Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/cdabc4-bae5-4d99-9e17-6815548bf33f/1/dnvAKlhZYj9WPqhKa7Cikg1bPpE.mft
File: dnvAKlhZYj9WPqhKa7Cikg1bPpE.mft (raw, json)
Hash identifier: m8Q941sQzdJujeT0ktCEZqRB1rDK3+jPHgS6Hqy8pC0=
Subject key identifier: C8:82:89:61:5E:E5:0D:53:A8:47:5B:C2:22:FA:F9:01:99:7C:3E:34
Authority key identifier: 76:7B:C0:2A:58:59:62:3F:56:3E:A8:4A:6B:B0:A2:92:0D:5B:3E:91
Certificate issuer: /CN=767bc02a5859623f563ea84a6bb0a2920d5b3e91
Certificate serial: 019D37C1110E35C15C3A5FCC4264662F3D30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dnvAKlhZYj9WPqhKa7Cikg1bPpE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/cdabc4-bae5-4d99-9e17-6815548bf33f/1/dnvAKlhZYj9WPqhKa7Cikg1bPpE.mft
Manifest number: 15DA
Signing time: Sun 29 Mar 2026 04:01:32 +0000
Manifest this update: Sun 29 Mar 2026 04:01:32 +0000
Manifest next update: Mon 30 Mar 2026 04:01:32 +0000
Files and hashes: 1: KTiF2AJ-jYhH5MwBEq6DBqpHZIU.roa (hash: QZiMXdBbvocZooloHKXavt9Kr4OE8mOVpmaFum5U1Uk=)
2: dnvAKlhZYj9WPqhKa7Cikg1bPpE.crl (hash: yPPyXmQb3w966bpYpHbBYtedHNPRXYxtYNotG1ypy8o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/cdabc4-bae5-4d99-9e17-6815548bf33f/1/dnvAKlhZYj9WPqhKa7Cikg1bPpE.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/cdabc4-bae5-4d99-9e17-6815548bf33f/1/dnvAKlhZYj9WPqhKa7Cikg1bPpE.mft
rsync://rpki.ripe.net/repository/DEFAULT/dnvAKlhZYj9WPqhKa7Cikg1bPpE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c1:11:0e:35:c1:5c:3a:5f:cc:42:64:66:2f:3d:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=767bc02a5859623f563ea84a6bb0a2920d5b3e91
Validity
Not Before: Mar 29 04:01:32 2026 GMT
Not After : Mar 30 04:01:32 2026 GMT
Subject: CN=c88289615ee50d53a8475bc222faf901997c3e34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:1e:c7:46:31:43:ec:f1:b3:ac:c8:ca:af:eb:
d6:fd:17:18:28:2d:93:c4:6c:32:39:e0:95:99:b4:
98:54:b1:53:35:41:83:ca:1a:9c:c0:32:42:8f:44:
26:53:fc:87:cd:b8:92:ad:f1:02:7d:5b:54:4e:fa:
b3:76:94:33:75:dd:f8:7d:a1:24:4b:ce:53:c2:53:
b2:45:7a:b8:77:f2:8e:70:e9:5d:44:38:b9:21:09:
6b:28:35:dc:7a:50:8f:0f:5c:23:58:65:e1:7f:4c:
ef:22:5e:3b:64:3d:2f:11:73:49:ab:98:b1:43:54:
ce:0f:f7:ce:63:69:98:7d:60:64:fc:64:bd:71:9d:
b7:79:be:c6:02:83:17:33:f1:39:71:38:57:4e:27:
2d:c6:e2:8a:13:28:7a:54:d3:94:22:43:19:5a:75:
df:2a:d4:8a:c7:c4:e8:ac:09:2e:5c:44:2a:b7:9d:
74:45:bc:c2:c1:40:55:b5:25:b7:aa:3a:34:5a:51:
6d:c1:cc:47:1c:bb:3e:4f:0b:19:b0:a6:80:6f:6e:
62:ba:4b:87:e4:fd:66:c7:41:12:cb:dc:6a:c3:69:
96:aa:83:bd:53:10:4e:3f:7f:20:61:a5:71:bb:8e:
08:5c:8c:d7:1f:a7:32:68:88:00:e0:06:29:95:02:
fd:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:82:89:61:5E:E5:0D:53:A8:47:5B:C2:22:FA:F9:01:99:7C:3E:34
X509v3 Authority Key Identifier:
