Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/D2W9IcaDIH2gw5-zeYU1r0ngv_U.mft
File: D2W9IcaDIH2gw5-zeYU1r0ngv_U.mft (raw, json)
Hash identifier: PYR5fmjTMfxDijJlw7wAWHqSU4qVHJr4dOcxs3z/Pv8=
Subject key identifier: 3F:7C:66:70:F2:5A:FD:31:C7:13:CB:A5:F6:2F:D5:38:EB:91:4F:7B
Authority key identifier: 0F:65:BD:21:C6:83:20:7D:A0:C3:9F:B3:79:85:35:AF:49:E0:BF:F5
Certificate issuer: /CN=0f65bd21c683207da0c39fb3798535af49e0bff5
Certificate serial: 019D3909B59553FD050AC8611C29C410A135
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2W9IcaDIH2gw5-zeYU1r0ngv_U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/D2W9IcaDIH2gw5-zeYU1r0ngv_U.mft
Manifest number: 166E
Signing time: Sun 29 Mar 2026 10:00:30 +0000
Manifest this update: Sun 29 Mar 2026 10:00:30 +0000
Manifest next update: Mon 30 Mar 2026 10:00:30 +0000
Files and hashes: 1: D2W9IcaDIH2gw5-zeYU1r0ngv_U.crl (hash: VaWNles5u4dKQ2j4hHrulUFZVDaycheFM1nj3ez4Y28=)
2: FVoehWVHfRAM9Wax2PLEzeuzUcQ.roa (hash: jKrRrki3jFgX40lflCLx2Zym5UZldktVdjD6ypmdCdQ=)
3: _FcCRW97Oyy-701A8ky-qnc9PuQ.roa (hash: TPZyrFAeXnN7pauwjeZRrcEQ8uCeSHffzbaYPf3BfAQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/D2W9IcaDIH2gw5-zeYU1r0ngv_U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/D2W9IcaDIH2gw5-zeYU1r0ngv_U.mft
rsync://rpki.ripe.net/repository/DEFAULT/D2W9IcaDIH2gw5-zeYU1r0ngv_U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:09:b5:95:53:fd:05:0a:c8:61:1c:29:c4:10:a1:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f65bd21c683207da0c39fb3798535af49e0bff5
Validity
Not Before: Mar 29 10:00:30 2026 GMT
Not After : Mar 30 10:00:30 2026 GMT
Subject: CN=3f7c6670f25afd31c713cba5f62fd538eb914f7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:cf:05:d1:97:e0:15:6f:38:7c:e9:23:0e:72:
4e:e3:36:16:86:0b:40:cf:87:d9:17:64:74:58:05:
f6:19:24:e4:d0:06:26:58:01:08:10:01:02:c1:ce:
d3:06:a8:93:3b:c5:3e:42:09:88:64:4e:5f:3b:67:
0a:0b:7b:59:a9:6d:5b:70:ba:54:d4:b2:83:cf:22:
ab:d0:c3:e3:61:0e:b1:b9:24:23:7a:1b:ee:7e:c6:
ea:86:e6:ce:a6:01:ff:63:66:d1:d4:16:7d:55:48:
4d:31:43:0f:30:d8:ee:32:f5:e9:2c:3d:64:39:d0:
14:b5:f8:90:4f:62:52:94:d2:66:ff:9c:58:4d:fc:
d6:45:4a:4e:62:17:92:78:8c:77:cb:64:6e:c7:af:
f7:fb:f7:7c:3b:43:bc:c5:27:7d:57:f7:0a:27:e1:
20:95:46:6e:29:f3:65:b4:73:ae:44:2e:be:87:e4:
23:c6:fe:8f:c7:98:ac:89:a5:92:90:08:31:22:34:
cc:64:78:9f:26:91:12:a3:30:19:de:fa:c1:47:f2:
3f:c4:90:7c:0a:1e:d6:82:c8:fc:d8:9c:82:40:13:
55:86:a8:7d:00:15:89:c3:a8:bb:66:73:4b:60:4a:
4f:8b:3f:00:d2:dc:eb:a9:5e:c5:91:c3:8a:1d:f8:
5f:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:7C:66:70:F2:5A:FD:31:C7:13:CB:A5:F6:2F:D5:38:EB:91:4F:7B
X509v3 Authority Key Identifier:
keyid:0F:65:BD:21:C6:83:20:7D:A0:C3:9F:B3:79:85:35:AF:49:E0:BF:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2W9IcaDIH2gw5-zeYU1r0ngv_U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/D2W9IcaDIH2gw5-zeYU1r0ngv_U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/D2W9IcaDIH2gw5-zeYU1r0ngv_U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
77:31:91:41:56:a8:31:30:cb:5e:d2:75:88:bd:61:9d:e3:9e:
45:81:a7:ee:02:50:0b:8a:05:e4:3a:8d:30:90:3e:6c:e4:3d:
3e:94:d9:08:45:fa:0f:e2:4d:4a:56:29:06:3a:c1:e5:b7:a0:
b5:b4:c0:af:85:95:90:f0:30:24:c6:0b:1c:c6:d1:60:8a:c1:
ff:7e:49:b0:ff:25:2b:62:04:5a:5b:32:eb:d0:fb:49:c6:a5:
7a:c2:57:13:ac:f4:d7:35:e2:29:da:14:2d:4c:cd:6d:28:f5:
80:fa:d6:2b:18:a8:39:46:8b:1a:7f:9c:e8:48:6d:ef:f0:cc:
b7:d9:23:67:e8:2a:5a:af:97:90:f0:72:28:52:17:4e:97:a3:
65:c3:aa:16:14:d5:80:c7:91:d0:8e:a6:da:82:b1:ff:26:94:
d4:ac:6f:c9:43:d6:49:07:e2:fb:6a:51:81:77:4b:be:0a:28:
eb:8c:a9:52:da:d0:db:94:83:9d:ae:14:7f:25:b3:89:b2:b9:
d1:f7:65:10:4a:f5:9b:49:21:69:62:77:04:87:5f:a5:9a:1d:
ef:49:4b:3f:50:0c:20:92:11:1a:40:c9:31:94:a7:5e:8c:cf:
b0:70:bd:ee:26:54:fa:15:42:8c:17:05:4f:43:93:0a:60:89:
68:00:ac:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CbWVU/0FCshhHCnEEKE1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjViZDIxYzY4MzIwN2RhMGMzOWZiMzc5ODUzNWFmNDll
MGJmZjUwHhcNMjYwMzI5MTAwMDMwWhcNMjYwMzMwMTAwMDMwWjAzMTEwLwYDVQQD
EygzZjdjNjY3MGYyNWFmZDMxYzcxM2NiYTVmNjJmZDUzOGViOTE0ZjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA288F0ZfgFW84fOkjDnJO4zYWhgtA
z4fZF2R0WAX2GSTk0AYmWAEIEAECwc7TBqiTO8U+QgmIZE5fO2cKC3tZqW1bcLpU
1LKDzyKr0MPjYQ6xuSQjehvufsbqhubOpgH/Y2bR1BZ9VUhNMUMPMNjuMvXpLD1k
OdAUtfiQT2JSlNJm/5xYTfzWRUpOYheSeIx3y2Rux6/3+/d8O0O8xSd9V/cKJ+Eg
lUZuKfNltHOuRC6+h+Qjxv6Px5isiaWSkAgxIjTMZHifJpESozAZ3vrBR/I/xJB8
Ch7Wgsj82JyCQBNVhqh9ABWJw6i7ZnNLYEpPiz8A0tzrqV7FkcOKHfhfXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD98ZnDyWv0xxxPLpfYv1TjrkU97MB8GA1UdIwQY
MBaAFA9lvSHGgyB9oMOfs3mFNa9J4L/1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJXOUljYURJSDJndzUtemVZVTFyMG5ndl9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS80YTk5OWYtZDFmYS00ODg3LWJhZTgt
ZTIzZjEwZTRiOTFjLzEvRDJXOUljYURJSDJndzUtemVZVTFyMG5ndl9VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS80YTk5OWYtZDFmYS00ODg3LWJhZTgtZTIzZjEwZTRiOTFj
LzEvRDJXOUljYURJSDJndzUtemVZVTFyMG5ndl9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdzGRQVao
MTDLXtJ1iL1hneOeRYGn7gJQC4oF5DqNMJA+bOQ9PpTZCEX6D+JNSlYpBjrB5beg
tbTAr4WVkPAwJMYLHMbRYIrB/35JsP8lK2IEWlsy69D7ScalesJXE6z01zXiKdoU
LUzNbSj1gPrWKxioOUaLGn+c6Eht7/DMt9kjZ+gqWq+XkPByKFIXTpejZcOqFhTV
gMeR0I6m2oKx/yaU1KxvyUPWSQfi+2pRgXdLvgoo64ypUtrQ25SDna4UfyWzibK5
0fdlEEr1m0khaWJ3BIdfpZod70lLP1AMIJIRGkDJMZSnXozPsHC97iZU+hVCjBcF
T0OTCmCJaACsTQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 16:58:16 2026 by rpki-client