Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/b09218-89e7-4859-b32c-60e9b7dc550b/1/D48Gw1SUYI2azOsHCkzRarlf9qY.mft
File: D48Gw1SUYI2azOsHCkzRarlf9qY.mft (raw, json)
Hash identifier: PfnGt1ig8onBwdXjwluT/uxu60a60+OF5+f9Yx0iSBA=
Subject key identifier: 13:65:DB:93:30:1F:3F:5D:81:99:A3:94:E8:8F:F6:BA:B5:71:97:23
Authority key identifier: 0F:8F:06:C3:54:94:60:8D:9A:CC:EB:07:0A:4C:D1:6A:B9:5F:F6:A6
Certificate issuer: /CN=0f8f06c35494608d9acceb070a4cd16ab95ff6a6
Certificate serial: 019D389C42B1378D408DCFD961B48228C836
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D48Gw1SUYI2azOsHCkzRarlf9qY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/b09218-89e7-4859-b32c-60e9b7dc550b/1/D48Gw1SUYI2azOsHCkzRarlf9qY.mft
Manifest number: 0495
Signing time: Sun 29 Mar 2026 08:00:57 +0000
Manifest this update: Sun 29 Mar 2026 08:00:57 +0000
Manifest next update: Mon 30 Mar 2026 08:00:57 +0000
Files and hashes: 1: D48Gw1SUYI2azOsHCkzRarlf9qY.crl (hash: nmDbVp0i5lhIX4RKW+si8XNvtG5Oj/6/gMcghzbFeug=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/b09218-89e7-4859-b32c-60e9b7dc550b/1/D48Gw1SUYI2azOsHCkzRarlf9qY.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/b09218-89e7-4859-b32c-60e9b7dc550b/1/D48Gw1SUYI2azOsHCkzRarlf9qY.mft
rsync://rpki.ripe.net/repository/DEFAULT/D48Gw1SUYI2azOsHCkzRarlf9qY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9c:42:b1:37:8d:40:8d:cf:d9:61:b4:82:28:c8:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f8f06c35494608d9acceb070a4cd16ab95ff6a6
Validity
Not Before: Mar 29 08:00:57 2026 GMT
Not After : Mar 30 08:00:57 2026 GMT
Subject: CN=1365db93301f3f5d8199a394e88ff6bab5719723
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:41:be:be:9a:38:a5:a5:56:c4:16:b5:f5:de:
20:be:fc:bd:ac:a2:a6:a5:00:37:e3:cd:f9:8d:d3:
b9:35:ea:75:c9:21:b9:9d:aa:f8:55:d2:40:a7:10:
3f:de:65:df:fd:7d:12:77:2d:a3:c3:dc:58:d2:6c:
ec:6a:75:91:48:64:6f:9c:12:6c:75:e8:1e:06:f8:
b4:78:67:97:4b:75:dd:df:a2:a0:f0:86:7c:81:88:
58:c7:52:b7:6c:76:c7:ab:21:c6:31:e5:84:ff:e7:
09:fb:86:25:be:92:5a:38:61:64:22:86:8d:9d:ac:
e9:db:ee:ac:67:e8:b2:f5:02:ea:e3:e8:e8:c4:86:
1f:4e:be:a6:56:52:5f:d0:4c:a7:be:5e:04:6c:3a:
dc:3c:c3:df:f1:c3:c9:c4:ef:3c:33:5a:ab:ce:13:
32:57:7b:8f:74:7f:a4:04:49:f9:19:37:c3:19:a8:
51:f6:83:c1:6b:87:73:2d:b1:34:8f:e3:9a:09:7c:
50:85:1c:77:e1:4c:61:a1:b1:bd:f7:3f:1b:c4:b2:
58:88:10:18:e3:95:ac:a6:4a:4d:32:21:21:7a:6e:
7a:3c:f8:0e:f4:ab:a3:4c:a5:d3:c1:ec:9b:1c:27:
ec:12:3a:7a:23:90:69:3c:f0:8c:bb:f3:a2:08:50:
20:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:65:DB:93:30:1F:3F:5D:81:99:A3:94:E8:8F:F6:BA:B5:71:97:23
X509v3 Authority Key Identifier:
