Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/d5df03-b5ee-4bf7-aedf-8d8e9ea14325/1/0q5eM4eU5g1di1I72yto7ErHYs4.mft
File: 0q5eM4eU5g1di1I72yto7ErHYs4.mft (raw, json)
Hash identifier: C8wEt4cHtEqztOchcqDeAnAcYT+BfKULurj7UfgAL+k=
Subject key identifier: 10:D1:B8:4B:6D:E6:4E:01:9C:7C:CF:F6:6B:9A:E7:2E:7C:D5:32:86
Authority key identifier: D2:AE:5E:33:87:94:E6:0D:5D:8B:52:3B:DB:2B:68:EC:4A:C7:62:CE
Certificate issuer: /CN=d2ae5e338794e60d5d8b523bdb2b68ec4ac762ce
Certificate serial: 019D382E471A8F470AD2D0A4C675162F6A4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0q5eM4eU5g1di1I72yto7ErHYs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/d5df03-b5ee-4bf7-aedf-8d8e9ea14325/1/0q5eM4eU5g1di1I72yto7ErHYs4.mft
Manifest number: 1891
Signing time: Sun 29 Mar 2026 06:00:49 +0000
Manifest this update: Sun 29 Mar 2026 06:00:49 +0000
Manifest next update: Mon 30 Mar 2026 06:00:49 +0000
Files and hashes: 1: 0jE3hZkv3e72FXBQNOB1Z87I7hE.roa (hash: ufiFlOn3uZQmY7BK2PstScG7xVreKj7F3Ayx+q4ondk=)
2: 0q5eM4eU5g1di1I72yto7ErHYs4.crl (hash: bOM323l8VBVJXrpFeJs8+CLFDsWWQCCFsLVC8YuCujs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/d5df03-b5ee-4bf7-aedf-8d8e9ea14325/1/0q5eM4eU5g1di1I72yto7ErHYs4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/d5df03-b5ee-4bf7-aedf-8d8e9ea14325/1/0q5eM4eU5g1di1I72yto7ErHYs4.mft
rsync://rpki.ripe.net/repository/DEFAULT/0q5eM4eU5g1di1I72yto7ErHYs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2e:47:1a:8f:47:0a:d2:d0:a4:c6:75:16:2f:6a:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2ae5e338794e60d5d8b523bdb2b68ec4ac762ce
Validity
Not Before: Mar 29 06:00:49 2026 GMT
Not After : Mar 30 06:00:49 2026 GMT
Subject: CN=10d1b84b6de64e019c7ccff66b9ae72e7cd53286
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:18:26:be:a1:f0:88:f5:9b:07:a6:3c:5c:dc:
f1:7d:5a:ea:f6:7a:8c:d6:07:d8:4e:af:84:2a:5e:
2f:5f:4d:98:0c:c1:b8:06:6d:f0:99:d1:bc:d8:af:
44:9e:5a:54:06:c2:b7:fb:b9:30:1a:74:7e:1f:dd:
1c:38:32:5e:39:12:dd:ba:4c:ce:77:bd:55:05:9f:
cf:37:99:f6:56:cf:19:c8:c8:cb:26:98:e4:63:ca:
b7:88:2f:dd:a8:0d:49:b3:85:c1:92:7e:69:70:21:
12:d1:c6:9b:1c:3a:de:fc:42:6e:e4:51:2c:d4:cf:
51:07:01:de:80:9b:6a:a4:6f:4e:86:4b:7f:68:3a:
a9:3d:7b:93:38:6a:ac:0c:7d:ec:c4:d9:bf:12:10:
0a:ea:4e:b3:3a:79:cd:48:ae:95:25:38:f9:bb:7b:
64:c6:4a:74:f2:13:50:1d:46:51:68:31:89:16:6f:
c5:ef:08:43:87:85:bf:06:b7:46:a4:90:94:d7:32:
80:c7:22:bf:86:09:e1:c9:30:00:6c:85:67:3d:e5:
fa:f8:69:95:82:71:06:15:78:db:22:0b:2f:6f:7d:
74:c4:d9:93:2c:63:9f:ee:1e:a1:b7:72:a9:36:9a:
3c:4d:c0:25:f3:dc:44:5e:62:08:c5:76:95:c7:16:
1d:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:D1:B8:4B:6D:E6:4E:01:9C:7C:CF:F6:6B:9A:E7:2E:7C:D5:32:86
X509v3 Authority Key Identifier:
keyid:D2:AE:5E:33:87:94:E6:0D:5D:8B:52:3B:DB:2B:68:EC:4A:C7:62:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0q5eM4eU5g1di1I72yto7ErHYs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/d5df03-b5ee-4bf7-aedf-8d8e9ea14325/1/0q5eM4eU5g1di1I72yto7ErHYs4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/d5df03-b5ee-4bf7-aedf-8d8e9ea14325/1/0q5eM4eU5g1di1I72yto7ErHYs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
12:5a:e2:32:67:57:9b:5e:c8:3b:1d:98:41:b1:d1:0c:82:35:
50:4b:01:f4:54:6c:e2:58:5e:78:ac:83:38:86:be:07:0f:e2:
a2:fb:6f:ab:7e:fc:2c:b7:44:2a:35:c8:04:0f:c5:e8:9a:b9:
c5:a1:2e:d4:b3:de:15:5c:08:28:a2:2f:0e:25:18:fb:64:48:
13:31:fe:71:eb:ec:30:86:eb:ae:ac:c2:47:44:56:72:8e:20:
2f:ff:8b:8b:2f:ad:5e:7a:28:87:bc:aa:f1:07:fd:5c:b2:e4:
4b:45:95:ce:9c:74:5a:a8:71:b3:03:26:9f:92:1c:13:2b:55:
7d:22:02:89:82:86:cc:18:52:50:e1:fe:a3:5c:81:c9:16:dc:
0e:4b:a2:66:d2:84:0f:77:2a:24:aa:74:f6:25:32:ba:b2:79:
d8:a6:e6:b8:6d:0d:be:af:2d:92:fd:49:a3:f6:c7:8e:a1:a0:
74:97:25:4e:82:e6:80:82:2e:a1:bb:ad:6e:f9:3a:dc:82:82:
30:ea:4b:dc:00:56:be:85:69:d1:a5:7f:3c:8f:aa:68:5d:59:
e4:7f:2a:f1:20:9b:49:10:37:c8:66:49:35:05:45:cb:61:18:
45:a5:01:b1:1c:1d:52:e6:9e:32:e3:ae:aa:30:3b:27:76:33:
75:c4:77:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Lkcaj0cK0tCkxnUWL2pKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYWU1ZTMzODc5NGU2MGQ1ZDhiNTIzYmRiMmI2OGVjNGFj
NzYyY2UwHhcNMjYwMzI5MDYwMDQ5WhcNMjYwMzMwMDYwMDQ5WjAzMTEwLwYDVQQD
EygxMGQxYjg0YjZkZTY0ZTAxOWM3Y2NmZjY2YjlhZTcyZTdjZDUzMjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshgmvqHwiPWbB6Y8XNzxfVrq9nqM
1gfYTq+EKl4vX02YDMG4Bm3wmdG82K9EnlpUBsK3+7kwGnR+H90cODJeORLdukzO
d71VBZ/PN5n2Vs8ZyMjLJpjkY8q3iC/dqA1Js4XBkn5pcCES0cabHDre/EJu5FEs
1M9RBwHegJtqpG9Ohkt/aDqpPXuTOGqsDH3sxNm/EhAK6k6zOnnNSK6VJTj5u3tk
xkp08hNQHUZRaDGJFm/F7whDh4W/BrdGpJCU1zKAxyK/hgnhyTAAbIVnPeX6+GmV
gnEGFXjbIgsvb310xNmTLGOf7h6ht3KpNpo8TcAl89xEXmIIxXaVxxYd1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBDRuEtt5k4BnHzP9mua5y581TKGMB8GA1UdIwQY
MBaAFNKuXjOHlOYNXYtSO9sraOxKx2LOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHE1ZU00ZVU1ZzFkaTFJNzJ5dG83RXJIWXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9kNWRmMDMtYjVlZS00YmY3LWFlZGYt
OGQ4ZTllYTE0MzI1LzEvMHE1ZU00ZVU1ZzFkaTFJNzJ5dG83RXJIWXM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9kNWRmMDMtYjVlZS00YmY3LWFlZGYtOGQ4ZTllYTE0MzI1
LzEvMHE1ZU00ZVU1ZzFkaTFJNzJ5dG83RXJIWXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAElriMmdX
m17IOx2YQbHRDII1UEsB9FRs4lheeKyDOIa+Bw/iovtvq378LLdEKjXIBA/F6Jq5
xaEu1LPeFVwIKKIvDiUY+2RIEzH+cevsMIbrrqzCR0RWco4gL/+Liy+tXnooh7yq
8Qf9XLLkS0WVzpx0WqhxswMmn5IcEytVfSICiYKGzBhSUOH+o1yByRbcDkuiZtKE
D3cqJKp09iUyurJ52KbmuG0Nvq8tkv1Jo/bHjqGgdJclToLmgIIuobutbvk63IKC
MOpL3ABWvoVp0aV/PI+qaF1Z5H8q8SCbSRA3yGZJNQVFy2EYRaUBsRwdUuaeMuOu
qjA7J3YzdcR35g==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:43:23 2026 by rpki-client