Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/3084de-b159-4e54-9ed7-42d67840944d/1/DyKg7jvG4y2JLt3iV8u3mRefLNY.mft
File: DyKg7jvG4y2JLt3iV8u3mRefLNY.mft (raw, json)
Hash identifier: RziRMGbPBgpYPg/wTCxMl+/ZzQ7eCC9jdCw7tEApZSw=
Subject key identifier: 8C:27:04:CC:59:24:92:D9:E6:9D:69:A4:92:8E:96:DA:3B:EB:61:61
Authority key identifier: 0F:22:A0:EE:3B:C6:E3:2D:89:2E:DD:E2:57:CB:B7:99:17:9F:2C:D6
Certificate issuer: /CN=0f22a0ee3bc6e32d892edde257cbb799179f2cd6
Certificate serial: 019D37F781BE73E14A5F529158A1D413CF9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DyKg7jvG4y2JLt3iV8u3mRefLNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/3084de-b159-4e54-9ed7-42d67840944d/1/DyKg7jvG4y2JLt3iV8u3mRefLNY.mft
Manifest number: 09FA
Signing time: Sun 29 Mar 2026 05:01:00 +0000
Manifest this update: Sun 29 Mar 2026 05:01:00 +0000
Manifest next update: Mon 30 Mar 2026 05:01:00 +0000
Files and hashes: 1: 6anxR7oWcscDd04QL41XaD9H2mI.roa (hash: HOaKAJ+9l8ZBJN2kLFM0Go13VYLLmXxM5vLOU8G4dHg=)
2: DyKg7jvG4y2JLt3iV8u3mRefLNY.crl (hash: 9lwJx5O7vP7+xqyQ2JljcTnveSXg+gcA/HH2zku53cY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/3084de-b159-4e54-9ed7-42d67840944d/1/DyKg7jvG4y2JLt3iV8u3mRefLNY.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/3084de-b159-4e54-9ed7-42d67840944d/1/DyKg7jvG4y2JLt3iV8u3mRefLNY.mft
rsync://rpki.ripe.net/repository/DEFAULT/DyKg7jvG4y2JLt3iV8u3mRefLNY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 05:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:f7:81:be:73:e1:4a:5f:52:91:58:a1:d4:13:cf:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f22a0ee3bc6e32d892edde257cbb799179f2cd6
Validity
Not Before: Mar 29 05:01:00 2026 GMT
Not After : Mar 30 05:01:00 2026 GMT
Subject: CN=8c2704cc592492d9e69d69a4928e96da3beb6161
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:bc:6c:07:04:2a:98:c8:20:ac:0a:2c:b0:c6:
bc:dd:31:b0:6b:ac:61:c6:af:35:47:1e:b0:de:0b:
a1:64:01:f9:67:3d:6a:26:d4:09:d9:f9:0f:42:2f:
b8:fc:2a:ce:b3:dd:18:a7:fd:8d:65:dc:cc:f5:7b:
93:19:29:1f:e5:db:a8:ab:ef:d6:f1:97:3f:18:ce:
bb:73:5b:0b:7e:f2:18:42:9d:6c:15:f0:e5:cf:e4:
f5:d8:d3:46:6d:e0:78:51:0a:f2:43:71:de:f8:1d:
db:47:52:51:74:cb:93:0e:4c:19:c6:07:1c:9c:d9:
dc:d0:d0:30:ff:40:dc:fa:ee:9c:4c:4d:bd:c8:7f:
5b:d3:7b:ca:69:9b:d5:7f:37:7f:4b:27:1e:e8:13:
a5:eb:b3:32:aa:49:78:55:32:c9:75:f3:2d:1c:b1:
b6:86:7e:4f:59:0d:f3:d9:80:15:ea:04:85:30:c9:
3d:f3:be:bf:09:32:f3:f1:a8:98:f9:6c:49:98:5c:
46:6a:f8:98:ae:2a:bb:41:a6:c7:6e:24:b3:36:72:
06:25:ce:11:a9:b3:54:85:0b:c4:39:5c:f7:f9:19:
c6:fe:c8:f8:ad:7b:2d:8e:e6:45:85:f5:15:07:94:
84:3f:a7:05:44:72:ff:43:ea:e0:ca:97:1d:94:5d:
17:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:27:04:CC:59:24:92:D9:E6:9D:69:A4:92:8E:96:DA:3B:EB:61:61
X509v3 Authority Key Identifier:
keyid:0F:22:A0:EE:3B:C6:E3:2D:89:2E:DD:E2:57:CB:B7:99:17:9F:2C:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DyKg7jvG4y2JLt3iV8u3mRefLNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/3084de-b159-4e54-9ed7-42d67840944d/1/DyKg7jvG4y2JLt3iV8u3mRefLNY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/3084de-b159-4e54-9ed7-42d67840944d/1/DyKg7jvG4y2JLt3iV8u3mRefLNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6d:5b:ca:d0:61:06:9e:6b:f4:fe:dc:43:3e:33:d9:2b:14:84:
3c:6e:a2:15:00:ac:fc:fe:b6:13:3d:7e:44:33:71:ca:7e:70:
42:3c:60:57:a1:6d:c0:5d:cc:cb:f8:81:8e:05:85:5f:42:60:
8b:8a:b2:c6:b6:e7:cc:0a:31:cf:c6:33:ca:04:18:b5:78:ae:
59:74:3a:1b:e7:15:d2:35:66:34:cd:2e:08:b7:fa:37:21:da:
9f:f5:48:23:09:58:05:8d:96:3e:4c:b4:ae:4f:77:7f:44:31:
d8:d3:b7:e8:d5:bd:6b:e8:b7:e8:28:52:8a:ab:8c:e8:c9:b3:
b8:0f:e1:9f:b1:2e:b9:61:d8:52:49:e2:dc:d5:e5:ab:b1:71:
0c:8c:12:cf:66:56:e3:20:f4:0d:1a:4d:73:00:b0:c8:9c:46:
f8:5d:cd:f4:15:3c:fb:8f:14:bd:10:5a:e9:8f:60:c3:e4:b8:
4a:28:26:a3:ca:77:a2:f1:df:b0:f9:f0:fd:03:ca:4f:0a:6c:
27:38:d4:c2:00:9e:49:0e:17:e8:ac:72:8e:5e:aa:e1:df:1f:
84:3e:5d:1c:db:a0:4a:a6:63:5c:0b:c9:4b:0f:38:1c:d3:85:
62:d2:28:80:f2:e2:d5:13:52:db:1a:99:6f:69:cb:ba:b8:fa:
5c:a0:07:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0394G+c+FKX1KRWKHUE8+fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMjJhMGVlM2JjNmUzMmQ4OTJlZGRlMjU3Y2JiNzk5MTc5
ZjJjZDYwHhcNMjYwMzI5MDUwMTAwWhcNMjYwMzMwMDUwMTAwWjAzMTEwLwYDVQQD
Eyg4YzI3MDRjYzU5MjQ5MmQ5ZTY5ZDY5YTQ5MjhlOTZkYTNiZWI2MTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbxsBwQqmMggrAossMa83TGwa6xh
xq81Rx6w3guhZAH5Zz1qJtQJ2fkPQi+4/CrOs90Yp/2NZdzM9XuTGSkf5duoq+/W
8Zc/GM67c1sLfvIYQp1sFfDlz+T12NNGbeB4UQryQ3He+B3bR1JRdMuTDkwZxgcc
nNnc0NAw/0Dc+u6cTE29yH9b03vKaZvVfzd/Syce6BOl67Myqkl4VTLJdfMtHLG2
hn5PWQ3z2YAV6gSFMMk9876/CTLz8aiY+WxJmFxGaviYriq7QabHbiSzNnIGJc4R
qbNUhQvEOVz3+RnG/sj4rXstjuZFhfUVB5SEP6cFRHL/Q+rgypcdlF0XYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIwnBMxZJJLZ5p1ppJKOlto762FhMB8GA1UdIwQY
MBaAFA8ioO47xuMtiS7d4lfLt5kXnyzWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHlLZzdqdkc0eTJKTHQzaVY4dTNtUmVmTE5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8zMDg0ZGUtYjE1OS00ZTU0LTllZDct
NDJkNjc4NDA5NDRkLzEvRHlLZzdqdkc0eTJKTHQzaVY4dTNtUmVmTE5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy8zMDg0ZGUtYjE1OS00ZTU0LTllZDctNDJkNjc4NDA5NDRk
LzEvRHlLZzdqdkc0eTJKTHQzaVY4dTNtUmVmTE5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbVvK0GEG
nmv0/txDPjPZKxSEPG6iFQCs/P62Ez1+RDNxyn5wQjxgV6FtwF3My/iBjgWFX0Jg
i4qyxrbnzAoxz8YzygQYtXiuWXQ6G+cV0jVmNM0uCLf6NyHan/VIIwlYBY2WPky0
rk93f0Qx2NO36NW9a+i36ChSiquM6MmzuA/hn7EuuWHYUkni3NXlq7FxDIwSz2ZW
4yD0DRpNcwCwyJxG+F3N9BU8+48UvRBa6Y9gw+S4Sigmo8p3ovHfsPnw/QPKTwps
JzjUwgCeSQ4X6Kxyjl6q4d8fhD5dHNugSqZjXAvJSw84HNOFYtIogPLi1RNS2xqZ
b2nLurj6XKAH/Q==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:28:29 2026 by rpki-client