Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.mft
File: otP5vJZWutwm594auw-nLD1yjdg.mft (raw, json)
Hash identifier: GdBt21g1FwIQ2hZ1NCeUnrb+xn6BeQFN/EbT1dYMvOg=
Subject key identifier: 7B:C6:FA:AF:AC:C3:49:9A:53:5D:E2:04:53:C9:0F:E8:DD:40:E5:F5
Authority key identifier: A2:D3:F9:BC:96:56:BA:DC:26:E7:DE:1A:BB:0F:A7:2C:3D:72:8D:D8
Certificate issuer: /CN=a2d3f9bc9656badc26e7de1abb0fa72c3d728dd8
Certificate serial: 019D38D38B51000997C16F969D30A9735165
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/otP5vJZWutwm594auw-nLD1yjdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.mft
Manifest number: 04F5
Signing time: Sun 29 Mar 2026 09:01:20 +0000
Manifest this update: Sun 29 Mar 2026 09:01:20 +0000
Manifest next update: Mon 30 Mar 2026 09:01:20 +0000
Files and hashes: 1: otP5vJZWutwm594auw-nLD1yjdg.crl (hash: 59XopZ1jFh1jHqEl0UO6ZUexjQunBlk5edGXQvJZLj4=)
2: wq9tYLfVQC77CHQnEGOwVihriSc.roa (hash: tQsNymN61pdlaZw2p685YQ4hLAz1lZz1V7NLew6Ch8g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.mft
rsync://rpki.ripe.net/repository/DEFAULT/otP5vJZWutwm594auw-nLD1yjdg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:8b:51:00:09:97:c1:6f:96:9d:30:a9:73:51:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2d3f9bc9656badc26e7de1abb0fa72c3d728dd8
Validity
Not Before: Mar 29 09:01:20 2026 GMT
Not After : Mar 30 09:01:20 2026 GMT
Subject: CN=7bc6faafacc3499a535de20453c90fe8dd40e5f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:6b:62:9f:76:f8:d7:0b:f9:72:8a:29:0d:3e:
0f:48:a0:dd:5c:66:0f:21:a1:cc:dd:cc:c4:dc:2e:
a1:61:57:fb:d9:25:e2:d2:8d:15:35:d8:91:fc:ad:
3b:27:64:5d:63:3f:5d:2c:a8:61:29:ba:d7:ca:93:
30:b4:be:bf:fb:4e:3d:2b:8d:c9:d3:8a:ba:89:96:
8b:6a:66:99:f2:ef:c0:34:bb:a9:02:45:58:98:16:
8e:a4:ff:e7:2c:f9:8f:43:bb:22:58:7a:f9:e0:39:
44:44:bc:e0:99:f7:89:b2:d9:64:f5:f2:e6:43:5e:
f3:38:01:15:dd:49:39:cd:05:88:64:f9:e6:5b:b1:
57:44:2b:53:5c:83:42:fe:a7:72:2b:a5:12:6a:66:
ff:83:fe:fe:d5:41:14:9c:e8:da:7b:13:20:b8:e4:
6a:94:59:b3:72:51:40:fa:97:3d:16:00:14:b5:c1:
36:cc:b0:29:af:f7:23:1f:bb:6d:2f:fa:25:8f:d7:
c9:96:78:38:8f:e2:60:31:3d:d3:ec:71:9b:96:83:
1d:1c:2c:37:af:29:a1:2a:b0:36:ec:21:4e:0a:07:
aa:ea:65:7a:d3:79:17:46:0f:8a:35:39:ab:b9:30:
75:a6:59:ad:ca:ff:06:6e:a8:c4:b3:63:06:f9:09:
e8:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:C6:FA:AF:AC:C3:49:9A:53:5D:E2:04:53:C9:0F:E8:DD:40:E5:F5
X509v3 Authority Key Identifier:
keyid:A2:D3:F9:BC:96:56:BA:DC:26:E7:DE:1A:BB:0F:A7:2C:3D:72:8D:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/otP5vJZWutwm594auw-nLD1yjdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5c:49:c5:c5:f1:f6:f1:bc:83:f8:b0:99:ce:d2:ba:c6:5a:e0:
04:69:b5:95:37:40:27:49:73:54:17:3d:dc:54:83:ea:f7:d7:
43:31:de:5d:b0:f1:5a:4c:82:85:e5:d2:8e:57:53:00:83:53:
7b:67:29:4d:07:99:0c:b9:db:04:4b:b8:03:ec:6a:57:ba:7c:
4d:f4:93:33:d8:1c:21:af:79:ae:a4:91:4f:de:80:24:62:bb:
15:28:fb:7a:5e:93:ff:2c:42:95:5f:37:28:03:00:93:0f:c6:
8e:19:f9:d0:b0:39:53:8d:ee:e7:26:90:2f:8c:d6:d0:59:87:
03:fb:09:a1:7f:ee:36:cd:a0:d5:92:9c:11:62:35:f3:f5:14:
0c:a1:a7:9c:58:32:10:a4:7c:2b:22:5f:80:da:11:2f:b8:11:
2e:bb:c3:a0:cf:68:03:31:f0:d4:e0:b6:fa:a3:6e:eb:3e:c4:
50:39:de:f5:4b:04:6e:d3:24:c3:be:d5:b0:ba:40:42:bd:71:
7a:48:2c:6d:ea:37:e2:72:6a:8e:61:00:ca:a7:fe:5a:d1:90:
cd:50:6c:e1:c0:aa:54:e6:e0:a9:31:b3:1f:83:a1:2e:a1:94:
c5:5a:f3:ef:29:47:f8:e6:b4:fc:8c:7d:53:d6:87:71:c7:80:
ee:bf:a6:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0404tRAAmXwW+WnTCpc1FlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZDNmOWJjOTY1NmJhZGMyNmU3ZGUxYWJiMGZhNzJjM2Q3
MjhkZDgwHhcNMjYwMzI5MDkwMTIwWhcNMjYwMzMwMDkwMTIwWjAzMTEwLwYDVQQD
Eyg3YmM2ZmFhZmFjYzM0OTlhNTM1ZGUyMDQ1M2M5MGZlOGRkNDBlNWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWtin3b41wv5coopDT4PSKDdXGYP
IaHM3czE3C6hYVf72SXi0o0VNdiR/K07J2RdYz9dLKhhKbrXypMwtL6/+049K43J
04q6iZaLamaZ8u/ANLupAkVYmBaOpP/nLPmPQ7siWHr54DlERLzgmfeJstlk9fLm
Q17zOAEV3Uk5zQWIZPnmW7FXRCtTXINC/qdyK6USamb/g/7+1UEUnOjaexMguORq
lFmzclFA+pc9FgAUtcE2zLApr/cjH7ttL/olj9fJlng4j+JgMT3T7HGbloMdHCw3
rymhKrA27CFOCgeq6mV603kXRg+KNTmruTB1plmtyv8GbqjEs2MG+QnoxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHvG+q+sw0maU13iBFPJD+jdQOX1MB8GA1UdIwQY
MBaAFKLT+byWVrrcJufeGrsPpyw9co3YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3RQNXZKWld1dHdtNTk0YXV3LW5MRDF5amRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82OGZkMGYtMmI4Ny00NzA0LWEzMmYt
ZDcxMWU4NGMyOWExLzEvb3RQNXZKWld1dHdtNTk0YXV3LW5MRDF5amRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82OGZkMGYtMmI4Ny00NzA0LWEzMmYtZDcxMWU4NGMyOWEx
LzEvb3RQNXZKWld1dHdtNTk0YXV3LW5MRDF5amRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXEnFxfH2
8byD+LCZztK6xlrgBGm1lTdAJ0lzVBc93FSD6vfXQzHeXbDxWkyCheXSjldTAINT
e2cpTQeZDLnbBEu4A+xqV7p8TfSTM9gcIa95rqSRT96AJGK7FSj7el6T/yxClV83
KAMAkw/Gjhn50LA5U43u5yaQL4zW0FmHA/sJoX/uNs2g1ZKcEWI18/UUDKGnnFgy
EKR8KyJfgNoRL7gRLrvDoM9oAzHw1OC2+qNu6z7EUDne9UsEbtMkw77VsLpAQr1x
ekgsbeo34nJqjmEAyqf+WtGQzVBs4cCqVObgqTGzH4OhLqGUxVrz7ylH+Oa0/Ix9
U9aHcceA7r+mzA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:45:55 2026 by rpki-client