Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/a11417-6abc-4c0d-8afa-1a29a448d309/1/0O4DiWh9vURd5vkjnB0Cw3cM9XQ.mft
File: 0O4DiWh9vURd5vkjnB0Cw3cM9XQ.mft (raw, json)
Hash identifier: TcaELsw1VZVu0zZYTH4Qo7lRTqrWzqgBErORon9XmjU=
Subject key identifier: 16:C6:FE:45:BB:48:7D:CF:BB:7E:DF:9F:D7:2E:00:A7:58:BC:A5:0E
Authority key identifier: D0:EE:03:89:68:7D:BD:44:5D:E6:F9:23:9C:1D:02:C3:77:0C:F5:74
Certificate issuer: /CN=d0ee0389687dbd445de6f9239c1d02c3770cf574
Certificate serial: 019D37C0BAF7D0E1541966AD6713A3E095A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0O4DiWh9vURd5vkjnB0Cw3cM9XQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/a11417-6abc-4c0d-8afa-1a29a448d309/1/0O4DiWh9vURd5vkjnB0Cw3cM9XQ.mft
Manifest number: 1890
Signing time: Sun 29 Mar 2026 04:01:10 +0000
Manifest this update: Sun 29 Mar 2026 04:01:10 +0000
Manifest next update: Mon 30 Mar 2026 04:01:10 +0000
Files and hashes: 1: 0O4DiWh9vURd5vkjnB0Cw3cM9XQ.crl (hash: OOAQkZdcz1vdFe6zjltu0gkoOs8fG5EjHSiclARAAco=)
2: ufg8Cy-npLiG4EP7oeE-jAY168k.roa (hash: mWJPH552eZGzUsrCNb54v4U4ffZaIGFDBWjHB1EftzA=)
3: ut5dpGeCvxjJRpLmR_ipxil5ZUA.roa (hash: PaeXiU3oIApbKxkYqCqS8/5Z6kGo2lJVdWVbX8L9K5M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/a11417-6abc-4c0d-8afa-1a29a448d309/1/0O4DiWh9vURd5vkjnB0Cw3cM9XQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/a11417-6abc-4c0d-8afa-1a29a448d309/1/0O4DiWh9vURd5vkjnB0Cw3cM9XQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/0O4DiWh9vURd5vkjnB0Cw3cM9XQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:ba:f7:d0:e1:54:19:66:ad:67:13:a3:e0:95:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0ee0389687dbd445de6f9239c1d02c3770cf574
Validity
Not Before: Mar 29 04:01:10 2026 GMT
Not After : Mar 30 04:01:10 2026 GMT
Subject: CN=16c6fe45bb487dcfbb7edf9fd72e00a758bca50e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e7:82:02:95:d9:10:60:3c:70:e4:68:b4:c0:
7f:2d:95:64:53:90:46:6c:d8:7c:de:40:f3:24:e7:
db:88:62:64:9e:c5:09:34:d3:b0:31:ce:52:8e:74:
07:be:23:40:d4:9e:8b:07:3e:d2:59:66:01:33:2f:
60:30:bb:a4:1f:b7:ec:dd:ce:70:49:2b:f8:5f:e3:
9c:70:1b:27:59:0e:24:69:dc:8e:dc:1a:98:9a:02:
12:cf:fb:ab:58:ff:0c:b2:f1:ad:e3:a1:33:0c:ce:
d3:ac:f8:c8:fa:59:1a:35:aa:38:7c:52:5f:a3:b7:
02:8e:0a:c8:35:0f:ca:57:f9:48:0a:38:95:2c:0a:
73:be:c6:08:cf:65:16:51:2c:c0:ca:5f:ff:1f:ba:
59:55:21:21:d2:f9:c1:00:e3:4c:c9:12:f8:17:33:
01:ed:b8:db:06:84:37:d6:9c:c5:8b:a0:96:4f:da:
61:33:31:43:57:32:9b:aa:b9:62:c6:ca:9c:87:92:
6d:1f:2a:e9:76:ac:12:6b:cf:b0:c8:c7:85:90:9c:
2f:b2:a3:59:05:f8:d0:32:a9:7e:4b:8b:f9:4f:be:
17:91:09:6e:fa:ef:4b:99:1b:8b:4a:4f:65:e1:ff:
85:b4:72:c9:05:18:96:b0:c6:bc:ef:7b:0b:5a:79:
69:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:C6:FE:45:BB:48:7D:CF:BB:7E:DF:9F:D7:2E:00:A7:58:BC:A5:0E
X509v3 Authority Key Identifier:
keyid:D0:EE:03:89:68:7D:BD:44:5D:E6:F9:23:9C:1D:02:C3:77:0C:F5:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0O4DiWh9vURd5vkjnB0Cw3cM9XQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/a11417-6abc-4c0d-8afa-1a29a448d309/1/0O4DiWh9vURd5vkjnB0Cw3cM9XQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/a11417-6abc-4c0d-8afa-1a29a448d309/1/0O4DiWh9vURd5vkjnB0Cw3cM9XQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
77:7d:8e:e6:cd:93:f0:43:40:d7:ac:ae:5d:06:a2:74:9e:3f:
0f:2c:82:90:b2:dd:98:aa:03:6d:10:aa:a4:2c:24:75:e0:86:
4d:92:2d:3b:e0:63:8b:4e:c0:6b:71:fa:9d:a2:82:a6:1b:10:
2b:ae:4c:60:6d:bc:ee:c8:19:d0:7b:36:5d:9d:0f:9d:38:57:
4c:36:94:c5:64:bb:10:c3:90:51:61:7f:f5:c9:39:20:aa:ea:
2a:a8:85:78:c0:4d:51:b4:db:23:4b:75:9e:20:fe:f5:38:39:
f3:42:cd:4c:f4:21:46:59:ed:62:9c:a2:47:76:2c:88:04:a6:
1b:6c:6e:d2:4d:04:26:5d:80:6b:22:8e:76:24:4c:ae:ac:0f:
4e:80:cd:45:7e:c9:f9:30:99:ac:8d:5b:15:f1:20:af:78:57:
65:5a:01:26:45:17:b6:c7:a7:90:2b:b6:78:24:c9:9b:71:aa:
4d:65:5f:18:93:8a:e6:9a:e3:c9:14:44:bd:61:37:28:13:21:
0c:00:b3:e8:86:9e:54:53:52:b0:5a:0c:58:07:b6:49:25:00:
f1:5a:e5:69:99:62:68:a7:b7:0a:dc:61:24:03:d0:c6:dd:89:
69:a0:d8:5a:bd:a9:3d:60:ab:23:18:79:76:a6:50:8d:05:37:
6a:19:90:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wLr30OFUGWatZxOj4JWgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwZWUwMzg5Njg3ZGJkNDQ1ZGU2ZjkyMzljMWQwMmMzNzcw
Y2Y1NzQwHhcNMjYwMzI5MDQwMTEwWhcNMjYwMzMwMDQwMTEwWjAzMTEwLwYDVQQD
EygxNmM2ZmU0NWJiNDg3ZGNmYmI3ZWRmOWZkNzJlMDBhNzU4YmNhNTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+eCApXZEGA8cORotMB/LZVkU5BG
bNh83kDzJOfbiGJknsUJNNOwMc5SjnQHviNA1J6LBz7SWWYBMy9gMLukH7fs3c5w
SSv4X+OccBsnWQ4kadyO3BqYmgISz/urWP8MsvGt46EzDM7TrPjI+lkaNao4fFJf
o7cCjgrINQ/KV/lICjiVLApzvsYIz2UWUSzAyl//H7pZVSEh0vnBAONMyRL4FzMB
7bjbBoQ31pzFi6CWT9phMzFDVzKbqrlixsqch5JtHyrpdqwSa8+wyMeFkJwvsqNZ
BfjQMql+S4v5T74XkQlu+u9LmRuLSk9l4f+FtHLJBRiWsMa873sLWnlpGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBbG/kW7SH3Pu37fn9cuAKdYvKUOMB8GA1UdIwQY
MBaAFNDuA4lofb1EXeb5I5wdAsN3DPV0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvME80RGlXaDl2VVJkNXZram5CMEN3M2NNOVhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9hMTE0MTctNmFiYy00YzBkLThhZmEt
MWEyOWE0NDhkMzA5LzEvME80RGlXaDl2VVJkNXZram5CMEN3M2NNOVhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9hMTE0MTctNmFiYy00YzBkLThhZmEtMWEyOWE0NDhkMzA5
LzEvME80RGlXaDl2VVJkNXZram5CMEN3M2NNOVhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd32O5s2T
8ENA16yuXQaidJ4/DyyCkLLdmKoDbRCqpCwkdeCGTZItO+Bji07Aa3H6naKCphsQ
K65MYG287sgZ0Hs2XZ0PnThXTDaUxWS7EMOQUWF/9ck5IKrqKqiFeMBNUbTbI0t1
niD+9Tg580LNTPQhRlntYpyiR3YsiASmG2xu0k0EJl2AayKOdiRMrqwPToDNRX7J
+TCZrI1bFfEgr3hXZVoBJkUXtsenkCu2eCTJm3GqTWVfGJOK5prjyRREvWE3KBMh
DACz6IaeVFNSsFoMWAe2SSUA8VrlaZliaKe3CtxhJAPQxt2JaaDYWr2pPWCrIxh5
dqZQjQU3ahmQfQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:08:49 2026 by rpki-client