Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/d4ffc0-a52d-461b-9719-a914e3ce3941/1/9OQPA5eaP05K052pg7Z7p-YhXA0.mft
File: 9OQPA5eaP05K052pg7Z7p-YhXA0.mft (raw, json)
Hash identifier: l8LavA8l0Xc4IeD0UUbAooiYSn5eS5iYVuHR8KbN3ok=
Subject key identifier: DC:2C:4E:5F:33:65:8C:57:41:02:95:CB:02:DC:DD:65:9F:0A:11:25
Authority key identifier: F4:E4:0F:03:97:9A:3F:4E:4A:D3:9D:A9:83:B6:7B:A7:E6:21:5C:0D
Certificate issuer: /CN=f4e40f03979a3f4e4ad39da983b67ba7e6215c0d
Certificate serial: 019D389C2FC43F91AB2CD69FCE46001F4FF5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9OQPA5eaP05K052pg7Z7p-YhXA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/d4ffc0-a52d-461b-9719-a914e3ce3941/1/9OQPA5eaP05K052pg7Z7p-YhXA0.mft
Manifest number: 1891
Signing time: Sun 29 Mar 2026 08:00:52 +0000
Manifest this update: Sun 29 Mar 2026 08:00:52 +0000
Manifest next update: Mon 30 Mar 2026 08:00:52 +0000
Files and hashes: 1: 9OQPA5eaP05K052pg7Z7p-YhXA0.crl (hash: dNWe9nyorz7avgn4eThsuLOIP+z8lSJyTHxdEMLpcDo=)
2: FXnznPhn55vYjBoYQttg28E4IK0.roa (hash: Dl0FXZLA3s/7+Hd8tk5PaoTmm8/8008Q5/BvoslwSfQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/d4ffc0-a52d-461b-9719-a914e3ce3941/1/9OQPA5eaP05K052pg7Z7p-YhXA0.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/d4ffc0-a52d-461b-9719-a914e3ce3941/1/9OQPA5eaP05K052pg7Z7p-YhXA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/9OQPA5eaP05K052pg7Z7p-YhXA0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9c:2f:c4:3f:91:ab:2c:d6:9f:ce:46:00:1f:4f:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4e40f03979a3f4e4ad39da983b67ba7e6215c0d
Validity
Not Before: Mar 29 08:00:52 2026 GMT
Not After : Mar 30 08:00:52 2026 GMT
Subject: CN=dc2c4e5f33658c57410295cb02dcdd659f0a1125
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:7b:8a:fb:9a:f3:aa:63:b9:ed:0f:bf:bb:03:
0d:53:89:2f:9d:ec:90:54:4b:da:f5:b3:ea:1b:4b:
f0:05:3b:d6:ca:63:48:ee:34:4b:67:50:10:91:24:
34:d9:6e:90:3f:9a:08:a3:f7:59:cf:85:59:97:fe:
aa:e0:5d:08:cd:88:db:75:ff:b3:a2:c0:e4:a5:d8:
21:62:cf:2b:b6:d6:6a:7e:2c:44:c9:07:c8:ea:57:
52:e8:b4:94:d4:77:5c:85:c1:2f:2b:99:af:89:ef:
54:c2:f4:83:b6:60:8c:0f:89:90:c3:db:b8:ee:cd:
1c:b5:f3:4d:fb:d8:e2:b8:05:cc:1e:ea:66:03:64:
43:e4:9e:2d:58:78:f9:75:38:89:90:28:ac:09:e4:
8e:98:7f:0e:b4:e4:1a:3d:db:3c:9a:9f:60:1e:ad:
07:57:4f:9d:d8:cf:ea:cf:9a:15:07:77:8d:de:83:
4d:29:87:c5:61:56:b3:e3:34:ab:38:e9:2c:fe:65:
16:51:da:6d:21:2b:e7:3c:21:67:1b:fc:5f:d4:15:
b3:bd:f6:7f:35:47:ed:99:fc:b7:6a:ab:36:18:b2:
fb:32:a5:bb:2d:9c:eb:54:ab:e4:04:e6:0e:8b:28:
3f:e6:f0:d9:2c:f1:39:e9:b3:fb:ea:b2:4c:e3:bd:
98:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:2C:4E:5F:33:65:8C:57:41:02:95:CB:02:DC:DD:65:9F:0A:11:25
X509v3 Authority Key Identifier:
keyid:F4:E4:0F:03:97:9A:3F:4E:4A:D3:9D:A9:83:B6:7B:A7:E6:21:5C:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9OQPA5eaP05K052pg7Z7p-YhXA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d4ffc0-a52d-461b-9719-a914e3ce3941/1/9OQPA5eaP05K052pg7Z7p-YhXA0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d4ffc0-a52d-461b-9719-a914e3ce3941/1/9OQPA5eaP05K052pg7Z7p-YhXA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:92:d7:dd:bc:0d:19:0d:54:0a:4e:ee:89:60:a4:d2:55:59:
0a:46:4a:66:88:42:b4:bc:2b:04:e1:85:cc:60:77:42:72:a6:
01:ce:af:28:ee:65:b5:b4:ff:e4:56:f0:b1:09:36:0b:3a:14:
37:f9:fc:fd:ab:71:c6:c8:2a:5b:29:f8:63:b4:c5:54:1f:86:
36:b4:e4:19:85:95:e4:32:91:74:87:db:21:ef:67:8f:bb:c2:
4a:cb:f0:62:f6:19:a3:f4:1a:2e:6d:42:ed:80:24:ad:bf:0f:
5e:2c:60:2f:f1:1a:4a:eb:a4:2a:b9:5e:c1:bf:93:fa:49:eb:
ea:b2:39:9d:eb:ab:41:45:60:e0:fc:70:80:d9:46:42:cf:f1:
d0:ee:60:d3:66:a6:09:de:e0:e7:af:93:b6:86:f6:6e:1b:90:
70:c8:85:1d:f1:80:ef:4c:cd:10:07:01:99:80:10:76:37:e6:
79:d3:dc:a1:b2:50:96:a3:f5:d9:5d:82:25:fb:d0:ce:04:d0:
46:5c:cf:4c:79:62:56:3d:15:61:fe:80:21:da:0f:5a:18:06:
5d:8a:6a:40:fb:39:09:df:14:5c:0d:44:67:4b:4c:36:c4:ce:
7e:1b:41:65:dc:6d:e6:3d:d4:72:eb:aa:13:43:30:1e:4c:be:
ed:3e:de:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nC/EP5GrLNafzkYAH0/1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZTQwZjAzOTc5YTNmNGU0YWQzOWRhOTgzYjY3YmE3ZTYy
MTVjMGQwHhcNMjYwMzI5MDgwMDUyWhcNMjYwMzMwMDgwMDUyWjAzMTEwLwYDVQQD
EyhkYzJjNGU1ZjMzNjU4YzU3NDEwMjk1Y2IwMmRjZGQ2NTlmMGExMTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3uK+5rzqmO57Q+/uwMNU4kvneyQ
VEva9bPqG0vwBTvWymNI7jRLZ1AQkSQ02W6QP5oIo/dZz4VZl/6q4F0IzYjbdf+z
osDkpdghYs8rttZqfixEyQfI6ldS6LSU1HdchcEvK5mvie9UwvSDtmCMD4mQw9u4
7s0ctfNN+9jiuAXMHupmA2RD5J4tWHj5dTiJkCisCeSOmH8OtOQaPds8mp9gHq0H
V0+d2M/qz5oVB3eN3oNNKYfFYVaz4zSrOOks/mUWUdptISvnPCFnG/xf1BWzvfZ/
NUftmfy3aqs2GLL7MqW7LZzrVKvkBOYOiyg/5vDZLPE56bP76rJM472YlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNwsTl8zZYxXQQKVywLc3WWfChElMB8GA1UdIwQY
MBaAFPTkDwOXmj9OStOdqYO2e6fmIVwNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU9RUEE1ZWFQMDVLMDUycGc3WjdwLVloWEEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9kNGZmYzAtYTUyZC00NjFiLTk3MTkt
YTkxNGUzY2UzOTQxLzEvOU9RUEE1ZWFQMDVLMDUycGc3WjdwLVloWEEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9kNGZmYzAtYTUyZC00NjFiLTk3MTktYTkxNGUzY2UzOTQx
LzEvOU9RUEE1ZWFQMDVLMDUycGc3WjdwLVloWEEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL5LX3bwN
GQ1UCk7uiWCk0lVZCkZKZohCtLwrBOGFzGB3QnKmAc6vKO5ltbT/5FbwsQk2CzoU
N/n8/atxxsgqWyn4Y7TFVB+GNrTkGYWV5DKRdIfbIe9nj7vCSsvwYvYZo/QaLm1C
7YAkrb8PXixgL/EaSuukKrlewb+T+knr6rI5neurQUVg4PxwgNlGQs/x0O5g02am
Cd7g56+Ttob2bhuQcMiFHfGA70zNEAcBmYAQdjfmedPcobJQlqP12V2CJfvQzgTQ
RlzPTHliVj0VYf6AIdoPWhgGXYpqQPs5Cd8UXA1EZ0tMNsTOfhtBZdxt5j3Ucuuq
E0MwHky+7T7ePQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:33:46 2026 by rpki-client