Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/o2n7GRvuUc3HQUppYxl_hrvzE6s.mft
File: o2n7GRvuUc3HQUppYxl_hrvzE6s.mft (raw, json)
Hash identifier: 4+2KMUZ8sq5SdoEL0/Nooe46bpuJv+k/kuW7TPjGlLE=
Subject key identifier: 0D:D8:23:22:58:BC:97:BF:F2:AC:12:8E:10:21:53:1E:B3:FF:B7:71
Authority key identifier: A3:69:FB:19:1B:EE:51:CD:C7:41:4A:69:63:19:7F:86:BB:F3:13:AB
Certificate issuer: /CN=a369fb191bee51cdc7414a6963197f86bbf313ab
Certificate serial: 019D3977CA4F8D10C0604B2A10E3D3DD9EB1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o2n7GRvuUc3HQUppYxl_hrvzE6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/o2n7GRvuUc3HQUppYxl_hrvzE6s.mft
Manifest number: 12F1
Signing time: Sun 29 Mar 2026 12:00:45 +0000
Manifest this update: Sun 29 Mar 2026 12:00:45 +0000
Manifest next update: Mon 30 Mar 2026 12:00:45 +0000
Files and hashes: 1: o2n7GRvuUc3HQUppYxl_hrvzE6s.crl (hash: pH7V6pkNYhCVkO4aDkipBOICj1zTqbYgOOH/RIeHky4=)
2: u-PjOq1WjK6PsqFBvXy59id7R_I.roa (hash: Pz8fOepb3H13pqdKO3L1FSkff2yUOqZGUk6QeB6m10U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/o2n7GRvuUc3HQUppYxl_hrvzE6s.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/o2n7GRvuUc3HQUppYxl_hrvzE6s.mft
rsync://rpki.ripe.net/repository/DEFAULT/o2n7GRvuUc3HQUppYxl_hrvzE6s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:77:ca:4f:8d:10:c0:60:4b:2a:10:e3:d3:dd:9e:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a369fb191bee51cdc7414a6963197f86bbf313ab
Validity
Not Before: Mar 29 12:00:45 2026 GMT
Not After : Mar 30 12:00:45 2026 GMT
Subject: CN=0dd8232258bc97bff2ac128e1021531eb3ffb771
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:4c:be:56:21:04:3c:ee:d6:06:c7:76:5c:b4:
de:c9:37:f7:49:11:73:b2:6f:15:07:0b:22:65:71:
85:f2:68:c2:35:34:60:8d:c7:be:cc:35:a2:11:3f:
66:af:3a:a1:dc:ec:b8:1e:f0:c8:49:c4:f6:37:0f:
9c:c9:42:4f:b5:45:42:19:d3:b2:69:db:af:bb:27:
56:33:b3:f2:b9:68:cf:b8:60:6c:93:35:bf:c9:56:
9c:b6:79:43:8d:28:70:4a:7d:90:74:0d:6b:69:ba:
86:ea:9a:da:2c:38:ea:02:4c:5b:6e:0f:46:85:90:
55:e2:6a:69:0a:44:de:fa:41:61:89:fd:0d:00:9d:
52:0b:e2:78:3b:74:d3:cc:2c:58:24:8c:fb:bf:16:
59:ab:d5:5a:f2:c3:da:00:8d:f3:75:38:4b:d6:3f:
aa:cd:05:6e:be:7e:e2:59:98:e9:83:11:c9:4a:75:
8d:a0:6c:12:c7:85:56:22:d0:89:12:13:a8:c3:8c:
b5:bb:d5:0f:47:07:8d:ed:b2:24:69:3b:63:33:c7:
30:71:c2:c2:bc:c9:01:1c:17:ed:8b:b7:5e:0e:1b:
da:c6:d6:c8:a5:3d:2c:aa:31:68:98:b4:9a:8c:09:
6d:20:4f:f1:b2:21:24:4e:76:2e:5e:f6:c6:fa:27:
10:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:D8:23:22:58:BC:97:BF:F2:AC:12:8E:10:21:53:1E:B3:FF:B7:71
X509v3 Authority Key Identifier:
keyid:A3:69:FB:19:1B:EE:51:CD:C7:41:4A:69:63:19:7F:86:BB:F3:13:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2n7GRvuUc3HQUppYxl_hrvzE6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/o2n7GRvuUc3HQUppYxl_hrvzE6s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/o2n7GRvuUc3HQUppYxl_hrvzE6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
72:fc:96:18:6f:3f:17:e2:d0:a8:00:5c:d9:70:af:6d:cb:84:
94:91:3c:be:20:49:d4:9b:2c:4e:03:19:1e:ab:c3:6d:ae:85:
83:6e:7a:f1:ff:97:46:0a:aa:b1:7c:39:dd:50:07:10:3f:c0:
e3:15:55:a3:c0:7d:6a:cd:df:29:10:52:43:1c:c5:20:f1:2d:
be:82:05:4f:f9:be:1c:1e:7f:f0:9a:fa:f1:c7:e4:5c:1d:6c:
4a:7c:78:8e:94:1d:6d:2e:6c:66:91:7d:02:76:b7:63:cc:b5:
cf:ab:dc:64:8c:a2:ab:4f:d4:8b:01:65:25:e0:77:4a:5f:5e:
7d:67:b4:5b:47:bf:72:7c:bc:e8:e2:e5:62:b7:b8:61:5c:21:
cf:c6:60:e4:84:47:09:a5:ff:2a:73:40:6c:fb:53:37:95:f0:
61:97:46:3e:be:21:5d:de:97:d5:79:f6:c3:f7:7f:c8:f8:34:
bd:8a:01:e2:81:e1:22:6b:27:1d:02:30:2b:04:05:16:b6:c4:
7c:ca:e4:1c:6f:3e:40:76:6a:af:54:ab:1d:a3:fe:a0:8b:48:
1f:3c:51:a1:a3:ed:d3:f5:83:33:ab:4f:5e:20:9a:c5:bd:4a:
fb:63:94:e9:14:69:c9:fd:c7:79:70:75:cd:27:11:b6:c5:a3:
17:48:e1:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d8pPjRDAYEsqEOPT3Z6xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNjlmYjE5MWJlZTUxY2RjNzQxNGE2OTYzMTk3Zjg2YmJm
MzEzYWIwHhcNMjYwMzI5MTIwMDQ1WhcNMjYwMzMwMTIwMDQ1WjAzMTEwLwYDVQQD
EygwZGQ4MjMyMjU4YmM5N2JmZjJhYzEyOGUxMDIxNTMxZWIzZmZiNzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEy+ViEEPO7WBsd2XLTeyTf3SRFz
sm8VBwsiZXGF8mjCNTRgjce+zDWiET9mrzqh3Oy4HvDIScT2Nw+cyUJPtUVCGdOy
aduvuydWM7PyuWjPuGBskzW/yVactnlDjShwSn2QdA1rabqG6praLDjqAkxbbg9G
hZBV4mppCkTe+kFhif0NAJ1SC+J4O3TTzCxYJIz7vxZZq9Va8sPaAI3zdThL1j+q
zQVuvn7iWZjpgxHJSnWNoGwSx4VWItCJEhOow4y1u9UPRweN7bIkaTtjM8cwccLC
vMkBHBfti7deDhvaxtbIpT0sqjFomLSajAltIE/xsiEkTnYuXvbG+icQ2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA3YIyJYvJe/8qwSjhAhUx6z/7dxMB8GA1UdIwQY
MBaAFKNp+xkb7lHNx0FKaWMZf4a78xOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzJuN0dSdnVVYzNIUVVwcFl4bF9ocnZ6RTZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8yMGRhNjAtYzcxOS00YmUxLThlNGYt
ZTE4MDUyZjM4MWJiLzEvbzJuN0dSdnVVYzNIUVVwcFl4bF9ocnZ6RTZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8yMGRhNjAtYzcxOS00YmUxLThlNGYtZTE4MDUyZjM4MWJi
LzEvbzJuN0dSdnVVYzNIUVVwcFl4bF9ocnZ6RTZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcvyWGG8/
F+LQqABc2XCvbcuElJE8viBJ1JssTgMZHqvDba6Fg2568f+XRgqqsXw53VAHED/A
4xVVo8B9as3fKRBSQxzFIPEtvoIFT/m+HB5/8Jr68cfkXB1sSnx4jpQdbS5sZpF9
Ana3Y8y1z6vcZIyiq0/UiwFlJeB3Sl9efWe0W0e/cny86OLlYre4YVwhz8Zg5IRH
CaX/KnNAbPtTN5XwYZdGPr4hXd6X1Xn2w/d/yPg0vYoB4oHhImsnHQIwKwQFFrbE
fMrkHG8+QHZqr1SrHaP+oItIHzxRoaPt0/WDM6tPXiCaxb1K+2OU6RRpyf3HeXB1
zScRtsWjF0jhmA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:54:36 2026 by rpki-client