Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/0be9d0-999a-449a-8519-3523e3030be4/1/d0HROhWph91gAZwCZdLs7EhAlEo.mft
File: d0HROhWph91gAZwCZdLs7EhAlEo.mft (raw, json)
Hash identifier: bT1k4seRDtCUq/xHZvepzMplDYqbB/4k6UCTwHapGxc=
Subject key identifier: 8A:92:59:00:89:53:48:B8:52:89:33:37:7E:44:1E:4C:79:87:4F:B2
Authority key identifier: 77:41:D1:3A:15:A9:87:DD:60:01:9C:02:65:D2:EC:EC:48:40:94:4A
Certificate issuer: /CN=7741d13a15a987dd60019c0265d2ecec4840944a
Certificate serial: 019D3A1C557A8ADAE794BAC6A5EA7FFE3E07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d0HROhWph91gAZwCZdLs7EhAlEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/0be9d0-999a-449a-8519-3523e3030be4/1/d0HROhWph91gAZwCZdLs7EhAlEo.mft
Manifest number: 09A4
Signing time: Sun 29 Mar 2026 15:00:28 +0000
Manifest this update: Sun 29 Mar 2026 15:00:28 +0000
Manifest next update: Mon 30 Mar 2026 15:00:28 +0000
Files and hashes: 1: 2aVju54fgg9bD1JRsSNN37U-9Hk.roa (hash: gQ2ZXX3Kuvxj5T+dbec4hU1fv3yACHxOQmVvGeAb560=)
2: d0HROhWph91gAZwCZdLs7EhAlEo.crl (hash: YBc3Umq5OY4LHqPWIi4+wsATSztlNPoAoBMQcu+IAn0=)
3: sRYXppUiSNJrW5d1MVXqJ1v0U0g.roa (hash: e8cW0JrKBdNEagEPQSlGciScba5vYX0jEPFos43/Uno=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/0be9d0-999a-449a-8519-3523e3030be4/1/d0HROhWph91gAZwCZdLs7EhAlEo.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/0be9d0-999a-449a-8519-3523e3030be4/1/d0HROhWph91gAZwCZdLs7EhAlEo.mft
rsync://rpki.ripe.net/repository/DEFAULT/d0HROhWph91gAZwCZdLs7EhAlEo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3a:1c:55:7a:8a:da:e7:94:ba:c6:a5:ea:7f:fe:3e:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7741d13a15a987dd60019c0265d2ecec4840944a
Validity
Not Before: Mar 29 15:00:28 2026 GMT
Not After : Mar 30 15:00:28 2026 GMT
Subject: CN=8a925900895348b8528933377e441e4c79874fb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6d:3c:f6:14:b6:2d:68:e8:9d:44:f6:e3:3c:
c9:a0:ae:d5:05:25:51:2b:08:60:be:c7:f2:a1:28:
fe:b5:ff:fa:be:73:cd:0a:ef:f8:58:41:d0:c0:5f:
69:d7:1f:d3:15:67:fe:a3:b2:fd:1b:2d:c9:a1:61:
65:7f:47:04:10:53:45:58:fc:4d:9f:06:10:1a:e9:
59:a6:c2:f1:fe:fc:a9:09:93:94:7d:15:37:c8:5b:
08:15:dc:2d:c4:fa:32:e3:b3:79:4c:b9:6e:dc:55:
6d:38:d9:a2:0c:3c:1f:44:ce:ab:56:93:aa:51:15:
df:fe:1c:fe:df:a4:47:ac:01:93:6a:48:31:f7:4c:
91:2f:fc:39:be:5a:06:0f:89:31:59:ba:10:7e:6a:
e3:90:9c:36:c2:69:a9:98:12:a7:c7:e3:72:10:89:
50:78:29:0b:51:ee:08:35:b6:ff:25:10:54:0a:b4:
55:1f:49:6d:86:4c:53:b3:5f:3f:55:f5:e3:b6:cc:
bd:e6:5e:74:52:5e:2a:7a:b2:18:d9:4e:30:8d:de:
6c:20:aa:06:28:4a:cb:0a:b4:7d:47:6c:e1:63:49:
d5:61:f1:85:70:ce:28:80:32:36:15:40:a5:9f:ef:
ba:9a:f9:11:7a:0e:98:f5:7f:e0:1d:a5:20:4f:ee:
88:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:92:59:00:89:53:48:B8:52:89:33:37:7E:44:1E:4C:79:87:4F:B2
X509v3 Authority Key Identifier:
keyid:77:41:D1:3A:15:A9:87:DD:60:01:9C:02:65:D2:EC:EC:48:40:94:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0HROhWph91gAZwCZdLs7EhAlEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/0be9d0-999a-449a-8519-3523e3030be4/1/d0HROhWph91gAZwCZdLs7EhAlEo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/0be9d0-999a-449a-8519-3523e3030be4/1/d0HROhWph91gAZwCZdLs7EhAlEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bb:27:b5:5d:92:2b:d2:36:c7:8e:d9:bd:d0:68:99:ff:6f:de:
51:9c:b5:b8:a3:0e:11:93:fd:5c:68:00:0b:c6:2b:18:56:8c:
b3:e8:c9:28:fa:9d:b8:d2:82:d8:d7:51:55:36:77:62:e4:45:
46:73:69:ea:3e:46:6c:6e:da:93:65:4b:7c:8a:9f:df:6b:b6:
33:f2:0f:98:65:7e:95:55:42:cc:a8:6a:6d:cd:8f:30:a7:20:
02:21:8f:89:3a:be:aa:8d:9b:49:9b:15:c0:11:22:a9:8a:cc:
03:ff:d9:00:ad:bf:6d:01:27:4c:bf:55:db:e1:94:de:f8:d4:
bf:b6:0c:0f:48:2a:9a:19:bb:a0:55:d8:7c:2b:a7:9a:42:2b:
fb:a2:14:dc:f1:33:90:fe:e3:d1:c2:6d:e6:e3:61:51:53:55:
30:c4:56:60:76:1c:5f:76:3a:21:c8:dd:d7:3a:e7:d4:2e:cb:
c8:fd:55:92:76:e8:4f:f0:4e:60:33:48:04:94:cb:a3:03:8d:
42:b2:a1:13:a0:8b:b7:bc:6e:06:7a:35:e5:82:42:63:69:f6:
d0:03:9a:14:86:fa:55:b5:5c:fc:f9:ae:10:1b:14:77:96:98:
f7:17:34:02:2b:a6:f8:e5:b9:80:32:eb:17:2a:1c:73:85:5d:
41:79:74:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06HFV6itrnlLrGpep//j4HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NDFkMTNhMTVhOTg3ZGQ2MDAxOWMwMjY1ZDJlY2VjNDg0
MDk0NGEwHhcNMjYwMzI5MTUwMDI4WhcNMjYwMzMwMTUwMDI4WjAzMTEwLwYDVQQD
Eyg4YTkyNTkwMDg5NTM0OGI4NTI4OTMzMzc3ZTQ0MWU0Yzc5ODc0ZmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArm089hS2LWjonUT24zzJoK7VBSVR
KwhgvsfyoSj+tf/6vnPNCu/4WEHQwF9p1x/TFWf+o7L9Gy3JoWFlf0cEEFNFWPxN
nwYQGulZpsLx/vypCZOUfRU3yFsIFdwtxPoy47N5TLlu3FVtONmiDDwfRM6rVpOq
URXf/hz+36RHrAGTakgx90yRL/w5vloGD4kxWboQfmrjkJw2wmmpmBKnx+NyEIlQ
eCkLUe4INbb/JRBUCrRVH0lthkxTs18/VfXjtsy95l50Ul4qerIY2U4wjd5sIKoG
KErLCrR9R2zhY0nVYfGFcM4ogDI2FUCln++6mvkReg6Y9X/gHaUgT+6IOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIqSWQCJU0i4UokzN35EHkx5h0+yMB8GA1UdIwQY
MBaAFHdB0ToVqYfdYAGcAmXS7OxIQJRKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDBIUk9oV3BoOTFnQVp3Q1pkTHM3RWhBbEVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8wYmU5ZDAtOTk5YS00NDlhLTg1MTkt
MzUyM2UzMDMwYmU0LzEvZDBIUk9oV3BoOTFnQVp3Q1pkTHM3RWhBbEVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8wYmU5ZDAtOTk5YS00NDlhLTg1MTktMzUyM2UzMDMwYmU0
LzEvZDBIUk9oV3BoOTFnQVp3Q1pkTHM3RWhBbEVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuye1XZIr
0jbHjtm90GiZ/2/eUZy1uKMOEZP9XGgAC8YrGFaMs+jJKPqduNKC2NdRVTZ3YuRF
RnNp6j5GbG7ak2VLfIqf32u2M/IPmGV+lVVCzKhqbc2PMKcgAiGPiTq+qo2bSZsV
wBEiqYrMA//ZAK2/bQEnTL9V2+GU3vjUv7YMD0gqmhm7oFXYfCunmkIr+6IU3PEz
kP7j0cJt5uNhUVNVMMRWYHYcX3Y6Icjd1zrn1C7LyP1VknboT/BOYDNIBJTLowON
QrKhE6CLt7xuBno15YJCY2n20AOaFIb6VbVc/PmuEBsUd5aY9xc0Aium+OW5gDLr
Fyocc4VdQXl0IQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:44:58 2026 by rpki-client