Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.mft
File: DUHQpubfLhjCVnMjaNbnaCiTExA.mft (raw, json)
Hash identifier: zhqw/hEjyT+hyw5FsIXwRrlYtEXZ4FGV22+G70MTMN0=
Subject key identifier: AF:AF:12:C3:C4:56:EB:C7:FA:AC:4F:AE:B1:78:E7:00:A4:C3:CF:D7
Authority key identifier: 0D:41:D0:A6:E6:DF:2E:18:C2:56:73:23:68:D6:E7:68:28:93:13:10
Certificate issuer: /CN=0d41d0a6e6df2e18c256732368d6e76828931310
Certificate serial: 019D38D33178B31082A0BCCE209A8AA53981
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DUHQpubfLhjCVnMjaNbnaCiTExA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.mft
Manifest number: 11D7
Signing time: Sun 29 Mar 2026 09:00:58 +0000
Manifest this update: Sun 29 Mar 2026 09:00:58 +0000
Manifest next update: Mon 30 Mar 2026 09:00:58 +0000
Files and hashes: 1: DUHQpubfLhjCVnMjaNbnaCiTExA.crl (hash: rMSWdqGjo/gLMvyloofuWZJ2MWUvviNqsGxYzW+FSHI=)
2: gQCK6BeO-j5lVpUt90LH641D-Do.roa (hash: IdvQ6sUh6mIJW4ddDEmtmONm3UtG6O5w53GtVLTmX/w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.mft
rsync://rpki.ripe.net/repository/DEFAULT/DUHQpubfLhjCVnMjaNbnaCiTExA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 08:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:31:78:b3:10:82:a0:bc:ce:20:9a:8a:a5:39:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d41d0a6e6df2e18c256732368d6e76828931310
Validity
Not Before: Mar 29 09:00:58 2026 GMT
Not After : Mar 30 09:00:58 2026 GMT
Subject: CN=afaf12c3c456ebc7faac4faeb178e700a4c3cfd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:18:3a:81:69:58:9e:25:e2:9c:ea:34:35:9f:
e5:5d:f1:1c:d6:03:83:78:8b:11:2f:d6:26:cf:d9:
7c:f3:5b:0a:20:40:15:71:dc:f7:15:b8:a4:17:87:
ec:8d:73:bb:77:50:08:89:09:8e:07:81:c9:5a:6e:
20:99:cf:fd:1b:45:c2:12:8e:18:f6:83:bb:8b:62:
56:2c:47:fd:e9:2d:fc:6c:1d:7d:15:69:03:4f:03:
55:a8:dc:e2:96:74:b4:64:3a:0a:ce:39:c4:af:a1:
eb:b2:d3:24:43:14:ed:43:57:fc:17:39:d0:8d:d6:
8d:6b:89:82:21:ad:1a:e8:61:25:e2:fe:58:c8:bc:
98:0b:c3:f0:f0:b0:e1:1e:81:9e:50:96:92:f5:a0:
72:f6:0d:49:4f:d4:ce:4e:8f:c0:c6:5f:dd:25:23:
e1:81:bd:e2:1d:51:5c:5a:67:ef:c4:22:11:51:0c:
d2:27:31:65:76:5e:53:b1:00:a9:95:60:54:2f:79:
d9:9d:cc:de:36:f6:fa:c2:ad:11:99:f3:b4:10:20:
53:e6:63:e8:eb:c7:d7:93:cb:34:69:96:3d:8a:12:
e5:7e:55:03:13:da:66:76:09:94:a5:48:2b:56:19:
81:d7:5f:91:ea:f2:68:b6:b9:8d:72:22:f3:f1:e2:
c2:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:AF:12:C3:C4:56:EB:C7:FA:AC:4F:AE:B1:78:E7:00:A4:C3:CF:D7
X509v3 Authority Key Identifier:
