Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/113f5f-be58-478c-9030-32d80d8d1615/1/0tzocORzw1QnPonF5OLtPgwGk1Y.mft
File: 0tzocORzw1QnPonF5OLtPgwGk1Y.mft (raw, json)
Hash identifier: z9aod+Edcr7aXY7i05Crfr/OpZSIeiDq5BkqKeQmRW4=
Subject key identifier: 65:3A:75:94:F1:24:65:23:49:4E:C6:68:48:5A:0D:7B:1D:B8:88:E3
Authority key identifier: D2:DC:E8:70:E4:73:C3:54:27:3E:89:C5:E4:E2:ED:3E:0C:06:93:56
Certificate issuer: /CN=d2dce870e473c354273e89c5e4e2ed3e0c069356
Certificate serial: 019D3865C4BD9D80005099455421FD921D74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0tzocORzw1QnPonF5OLtPgwGk1Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/113f5f-be58-478c-9030-32d80d8d1615/1/0tzocORzw1QnPonF5OLtPgwGk1Y.mft
Manifest number: 0CE7
Signing time: Sun 29 Mar 2026 07:01:26 +0000
Manifest this update: Sun 29 Mar 2026 07:01:26 +0000
Manifest next update: Mon 30 Mar 2026 07:01:26 +0000
Files and hashes: 1: 0tzocORzw1QnPonF5OLtPgwGk1Y.crl (hash: BJirTPi5nnTVGBvaS3CxHavxSLM44YXWKHDqKHfrNqI=)
2: ThzwdKdKn1Xy5a4JKmMojrXgu40.roa (hash: lIi2RxL8LrPV+57y38KO3DW0z4++WwpkT83uTb32e/I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/113f5f-be58-478c-9030-32d80d8d1615/1/0tzocORzw1QnPonF5OLtPgwGk1Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/113f5f-be58-478c-9030-32d80d8d1615/1/0tzocORzw1QnPonF5OLtPgwGk1Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/0tzocORzw1QnPonF5OLtPgwGk1Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:65:c4:bd:9d:80:00:50:99:45:54:21:fd:92:1d:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2dce870e473c354273e89c5e4e2ed3e0c069356
Validity
Not Before: Mar 29 07:01:26 2026 GMT
Not After : Mar 30 07:01:26 2026 GMT
Subject: CN=653a7594f1246523494ec668485a0d7b1db888e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:96:17:fd:7e:92:dc:93:23:af:8a:b7:36:89:
68:92:45:fd:f2:23:bf:71:b2:9e:c5:36:27:55:cb:
85:05:5b:5e:98:1a:81:38:2b:d9:2c:0c:08:85:46:
ab:bd:1f:b8:b8:3a:e2:44:f4:fc:e7:f6:e8:00:e1:
2b:86:3f:d9:b4:0f:c3:32:fc:f6:57:74:10:91:c8:
99:b4:4e:b8:f1:dd:83:7d:8e:e1:f5:5d:b2:6f:c9:
75:07:d6:a8:53:a7:80:2f:a6:15:e1:4f:84:81:a6:
76:32:b3:19:79:98:5e:8a:35:bb:fb:2f:07:e7:a9:
2f:34:a0:e6:d8:1a:2a:39:fa:57:88:ab:0d:13:8d:
57:df:81:ce:0d:c0:f8:74:2e:39:6c:f2:9d:e0:d8:
ab:b4:f2:57:63:9c:75:fc:9e:1b:c7:39:ad:1d:28:
cf:5b:c8:88:0d:ce:f1:e9:03:84:72:a1:f6:ae:d1:
02:ce:9e:51:b6:b4:7d:53:26:38:45:31:ab:93:49:
02:a2:55:c7:65:6b:c6:83:cc:65:eb:6a:97:17:e4:
e1:91:91:24:7c:63:ee:28:4a:d4:64:a8:54:60:15:
c9:72:59:f2:5e:05:44:29:d2:27:3b:1d:cf:8b:47:
27:cb:ed:dc:fb:94:81:41:51:37:29:ad:47:63:c8:
e6:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:3A:75:94:F1:24:65:23:49:4E:C6:68:48:5A:0D:7B:1D:B8:88:E3
X509v3 Authority Key Identifier:
keyid:D2:DC:E8:70:E4:73:C3:54:27:3E:89:C5:E4:E2:ED:3E:0C:06:93:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0tzocORzw1QnPonF5OLtPgwGk1Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/113f5f-be58-478c-9030-32d80d8d1615/1/0tzocORzw1QnPonF5OLtPgwGk1Y.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/113f5f-be58-478c-9030-32d80d8d1615/1/0tzocORzw1QnPonF5OLtPgwGk1Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:01:f6:1f:59:4d:f5:1b:ad:f6:03:a5:dd:dc:c8:d7:17:84:
fc:87:c3:3d:92:21:35:28:ad:2f:ae:3b:e4:52:48:63:da:04:
2c:5b:13:08:3d:e0:8c:17:96:33:88:82:20:95:b7:7a:9a:9b:
0f:96:4a:0b:68:96:66:a4:7c:fa:74:0f:9a:b1:6f:09:c7:db:
28:a2:e6:0a:a7:75:75:4a:50:41:2a:e9:db:6f:0c:92:fd:be:
16:2d:b3:4e:9b:1e:7b:d4:f5:d5:f7:4e:2d:9c:5d:ea:a4:6f:
b9:fa:a1:c4:a7:7d:44:d7:47:fc:4a:d0:85:62:d4:36:28:08:
f4:0a:58:cd:69:fb:20:70:40:13:0e:36:e4:1f:5c:c7:a6:d7:
4a:76:81:7f:70:40:fd:5a:a8:b1:61:60:4d:01:11:76:bf:14:
0e:ec:d4:5f:fe:7d:f2:ef:ee:fc:6e:38:db:7c:81:a3:08:02:
d3:0c:9b:b4:19:98:2c:c3:b6:78:a6:e1:31:b8:51:d1:e6:2d:
e0:01:98:46:59:9a:d1:c7:ef:19:fc:a3:59:33:b5:4e:dd:92:
2f:cc:06:a5:a3:26:96:19:94:71:b6:29:2c:7c:5c:1d:11:58:
9e:e3:f9:f7:0a:de:ec:71:9c:fe:70:16:e6:11:c7:c6:6c:0c:
0e:78:a6:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZcS9nYAAUJlFVCH9kh10MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyZGNlODcwZTQ3M2MzNTQyNzNlODljNWU0ZTJlZDNlMGMw
NjkzNTYwHhcNMjYwMzI5MDcwMTI2WhcNMjYwMzMwMDcwMTI2WjAzMTEwLwYDVQQD
Eyg2NTNhNzU5NGYxMjQ2NTIzNDk0ZWM2Njg0ODVhMGQ3YjFkYjg4OGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZYX/X6S3JMjr4q3NolokkX98iO/
cbKexTYnVcuFBVtemBqBOCvZLAwIhUarvR+4uDriRPT85/boAOErhj/ZtA/DMvz2
V3QQkciZtE648d2DfY7h9V2yb8l1B9aoU6eAL6YV4U+EgaZ2MrMZeZheijW7+y8H
56kvNKDm2BoqOfpXiKsNE41X34HODcD4dC45bPKd4NirtPJXY5x1/J4bxzmtHSjP
W8iIDc7x6QOEcqH2rtECzp5RtrR9UyY4RTGrk0kColXHZWvGg8xl62qXF+ThkZEk
fGPuKErUZKhUYBXJclnyXgVEKdInOx3Pi0cny+3c+5SBQVE3Ka1HY8jmDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGU6dZTxJGUjSU7GaEhaDXsduIjjMB8GA1UdIwQY
MBaAFNLc6HDkc8NUJz6JxeTi7T4MBpNWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHR6b2NPUnp3MVFuUG9uRjVPTHRQZ3dHazFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8xMTNmNWYtYmU1OC00NzhjLTkwMzAt
MzJkODBkOGQxNjE1LzEvMHR6b2NPUnp3MVFuUG9uRjVPTHRQZ3dHazFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8xMTNmNWYtYmU1OC00NzhjLTkwMzAtMzJkODBkOGQxNjE1
LzEvMHR6b2NPUnp3MVFuUG9uRjVPTHRQZ3dHazFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIQH2H1lN
9Rut9gOl3dzI1xeE/IfDPZIhNSitL6475FJIY9oELFsTCD3gjBeWM4iCIJW3epqb
D5ZKC2iWZqR8+nQPmrFvCcfbKKLmCqd1dUpQQSrp228Mkv2+Fi2zTpsee9T11fdO
LZxd6qRvufqhxKd9RNdH/ErQhWLUNigI9ApYzWn7IHBAEw425B9cx6bXSnaBf3BA
/VqosWFgTQERdr8UDuzUX/598u/u/G4423yBowgC0wybtBmYLMO2eKbhMbhR0eYt
4AGYRlma0cfvGfyjWTO1Tt2SL8wGpaMmlhmUcbYpLHxcHRFYnuP59wre7HGc/nAW
5hHHxmwMDnim/Q==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:43:25 2026 by rpki-client