keyid:76:7B:C0:2A:58:59:62:3F:56:3E:A8:4A:6B:B0:A2:92:0D:5B:3E:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dnvAKlhZYj9WPqhKa7Cikg1bPpE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/cdabc4-bae5-4d99-9e17-6815548bf33f/1/dnvAKlhZYj9WPqhKa7Cikg1bPpE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/cdabc4-bae5-4d99-9e17-6815548bf33f/1/dnvAKlhZYj9WPqhKa7Cikg1bPpE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4e:7c:79:26:5d:b3:9c:d5:cc:61:28:a8:3c:eb:71:21:1b:6f:
20:8c:23:4c:29:e5:aa:20:55:35:0a:42:7c:e5:f0:23:8e:61:
14:6a:24:95:f9:3e:24:c7:12:05:ea:1c:e5:70:88:c5:8c:f3:
38:b1:e3:da:64:a8:66:ea:34:a9:4c:64:4f:8e:ff:af:9c:79:
2f:d5:f5:11:dc:fa:df:76:c7:53:9f:55:f2:a3:6e:c7:88:fa:
8b:42:cc:4c:72:3f:03:83:4c:a3:7b:ac:28:14:7c:30:1b:b2:
13:0e:42:4b:ce:81:31:2a:ac:d5:9b:bb:75:6a:bb:71:c9:72:
7b:3f:2b:bc:9e:4b:99:31:d6:36:f9:20:e7:51:e9:26:dd:ac:
55:de:d7:7e:b2:bb:e6:ae:37:7c:61:bf:67:a8:27:dc:67:87:
c5:ce:a7:ae:4c:57:9f:1c:86:ed:c5:e9:d6:82:dc:14:3a:c2:
fa:f2:23:f2:b7:b0:d8:f3:e7:7b:5d:d2:f3:2b:6e:e3:fe:f4:
b9:eb:35:18:af:2b:ac:6b:0b:8c:5c:65:01:1e:6e:4a:bc:bd:
dc:44:18:0d:6e:a6:12:ca:ff:b9:e5:04:18:07:51:07:c4:76:
18:83:41:39:68:53:ca:a2:08:c4:b5:fb:c6:ad:2b:60:66:17:
53:52:a3:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wREONcFcOl/MQmRmLz0wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2N2JjMDJhNTg1OTYyM2Y1NjNlYTg0YTZiYjBhMjkyMGQ1
YjNlOTEwHhcNMjYwMzI5MDQwMTMyWhcNMjYwMzMwMDQwMTMyWjAzMTEwLwYDVQQD
EyhjODgyODk2MTVlZTUwZDUzYTg0NzViYzIyMmZhZjkwMTk5N2MzZTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAux7HRjFD7PGzrMjKr+vW/RcYKC2T
xGwyOeCVmbSYVLFTNUGDyhqcwDJCj0QmU/yHzbiSrfECfVtUTvqzdpQzdd34faEk
S85TwlOyRXq4d/KOcOldRDi5IQlrKDXcelCPD1wjWGXhf0zvIl47ZD0vEXNJq5ix
Q1TOD/fOY2mYfWBk/GS9cZ23eb7GAoMXM/E5cThXTictxuKKEyh6VNOUIkMZWnXf
KtSKx8TorAkuXEQqt510RbzCwUBVtSW3qjo0WlFtwcxHHLs+TwsZsKaAb25iukuH
5P1mx0ESy9xqw2mWqoO9UxBOP38gYaVxu44IXIzXH6cyaIgA4AYplQL9cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMiCiWFe5Q1TqEdbwiL6+QGZfD40MB8GA1UdIwQY
MBaAFHZ7wCpYWWI/Vj6oSmuwopINWz6RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG52QUtsaFpZajlXUHFoS2E3Q2lrZzFiUHBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9jZGFiYzQtYmFlNS00ZDk5LTllMTct
NjgxNTU0OGJmMzNmLzEvZG52QUtsaFpZajlXUHFoS2E3Q2lrZzFiUHBFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9jZGFiYzQtYmFlNS00ZDk5LTllMTctNjgxNTU0OGJmMzNm
LzEvZG52QUtsaFpZajlXUHFoS2E3Q2lrZzFiUHBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATnx5Jl2z
nNXMYSioPOtxIRtvIIwjTCnlqiBVNQpCfOXwI45hFGoklfk+JMcSBeoc5XCIxYzz
OLHj2mSoZuo0qUxkT47/r5x5L9X1Edz633bHU59V8qNux4j6i0LMTHI/A4NMo3us
KBR8MBuyEw5CS86BMSqs1Zu7dWq7cclyez8rvJ5LmTHWNvkg51HpJt2sVd7XfrK7
5q43fGG/Z6gn3GeHxc6nrkxXnxyG7cXp1oLcFDrC+vIj8rew2PPne13S8ytu4/70
ues1GK8rrGsLjFxlAR5uSry93EQYDW6mEsr/ueUEGAdRB8R2GINBOWhTyqIIxLX7
xq0rYGYXU1Kjsw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:26:29 2026 by rpki-client