keyid:0D:41:D0:A6:E6:DF:2E:18:C2:56:73:23:68:D6:E7:68:28:93:13:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUHQpubfLhjCVnMjaNbnaCiTExA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:8d:8d:98:b7:8a:05:16:74:3b:c9:8c:2e:fc:aa:8c:81:b8:
fb:e9:db:49:40:7d:ec:6b:4f:16:bb:00:da:b7:e1:d2:10:91:
11:ad:4a:12:98:da:fa:7b:a1:a9:2e:d7:fc:5b:e4:dd:86:dd:
ea:8d:4c:2e:ef:24:f9:3d:d4:4c:f1:88:f5:a8:e1:b6:58:9b:
fb:44:89:f6:14:a2:e6:a0:2a:7d:ff:e9:a2:b7:73:ae:71:d6:
6d:4b:56:6a:2b:da:9d:8c:91:bd:46:01:ae:40:7a:86:ce:af:
00:c6:2b:d5:3d:36:74:dc:26:26:1d:9f:4e:00:32:bf:70:77:
1e:52:fc:ed:be:f9:1b:74:d5:58:f4:53:2e:15:c0:47:22:2e:
57:9e:4a:84:07:d1:3b:b6:cc:25:87:61:cb:58:4a:ac:1a:24:
c2:7c:93:fb:90:24:d7:9d:28:e8:3a:2e:4c:69:e4:31:ea:52:
fe:64:64:fe:4f:12:b6:00:9b:c6:9a:be:cc:06:f4:27:7f:2c:
29:80:33:66:d9:52:08:f8:e3:94:3b:2e:64:cd:8d:cd:5f:82:
68:6c:51:20:2d:48:e4:24:0e:38:fc:87:ba:75:09:1b:a8:19:
46:38:6d:a9:2d:ed:27:ed:ff:d4:99:bf:88:4e:18:af:98:cc:
5b:b1:11:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040zF4sxCCoLzOIJqKpTmBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNDFkMGE2ZTZkZjJlMThjMjU2NzMyMzY4ZDZlNzY4Mjg5
MzEzMTAwHhcNMjYwMzI5MDkwMDU4WhcNMjYwMzMwMDkwMDU4WjAzMTEwLwYDVQQD
EyhhZmFmMTJjM2M0NTZlYmM3ZmFhYzRmYWViMTc4ZTcwMGE0YzNjZmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxg6gWlYniXinOo0NZ/lXfEc1gOD
eIsRL9Ymz9l881sKIEAVcdz3FbikF4fsjXO7d1AIiQmOB4HJWm4gmc/9G0XCEo4Y
9oO7i2JWLEf96S38bB19FWkDTwNVqNzilnS0ZDoKzjnEr6HrstMkQxTtQ1f8FznQ
jdaNa4mCIa0a6GEl4v5YyLyYC8Pw8LDhHoGeUJaS9aBy9g1JT9TOTo/Axl/dJSPh
gb3iHVFcWmfvxCIRUQzSJzFldl5TsQCplWBUL3nZnczeNvb6wq0RmfO0ECBT5mPo
68fXk8s0aZY9ihLlflUDE9pmdgmUpUgrVhmB11+R6vJotrmNciLz8eLCiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK+vEsPEVuvH+qxPrrF45wCkw8/XMB8GA1UdIwQY
MBaAFA1B0Kbm3y4YwlZzI2jW52gokxMQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFVIUXB1YmZMaGpDVm5NamFOYm5hQ2lURXhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85ODM3YjItMGRmMC00ZjVhLTgwZGIt
NjJiNjQwYjAyZTJiLzEvRFVIUXB1YmZMaGpDVm5NamFOYm5hQ2lURXhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85ODM3YjItMGRmMC00ZjVhLTgwZGItNjJiNjQwYjAyZTJi
LzEvRFVIUXB1YmZMaGpDVm5NamFOYm5hQ2lURXhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADo2NmLeK
BRZ0O8mMLvyqjIG4++nbSUB97GtPFrsA2rfh0hCREa1KEpja+nuhqS7X/Fvk3Ybd
6o1MLu8k+T3UTPGI9ajhtlib+0SJ9hSi5qAqff/pordzrnHWbUtWaivanYyRvUYB
rkB6hs6vAMYr1T02dNwmJh2fTgAyv3B3HlL87b75G3TVWPRTLhXARyIuV55KhAfR
O7bMJYdhy1hKrBokwnyT+5Ak150o6DouTGnkMepS/mRk/k8StgCbxpq+zAb0J38s
KYAzZtlSCPjjlDsuZM2NzV+CaGxRIC1I5CQOOPyHunUJG6gZRjhtqS3tJ+3/1Jm/
iE4Yr5jMW7ERaQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:17:29 2026 by rpki-client