Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft
File: tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft (raw, json)
Hash identifier: 2F9ZUbuVI+/nJhvoUr6blveOT74yDz8WkOcFG7Fhj4Q=
Subject key identifier: A1:4E:10:66:3E:C6:BD:4D:A8:E4:5B:48:3E:95:BE:F4:6D:A5:B6:3A
Authority key identifier: B4:36:C0:F0:EC:8B:BE:DF:0F:60:84:4D:FE:4F:E9:39:36:9A:4B:40
Certificate issuer: /CN=b436c0f0ec8bbedf0f60844dfe4fe939369a4b40
Certificate serial: 019D38D39729EF46B8BEF4CC6EFBC6D7EDBC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft
Manifest number: 05C0
Signing time: Sun 29 Mar 2026 09:01:24 +0000
Manifest this update: Sun 29 Mar 2026 09:01:24 +0000
Manifest next update: Mon 30 Mar 2026 09:01:24 +0000
Files and hashes: 1: 0lwIzPsGn14owxvXy7_61u8zBPk.roa (hash: RHYNuusrfwoS7Vg7kp1EMywIH/hGj3OELuZX6uFgB7Q=)
2: tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl (hash: SY8ANZy+b7Lwf/qQprbOUUu4wHOw/GqBiVRuKEGq/R8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:97:29:ef:46:b8:be:f4:cc:6e:fb:c6:d7:ed:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b436c0f0ec8bbedf0f60844dfe4fe939369a4b40
Validity
Not Before: Mar 29 09:01:24 2026 GMT
Not After : Mar 30 09:01:24 2026 GMT
Subject: CN=a14e10663ec6bd4da8e45b483e95bef46da5b63a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:d8:32:47:bc:19:d5:b9:b2:1b:b0:2d:25:9e:
15:30:ce:29:03:39:31:d1:4c:ca:90:f1:1c:fe:10:
e7:e7:33:51:ca:c4:32:5f:7e:39:9f:6e:ae:ec:8b:
26:cb:ad:71:6a:5d:90:ff:05:60:b7:ab:c0:58:dd:
87:da:c5:aa:36:f8:ba:62:45:30:f2:c6:a7:d1:2b:
5e:21:37:dc:27:a0:d1:e9:f4:27:89:30:b3:c8:c9:
dc:3a:e4:32:42:52:6e:4b:b0:e0:a3:75:d0:25:8a:
f1:c7:e2:e0:21:9d:4a:e6:f2:58:8d:c2:92:39:1e:
f9:22:c7:f5:a4:86:d4:0d:8c:52:ff:fe:ba:1e:d6:
66:d3:87:01:3a:88:ff:a8:e0:2b:30:de:ab:e6:fb:
3f:5f:41:e3:5c:2e:65:2a:d0:6d:73:6b:e5:24:3c:
2c:c7:b5:5f:d6:9e:c6:c4:28:14:b9:fc:c9:b4:79:
ca:da:86:1f:25:ba:e8:bd:3d:ae:73:92:54:1e:2f:
61:24:80:11:29:8c:67:79:81:96:1c:ce:cb:64:d7:
7b:6d:d7:e9:ea:22:10:a8:e2:62:03:f1:51:19:d1:
45:fe:31:d7:23:28:4c:e5:a6:46:67:45:43:dd:79:
ee:e6:27:7b:4a:36:52:a0:6b:85:b0:7c:00:78:c1:
0d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:4E:10:66:3E:C6:BD:4D:A8:E4:5B:48:3E:95:BE:F4:6D:A5:B6:3A
X509v3 Authority Key Identifier:
keyid:B4:36:C0:F0:EC:8B:BE:DF:0F:60:84:4D:FE:4F:E9:39:36:9A:4B:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5d:3e:6e:87:f5:3e:9d:36:98:97:f8:5b:0e:33:0d:f7:13:62:
22:5b:12:7f:ba:3b:e4:18:1b:ea:a1:82:8e:6f:b0:c9:33:54:
39:20:0e:b6:d3:14:c2:f6:d6:cb:a1:02:f9:a0:2b:5d:2d:7a:
1d:45:d0:44:4c:85:f2:fb:40:89:37:40:29:5e:eb:e5:ab:14:
7b:ab:9f:43:3f:86:f0:7c:aa:55:23:3f:1f:44:f7:b7:e5:d2:
ba:b7:41:22:ba:b6:72:82:e2:ab:f2:b4:e7:16:6f:0f:2b:34:
67:b6:74:73:cd:11:95:f6:f8:6b:10:cc:ed:44:0a:70:ba:23:
9c:3d:24:52:1c:0e:20:6c:15:ea:2a:6f:c7:63:e3:0c:2c:01:
f2:4f:df:17:bc:7a:fa:4f:19:f2:7a:18:99:73:0b:ec:f1:b1:
1c:50:a7:27:f8:89:49:6a:12:c4:6d:c9:cd:8a:34:39:66:31:
db:e1:8c:ca:63:73:d8:87:77:57:c1:19:10:f2:e1:2f:dc:44:
96:82:dc:bc:3c:63:fd:a1:6e:2e:03:27:8b:6f:e4:5f:2f:85:
b4:b6:df:59:66:2d:1a:ee:bf:65:5f:bd:e0:4f:6a:a7:48:3b:
23:4a:77:80:31:69:b1:11:31:3d:86:11:33:23:22:86:bf:77:
a2:8f:4e:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0405cp70a4vvTMbvvG1+28MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzZjMGYwZWM4YmJlZGYwZjYwODQ0ZGZlNGZlOTM5MzY5
YTRiNDAwHhcNMjYwMzI5MDkwMTI0WhcNMjYwMzMwMDkwMTI0WjAzMTEwLwYDVQQD
EyhhMTRlMTA2NjNlYzZiZDRkYThlNDViNDgzZTk1YmVmNDZkYTViNjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3NgyR7wZ1bmyG7AtJZ4VMM4pAzkx
0UzKkPEc/hDn5zNRysQyX345n26u7Ismy61xal2Q/wVgt6vAWN2H2sWqNvi6YkUw
8san0SteITfcJ6DR6fQniTCzyMncOuQyQlJuS7Dgo3XQJYrxx+LgIZ1K5vJYjcKS
OR75Isf1pIbUDYxS//66HtZm04cBOoj/qOArMN6r5vs/X0HjXC5lKtBtc2vlJDws
x7Vf1p7GxCgUufzJtHnK2oYfJbrovT2uc5JUHi9hJIARKYxneYGWHM7LZNd7bdfp
6iIQqOJiA/FRGdFF/jHXIyhM5aZGZ0VD3Xnu5id7SjZSoGuFsHwAeMENFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKFOEGY+xr1NqORbSD6VvvRtpbY6MB8GA1UdIwQY
MBaAFLQ2wPDsi77fD2CETf5P6Tk2mktAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9kYjY2YWItNzBhYy00MWFkLTk5NTgt
ZGQ4YjVhZmNlZTNiLzEvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9kYjY2YWItNzBhYy00MWFkLTk5NTgtZGQ4YjVhZmNlZTNi
LzEvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXT5uh/U+
nTaYl/hbDjMN9xNiIlsSf7o75Bgb6qGCjm+wyTNUOSAOttMUwvbWy6EC+aArXS16
HUXQREyF8vtAiTdAKV7r5asUe6ufQz+G8HyqVSM/H0T3t+XSurdBIrq2coLiq/K0
5xZvDys0Z7Z0c80Rlfb4axDM7UQKcLojnD0kUhwOIGwV6ipvx2PjDCwB8k/fF7x6
+k8Z8noYmXML7PGxHFCnJ/iJSWoSxG3JzYo0OWYx2+GMymNz2Id3V8EZEPLhL9xE
loLcvDxj/aFuLgMni2/kXy+FtLbfWWYtGu6/ZV+94E9qp0g7I0p3gDFpsRExPYYR
MyMihr93oo9O+g==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:50:02 2026 by rpki-client