Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/b57892-cd3d-4f06-91f7-55387bfb5e66/1/dotOLq79y-wVupnop6IcieSyzL0.mft
File: dotOLq79y-wVupnop6IcieSyzL0.mft (raw, json)
Hash identifier: QPUZCOvNjNHzTO3QtT0OB7SSkpTAGhYZrQgmXTmJHs0=
Subject key identifier: 66:54:65:2C:FE:03:62:BD:0C:30:94:DD:39:68:63:13:88:75:47:9F
Authority key identifier: 76:8B:4E:2E:AE:FD:CB:EC:15:BA:99:E8:A7:A2:1C:89:E4:B2:CC:BD
Certificate issuer: /CN=768b4e2eaefdcbec15ba99e8a7a21c89e4b2ccbd
Certificate serial: 019D38D3080C26E1A21BA17C28140AED758D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dotOLq79y-wVupnop6IcieSyzL0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/b57892-cd3d-4f06-91f7-55387bfb5e66/1/dotOLq79y-wVupnop6IcieSyzL0.mft
Manifest number: 03FB
Signing time: Sun 29 Mar 2026 09:00:47 +0000
Manifest this update: Sun 29 Mar 2026 09:00:47 +0000
Manifest next update: Mon 30 Mar 2026 09:00:47 +0000
Files and hashes: 1: 74AVprCTNRDcbv0uDtC-tI0t1tw.roa (hash: up3d+8yhBxWTyanUrBMpmMMg9KISyz71I4oLqcbMOrY=)
2: dotOLq79y-wVupnop6IcieSyzL0.crl (hash: UNS3WKrNtqED4iCwFACDwYNzE+fAimEczXdO7W3exVs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/b57892-cd3d-4f06-91f7-55387bfb5e66/1/dotOLq79y-wVupnop6IcieSyzL0.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/b57892-cd3d-4f06-91f7-55387bfb5e66/1/dotOLq79y-wVupnop6IcieSyzL0.mft
rsync://rpki.ripe.net/repository/DEFAULT/dotOLq79y-wVupnop6IcieSyzL0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:08:0c:26:e1:a2:1b:a1:7c:28:14:0a:ed:75:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=768b4e2eaefdcbec15ba99e8a7a21c89e4b2ccbd
Validity
Not Before: Mar 29 09:00:47 2026 GMT
Not After : Mar 30 09:00:47 2026 GMT
Subject: CN=6654652cfe0362bd0c3094dd396863138875479f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:92:dc:8b:fe:8b:eb:94:7a:d5:b4:7f:25:85:
31:ea:f1:33:bd:b5:47:44:4f:b3:3b:0a:a7:b7:19:
df:1b:bb:f1:dc:dc:08:c0:5b:f8:23:d2:e8:13:84:
73:4b:71:be:70:03:f1:a8:03:29:39:33:70:fe:20:
99:f3:d0:6c:9f:20:1f:37:d3:df:a4:c5:12:59:84:
18:f5:c1:13:ab:48:73:48:1f:c0:d5:db:2a:df:35:
e7:d5:31:7b:c5:cc:69:8a:ac:fb:20:cf:6f:57:69:
d1:0f:af:21:ff:62:d0:7a:03:6d:f0:3d:66:be:8e:
69:c9:bc:e4:c3:ce:05:83:fa:22:11:cc:b8:58:45:
9a:1a:3e:09:22:dd:44:d2:83:ba:d6:98:13:38:04:
7e:c9:37:f1:d9:83:80:24:e4:0e:f7:86:df:d1:43:
aa:2d:05:e7:fb:5c:1c:4c:40:fd:98:9e:11:51:50:
a5:e8:33:ff:41:c5:31:ee:89:5f:2b:ac:cc:ba:bb:
66:e0:8c:2f:31:ab:a5:51:9e:f5:f1:1e:35:64:26:
5a:b1:41:57:07:25:93:51:22:39:4d:9c:83:fe:f2:
59:59:a2:a2:ed:bf:97:55:f2:43:d4:44:5c:e2:12:
13:18:1e:57:3d:cc:df:e1:37:a5:2d:30:f2:70:6e:
e2:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:54:65:2C:FE:03:62:BD:0C:30:94:DD:39:68:63:13:88:75:47:9F
X509v3 Authority Key Identifier:
keyid:76:8B:4E:2E:AE:FD:CB:EC:15:BA:99:E8:A7:A2:1C:89:E4:B2:CC:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dotOLq79y-wVupnop6IcieSyzL0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/b57892-cd3d-4f06-91f7-55387bfb5e66/1/dotOLq79y-wVupnop6IcieSyzL0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/b57892-cd3d-4f06-91f7-55387bfb5e66/1/dotOLq79y-wVupnop6IcieSyzL0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
77:cc:48:e3:b5:6b:ac:ed:ab:77:ed:f1:78:c6:a5:22:99:2d:
f0:d6:7a:b9:7a:35:5e:58:72:12:a6:fb:3e:8a:7e:6a:56:1f:
94:77:45:79:23:08:8d:a2:69:94:98:4f:ee:15:c2:05:d1:76:
2c:c9:3e:3d:ea:63:d3:7c:de:ae:ac:b9:59:91:f7:c3:28:6a:
15:86:bc:f5:4c:40:8e:5c:4a:d0:cf:4e:24:1f:db:7d:25:60:
e1:86:2d:da:f6:7d:07:63:25:2a:6c:7a:2e:5c:f0:66:80:72:
61:4a:5f:f0:78:00:dd:0c:07:22:12:18:2f:47:1a:6d:b9:42:
8a:ed:27:bb:48:c6:cf:ef:5b:33:0f:02:82:98:ea:cf:70:0d:
f1:52:e8:18:39:91:32:c0:8c:ec:1b:2d:1f:cf:8f:8e:58:d1:
52:03:a2:d0:0e:f2:0f:51:c3:f0:0b:03:c5:3f:5d:a9:1f:f9:
aa:dd:ec:06:2d:cb:f6:c9:0f:49:24:2e:24:c5:84:14:32:9a:
75:44:60:11:c6:63:85:1f:a6:3f:a9:b9:5d:65:9c:c6:bc:32:
1c:26:c9:93:5b:8f:3e:c6:b8:3d:b3:64:80:e0:da:8c:46:da:
3a:33:37:ca:24:7f:95:13:6b:94:c1:21:9d:0a:42:42:f6:cb:
85:04:92:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040wgMJuGiG6F8KBQK7XWNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2OGI0ZTJlYWVmZGNiZWMxNWJhOTllOGE3YTIxYzg5ZTRi
MmNjYmQwHhcNMjYwMzI5MDkwMDQ3WhcNMjYwMzMwMDkwMDQ3WjAzMTEwLwYDVQQD
Eyg2NjU0NjUyY2ZlMDM2MmJkMGMzMDk0ZGQzOTY4NjMxMzg4NzU0NzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJLci/6L65R61bR/JYUx6vEzvbVH
RE+zOwqntxnfG7vx3NwIwFv4I9LoE4RzS3G+cAPxqAMpOTNw/iCZ89BsnyAfN9Pf
pMUSWYQY9cETq0hzSB/A1dsq3zXn1TF7xcxpiqz7IM9vV2nRD68h/2LQegNt8D1m
vo5pybzkw84Fg/oiEcy4WEWaGj4JIt1E0oO61pgTOAR+yTfx2YOAJOQO94bf0UOq
LQXn+1wcTED9mJ4RUVCl6DP/QcUx7olfK6zMurtm4IwvMaulUZ718R41ZCZasUFX
ByWTUSI5TZyD/vJZWaKi7b+XVfJD1ERc4hITGB5XPczf4TelLTDycG7ipQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGZUZSz+A2K9DDCU3TloYxOIdUefMB8GA1UdIwQY
MBaAFHaLTi6u/cvsFbqZ6KeiHInkssy9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG90T0xxNzl5LXdWdXBub3A2SWNpZVN5ekwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9iNTc4OTItY2QzZC00ZjA2LTkxZjct
NTUzODdiZmI1ZTY2LzEvZG90T0xxNzl5LXdWdXBub3A2SWNpZVN5ekwwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9iNTc4OTItY2QzZC00ZjA2LTkxZjctNTUzODdiZmI1ZTY2
LzEvZG90T0xxNzl5LXdWdXBub3A2SWNpZVN5ekwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd8xI47Vr
rO2rd+3xeMalIpkt8NZ6uXo1XlhyEqb7Pop+alYflHdFeSMIjaJplJhP7hXCBdF2
LMk+Pepj03zerqy5WZH3wyhqFYa89UxAjlxK0M9OJB/bfSVg4YYt2vZ9B2MlKmx6
LlzwZoByYUpf8HgA3QwHIhIYL0cabblCiu0nu0jGz+9bMw8Cgpjqz3AN8VLoGDmR
MsCM7BstH8+PjljRUgOi0A7yD1HD8AsDxT9dqR/5qt3sBi3L9skPSSQuJMWEFDKa
dURgEcZjhR+mP6m5XWWcxrwyHCbJk1uPPsa4PbNkgODajEbaOjM3yiR/lRNrlMEh
nQpCQvbLhQSSCA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:25:33 2026 by rpki-client