Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/cbf425-b958-4e49-9c96-8356d2d42771/1/6OcnETayGhWK70CdMOLGAB1bDak.mft
File: 6OcnETayGhWK70CdMOLGAB1bDak.mft (raw, json)
Hash identifier: ljUUpzeahGSp2Eqz6CnM6uyezcDlibZKML9E9u8bWI4=
Subject key identifier: 37:12:33:41:BD:C7:8F:CB:E0:8A:B1:4F:09:08:DF:92:57:68:CD:2C
Authority key identifier: E8:E7:27:11:36:B2:1A:15:8A:EF:40:9D:30:E2:C6:00:1D:5B:0D:A9
Certificate issuer: /CN=e8e7271136b21a158aef409d30e2c6001d5b0da9
Certificate serial: 019D371BB3475AB590C463B63EFBE871FA63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6OcnETayGhWK70CdMOLGAB1bDak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/cbf425-b958-4e49-9c96-8356d2d42771/1/6OcnETayGhWK70CdMOLGAB1bDak.mft
Manifest number: 11E5
Signing time: Sun 29 Mar 2026 01:00:55 +0000
Manifest this update: Sun 29 Mar 2026 01:00:55 +0000
Manifest next update: Mon 30 Mar 2026 01:00:55 +0000
Files and hashes: 1: 6OcnETayGhWK70CdMOLGAB1bDak.crl (hash: vuZW4nqetgPMLs/u6yZB72VmQ0kDk3voF/uoyQWVXn0=)
2: BgOBkzwZiai7TWETAvn_IWE9YOQ.roa (hash: eYdWajw2NgiVsKV9NY6WqUM6UWy1PFC1+5llbrmRKeE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/cbf425-b958-4e49-9c96-8356d2d42771/1/6OcnETayGhWK70CdMOLGAB1bDak.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/cbf425-b958-4e49-9c96-8356d2d42771/1/6OcnETayGhWK70CdMOLGAB1bDak.mft
rsync://rpki.ripe.net/repository/DEFAULT/6OcnETayGhWK70CdMOLGAB1bDak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 01:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:1b:b3:47:5a:b5:90:c4:63:b6:3e:fb:e8:71:fa:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8e7271136b21a158aef409d30e2c6001d5b0da9
Validity
Not Before: Mar 29 01:00:55 2026 GMT
Not After : Mar 30 01:00:55 2026 GMT
Subject: CN=37123341bdc78fcbe08ab14f0908df925768cd2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:06:5e:90:0d:70:78:21:11:fa:2e:45:34:27:
d4:2c:04:ae:e4:8d:e9:d2:cc:2c:6f:d7:1b:2f:4e:
64:a5:ba:f6:d0:4c:4b:f0:85:80:75:fb:36:fe:02:
40:45:f7:4a:01:a5:fe:d3:be:e5:87:c1:a4:ba:d5:
69:e3:13:b0:60:c2:bf:d3:f5:af:c0:1a:a3:f5:ce:
4a:b7:4f:13:ea:2f:2e:1c:c1:5c:43:aa:bc:a1:2e:
18:ac:9d:d1:59:3a:ea:d0:ed:17:6e:0f:06:04:00:
b0:b9:af:3b:71:8a:75:ff:26:3f:2f:61:04:8c:d6:
94:f1:91:3e:00:2d:c5:5b:ee:96:05:bb:9d:46:76:
19:64:0b:0b:6f:cf:c0:75:cc:ca:db:7b:68:77:76:
74:9f:de:28:77:58:d9:08:e6:70:ac:fe:fd:80:13:
19:e4:e2:00:25:6c:36:5d:02:fc:71:7b:d9:6c:9c:
8a:5a:7d:32:98:58:4e:7e:a8:11:12:48:18:42:e2:
6e:37:ee:ba:14:e5:9a:c2:d2:ad:e2:09:9e:4b:2b:
1c:94:55:5f:5d:54:a3:59:e4:3f:b6:2c:af:4c:78:
ec:76:21:f8:2c:04:04:65:da:90:07:1d:a6:c7:a9:
17:71:99:30:bc:5c:fb:f5:57:a2:ca:f8:0b:fb:41:
0a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:12:33:41:BD:C7:8F:CB:E0:8A:B1:4F:09:08:DF:92:57:68:CD:2C
X509v3 Authority Key Identifier:
keyid:E8:E7:27:11:36:B2:1A:15:8A:EF:40:9D:30:E2:C6:00:1D:5B:0D:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6OcnETayGhWK70CdMOLGAB1bDak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/cbf425-b958-4e49-9c96-8356d2d42771/1/6OcnETayGhWK70CdMOLGAB1bDak.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/cbf425-b958-4e49-9c96-8356d2d42771/1/6OcnETayGhWK70CdMOLGAB1bDak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
18:d1:cd:0c:c2:6d:fb:57:29:73:37:1f:31:3d:16:5d:a5:65:
14:b1:41:74:f4:1e:8c:c0:72:d6:e5:9a:a9:0f:46:62:a6:27:
b1:60:c2:07:b9:b4:0e:7d:e7:66:c1:0c:15:97:ec:68:ff:c4:
a2:f0:89:4f:3d:76:29:02:b1:76:67:f5:68:f3:af:37:fa:dd:
ca:81:98:02:0d:c3:37:7f:43:d0:db:a1:15:f4:d3:3d:e1:1a:
d8:87:34:4f:f1:6c:82:19:a6:c3:e0:e5:93:69:35:22:08:1a:
e3:d4:54:cc:d4:7d:ac:5c:9e:83:2f:a8:0f:b5:bb:6c:c0:e2:
29:67:90:0a:48:20:c0:c1:04:fd:85:b3:db:0d:29:c0:ca:34:
13:8f:34:4d:7a:96:dc:e4:3f:b0:d4:40:da:17:b8:0b:4c:83:
1f:97:85:e5:c6:1f:67:23:27:48:b3:68:7d:fd:96:a6:69:94:
e8:9b:1b:41:a0:14:e0:8b:f8:a7:99:bc:08:ab:a8:d4:6d:36:
4c:b9:3e:c2:d6:b2:8a:45:29:e8:b3:56:f4:3e:01:a2:8d:6c:
c0:b0:0b:97:3f:c2:e2:f5:b6:67:9d:7b:e0:8e:ef:f6:07:51:
04:4f:c2:b6:20:48:69:57:02:19:0d:68:88:e9:e2:63:a3:2a:
9e:f2:9b:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03G7NHWrWQxGO2PvvocfpjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4ZTcyNzExMzZiMjFhMTU4YWVmNDA5ZDMwZTJjNjAwMWQ1
YjBkYTkwHhcNMjYwMzI5MDEwMDU1WhcNMjYwMzMwMDEwMDU1WjAzMTEwLwYDVQQD
EygzNzEyMzM0MWJkYzc4ZmNiZTA4YWIxNGYwOTA4ZGY5MjU3NjhjZDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wZekA1weCER+i5FNCfULASu5I3p
0swsb9cbL05kpbr20ExL8IWAdfs2/gJARfdKAaX+077lh8GkutVp4xOwYMK/0/Wv
wBqj9c5Kt08T6i8uHMFcQ6q8oS4YrJ3RWTrq0O0Xbg8GBACwua87cYp1/yY/L2EE
jNaU8ZE+AC3FW+6WBbudRnYZZAsLb8/AdczK23tod3Z0n94od1jZCOZwrP79gBMZ
5OIAJWw2XQL8cXvZbJyKWn0ymFhOfqgREkgYQuJuN+66FOWawtKt4gmeSysclFVf
XVSjWeQ/tiyvTHjsdiH4LAQEZdqQBx2mx6kXcZkwvFz79VeiyvgL+0EKiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDcSM0G9x4/L4IqxTwkI35JXaM0sMB8GA1UdIwQY
MBaAFOjnJxE2shoViu9AnTDixgAdWw2pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNk9jbkVUYXlHaFdLNzBDZE1PTEdBQjFiRGFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9jYmY0MjUtYjk1OC00ZTQ5LTljOTYt
ODM1NmQyZDQyNzcxLzEvNk9jbkVUYXlHaFdLNzBDZE1PTEdBQjFiRGFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9jYmY0MjUtYjk1OC00ZTQ5LTljOTYtODM1NmQyZDQyNzcx
LzEvNk9jbkVUYXlHaFdLNzBDZE1PTEdBQjFiRGFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGNHNDMJt
+1cpczcfMT0WXaVlFLFBdPQejMBy1uWaqQ9GYqYnsWDCB7m0Dn3nZsEMFZfsaP/E
ovCJTz12KQKxdmf1aPOvN/rdyoGYAg3DN39D0NuhFfTTPeEa2Ic0T/Fsghmmw+Dl
k2k1Igga49RUzNR9rFyegy+oD7W7bMDiKWeQCkggwMEE/YWz2w0pwMo0E480TXqW
3OQ/sNRA2he4C0yDH5eF5cYfZyMnSLNoff2WpmmU6JsbQaAU4Iv4p5m8CKuo1G02
TLk+wtayikUp6LNW9D4Boo1swLALlz/C4vW2Z5174I7v9gdRBE/CtiBIaVcCGQ1o
iOniY6MqnvKbXQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:13:25 2026 by rpki-client