Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/d0a1fe-0b65-4d50-ae2f-12898697a862/1/0qPIzGPQ5-BpylI_NO-zlT7iG2U.mft
File: 0qPIzGPQ5-BpylI_NO-zlT7iG2U.mft (raw, json)
Hash identifier: YImXOJupQ+hiFhU+TH5Ed2TrYqKbTif8XiuY7fMOe9M=
Subject key identifier: A9:4E:4E:8F:2E:2D:2C:6B:64:FC:07:71:E4:7B:7F:6D:57:F8:4B:7B
Authority key identifier: D2:A3:C8:CC:63:D0:E7:E0:69:CA:52:3F:34:EF:B3:95:3E:E2:1B:65
Certificate issuer: /CN=d2a3c8cc63d0e7e069ca523f34efb3953ee21b65
Certificate serial: 019D37891807096636A804B6A5AD4C605EA9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0qPIzGPQ5-BpylI_NO-zlT7iG2U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/d0a1fe-0b65-4d50-ae2f-12898697a862/1/0qPIzGPQ5-BpylI_NO-zlT7iG2U.mft
Manifest number: 1257
Signing time: Sun 29 Mar 2026 03:00:24 +0000
Manifest this update: Sun 29 Mar 2026 03:00:24 +0000
Manifest next update: Mon 30 Mar 2026 03:00:24 +0000
Files and hashes: 1: 0qPIzGPQ5-BpylI_NO-zlT7iG2U.crl (hash: H1Izt5xZ//w+KpPVr7H6BaDIisjtOK2sjVMMjbrcZ5Y=)
2: OgtLPNJMhUcc3a3Q9gVgb_uUcTU.roa (hash: W+gl2jZGWcmgxMC+cnSTgyo7gRfrRZB5RZkp77uUONU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/d0a1fe-0b65-4d50-ae2f-12898697a862/1/0qPIzGPQ5-BpylI_NO-zlT7iG2U.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/d0a1fe-0b65-4d50-ae2f-12898697a862/1/0qPIzGPQ5-BpylI_NO-zlT7iG2U.mft
rsync://rpki.ripe.net/repository/DEFAULT/0qPIzGPQ5-BpylI_NO-zlT7iG2U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 03:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:89:18:07:09:66:36:a8:04:b6:a5:ad:4c:60:5e:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2a3c8cc63d0e7e069ca523f34efb3953ee21b65
Validity
Not Before: Mar 29 03:00:24 2026 GMT
Not After : Mar 30 03:00:24 2026 GMT
Subject: CN=a94e4e8f2e2d2c6b64fc0771e47b7f6d57f84b7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:1c:7a:9d:41:f1:ca:f2:39:3f:b4:0c:dc:74:
18:c7:c5:46:e5:cd:11:51:3f:4a:ce:62:fb:a7:2e:
14:f4:16:ff:6d:f4:0b:d7:a4:9a:07:5c:ac:b2:dd:
1e:a0:d8:34:79:72:c1:ff:3f:6b:11:ab:f5:34:39:
a4:9b:20:69:cf:e0:e6:95:7a:38:07:e7:7c:5e:1f:
70:1d:c1:a3:44:36:d3:6f:b9:74:7d:fc:98:e2:18:
19:67:54:13:9b:90:18:0a:52:d3:3f:0f:9b:f2:6c:
1c:f1:01:0d:e7:42:be:e0:78:cb:b9:16:4a:0e:d5:
94:4f:93:9d:ed:a3:ee:76:38:65:63:ec:d9:f8:1f:
dc:6f:3f:30:52:50:be:89:89:b3:5d:0b:d5:9d:a9:
ff:aa:d1:01:92:5f:6b:6d:c1:87:8a:35:41:4c:ed:
00:62:e5:1a:28:1b:06:6c:af:d0:b4:78:43:54:b8:
8b:c6:a5:bf:79:f1:62:e7:ba:11:0b:55:df:1e:72:
e0:37:bc:30:23:f7:22:56:ed:f6:c2:52:34:c7:6c:
dd:c5:88:54:1b:75:65:d9:cd:94:31:dc:59:04:f6:
0a:e4:6b:93:5e:19:2d:3f:e4:23:77:6e:b7:c8:e0:
c1:64:cd:f7:5e:6a:8a:12:30:21:14:fd:fb:fe:89:
df:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:4E:4E:8F:2E:2D:2C:6B:64:FC:07:71:E4:7B:7F:6D:57:F8:4B:7B
X509v3 Authority Key Identifier:
keyid:D2:A3:C8:CC:63:D0:E7:E0:69:CA:52:3F:34:EF:B3:95:3E:E2:1B:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0qPIzGPQ5-BpylI_NO-zlT7iG2U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/d0a1fe-0b65-4d50-ae2f-12898697a862/1/0qPIzGPQ5-BpylI_NO-zlT7iG2U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/d0a1fe-0b65-4d50-ae2f-12898697a862/1/0qPIzGPQ5-BpylI_NO-zlT7iG2U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
04:56:76:8c:e1:9a:45:bb:7c:f3:2e:26:4d:da:71:cd:09:c9:
70:0d:92:8b:a6:3f:3b:f6:0f:05:3e:70:c6:ea:66:5e:2e:2a:
e9:67:ac:bc:99:6f:b8:c8:26:6b:7e:7c:4f:d6:ed:fe:ba:c6:
56:17:a2:05:a0:3b:eb:78:0e:db:ce:ea:ef:8b:db:32:c5:6a:
9c:4c:99:91:bd:58:63:bd:e0:aa:d6:42:02:73:61:38:d7:19:
97:cf:8b:bc:d9:e9:67:0d:10:68:5a:66:b1:0e:fd:00:af:5c:
e8:5c:05:e2:07:5e:1a:46:34:62:e7:90:e0:c7:78:50:13:f6:
8b:4e:95:19:00:e2:30:a2:94:e2:0f:bd:e8:1d:b2:2d:d2:3a:
38:e2:d4:70:7c:2b:1b:a8:ae:d2:fe:fa:70:7b:3f:08:18:db:
df:f5:46:dc:69:3e:60:d6:06:cd:e4:3f:52:09:26:1e:ea:8e:
ae:9a:0f:c0:84:40:fd:c8:5f:30:64:78:68:dc:e1:bb:22:5f:
66:fc:9a:dc:4a:58:ad:4b:75:cb:55:08:4a:64:ec:1b:9f:57:
ac:5e:16:99:2a:48:f0:0c:dc:1e:ed:77:90:8d:d5:01:42:97:
cc:7d:b5:c3:19:4d:6f:73:30:d2:b0:bd:0b:5f:6a:02:3d:ca:
8f:04:87:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iRgHCWY2qAS2pa1MYF6pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYTNjOGNjNjNkMGU3ZTA2OWNhNTIzZjM0ZWZiMzk1M2Vl
MjFiNjUwHhcNMjYwMzI5MDMwMDI0WhcNMjYwMzMwMDMwMDI0WjAzMTEwLwYDVQQD
EyhhOTRlNGU4ZjJlMmQyYzZiNjRmYzA3NzFlNDdiN2Y2ZDU3Zjg0YjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihx6nUHxyvI5P7QM3HQYx8VG5c0R
UT9KzmL7py4U9Bb/bfQL16SaB1ysst0eoNg0eXLB/z9rEav1NDmkmyBpz+DmlXo4
B+d8Xh9wHcGjRDbTb7l0ffyY4hgZZ1QTm5AYClLTPw+b8mwc8QEN50K+4HjLuRZK
DtWUT5Od7aPudjhlY+zZ+B/cbz8wUlC+iYmzXQvVnan/qtEBkl9rbcGHijVBTO0A
YuUaKBsGbK/QtHhDVLiLxqW/efFi57oRC1XfHnLgN7wwI/ciVu32wlI0x2zdxYhU
G3Vl2c2UMdxZBPYK5GuTXhktP+Qjd263yODBZM33XmqKEjAhFP37/onf0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKlOTo8uLSxrZPwHceR7f21X+Et7MB8GA1UdIwQY
MBaAFNKjyMxj0OfgacpSPzTvs5U+4htlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHFQSXpHUFE1LUJweWxJX05PLXpsVDdpRzJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9kMGExZmUtMGI2NS00ZDUwLWFlMmYt
MTI4OTg2OTdhODYyLzEvMHFQSXpHUFE1LUJweWxJX05PLXpsVDdpRzJVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9kMGExZmUtMGI2NS00ZDUwLWFlMmYtMTI4OTg2OTdhODYy
LzEvMHFQSXpHUFE1LUJweWxJX05PLXpsVDdpRzJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABFZ2jOGa
Rbt88y4mTdpxzQnJcA2Si6Y/O/YPBT5wxupmXi4q6WesvJlvuMgma358T9bt/rrG
VheiBaA763gO287q74vbMsVqnEyZkb1YY73gqtZCAnNhONcZl8+LvNnpZw0QaFpm
sQ79AK9c6FwF4gdeGkY0YueQ4Md4UBP2i06VGQDiMKKU4g+96B2yLdI6OOLUcHwr
G6iu0v76cHs/CBjb3/VG3Gk+YNYGzeQ/UgkmHuqOrpoPwIRA/chfMGR4aNzhuyJf
Zvya3EpYrUt1y1UISmTsG59XrF4WmSpI8AzcHu13kI3VAUKXzH21wxlNb3Mw0rC9
C19qAj3KjwSHTQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:29:45 2026 by rpki-client