Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
File: a0P3ovQ2ixel4DXOS9km-KFC1os.mft (raw, json)
Hash identifier: +NybSDoNyXYHCcru2GQdTaB4HpKpI2oxxTvRE31zIbc=
Subject key identifier: BC:DB:3E:8E:4C:B0:6A:31:21:B2:4A:CF:B0:A8:D9:B8:F4:3A:9C:55
Authority key identifier: 6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B
Certificate issuer: /CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b
Certificate serial: 019EB87C61CB4F82DE81A7DDC303C6FB7989
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
Manifest number: 1955
Signing time: Thu 11 Jun 2026 21:00:19 +0000
Manifest this update: Thu 11 Jun 2026 21:00:19 +0000
Manifest next update: Fri 12 Jun 2026 21:00:19 +0000
Files and hashes: 1: MuWBM4y_8sU7g6FEyEJdZpch7MA.roa (hash: polciHBhuEIudcpVsohkilsNPMnWK3IMSBDrJXYyToE=)
2: a0P3ovQ2ixel4DXOS9km-KFC1os.crl (hash: kqMN7iPTfWd2Z7692dPmJX+Wr3W4IhwMf5dxZspDFrc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 21:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b8:7c:61:cb:4f:82:de:81:a7:dd:c3:03:c6:fb:79:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b
Validity
Not Before: Jun 11 21:00:19 2026 GMT
Not After : Jun 12 21:00:19 2026 GMT
Subject: CN=bcdb3e8e4cb06a3121b24acfb0a8d9b8f43a9c55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b2:c0:f7:57:32:2e:87:be:27:c1:5a:fe:24:
ad:f2:f5:d0:a9:f5:ec:d4:eb:ec:7b:af:8f:f9:3c:
e3:d0:35:51:c1:f1:c9:10:bf:db:6d:5f:7a:73:01:
91:ed:fd:60:83:4f:c8:9b:ad:a7:cc:8b:7f:83:50:
fc:87:ef:04:ab:ac:b1:80:6f:f7:e1:e9:17:e5:08:
72:b4:29:ad:31:94:3d:d9:68:bb:b5:95:f0:e1:1e:
6b:3f:0e:31:13:0b:e9:76:ec:eb:d6:3b:45:b8:89:
a6:8f:d9:cc:e2:cc:79:6e:97:ad:49:e9:69:0d:ee:
4b:b1:71:3f:af:31:ce:98:40:cc:69:3e:f9:fc:d6:
67:aa:66:15:03:c3:c5:a8:6f:47:66:10:f1:34:28:
a9:64:01:45:8f:2c:2a:a9:dd:5e:32:ce:d3:38:0d:
51:96:f1:87:97:3b:7f:71:64:a2:f5:15:97:81:85:
8f:3f:8e:84:8b:0e:b9:51:bb:a1:cc:73:6f:96:0f:
77:09:38:c7:ce:36:24:cd:a9:90:32:fe:2b:a8:0a:
7d:61:57:37:91:9d:3b:51:39:ec:6c:a2:9c:13:16:
08:3b:a9:b6:64:37:e9:ed:d6:2f:d4:45:a6:c1:ec:
e1:57:39:92:26:1c:8c:46:43:9b:16:ab:3a:d6:f0:
72:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:DB:3E:8E:4C:B0:6A:31:21:B2:4A:CF:B0:A8:D9:B8:F4:3A:9C:55
X509v3 Authority Key Identifier:
keyid:6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2d:45:02:0b:e0:f4:e3:7b:ab:51:91:87:88:97:75:42:84:a2:
77:64:22:24:2b:ea:be:61:08:f1:8a:b2:67:ac:40:11:80:71:
90:91:43:a1:1e:94:13:57:d4:c6:fd:21:2f:41:b6:3b:b7:aa:
5a:53:40:a1:ca:f3:b0:a8:be:e5:c3:c7:61:b0:c6:21:24:33:
78:11:d5:5a:89:38:aa:77:2f:27:0a:2a:7b:35:d0:71:71:ee:
f5:8c:dd:ad:f1:d2:9e:e3:96:df:06:fe:7a:b3:89:51:24:e8:
8b:3a:b4:7c:aa:11:20:4f:f9:79:de:2d:43:56:d4:4b:75:7e:
e2:f2:c5:98:60:6a:4c:59:12:c7:19:37:60:42:bc:ff:4c:5f:
5b:2b:07:a5:e7:ce:c1:b3:9c:32:14:f0:8b:de:1b:cd:69:84:
bf:76:d8:00:eb:4e:0e:46:b3:3f:12:cc:6c:76:b7:33:09:04:
91:bc:e5:f8:96:bb:90:a6:a1:6a:d8:10:71:af:c4:91:cd:35:
a8:e8:a4:23:be:f0:42:9e:3e:57:0c:d4:b6:db:4b:d8:cc:76:
a4:f9:be:ce:db:c7:88:3b:e3:ab:da:33:ce:71:05:57:61:8f:
fe:91:1f:78:96:07:a0:bb:2f:99:f9:2a:14:f6:7f:50:31:73:
28:a5:f4:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ64fGHLT4LegafdwwPG+3mJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNDNmN2EyZjQzNjhiMTdhNWUwMzVjZTRiZDkyNmY4YTE0
MmQ2OGIwHhcNMjYwNjExMjEwMDE5WhcNMjYwNjEyMjEwMDE5WjAzMTEwLwYDVQQD
EyhiY2RiM2U4ZTRjYjA2YTMxMjFiMjRhY2ZiMGE4ZDliOGY0M2E5YzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLLA91cyLoe+J8Fa/iSt8vXQqfXs
1Ovse6+P+Tzj0DVRwfHJEL/bbV96cwGR7f1gg0/Im62nzIt/g1D8h+8Eq6yxgG/3
4ekX5QhytCmtMZQ92Wi7tZXw4R5rPw4xEwvpduzr1jtFuImmj9nM4sx5bpetSelp
De5LsXE/rzHOmEDMaT75/NZnqmYVA8PFqG9HZhDxNCipZAFFjywqqd1eMs7TOA1R
lvGHlzt/cWSi9RWXgYWPP46Eiw65UbuhzHNvlg93CTjHzjYkzamQMv4rqAp9YVc3
kZ07UTnsbKKcExYIO6m2ZDfp7dYv1EWmwezhVzmSJhyMRkObFqs61vBytQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLzbPo5MsGoxIbJKz7Co2bj0OpxVMB8GA1UdIwQY
MBaAFGtD96L0NosXpeA1zkvZJvihQtaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMt
MzViMDMxMzZkZDAzLzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMtMzViMDMxMzZkZDAz
LzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALUUCC+D0
43urUZGHiJd1QoSid2QiJCvqvmEI8YqyZ6xAEYBxkJFDoR6UE1fUxv0hL0G2O7eq
WlNAocrzsKi+5cPHYbDGISQzeBHVWok4qncvJwoqezXQcXHu9YzdrfHSnuOW3wb+
erOJUSToizq0fKoRIE/5ed4tQ1bUS3V+4vLFmGBqTFkSxxk3YEK8/0xfWysHpefO
wbOcMhTwi94bzWmEv3bYAOtODkazPxLMbHa3MwkEkbzl+Ja7kKahatgQca/Ekc01
qOikI77wQp4+VwzUtttL2Mx2pPm+ztvHiDvjq9ozznEFV2GP/pEfeJYHoLsvmfkq
FPZ/UDFzKKX0jg==
-----END CERTIFICATE-----
Generated at Fri Jun 12 07:26:52 2026 by rpki-client