Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/dfGnY3RcJdrSj0qBFmiOgs4SAos.mft
File: dfGnY3RcJdrSj0qBFmiOgs4SAos.mft (raw, json)
Hash identifier: RBFfwWuR6QvLrZkWnNB8Dp+zz0FTy5HLst5U4CCMIqI=
Subject key identifier: E6:7E:D3:CC:57:D2:B5:EB:9C:06:35:3D:D4:A5:77:37:F4:3D:9F:69
Authority key identifier: 75:F1:A7:63:74:5C:25:DA:D2:8F:4A:81:16:68:8E:82:CE:12:02:8B
Certificate issuer: /CN=75f1a763745c25dad28f4a8116688e82ce12028b
Certificate serial: 019D0F698AF2775C16A8430301875C910AA4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dfGnY3RcJdrSj0qBFmiOgs4SAos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/dfGnY3RcJdrSj0qBFmiOgs4SAos.mft
Manifest number: 16A1
Signing time: Sat 21 Mar 2026 08:01:08 +0000
Manifest this update: Sat 21 Mar 2026 08:01:08 +0000
Manifest next update: Sun 22 Mar 2026 08:01:08 +0000
Files and hashes: 1: dfGnY3RcJdrSj0qBFmiOgs4SAos.crl (hash: zYCFNEGhrWYdq4g77F9NZeUx5yzGI+Nqhze+OR6yWhQ=)
2: r51G36-SetuHZD_3jiNwB4dx7Wo.roa (hash: V4MD7ZgRQakaXzVvC+xHIbnQN7EcZaGY5X7pj9GMtGk=)
3: z9mvcCRCkYuHKKd00BlCEYA9eQU.roa (hash: mRPfZgnI9elFYBzB1KqCj8Oo2adMJczMgSykoYWKKi4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/dfGnY3RcJdrSj0qBFmiOgs4SAos.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/dfGnY3RcJdrSj0qBFmiOgs4SAos.mft
rsync://rpki.ripe.net/repository/DEFAULT/dfGnY3RcJdrSj0qBFmiOgs4SAos.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 08:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:0f:69:8a:f2:77:5c:16:a8:43:03:01:87:5c:91:0a:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75f1a763745c25dad28f4a8116688e82ce12028b
Validity
Not Before: Mar 21 08:01:08 2026 GMT
Not After : Mar 22 08:01:08 2026 GMT
Subject: CN=e67ed3cc57d2b5eb9c06353dd4a57737f43d9f69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0b:dc:6b:89:ef:20:9f:06:2e:f5:7f:32:65:
19:b4:b2:df:6a:25:79:d5:b8:5e:84:51:49:43:ce:
e4:07:c9:d8:12:3a:e1:20:1e:29:93:41:9f:7f:70:
94:96:43:f9:88:83:e4:f9:b1:c0:4b:28:c3:d2:0e:
4e:0d:9c:0c:1f:84:50:50:56:58:bc:c8:8d:f4:bc:
d0:eb:85:b8:8f:ce:0d:d8:a3:17:b6:c5:e8:18:de:
1b:17:ce:89:04:d2:dd:22:87:16:62:15:ba:f0:dd:
6f:e5:b7:56:51:95:86:55:08:68:88:51:dc:fd:2e:
e5:18:07:1d:b1:a5:c1:2a:58:44:ea:51:6d:8b:bf:
0c:f7:f5:a1:05:3f:db:f8:0f:19:49:82:8e:05:a6:
40:de:0b:6f:4f:0b:30:d7:73:8d:f3:30:3b:8a:95:
4b:16:8b:26:5b:da:45:ce:09:c8:9f:87:06:a5:b5:
b6:f2:a5:30:75:3e:78:b7:76:cf:da:10:75:af:20:
4d:53:03:fd:f1:33:3c:0a:96:d0:1a:15:60:fd:67:
25:ad:89:f1:1a:47:d3:fc:f4:86:10:7d:85:61:99:
05:b5:58:20:d6:38:49:60:85:83:38:04:41:06:fa:
ab:ec:58:a8:cd:60:25:c7:de:77:c1:ba:3f:c1:05:
6e:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:7E:D3:CC:57:D2:B5:EB:9C:06:35:3D:D4:A5:77:37:F4:3D:9F:69
X509v3 Authority Key Identifier:
keyid:75:F1:A7:63:74:5C:25:DA:D2:8F:4A:81:16:68:8E:82:CE:12:02:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dfGnY3RcJdrSj0qBFmiOgs4SAos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/dfGnY3RcJdrSj0qBFmiOgs4SAos.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/dfGnY3RcJdrSj0qBFmiOgs4SAos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
79:e4:f3:ba:7a:1a:07:24:af:48:48:71:7e:28:2f:f4:c3:a7:
71:ff:21:6a:fa:d5:ed:6a:50:43:72:e9:67:88:5b:23:ed:32:
26:ee:c5:dc:87:80:5f:c9:54:fd:07:1a:62:41:ba:4f:14:64:
0f:6c:52:49:df:64:3e:46:d4:ac:38:26:aa:7e:7b:ac:d6:df:
51:d0:5e:12:25:14:84:37:75:d6:ab:91:f5:7b:18:47:c3:ed:
a4:00:b5:08:ba:94:14:b7:4c:ce:63:7c:f1:56:13:c3:b1:d0:
06:aa:4d:d6:ae:de:bd:29:16:ac:20:95:96:89:94:06:7f:95:
ca:15:7a:9f:c2:e5:63:4d:1f:98:44:1c:9e:06:56:f6:32:d3:
07:4a:72:7e:ad:c2:db:18:c8:b3:f1:79:28:2f:fa:b0:8b:07:
a4:e1:5a:c4:75:eb:d1:a8:d5:86:41:68:a7:83:02:c0:01:35:
08:2d:ad:b8:d2:9a:e1:5e:1f:b2:35:26:91:5f:2e:83:aa:0b:
63:ce:a5:f8:0b:86:44:0d:8e:a3:83:48:5e:ae:82:9b:51:fd:
2b:1f:e5:d4:a6:26:44:98:de:29:aa:45:68:0f:84:12:61:47:
08:e3:fb:d5:a7:b0:cb:b8:d6:11:bf:a6:c3:71:f0:7e:06:49:
8a:05:be:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0PaYryd1wWqEMDAYdckQqkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZjFhNzYzNzQ1YzI1ZGFkMjhmNGE4MTE2Njg4ZTgyY2Ux
MjAyOGIwHhcNMjYwMzIxMDgwMTA4WhcNMjYwMzIyMDgwMTA4WjAzMTEwLwYDVQQD
EyhlNjdlZDNjYzU3ZDJiNWViOWMwNjM1M2RkNGE1NzczN2Y0M2Q5ZjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugvca4nvIJ8GLvV/MmUZtLLfaiV5
1bhehFFJQ87kB8nYEjrhIB4pk0Gff3CUlkP5iIPk+bHASyjD0g5ODZwMH4RQUFZY
vMiN9LzQ64W4j84N2KMXtsXoGN4bF86JBNLdIocWYhW68N1v5bdWUZWGVQhoiFHc
/S7lGAcdsaXBKlhE6lFti78M9/WhBT/b+A8ZSYKOBaZA3gtvTwsw13ON8zA7ipVL
FosmW9pFzgnIn4cGpbW28qUwdT54t3bP2hB1ryBNUwP98TM8CpbQGhVg/WclrYnx
GkfT/PSGEH2FYZkFtVgg1jhJYIWDOARBBvqr7FiozWAlx953wbo/wQVuNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOZ+08xX0rXrnAY1PdSldzf0PZ9pMB8GA1UdIwQY
MBaAFHXxp2N0XCXa0o9KgRZojoLOEgKLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGZHblkzUmNKZHJTajBxQkZtaU9nczRTQW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi85ODBlNjYtMzYzMS00ZmRlLThlMmQt
Yzg0OWJjMGYzNTliLzEvZGZHblkzUmNKZHJTajBxQkZtaU9nczRTQW9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi85ODBlNjYtMzYzMS00ZmRlLThlMmQtYzg0OWJjMGYzNTli
LzEvZGZHblkzUmNKZHJTajBxQkZtaU9nczRTQW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeeTzunoa
BySvSEhxfigv9MOncf8havrV7WpQQ3LpZ4hbI+0yJu7F3IeAX8lU/QcaYkG6TxRk
D2xSSd9kPkbUrDgmqn57rNbfUdBeEiUUhDd11quR9XsYR8PtpAC1CLqUFLdMzmN8
8VYTw7HQBqpN1q7evSkWrCCVlomUBn+VyhV6n8LlY00fmEQcngZW9jLTB0pyfq3C
2xjIs/F5KC/6sIsHpOFaxHXr0ajVhkFop4MCwAE1CC2tuNKa4V4fsjUmkV8ug6oL
Y86l+AuGRA2Oo4NIXq6Cm1H9Kx/l1KYmRJjeKapFaA+EEmFHCOP71aewy7jWEb+m
w3HwfgZJigW+LA==
-----END CERTIFICATE-----
Generated at Sat Mar 21 18:50:49 2026 by rpki-client