=ad2d38e20f24d0e30b86ccd8261ac0017f17a5a4
Certificate serial: 019D389BAFCACA43FA652C58E4DA86F7BAB5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rS044g8k0OMLhszYJhrAAX8XpaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/rS044g8k0OMLhszYJhrAAX8XpaQ.mft
Manifest number: 0B5D
Signing time: Sun 29 Mar 2026 08:00:20 +0000
Manifest this update: Sun 29 Mar 2026 08:00:20 +0000
Manifest next update: Mon 30 Mar 2026 08:00:20 +0000
Files and hashes: 1: 9tGzK-FCrgGlyf8btSGObHH6Jkw.roa (hash: NlammvVp7/v8P1KUtxpc69bkMW7FgZFFOJxxoLecI3k=)
2: NJAtBEz3Ixv_CCYeRvRJJECYvnk.roa (hash: 8VY+OH2qENoVZQA8QBMe/XGjN1hAsUDKuWI2emaWxMU=)
3: rS044g8k0OMLhszYJhrAAX8XpaQ.crl (hash: 8WMqitfEe7t90PgOSJf7P2lm3UVkV0+RZz4M09q2m6M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/rS044g8k0OMLhszYJhrAAX8XpaQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/rS044g8k0OMLhszYJhrAAX8XpaQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/rS044g8k0OMLhszYJhrAAX8XpaQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9b:af:ca:ca:43:fa:65:2c:58:e4:da:86:f7:ba:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad2d38e20f24d0e30b86ccd8261ac0017f17a5a4
Validity
Not Before: Mar 29 08:00:20 2026 GMT
Not After : Mar 30 08:00:20 2026 GMT
Subject: CN=d7700beced3c00289e49a5c204132535641eebc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:fe:4e:23:89:d8:ea:81:d5:6f:04:eb:c9:42:
cd:8b:87:12:82:f0:d1:0d:32:08:47:54:49:54:cd:
3e:e8:a7:04:25:b0:0b:15:7f:38:40:7b:1d:30:2d:
cd:aa:fd:83:fd:2c:6f:3e:a0:36:23:9c:c0:ca:a5:
11:7f:83:d0:bb:dc:66:d5:59:3f:ee:d9:18:01:07:
c2:39:e5:ed:54:41:db:09:af:43:5f:f4:d2:e7:c4:
24:4d:2f:d6:41:d9:eb:25:7c:b3:79:2e:fa:c3:0b:
8d:14:26:c7:f8:91:11:4b:9d:d6:75:ba:b0:e0:ce:
c2:61:5a:fc:f5:a5:af:9c:64:65:d9:5b:da:e2:2c:
eb:33:ef:79:0f:16:0c:38:49:3a:81:ff:59:f7:47:
26:37:43:8e:9a:87:60:16:b4:6d:22:dd:18:7b:7e:
a8:c4:6e:e9:e6:f4:77:41:d2:be:9e:8e:02:27:69:
bf:5c:02:09:c2:ca:2b:c8:a1:b4:1f:6f:88:17:f3:
47:d8:a6:f5:ea:4b:45:51:48:86:6e:a7:43:84:d7:
cf:a8:19:30:ac:2d:47:71:98:ea:4e:7b:6a:71:be:
53:83:21:14:a6:de:57:3c:83:b4:e8:c6:ec:2e:f0:
d1:ab:7f:f1:63:98:8d:f7:f4:fc:8f:de:e6:80:c3:
d6:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:70:0B:EC:ED:3C:00:28:9E:49:A5:C2:04:13:25:35:64:1E:EB:C6
X509v3 Authority Key Identifier:
keyid:AD:2D:38:E2:0F:24:D0:E3:0B:86:CC:D8:26:1A:C0:01:7F:17:A5:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rS044g8k0OMLhszYJhrAAX8XpaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/rS044g8k0OMLhszYJhrAAX8XpaQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/rS044g8k0OMLhszYJhrAAX8XpaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3c:15:84:68:e3:10:b2:33:89:2a:26:e9:f8:67:7f:57:08:3c:
4c:ee:94:66:80:7b:84:2a:d5:8d:1e:33:ab:4d:c5:b0:c1:c6:
a2:b2:36:0d:df:f9:26:09:b2:2f:6f:ac:ca:b6:4c:ed:2b:16:
42:c1:6d:07:5d:2d:55:58:2c:4b:30:f9:28:7d:f4:2c:5e:e3:
5f:60:04:49:52:02:57:e2:0a:ff:d9:30:36:dd:7c:ed:04:19:
88:42:31:23:0d:3e:e3:15:fc:38:c7:bb:34:6d:97:22:8a:76:
12:fd:c0:e2:b9:18:b5:d2:47:28:3c:09:35:8c:c7:7a:66:59:
51:a4:a8:dc:fb:d6:04:27:71:14:d3:44:4c:a5:c6:7d:7f:9a:
e7:b4:74:8e:3f:9a:8e:68:ef:6c:1f:14:03:19:5b:b0:0b:12:
1b:20:7e:04:19:5b:b7:da:05:c5:e2:12:e3:b1:ea:cd:d1:3b:
5a:5e:57:48:0e:8b:b1:76:4b:0e:d6:23:a2:8e:05:3b:45:5e:
08:52:7b:be:0b:42:a0:ac:01:ab:4a:7a:42:e1:14:d9:9a:8a:
bf:1d:f3:b5:0a:ae:48:b8:7b:34:d8:eb:c3:1e:cf:3e:66:3f:
1a:63:c3:bc:aa:6d:4b:a1:dd:da:92:32:b2:be:79:83:57:9a:
9f:a6:4d:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m6/KykP6ZSxY5NqG97q1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMmQzOGUyMGYyNGQwZTMwYjg2Y2NkODI2MWFjMDAxN2Yx
N2E1YTQwHhcNMjYwMzI5MDgwMDIwWhcNMjYwMzMwMDgwMDIwWjAzMTEwLwYDVQQD
EyhkNzcwMGJlY2VkM2MwMDI4OWU0OWE1YzIwNDEzMjUzNTY0MWVlYmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9v5OI4nY6oHVbwTryULNi4cSgvDR
DTIIR1RJVM0+6KcEJbALFX84QHsdMC3Nqv2D/SxvPqA2I5zAyqURf4PQu9xm1Vk/
7tkYAQfCOeXtVEHbCa9DX/TS58QkTS/WQdnrJXyzeS76wwuNFCbH+JERS53Wdbqw
4M7CYVr89aWvnGRl2Vva4izrM+95DxYMOEk6gf9Z90cmN0OOmodgFrRtIt0Ye36o
xG7p5vR3QdK+no4CJ2m/XAIJwsoryKG0H2+IF/NH2Kb16ktFUUiGbqdDhNfPqBkw
rC1HcZjqTntqcb5TgyEUpt5XPIO06MbsLvDRq3/xY5iN9/T8j97mgMPWnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNdwC+ztPAAonkmlwgQTJTVkHuvGMB8GA1UdIwQY
MBaAFK0tOOIPJNDjC4bM2CYawAF/F6WkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclMwNDRnOGswT01MaHN6WUpockFBWDhYcGFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yZDg3NjEtMjI5Zi00YTM3LTg3YjEt
NDI5OTUzMjNjMDNkLzEvclMwNDRnOGswT01MaHN6WUpockFBWDhYcGFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yZDg3NjEtMjI5Zi00YTM3LTg3YjEtNDI5OTUzMjNjMDNk
LzEvclMwNDRnOGswT01MaHN6WUpockFBWDhYcGFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPBWEaOMQ
sjOJKibp+Gd/Vwg8TO6UZoB7hCrVjR4zq03FsMHGorI2Dd/5JgmyL2+syrZM7SsW
QsFtB10tVVgsSzD5KH30LF7jX2AESVICV+IK/9kwNt187QQZiEIxIw0+4xX8OMe7
NG2XIop2Ev3A4rkYtdJHKDwJNYzHemZZUaSo3PvWBCdxFNNETKXGfX+a57R0jj+a
jmjvbB8UAxlbsAsSGyB+BBlbt9oFxeIS47HqzdE7Wl5XSA6LsXZLDtYjoo4FO0Ve
CFJ7vgtCoKwBq0p6QuEU2ZqKvx3ztQquSLh7NNjrwx7PPmY/GmPDvKptS6Hd2pIy
sr55g1ean6ZNvg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:28:11 2026 by rpki-client