keyid:0F:8F:06:C3:54:94:60:8D:9A:CC:EB:07:0A:4C:D1:6A:B9:5F:F6:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D48Gw1SUYI2azOsHCkzRarlf9qY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/b09218-89e7-4859-b32c-60e9b7dc550b/1/D48Gw1SUYI2azOsHCkzRarlf9qY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/b09218-89e7-4859-b32c-60e9b7dc550b/1/D48Gw1SUYI2azOsHCkzRarlf9qY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3d:30:1d:54:ed:8d:7d:b3:6b:bc:f6:79:f9:58:50:ab:11:a0:
99:52:d3:a6:e0:7f:24:b7:45:06:6a:f4:dd:fa:83:6f:33:67:
f8:08:bc:c7:07:bb:6e:ba:87:b9:ad:a3:b0:0e:68:1a:49:49:
51:87:e0:f9:71:d6:ff:c2:d0:e0:5e:16:94:8c:f3:ac:91:41:
d8:8a:b8:bf:69:e3:61:1c:d9:c8:5a:e2:2f:ca:b5:20:e4:57:
bb:07:a7:f9:80:07:f7:12:3b:7a:e4:34:38:c2:a9:70:a6:93:
48:3c:68:ca:ef:a1:07:c7:70:c8:c2:b5:31:38:a6:5e:d6:e6:
e9:96:4c:88:6f:e1:c3:02:77:23:7e:0f:de:4b:93:8f:01:cf:
c6:9d:8a:8f:8e:cb:19:fe:c9:8d:de:90:b5:8b:e5:83:d1:b1:
09:6e:fd:63:f9:42:af:da:03:9d:0e:b5:22:51:f1:d3:f8:01:
fc:b3:2c:4a:4e:37:53:65:02:96:a7:53:c0:2e:eb:bc:01:b2:
24:a3:36:3d:6e:5f:13:2c:0e:95:5c:2a:c5:80:cd:b9:a0:02:
9a:27:b7:fb:9a:d9:0e:9a:8b:82:4b:1d:15:76:28:a0:26:58:
e7:1f:2c:19:0a:1c:df:45:bb:f8:12:6e:57:55:33:0a:a6:3c:
cc:7a:94:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nEKxN41Ajc/ZYbSCKMg2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmOGYwNmMzNTQ5NDYwOGQ5YWNjZWIwNzBhNGNkMTZhYjk1
ZmY2YTYwHhcNMjYwMzI5MDgwMDU3WhcNMjYwMzMwMDgwMDU3WjAzMTEwLwYDVQQD
EygxMzY1ZGI5MzMwMWYzZjVkODE5OWEzOTRlODhmZjZiYWI1NzE5NzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1UG+vpo4paVWxBa19d4gvvy9rKKm
pQA34835jdO5Nep1ySG5nar4VdJApxA/3mXf/X0Sdy2jw9xY0mzsanWRSGRvnBJs
degeBvi0eGeXS3Xd36Kg8IZ8gYhYx1K3bHbHqyHGMeWE/+cJ+4YlvpJaOGFkIoaN
nazp2+6sZ+iy9QLq4+joxIYfTr6mVlJf0Eynvl4EbDrcPMPf8cPJxO88M1qrzhMy
V3uPdH+kBEn5GTfDGahR9oPBa4dzLbE0j+OaCXxQhRx34UxhobG99z8bxLJYiBAY
45WspkpNMiEhem56PPgO9KujTKXTweybHCfsEjp6I5BpPPCMu/OiCFAgOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBNl25MwHz9dgZmjlOiP9rq1cZcjMB8GA1UdIwQY
MBaAFA+PBsNUlGCNmszrBwpM0Wq5X/amMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDQ4R3cxU1VZSTJhek9zSENrelJhcmxmOXFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9iMDkyMTgtODllNy00ODU5LWIzMmMt
NjBlOWI3ZGM1NTBiLzEvRDQ4R3cxU1VZSTJhek9zSENrelJhcmxmOXFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9iMDkyMTgtODllNy00ODU5LWIzMmMtNjBlOWI3ZGM1NTBi
LzEvRDQ4R3cxU1VZSTJhek9zSENrelJhcmxmOXFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPTAdVO2N
fbNrvPZ5+VhQqxGgmVLTpuB/JLdFBmr03fqDbzNn+Ai8xwe7brqHua2jsA5oGklJ
UYfg+XHW/8LQ4F4WlIzzrJFB2Iq4v2njYRzZyFriL8q1IORXuwen+YAH9xI7euQ0
OMKpcKaTSDxoyu+hB8dwyMK1MTimXtbm6ZZMiG/hwwJ3I34P3kuTjwHPxp2Kj47L
Gf7Jjd6QtYvlg9GxCW79Y/lCr9oDnQ61IlHx0/gB/LMsSk43U2UClqdTwC7rvAGy
JKM2PW5fEywOlVwqxYDNuaACmie3+5rZDpqLgksdFXYooCZY5x8sGQoc30W7+BJu
V1UzCqY8zHqUhw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:26:16 2026 by rpki-client