Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/61d1ce-cd80-429d-bfe1-89b3a3f15df0/1/Dri8RONvrhbTcQL9DVGfKE1mPZA.mft
File: Dri8RONvrhbTcQL9DVGfKE1mPZA.mft (raw, json)
Hash identifier: UnzJdXDxZFbyfMIzsIyxqh5AV375Qs9Vb6OFyITX8Q4=
Subject key identifier: AE:C9:11:07:58:8B:71:7E:45:E0:84:12:9A:BB:56:A2:5F:41:AC:BE
Authority key identifier: 0E:B8:BC:44:E3:6F:AE:16:D3:71:02:FD:0D:51:9F:28:4D:66:3D:90
Certificate issuer: /CN=0eb8bc44e36fae16d37102fd0d519f284d663d90
Certificate serial: 019D38666849B85942E71B8894E89E594437
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dri8RONvrhbTcQL9DVGfKE1mPZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/61d1ce-cd80-429d-bfe1-89b3a3f15df0/1/Dri8RONvrhbTcQL9DVGfKE1mPZA.mft
Manifest number: 17DA
Signing time: Sun 29 Mar 2026 07:02:08 +0000
Manifest this update: Sun 29 Mar 2026 07:02:08 +0000
Manifest next update: Mon 30 Mar 2026 07:02:08 +0000
Files and hashes: 1: 9xaM71e9BMRFYv27V5xbMjdqOgI.roa (hash: D9u9E0DcXMocRKo5Wg6KGFp6zb0+RH3c9pC/yeH8pSY=)
2: Dri8RONvrhbTcQL9DVGfKE1mPZA.crl (hash: u0WzJMu0LrlwHxjcm++f0jRst/fixxmu1znInAZIqfk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/61d1ce-cd80-429d-bfe1-89b3a3f15df0/1/Dri8RONvrhbTcQL9DVGfKE1mPZA.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/61d1ce-cd80-429d-bfe1-89b3a3f15df0/1/Dri8RONvrhbTcQL9DVGfKE1mPZA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Dri8RONvrhbTcQL9DVGfKE1mPZA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:66:68:49:b8:59:42:e7:1b:88:94:e8:9e:59:44:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0eb8bc44e36fae16d37102fd0d519f284d663d90
Validity
Not Before: Mar 29 07:02:08 2026 GMT
Not After : Mar 30 07:02:08 2026 GMT
Subject: CN=aec91107588b717e45e084129abb56a25f41acbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:c6:48:d3:b6:e7:21:39:3b:a3:94:6b:50:5d:
52:9a:8e:03:bd:14:24:f3:3b:0b:a2:45:fb:6d:94:
2b:88:11:b1:7e:f6:d7:f6:23:bc:ee:b9:19:b9:67:
cb:61:39:67:6c:01:9b:0d:1d:2e:03:bf:b2:cb:8e:
90:48:d5:f9:57:c3:da:3d:ed:a3:7d:11:a1:89:b5:
74:6a:e8:05:75:50:aa:ec:54:6a:26:f1:43:de:ac:
4b:e0:c3:5b:1c:31:d5:e4:66:e0:63:5a:65:19:86:
b6:77:bf:69:dd:68:4f:7c:78:2d:17:ae:9b:b7:b0:
9b:c2:06:d7:82:78:d4:20:d4:8e:bb:5d:8f:88:cf:
95:5e:ed:1e:d6:ef:ad:14:e0:f7:d3:4c:f8:88:c9:
d8:33:7b:91:e0:5c:fe:02:5a:e9:ca:8f:a2:e1:08:
f6:44:42:69:24:43:38:9c:7b:90:d4:6d:f9:04:5f:
30:a6:4d:57:a7:79:8e:f6:a6:00:0b:39:ca:6e:98:
f4:81:96:d3:c6:96:3f:d2:81:ca:2f:9b:df:dc:86:
6a:c8:14:d3:bc:fe:24:29:3f:a5:ed:ac:4e:e2:37:
0c:3c:c8:0f:be:e0:2f:4f:8f:9b:bc:cf:8a:23:23:
a3:c0:e6:89:61:c2:51:98:39:57:ee:2a:a7:c0:ce:
87:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:C9:11:07:58:8B:71:7E:45:E0:84:12:9A:BB:56:A2:5F:41:AC:BE
X509v3 Authority Key Identifier:
keyid:0E:B8:BC:44:E3:6F:AE:16:D3:71:02:FD:0D:51:9F:28:4D:66:3D:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dri8RONvrhbTcQL9DVGfKE1mPZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61d1ce-cd80-429d-bfe1-89b3a3f15df0/1/Dri8RONvrhbTcQL9DVGfKE1mPZA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61d1ce-cd80-429d-bfe1-89b3a3f15df0/1/Dri8RONvrhbTcQL9DVGfKE1mPZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
81:db:31:ce:3c:17:64:7b:9c:c2:f2:89:ce:41:c0:61:dd:aa:
1e:6b:af:3d:cc:6a:a2:83:4a:71:13:f2:68:98:eb:1c:64:56:
38:f9:70:ef:d9:0c:51:d7:b6:89:b9:c6:8c:2c:f7:90:9e:37:
df:2b:44:1b:5f:f3:4c:80:6c:b4:1d:f9:63:66:73:86:c7:aa:
71:7b:a5:e5:67:c5:3e:e4:75:0f:83:ae:e1:fe:ed:cb:9c:67:
c3:cb:b7:a6:63:75:76:87:eb:40:6d:a8:56:2f:0e:25:b7:a1:
1b:52:b1:49:e8:6e:8c:a6:d4:3a:a3:52:30:8d:d5:47:14:0c:
6b:e4:a0:54:c1:25:c7:c6:23:6a:f3:23:05:13:b5:8f:14:a5:
6f:fe:19:f3:2b:69:16:98:0f:16:e4:9f:86:0c:cc:78:5b:ac:
bc:51:a8:b3:b0:a5:6b:d9:bd:66:62:8c:a7:79:38:20:b2:8b:
7f:fb:54:6c:02:f8:46:2f:aa:84:2a:44:74:4d:fa:2b:fd:d1:
b8:b0:93:7b:29:72:d1:bb:7f:62:40:ac:cb:8e:87:20:6d:74:
50:78:1e:3a:de:b4:ff:e2:0b:f5:82:1d:31:fe:b3:96:97:5f:
68:0e:c2:eb:e0:c3:b5:bd:89:55:a4:76:8a:ad:3c:1d:70:54:
83:e7:f5:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZmhJuFlC5xuIlOieWUQ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlYjhiYzQ0ZTM2ZmFlMTZkMzcxMDJmZDBkNTE5ZjI4NGQ2
NjNkOTAwHhcNMjYwMzI5MDcwMjA4WhcNMjYwMzMwMDcwMjA4WjAzMTEwLwYDVQQD
EyhhZWM5MTEwNzU4OGI3MTdlNDVlMDg0MTI5YWJiNTZhMjVmNDFhY2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA48ZI07bnITk7o5RrUF1Smo4DvRQk
8zsLokX7bZQriBGxfvbX9iO87rkZuWfLYTlnbAGbDR0uA7+yy46QSNX5V8PaPe2j
fRGhibV0augFdVCq7FRqJvFD3qxL4MNbHDHV5GbgY1plGYa2d79p3WhPfHgtF66b
t7CbwgbXgnjUINSOu12PiM+VXu0e1u+tFOD300z4iMnYM3uR4Fz+Alrpyo+i4Qj2
REJpJEM4nHuQ1G35BF8wpk1Xp3mO9qYACznKbpj0gZbTxpY/0oHKL5vf3IZqyBTT
vP4kKT+l7axO4jcMPMgPvuAvT4+bvM+KIyOjwOaJYcJRmDlX7iqnwM6HAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK7JEQdYi3F+ReCEEpq7VqJfQay+MB8GA1UdIwQY
MBaAFA64vETjb64W03EC/Q1RnyhNZj2QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHJpOFJPTnZyaGJUY1FMOURWR2ZLRTFtUFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS82MWQxY2UtY2Q4MC00MjlkLWJmZTEt
ODliM2EzZjE1ZGYwLzEvRHJpOFJPTnZyaGJUY1FMOURWR2ZLRTFtUFpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS82MWQxY2UtY2Q4MC00MjlkLWJmZTEtODliM2EzZjE1ZGYw
LzEvRHJpOFJPTnZyaGJUY1FMOURWR2ZLRTFtUFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgdsxzjwX
ZHucwvKJzkHAYd2qHmuvPcxqooNKcRPyaJjrHGRWOPlw79kMUde2ibnGjCz3kJ43
3ytEG1/zTIBstB35Y2ZzhseqcXul5WfFPuR1D4Ou4f7ty5xnw8u3pmN1dofrQG2o
Vi8OJbehG1KxSehujKbUOqNSMI3VRxQMa+SgVMElx8YjavMjBRO1jxSlb/4Z8ytp
FpgPFuSfhgzMeFusvFGos7Cla9m9ZmKMp3k4ILKLf/tUbAL4Ri+qhCpEdE36K/3R
uLCTeyly0bt/YkCsy46HIG10UHgeOt60/+IL9YIdMf6zlpdfaA7C6+DDtb2JVaR2
iq08HXBUg+f1Ig==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:49:06 2026 by rpki-client