Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/dJ2KQyiTC5OPqGAYseRH7k2NqPk.mft
File: dJ2KQyiTC5OPqGAYseRH7k2NqPk.mft (raw, json)
Hash identifier: k2xcx2ybHIpEd8ubr+AGMIGPNGK0NMmQBYnvn9Gqiko=
Subject key identifier: 39:D4:65:A4:BA:EC:49:B8:8D:47:A3:07:3A:8C:87:5E:3F:1B:94:96
Authority key identifier: 74:9D:8A:43:28:93:0B:93:8F:A8:60:18:B1:E4:47:EE:4D:8D:A8:F9
Certificate issuer: /CN=749d8a4328930b938fa86018b1e447ee4d8da8f9
Certificate serial: 019D37C100C1AF988B16B3D178DDDDB5DD2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJ2KQyiTC5OPqGAYseRH7k2NqPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/dJ2KQyiTC5OPqGAYseRH7k2NqPk.mft
Manifest number: 0207
Signing time: Sun 29 Mar 2026 04:01:28 +0000
Manifest this update: Sun 29 Mar 2026 04:01:28 +0000
Manifest next update: Mon 30 Mar 2026 04:01:28 +0000
Files and hashes: 1: dJ2KQyiTC5OPqGAYseRH7k2NqPk.crl (hash: rPdP1lIRkGv0Bn+dgWTJ/sNauPQ+6eQd9myBXpOmTto=)
2: i5v8Z7TLwK1d1522dak6QJo-ZdI.roa (hash: dORF0I0Mm7ul7rA3/PIS0cDu8jhdXdBq0BX2+YuQ/kM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/dJ2KQyiTC5OPqGAYseRH7k2NqPk.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/dJ2KQyiTC5OPqGAYseRH7k2NqPk.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJ2KQyiTC5OPqGAYseRH7k2NqPk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c1:00:c1:af:98:8b:16:b3:d1:78:dd:dd:b5:dd:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749d8a4328930b938fa86018b1e447ee4d8da8f9
Validity
Not Before: Mar 29 04:01:28 2026 GMT
Not After : Mar 30 04:01:28 2026 GMT
Subject: CN=39d465a4baec49b88d47a3073a8c875e3f1b9496
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:88:e3:ac:7f:d0:c8:b8:f4:e5:7b:b5:94:3c:
11:fe:0d:dd:4c:8f:d0:02:9b:0e:cb:5c:d7:d5:64:
11:d2:9a:bf:49:51:89:8e:90:e1:83:a3:48:32:87:
1b:d5:6f:7b:b2:69:0f:e4:93:de:04:38:fc:3b:5d:
d8:ab:b1:c3:3d:d8:74:1e:83:97:ab:94:04:5f:a2:
1b:1b:7b:83:fb:d5:7e:42:3e:6b:95:87:c6:e9:b7:
d6:61:54:11:a3:8b:68:eb:12:25:36:a3:6a:72:14:
64:a6:6f:ff:68:3c:11:b2:ce:4d:32:91:83:f2:30:
88:9b:66:b9:d8:a1:06:c0:16:20:d4:b4:86:92:f7:
7e:a8:04:ae:80:94:27:f6:77:0d:38:84:f9:4a:ad:
2c:8c:22:59:82:5d:da:5d:53:ea:9d:25:3a:a1:62:
ba:71:49:a3:6d:66:99:70:e7:b6:73:9a:c7:94:bc:
83:ef:7d:f2:f9:d0:f5:7e:a5:ba:8f:25:1b:97:00:
c4:02:eb:68:bb:9e:1c:dc:41:7b:d1:4d:eb:03:4d:
77:62:7f:71:b7:96:96:e7:9b:4c:80:90:44:90:b5:
49:41:9e:30:a0:8a:ff:ca:5f:9d:41:6f:94:c0:b7:
b2:47:94:10:75:43:56:fc:32:0f:24:bd:ad:33:b2:
5d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:D4:65:A4:BA:EC:49:B8:8D:47:A3:07:3A:8C:87:5E:3F:1B:94:96
X509v3 Authority Key Identifier:
