Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/4b5c19-821a-40ce-9168-df4a3173522b/1/ddoOY-skfZoLE7TLNt1nJJkgu8o.mft
File: ddoOY-skfZoLE7TLNt1nJJkgu8o.mft (raw, json)
Hash identifier: HkDMnO2bO8vxMhhYY/nMx8wzgpfZ7sk0KfUrGxMDLmg=
Subject key identifier: DE:1D:DF:38:96:8D:B3:41:C5:CF:54:CB:00:CA:DC:11:2E:0E:BF:C6
Authority key identifier: 75:DA:0E:63:EB:24:7D:9A:0B:13:B4:CB:36:DD:67:24:99:20:BB:CA
Certificate issuer: /CN=75da0e63eb247d9a0b13b4cb36dd67249920bbca
Certificate serial: 019D371B9EC187D2A979505507FF0C048F99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ddoOY-skfZoLE7TLNt1nJJkgu8o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/4b5c19-821a-40ce-9168-df4a3173522b/1/ddoOY-skfZoLE7TLNt1nJJkgu8o.mft
Manifest number: 1891
Signing time: Sun 29 Mar 2026 01:00:50 +0000
Manifest this update: Sun 29 Mar 2026 01:00:50 +0000
Manifest next update: Mon 30 Mar 2026 01:00:50 +0000
Files and hashes: 1: 7FjxNVLmNTsgp9nb0ppt16rSW84.roa (hash: AfsskACtTFQG8noHnyBaCKgJpWmzNL8/P7OkiLoJhQ4=)
2: ddoOY-skfZoLE7TLNt1nJJkgu8o.crl (hash: QRwv2DqxxKYo0DATaZbyVPIEhqsSCTeMcCxNv/jaUGE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/4b5c19-821a-40ce-9168-df4a3173522b/1/ddoOY-skfZoLE7TLNt1nJJkgu8o.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/4b5c19-821a-40ce-9168-df4a3173522b/1/ddoOY-skfZoLE7TLNt1nJJkgu8o.mft
rsync://rpki.ripe.net/repository/DEFAULT/ddoOY-skfZoLE7TLNt1nJJkgu8o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 01:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:1b:9e:c1:87:d2:a9:79:50:55:07:ff:0c:04:8f:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75da0e63eb247d9a0b13b4cb36dd67249920bbca
Validity
Not Before: Mar 29 01:00:50 2026 GMT
Not After : Mar 30 01:00:50 2026 GMT
Subject: CN=de1ddf38968db341c5cf54cb00cadc112e0ebfc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:0f:39:aa:ee:bd:82:ab:00:0b:f7:76:d5:0b:
49:33:7a:ae:8a:80:0f:eb:3e:f0:f3:10:28:cb:d9:
6d:c2:74:a3:57:b0:7b:0b:a1:60:1e:5a:af:65:4b:
ad:54:d8:a1:b3:8e:5b:c1:74:f5:1b:37:aa:7b:4a:
d7:68:0d:82:62:26:02:e9:b0:f2:25:af:bd:05:8b:
cc:87:05:b4:be:ec:20:14:d8:51:33:06:ce:b4:d3:
92:7d:7b:1d:e4:fe:6a:da:df:f4:8c:39:b6:6f:ed:
c0:c2:7a:40:ff:75:e4:99:95:f2:bb:f3:85:bc:b6:
62:c8:48:7f:99:10:57:48:79:09:6b:bf:18:5d:79:
18:74:d8:1c:ac:b9:06:e1:c3:8f:da:2f:3a:48:d4:
81:94:17:30:26:ae:82:4b:ee:aa:0f:89:a0:bb:a9:
41:2e:09:e2:92:da:48:42:43:41:19:90:6f:ea:f9:
6c:9d:ff:32:5c:04:e6:a3:2d:a6:4e:4e:ff:41:fc:
b9:3c:19:b1:29:22:f6:20:69:c0:b8:14:86:d6:f7:
de:71:43:1c:3c:c2:7c:93:54:2d:36:7c:d7:29:d6:
9b:f5:c2:3f:66:c8:68:c9:0d:dd:96:d4:a8:15:df:
c8:e6:88:ce:ae:80:30:bc:1e:8a:7f:33:3e:dd:ce:
ae:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:1D:DF:38:96:8D:B3:41:C5:CF:54:CB:00:CA:DC:11:2E:0E:BF:C6
X509v3 Authority Key Identifier:
keyid:75:DA:0E:63:EB:24:7D:9A:0B:13:B4:CB:36:DD:67:24:99:20:BB:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ddoOY-skfZoLE7TLNt1nJJkgu8o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/4b5c19-821a-40ce-9168-df4a3173522b/1/ddoOY-skfZoLE7TLNt1nJJkgu8o.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/4b5c19-821a-40ce-9168-df4a3173522b/1/ddoOY-skfZoLE7TLNt1nJJkgu8o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7b:fd:79:bb:01:01:87:b4:c1:7e:ef:45:c3:9f:96:aa:ae:50:
54:61:cc:b8:69:1b:98:28:fe:65:cb:b9:16:50:4b:1a:91:91:
52:f6:d2:96:92:a9:b6:19:a8:6a:b5:9a:82:fe:01:21:1c:74:
24:e7:a7:43:c7:42:51:58:80:1b:50:e2:5b:00:4b:41:30:ae:
2d:fe:43:aa:fb:bf:9c:cd:22:2e:6c:e9:44:aa:c0:0a:64:c4:
9a:9d:90:b5:9b:61:ba:7f:ca:6f:b9:05:d3:f1:85:cc:48:79:
f8:30:6c:a1:84:30:e0:3a:51:1b:3b:ea:3f:52:d7:98:ca:73:
8a:ca:55:a1:cf:cb:87:77:fd:d4:ff:44:84:cf:64:47:23:39:
fb:75:85:5e:4d:25:e4:16:c7:d3:f7:c1:02:d3:84:a0:f2:18:
7f:c2:06:5d:db:94:4c:1c:d2:59:bb:e5:64:3e:0a:03:5c:b5:
c3:15:ec:2e:3c:e8:a8:68:a6:b7:a3:dc:dd:8b:f9:24:9a:be:
b5:de:3a:da:a5:3b:78:a6:a5:88:e9:78:5d:fa:25:0a:86:05:
b2:ee:7e:f3:b0:09:77:27:b3:06:ce:50:b5:b7:01:ba:cb:be:
9d:ab:ad:a7:6a:21:aa:cc:45:44:9a:5b:62:78:cc:aa:5e:28:
67:c6:56:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03G57Bh9KpeVBVB/8MBI+ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZGEwZTYzZWIyNDdkOWEwYjEzYjRjYjM2ZGQ2NzI0OTky
MGJiY2EwHhcNMjYwMzI5MDEwMDUwWhcNMjYwMzMwMDEwMDUwWjAzMTEwLwYDVQQD
EyhkZTFkZGYzODk2OGRiMzQxYzVjZjU0Y2IwMGNhZGMxMTJlMGViZmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQ85qu69gqsAC/d21QtJM3quioAP
6z7w8xAoy9ltwnSjV7B7C6FgHlqvZUutVNihs45bwXT1Gzeqe0rXaA2CYiYC6bDy
Ja+9BYvMhwW0vuwgFNhRMwbOtNOSfXsd5P5q2t/0jDm2b+3AwnpA/3XkmZXyu/OF
vLZiyEh/mRBXSHkJa78YXXkYdNgcrLkG4cOP2i86SNSBlBcwJq6CS+6qD4mgu6lB
LgniktpIQkNBGZBv6vlsnf8yXATmoy2mTk7/Qfy5PBmxKSL2IGnAuBSG1vfecUMc
PMJ8k1QtNnzXKdab9cI/ZshoyQ3dltSoFd/I5ojOroAwvB6KfzM+3c6uowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN4d3ziWjbNBxc9UywDK3BEuDr/GMB8GA1UdIwQY
MBaAFHXaDmPrJH2aCxO0yzbdZySZILvKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGRvT1ktc2tmWm9MRTdUTE50MW5KSmtndThvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi80YjVjMTktODIxYS00MGNlLTkxNjgt
ZGY0YTMxNzM1MjJiLzEvZGRvT1ktc2tmWm9MRTdUTE50MW5KSmtndThvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi80YjVjMTktODIxYS00MGNlLTkxNjgtZGY0YTMxNzM1MjJi
LzEvZGRvT1ktc2tmWm9MRTdUTE50MW5KSmtndThvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe/15uwEB
h7TBfu9Fw5+Wqq5QVGHMuGkbmCj+Zcu5FlBLGpGRUvbSlpKpthmoarWagv4BIRx0
JOenQ8dCUViAG1DiWwBLQTCuLf5Dqvu/nM0iLmzpRKrACmTEmp2QtZthun/Kb7kF
0/GFzEh5+DBsoYQw4DpRGzvqP1LXmMpzispVoc/Lh3f91P9EhM9kRyM5+3WFXk0l
5BbH0/fBAtOEoPIYf8IGXduUTBzSWbvlZD4KA1y1wxXsLjzoqGimt6Pc3Yv5JJq+
td462qU7eKaliOl4XfolCoYFsu5+87AJdyezBs5QtbcBusu+nautp2ohqsxFRJpb
YnjMql4oZ8ZWEw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:29:33 2026 by rpki-client