Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/52476d-a794-47d5-8f50-aeda824678d4/1/cr0ONuHCAjBKNRM7EWZmJeXW5e8.mft
File: cr0ONuHCAjBKNRM7EWZmJeXW5e8.mft (raw, json)
Hash identifier: 0KWNpNcdxarFfyb0Pyb2jlAt0b3aXJTtcDhT/D1l898=
Subject key identifier: 95:EC:B8:2A:49:26:32:30:A3:E8:1E:57:FB:CA:4A:29:5A:12:02:5E
Authority key identifier: 72:BD:0E:36:E1:C2:02:30:4A:35:13:3B:11:66:66:25:E5:D6:E5:EF
Certificate issuer: /CN=72bd0e36e1c202304a35133b11666625e5d6e5ef
Certificate serial: 019D39AF1188F21BFC58E134E93900D52376
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cr0ONuHCAjBKNRM7EWZmJeXW5e8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/52476d-a794-47d5-8f50-aeda824678d4/1/cr0ONuHCAjBKNRM7EWZmJeXW5e8.mft
Manifest number: 0C31
Signing time: Sun 29 Mar 2026 13:01:07 +0000
Manifest this update: Sun 29 Mar 2026 13:01:07 +0000
Manifest next update: Mon 30 Mar 2026 13:01:07 +0000
Files and hashes: 1: YzB7lmnaxe6KzTZ2IQfFLWEotnY.roa (hash: E0OkGaGBq/geU/X0+E6JxDiI+vPM6+Zn92glPSSxcDs=)
2: cr0ONuHCAjBKNRM7EWZmJeXW5e8.crl (hash: SJjNs8HzwsZ2mijArCNkS4tUKUwhK9A8/PV78AIGKHw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/52476d-a794-47d5-8f50-aeda824678d4/1/cr0ONuHCAjBKNRM7EWZmJeXW5e8.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/52476d-a794-47d5-8f50-aeda824678d4/1/cr0ONuHCAjBKNRM7EWZmJeXW5e8.mft
rsync://rpki.ripe.net/repository/DEFAULT/cr0ONuHCAjBKNRM7EWZmJeXW5e8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:af:11:88:f2:1b:fc:58:e1:34:e9:39:00:d5:23:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72bd0e36e1c202304a35133b11666625e5d6e5ef
Validity
Not Before: Mar 29 13:01:07 2026 GMT
Not After : Mar 30 13:01:07 2026 GMT
Subject: CN=95ecb82a49263230a3e81e57fbca4a295a12025e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:77:93:3b:ec:18:f6:23:56:79:c9:c4:20:2f:
9c:ef:12:47:7a:3c:c3:a9:d0:20:fd:bb:24:8e:17:
c2:36:21:41:47:8c:5f:8a:e7:d7:3b:d9:31:b0:06:
94:65:a0:3e:bb:26:2b:37:66:90:5c:78:28:b1:ac:
ab:10:32:d7:fb:6f:c6:d7:64:2e:65:35:36:f0:67:
f2:50:66:ef:b7:a9:1a:bb:e6:3a:bb:bc:ec:c2:1a:
7d:bb:6f:93:82:84:a1:33:32:99:8b:11:c7:fd:8a:
a8:93:b2:03:30:fc:3d:bd:d6:11:b5:43:33:89:1e:
fc:f0:6e:c8:1c:34:ec:9a:b8:06:16:1c:49:d2:9a:
e4:ba:bd:ca:77:5d:0c:49:79:0b:f5:40:4d:f0:fe:
04:50:37:bf:9e:bc:eb:56:e5:9a:f5:ce:b8:7d:37:
4a:97:dd:97:89:ce:03:23:95:88:d5:73:e1:01:b2:
a0:f0:d5:f1:b3:b2:e9:dc:91:d5:2a:13:68:4c:f1:
dd:22:26:aa:4e:36:40:a5:80:cc:8b:8f:61:fa:a3:
3d:ed:be:e7:ac:57:46:12:cf:0c:f1:fd:78:50:1a:
05:59:b7:7e:78:6f:14:68:2f:91:16:f2:8b:8d:c1:
77:5d:b8:65:af:24:36:84:51:3c:f0:ce:ab:99:50:
c5:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:EC:B8:2A:49:26:32:30:A3:E8:1E:57:FB:CA:4A:29:5A:12:02:5E
X509v3 Authority Key Identifier:
keyid:72:BD:0E:36:E1:C2:02:30:4A:35:13:3B:11:66:66:25:E5:D6:E5:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cr0ONuHCAjBKNRM7EWZmJeXW5e8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/52476d-a794-47d5-8f50-aeda824678d4/1/cr0ONuHCAjBKNRM7EWZmJeXW5e8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/52476d-a794-47d5-8f50-aeda824678d4/1/cr0ONuHCAjBKNRM7EWZmJeXW5e8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
d5:00:1f:28:9f:10:e8:2a:1f:22:ea:ca:5b:9b:b1:e0:2d:77:
4a:3e:91:e7:4d:97:76:34:9e:3a:0c:7b:3c:73:52:81:10:a2:
99:af:1b:ae:e3:2e:8d:58:fd:b6:b2:21:75:9f:bc:33:05:9d:
9e:f1:27:ce:ae:bf:18:8b:7b:eb:b4:88:c9:3f:bd:e3:ee:3e:
5c:06:ab:ae:b9:a8:21:03:08:c7:a4:ec:7c:fa:9e:2d:f1:8b:
26:8b:31:1a:fe:02:1b:ea:48:d4:74:2a:05:23:66:00:7c:a1:
c3:7b:da:63:d2:b7:7a:59:85:f6:c3:5d:8d:a0:4f:1f:a8:3b:
7b:68:14:28:39:d5:5c:56:67:a1:4c:b8:dc:8e:4b:80:ef:c9:
d6:4c:04:8b:d4:14:ef:62:46:9b:00:c1:bc:cf:a6:2b:1f:30:
36:95:22:c1:90:ac:c5:08:b8:a1:f1:c5:10:b5:6e:30:d6:20:
35:8d:49:db:24:74:26:c8:dd:9c:a2:12:e9:1d:f3:00:e1:0f:
b1:cb:0a:e5:f8:b8:aa:2a:c5:62:da:b2:6e:65:33:ac:4b:1a:
d5:00:95:9e:20:42:c9:6d:46:03:9e:34:b1:f3:46:f5:68:11:
ee:2d:3e:c3:f7:87:a9:33:37:78:ee:66:16:e4:b9:e3:bb:69:
3c:93:30:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rxGI8hv8WOE06TkA1SN2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYmQwZTM2ZTFjMjAyMzA0YTM1MTMzYjExNjY2NjI1ZTVk
NmU1ZWYwHhcNMjYwMzI5MTMwMTA3WhcNMjYwMzMwMTMwMTA3WjAzMTEwLwYDVQQD
Eyg5NWVjYjgyYTQ5MjYzMjMwYTNlODFlNTdmYmNhNGEyOTVhMTIwMjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvneTO+wY9iNWecnEIC+c7xJHejzD
qdAg/bskjhfCNiFBR4xfiufXO9kxsAaUZaA+uyYrN2aQXHgosayrEDLX+2/G12Qu
ZTU28GfyUGbvt6kau+Y6u7zswhp9u2+TgoShMzKZixHH/Yqok7IDMPw9vdYRtUMz
iR788G7IHDTsmrgGFhxJ0prkur3Kd10MSXkL9UBN8P4EUDe/nrzrVuWa9c64fTdK
l92Xic4DI5WI1XPhAbKg8NXxs7Lp3JHVKhNoTPHdIiaqTjZApYDMi49h+qM97b7n
rFdGEs8M8f14UBoFWbd+eG8UaC+RFvKLjcF3XbhlryQ2hFE88M6rmVDFmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJXsuCpJJjIwo+geV/vKSilaEgJeMB8GA1UdIwQY
MBaAFHK9DjbhwgIwSjUTOxFmZiXl1uXvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3IwT051SENBakJLTlJNN0VXWm1KZVhXNWU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC81MjQ3NmQtYTc5NC00N2Q1LThmNTAt
YWVkYTgyNDY3OGQ0LzEvY3IwT051SENBakJLTlJNN0VXWm1KZVhXNWU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC81MjQ3NmQtYTc5NC00N2Q1LThmNTAtYWVkYTgyNDY3OGQ0
LzEvY3IwT051SENBakJLTlJNN0VXWm1KZVhXNWU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1QAfKJ8Q
6CofIurKW5ux4C13Sj6R502XdjSeOgx7PHNSgRCima8bruMujVj9trIhdZ+8MwWd
nvEnzq6/GIt767SIyT+94+4+XAarrrmoIQMIx6TsfPqeLfGLJosxGv4CG+pI1HQq
BSNmAHyhw3vaY9K3elmF9sNdjaBPH6g7e2gUKDnVXFZnoUy43I5LgO/J1kwEi9QU
72JGmwDBvM+mKx8wNpUiwZCsxQi4ofHFELVuMNYgNY1J2yR0JsjdnKIS6R3zAOEP
scsK5fi4qirFYtqybmUzrEsa1QCVniBCyW1GA540sfNG9WgR7i0+w/eHqTM3eO5m
FuS547tpPJMwCw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:00:35 2026 by rpki-client