keyid:74:9D:8A:43:28:93:0B:93:8F:A8:60:18:B1:E4:47:EE:4D:8D:A8:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJ2KQyiTC5OPqGAYseRH7k2NqPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/dJ2KQyiTC5OPqGAYseRH7k2NqPk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/dJ2KQyiTC5OPqGAYseRH7k2NqPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
53:0d:78:2c:0b:5e:5b:f9:eb:4d:21:8a:7f:4e:f5:27:85:c7:
b1:35:0f:49:72:40:bd:84:a2:a6:2c:34:df:ff:42:3c:a3:5e:
d9:de:9b:84:c7:6e:1f:ee:04:24:43:b6:65:e2:b7:35:a1:f3:
05:dc:2b:65:e8:ad:f6:22:36:27:95:ec:bb:13:77:65:8e:1b:
6b:a0:b8:a7:8b:46:11:12:d2:7c:31:0f:31:7c:da:fb:be:14:
32:4b:2e:b2:ff:0d:e5:a2:36:dd:ed:61:60:ea:8e:8e:dc:3f:
a4:45:6f:ab:d4:33:12:b9:43:e8:ec:c5:89:d4:64:2e:a0:75:
a1:e7:aa:d5:39:58:77:24:61:88:1e:98:92:28:04:b5:54:a6:
0e:dd:ed:de:27:c4:36:2c:d6:e7:56:d6:6c:c1:1a:a5:4e:2a:
6f:2d:21:4e:b8:3d:9c:9c:da:1c:4b:29:c0:0c:5f:6d:c9:d9:
2f:c9:dc:a0:67:38:e3:57:40:e3:ef:fe:2e:34:1a:0c:a2:b0:
e9:2f:93:1a:74:67:4e:37:09:6f:0c:c6:de:6c:b7:92:f7:51:
5b:be:95:7f:7e:9d:04:70:7e:59:5a:2d:76:53:cf:7a:36:0b:
10:7c:b5:ef:2b:9b:15:ae:9c:d2:4e:27:b2:f1:fd:3d:25:14:
d6:63:18:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wQDBr5iLFrPReN3dtd0qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OWQ4YTQzMjg5MzBiOTM4ZmE4NjAxOGIxZTQ0N2VlNGQ4
ZGE4ZjkwHhcNMjYwMzI5MDQwMTI4WhcNMjYwMzMwMDQwMTI4WjAzMTEwLwYDVQQD
EygzOWQ0NjVhNGJhZWM0OWI4OGQ0N2EzMDczYThjODc1ZTNmMWI5NDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0IjjrH/QyLj05Xu1lDwR/g3dTI/Q
ApsOy1zX1WQR0pq/SVGJjpDhg6NIMocb1W97smkP5JPeBDj8O13Yq7HDPdh0HoOX
q5QEX6IbG3uD+9V+Qj5rlYfG6bfWYVQRo4to6xIlNqNqchRkpm//aDwRss5NMpGD
8jCIm2a52KEGwBYg1LSGkvd+qASugJQn9ncNOIT5Sq0sjCJZgl3aXVPqnSU6oWK6
cUmjbWaZcOe2c5rHlLyD733y+dD1fqW6jyUblwDEAutou54c3EF70U3rA013Yn9x
t5aW55tMgJBEkLVJQZ4woIr/yl+dQW+UwLeyR5QQdUNW/DIPJL2tM7JdNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDnUZaS67Em4jUejBzqMh14/G5SWMB8GA1UdIwQY
MBaAFHSdikMokwuTj6hgGLHkR+5Njaj5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEoyS1F5aVRDNU9QcUdBWXNlUkg3azJOcVBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8zZmEyMTctODVmNS00ZjE5LWI5MWUt
MDg4OWUzZWNkMWY2LzEvZEoyS1F5aVRDNU9QcUdBWXNlUkg3azJOcVBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8zZmEyMTctODVmNS00ZjE5LWI5MWUtMDg4OWUzZWNkMWY2
LzEvZEoyS1F5aVRDNU9QcUdBWXNlUkg3azJOcVBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUw14LAte
W/nrTSGKf071J4XHsTUPSXJAvYSipiw03/9CPKNe2d6bhMduH+4EJEO2ZeK3NaHz
BdwrZeit9iI2J5XsuxN3ZY4ba6C4p4tGERLSfDEPMXza+74UMksusv8N5aI23e1h
YOqOjtw/pEVvq9QzErlD6OzFidRkLqB1oeeq1TlYdyRhiB6YkigEtVSmDt3t3ifE
NizW51bWbMEapU4qby0hTrg9nJzaHEspwAxfbcnZL8ncoGc441dA4+/+LjQaDKKw
6S+TGnRnTjcJbwzG3my3kvdRW76Vf36dBHB+WVotdlPPejYLEHy17yubFa6c0k4n
svH9PSUU1mMY4w==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:30:51 2026 by rpki-client