Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/D5otI3SqascUtfim7duA3GlnnMY.mft
File: D5otI3SqascUtfim7duA3GlnnMY.mft (raw, json)
Hash identifier: 5FUTimivHeD207zG4m0q/QaW4IYm0POgM7582jWDX+8=
Subject key identifier: AF:A5:9F:3E:AF:90:CD:DA:22:44:95:81:8D:CF:B0:6B:72:10:B8:C9
Authority key identifier: 0F:9A:2D:23:74:AA:6A:C7:14:B5:F8:A6:ED:DB:80:DC:69:67:9C:C6
Certificate issuer: /CN=0f9a2d2374aa6ac714b5f8a6eddb80dc69679cc6
Certificate serial: 019EB6C54B42339403DF298DDBEDF39FA1F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D5otI3SqascUtfim7duA3GlnnMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/D5otI3SqascUtfim7duA3GlnnMY.mft
Manifest number: 0FBA
Signing time: Thu 11 Jun 2026 13:00:43 +0000
Manifest this update: Thu 11 Jun 2026 13:00:43 +0000
Manifest next update: Fri 12 Jun 2026 13:00:43 +0000
Files and hashes: 1: 8SEsdKMq767CnaRYG-1hJ5v6Hic.roa (hash: h/RdezdmLSdHmsoFs8q7JJ7Hnulds2LoEiNuAXGhUZg=)
2: D5otI3SqascUtfim7duA3GlnnMY.crl (hash: FxifMjYXmXRBFhI2gTiY9G4Awpr2IKkuskMu1BAsrIA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/D5otI3SqascUtfim7duA3GlnnMY.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/D5otI3SqascUtfim7duA3GlnnMY.mft
rsync://rpki.ripe.net/repository/DEFAULT/D5otI3SqascUtfim7duA3GlnnMY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b6:c5:4b:42:33:94:03:df:29:8d:db:ed:f3:9f:a1:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f9a2d2374aa6ac714b5f8a6eddb80dc69679cc6
Validity
Not Before: Jun 11 13:00:43 2026 GMT
Not After : Jun 12 13:00:43 2026 GMT
Subject: CN=afa59f3eaf90cdda224495818dcfb06b7210b8c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:57:45:ee:49:38:db:9a:df:5c:6c:d0:f7:32:
7e:21:73:a2:d6:5d:80:c9:78:c7:13:1c:ed:c7:81:
aa:a6:4d:07:97:11:38:96:86:2f:cc:4f:bd:e8:73:
91:d4:c7:48:f8:ae:e5:19:52:ae:5f:97:ac:c2:9a:
80:48:df:99:46:88:95:16:33:f3:90:68:80:d7:67:
ed:04:ee:5b:fb:16:f2:48:a7:cb:e0:c3:39:4b:64:
25:55:7c:05:90:be:23:d4:14:ac:c5:da:ef:f7:fc:
03:9e:e7:ce:8b:87:af:68:12:22:2a:20:13:3a:de:
9f:ce:36:dc:c6:b7:cf:1a:f4:d7:51:8e:2d:8e:5c:
ed:a7:b7:dd:e5:41:88:65:17:57:0c:b4:55:66:22:
0a:cd:70:c7:79:56:49:93:4b:d5:26:99:69:d6:00:
ce:41:eb:a7:9e:e4:66:da:47:e2:44:ac:e0:a1:dd:
e1:07:e4:55:eb:c7:f9:1d:79:57:27:e0:00:ad:7b:
9c:0a:c7:91:0a:28:a5:3b:10:8f:b0:d7:35:8c:46:
4e:a8:9a:03:6d:20:fa:8f:9b:02:ea:c7:35:59:59:
a8:f8:c5:96:b5:04:fb:60:09:e3:32:18:3d:d3:7e:
53:5e:d3:27:21:2e:5e:ab:32:bf:34:e8:10:2a:01:
01:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:A5:9F:3E:AF:90:CD:DA:22:44:95:81:8D:CF:B0:6B:72:10:B8:C9
X509v3 Authority Key Identifier:
keyid:0F:9A:2D:23:74:AA:6A:C7:14:B5:F8:A6:ED:DB:80:DC:69:67:9C:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D5otI3SqascUtfim7duA3GlnnMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/D5otI3SqascUtfim7duA3GlnnMY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/D5otI3SqascUtfim7duA3GlnnMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
68:5e:12:8f:4e:be:38:fe:38:ce:ec:25:79:4a:ea:4a:47:01:
87:84:ec:c7:03:fa:7d:6c:fc:97:32:8c:6f:91:6e:b6:cb:e3:
81:ca:94:75:e2:38:d9:90:bb:31:0c:41:46:40:4c:f5:c9:14:
60:85:61:4e:ef:70:45:d1:39:20:da:48:5b:07:10:e2:fc:b8:
5b:ae:9f:3e:6b:8d:f7:0f:5d:36:f9:90:fa:e9:d4:be:99:9d:
e4:44:ef:bb:4c:9d:bd:35:2f:15:92:07:6e:fa:1d:66:98:4b:
a5:31:08:b4:09:dd:c0:86:dd:e8:f5:00:b2:d7:1b:b5:17:c4:
60:ba:f2:e2:17:fe:cd:4b:a1:37:ca:a7:b7:73:34:56:04:0d:
bf:ea:08:dd:86:84:9d:bf:7f:50:c9:e0:23:ff:03:5f:62:91:
ec:13:17:9f:27:c6:6c:8d:89:ec:c8:92:35:27:bf:d3:84:b5:
e5:db:0c:6a:7f:88:7c:07:3f:fd:48:87:45:90:be:21:8e:1f:
df:dd:2d:c5:30:f8:54:fc:45:52:20:3d:9e:ef:8a:8d:1a:1f:
f4:7e:4c:80:6a:21:fd:98:d8:f1:e3:6d:f0:28:5e:db:f1:b7:
bd:44:91:77:f6:71:9c:ef:09:4e:79:80:55:b2:4a:17:ac:fb:
8f:0c:f1:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ62xUtCM5QD3ymN2+3zn6HyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmOWEyZDIzNzRhYTZhYzcxNGI1ZjhhNmVkZGI4MGRjNjk2
NzljYzYwHhcNMjYwNjExMTMwMDQzWhcNMjYwNjEyMTMwMDQzWjAzMTEwLwYDVQQD
EyhhZmE1OWYzZWFmOTBjZGRhMjI0NDk1ODE4ZGNmYjA2YjcyMTBiOGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6FdF7kk425rfXGzQ9zJ+IXOi1l2A
yXjHExztx4Gqpk0HlxE4loYvzE+96HOR1MdI+K7lGVKuX5eswpqASN+ZRoiVFjPz
kGiA12ftBO5b+xbySKfL4MM5S2QlVXwFkL4j1BSsxdrv9/wDnufOi4evaBIiKiAT
Ot6fzjbcxrfPGvTXUY4tjlztp7fd5UGIZRdXDLRVZiIKzXDHeVZJk0vVJplp1gDO
QeunnuRm2kfiRKzgod3hB+RV68f5HXlXJ+AArXucCseRCiilOxCPsNc1jEZOqJoD
bSD6j5sC6sc1WVmo+MWWtQT7YAnjMhg9035TXtMnIS5eqzK/NOgQKgEBtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK+lnz6vkM3aIkSVgY3PsGtyELjJMB8GA1UdIwQY
MBaAFA+aLSN0qmrHFLX4pu3bgNxpZ5zGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDVvdEkzU3Fhc2NVdGZpbTdkdUEzR2xubk1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wMDI0OGMtMzc5MS00NjI5LWE2YzYt
NmQ5NzE5OTJjMzQ5LzEvRDVvdEkzU3Fhc2NVdGZpbTdkdUEzR2xubk1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8wMDI0OGMtMzc5MS00NjI5LWE2YzYtNmQ5NzE5OTJjMzQ5
LzEvRDVvdEkzU3Fhc2NVdGZpbTdkdUEzR2xubk1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaF4Sj06+
OP44zuwleUrqSkcBh4TsxwP6fWz8lzKMb5FutsvjgcqUdeI42ZC7MQxBRkBM9ckU
YIVhTu9wRdE5INpIWwcQ4vy4W66fPmuN9w9dNvmQ+unUvpmd5ETvu0ydvTUvFZIH
bvodZphLpTEItAndwIbd6PUAstcbtRfEYLry4hf+zUuhN8qnt3M0VgQNv+oI3YaE
nb9/UMngI/8DX2KR7BMXnyfGbI2J7MiSNSe/04S15dsMan+IfAc//UiHRZC+IY4f
390txTD4VPxFUiA9nu+KjRof9H5MgGoh/ZjY8eNt8Che2/G3vUSRd/ZxnO8JTnmA
VbJKF6z7jwzxbw==
-----END CERTIFICATE-----
Generated at Thu Jun 11 20:32:45 2026 by rpki-client