Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/dfGnY3RcJdrSj0qBFmiOgs4SAos.mft
File: dfGnY3RcJdrSj0qBFmiOgs4SAos.mft (raw, json)
Hash identifier: DOJmpxzQBKjlIhobiaFfnbdZXpthtAnPNEx16qN/xBk=
Subject key identifier: 65:D8:4A:10:0A:78:43:49:93:99:AA:E8:CF:78:92:B2:B9:9E:31:BC
Authority key identifier: 75:F1:A7:63:74:5C:25:DA:D2:8F:4A:81:16:68:8E:82:CE:12:02:8B
Certificate issuer: /CN=75f1a763745c25dad28f4a8116688e82ce12028b
Certificate serial: 019D115818F643D8A09D128E4760EF7859E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dfGnY3RcJdrSj0qBFmiOgs4SAos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/dfGnY3RcJdrSj0qBFmiOgs4SAos.mft
Manifest number: 16A2
Signing time: Sat 21 Mar 2026 17:01:19 +0000
Manifest this update: Sat 21 Mar 2026 17:01:19 +0000
Manifest next update: Sun 22 Mar 2026 17:01:19 +0000
Files and hashes: 1: dfGnY3RcJdrSj0qBFmiOgs4SAos.crl (hash: CQz4YCl5Qa61992h2XWkgF0MyLMxLSKE6ypHxoYstfg=)
2: r51G36-SetuHZD_3jiNwB4dx7Wo.roa (hash: V4MD7ZgRQakaXzVvC+xHIbnQN7EcZaGY5X7pj9GMtGk=)
3: z9mvcCRCkYuHKKd00BlCEYA9eQU.roa (hash: mRPfZgnI9elFYBzB1KqCj8Oo2adMJczMgSykoYWKKi4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/dfGnY3RcJdrSj0qBFmiOgs4SAos.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/dfGnY3RcJdrSj0qBFmiOgs4SAos.mft
rsync://rpki.ripe.net/repository/DEFAULT/dfGnY3RcJdrSj0qBFmiOgs4SAos.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 14:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:11:58:18:f6:43:d8:a0:9d:12:8e:47:60:ef:78:59:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75f1a763745c25dad28f4a8116688e82ce12028b
Validity
Not Before: Mar 21 17:01:19 2026 GMT
Not After : Mar 22 17:01:19 2026 GMT
Subject: CN=65d84a100a7843499399aae8cf7892b2b99e31bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ae:99:b7:c6:68:2a:e9:f6:f1:ee:3a:12:45:
1c:18:98:d4:cc:a2:c9:94:af:15:a3:8c:38:17:79:
eb:4c:3d:57:d0:1d:6f:50:1f:27:be:c7:f9:f9:35:
3c:35:60:77:cf:e8:c5:6f:60:5d:6e:7c:ea:79:fb:
41:b1:70:d7:67:94:b6:08:d0:d4:5a:ae:df:f1:74:
93:64:8b:60:04:5b:7a:fb:6b:e1:a2:7a:88:ac:5f:
5b:74:ab:a5:81:d2:d6:71:fa:49:9e:fa:8c:74:56:
00:b4:08:ba:df:0f:38:2c:eb:11:7e:6e:6d:6d:38:
dd:da:44:b4:57:01:76:b3:ad:4d:c7:70:ee:ab:ff:
4c:dd:48:e7:b4:4a:57:37:1c:08:fe:cc:c8:2f:c1:
2f:82:e4:82:12:77:37:c9:6e:96:e6:55:ed:ce:4f:
d4:a0:bf:53:4f:c4:34:3e:88:29:39:6c:2b:5f:a0:
42:e4:02:4c:1f:dc:38:89:30:90:fc:85:a1:64:6b:
cb:09:aa:30:fe:bf:63:32:f5:f9:bc:2a:bc:de:10:
fc:5f:d3:1d:af:cb:c1:da:16:ad:5f:bf:47:c6:d1:
a7:41:2d:57:27:bd:a4:c8:4c:43:89:25:0a:96:a0:
23:d3:b9:35:1a:c0:66:f9:f9:2a:40:47:23:25:e8:
f6:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:D8:4A:10:0A:78:43:49:93:99:AA:E8:CF:78:92:B2:B9:9E:31:BC
X509v3 Authority Key Identifier:
keyid:75:F1:A7:63:74:5C:25:DA:D2:8F:4A:81:16:68:8E:82:CE:12:02:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dfGnY3RcJdrSj0qBFmiOgs4SAos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/dfGnY3RcJdrSj0qBFmiOgs4SAos.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/dfGnY3RcJdrSj0qBFmiOgs4SAos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4f:fb:35:40:31:04:5e:57:b2:7f:b7:86:d7:36:86:9c:c9:96:
1b:f5:85:a9:9b:a2:21:16:4b:c5:4c:1d:78:80:1b:aa:a2:27:
23:ed:7b:ab:77:d5:06:ea:e2:b0:e4:24:8a:5b:d7:dc:0a:60:
8d:8b:4f:37:52:56:c8:20:00:8f:aa:1d:6c:7a:70:67:31:67:
21:d4:d3:c9:93:b1:2f:e3:38:3b:9b:0e:72:4e:aa:c0:ad:9b:
d1:e9:5c:c0:23:f4:e8:74:18:a5:4b:f7:5c:3b:94:57:3e:21:
2b:ae:9b:9b:a9:91:3e:42:b5:d9:06:9e:f0:0d:71:76:95:b8:
b0:a2:09:6c:04:e8:e0:d5:29:6d:4a:91:4e:b4:ca:64:11:ba:
68:c8:de:77:e0:d1:f6:5a:98:8c:af:a8:b5:5e:6f:dc:0d:72:
f2:83:19:e8:42:03:6d:a0:fb:fc:2b:bd:60:64:b2:5e:97:9e:
97:5d:86:2b:17:74:d7:05:b7:0c:ee:2d:e3:c5:d6:bb:1f:2d:
5b:41:b7:c5:b3:e6:7f:1d:41:b4:ac:8f:a8:f2:a2:24:55:a1:
38:65:a8:6d:ea:cd:82:75:52:d2:6f:a5:55:5e:ac:32:b1:48:
d5:49:71:2e:b2:d6:c7:5f:53:17:3c:16:02:62:8c:c9:de:4a:
6e:d3:38:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0RWBj2Q9ignRKOR2DveFniMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZjFhNzYzNzQ1YzI1ZGFkMjhmNGE4MTE2Njg4ZTgyY2Ux
MjAyOGIwHhcNMjYwMzIxMTcwMTE5WhcNMjYwMzIyMTcwMTE5WjAzMTEwLwYDVQQD
Eyg2NWQ4NGExMDBhNzg0MzQ5OTM5OWFhZThjZjc4OTJiMmI5OWUzMWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAta6Zt8ZoKun28e46EkUcGJjUzKLJ
lK8Vo4w4F3nrTD1X0B1vUB8nvsf5+TU8NWB3z+jFb2BdbnzqeftBsXDXZ5S2CNDU
Wq7f8XSTZItgBFt6+2vhonqIrF9bdKulgdLWcfpJnvqMdFYAtAi63w84LOsRfm5t
bTjd2kS0VwF2s61Nx3Duq/9M3UjntEpXNxwI/szIL8EvguSCEnc3yW6W5lXtzk/U
oL9TT8Q0PogpOWwrX6BC5AJMH9w4iTCQ/IWhZGvLCaow/r9jMvX5vCq83hD8X9Md
r8vB2hatX79HxtGnQS1XJ72kyExDiSUKlqAj07k1GsBm+fkqQEcjJej2DwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGXYShAKeENJk5mq6M94krK5njG8MB8GA1UdIwQY
MBaAFHXxp2N0XCXa0o9KgRZojoLOEgKLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGZHblkzUmNKZHJTajBxQkZtaU9nczRTQW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi85ODBlNjYtMzYzMS00ZmRlLThlMmQt
Yzg0OWJjMGYzNTliLzEvZGZHblkzUmNKZHJTajBxQkZtaU9nczRTQW9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi85ODBlNjYtMzYzMS00ZmRlLThlMmQtYzg0OWJjMGYzNTli
LzEvZGZHblkzUmNKZHJTajBxQkZtaU9nczRTQW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT/s1QDEE
Xleyf7eG1zaGnMmWG/WFqZuiIRZLxUwdeIAbqqInI+17q3fVBurisOQkilvX3Apg
jYtPN1JWyCAAj6odbHpwZzFnIdTTyZOxL+M4O5sOck6qwK2b0elcwCP06HQYpUv3
XDuUVz4hK66bm6mRPkK12Qae8A1xdpW4sKIJbATo4NUpbUqRTrTKZBG6aMjed+DR
9lqYjK+otV5v3A1y8oMZ6EIDbaD7/Cu9YGSyXpeel12GKxd01wW3DO4t48XWux8t
W0G3xbPmfx1BtKyPqPKiJFWhOGWoberNgnVS0m+lVV6sMrFI1UlxLrLWx19TFzwW
AmKMyd5KbtM4UA==
-----END CERTIFICATE-----
Generated at Sat Mar 21 20:02:47 2026 by rpki-client