Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/d16463-89be-4f5b-b2f2-acc41cacf7e1/1/y9lerW0qHa8u9oestMKedgdrKAk.mft
File: y9lerW0qHa8u9oestMKedgdrKAk.mft (raw, json)
Hash identifier: ky1EKtmd4vo0YpmSWkalLRFmYbngB0pY870ApQqawKI=
Subject key identifier: 0C:42:73:C3:D8:E5:0F:C1:14:60:36:A9:8B:AC:28:67:8C:85:BD:8A
Authority key identifier: CB:D9:5E:AD:6D:2A:1D:AF:2E:F6:87:AC:B4:C2:9E:76:07:6B:28:09
Certificate issuer: /CN=cbd95ead6d2a1daf2ef687acb4c29e76076b2809
Certificate serial: 019D3AC1EEF1FEC3FC696314A666701F3F34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y9lerW0qHa8u9oestMKedgdrKAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/d16463-89be-4f5b-b2f2-acc41cacf7e1/1/y9lerW0qHa8u9oestMKedgdrKAk.mft
Manifest number: 0C72
Signing time: Sun 29 Mar 2026 18:01:21 +0000
Manifest this update: Sun 29 Mar 2026 18:01:21 +0000
Manifest next update: Mon 30 Mar 2026 18:01:21 +0000
Files and hashes: 1: ghGc2Lv7TcfrmuH9YITRm12nsM0.roa (hash: qhSH7nSb+oaxjGNhsFsYHQ6vShtNbUb1gAOSPr8PZts=)
2: y9lerW0qHa8u9oestMKedgdrKAk.crl (hash: zK9xSK/2sNIutXS7KgYSkzr+WQlP4AtHDeohIcouDlk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/d16463-89be-4f5b-b2f2-acc41cacf7e1/1/y9lerW0qHa8u9oestMKedgdrKAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/d16463-89be-4f5b-b2f2-acc41cacf7e1/1/y9lerW0qHa8u9oestMKedgdrKAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/y9lerW0qHa8u9oestMKedgdrKAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 16:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3a:c1:ee:f1:fe:c3:fc:69:63:14:a6:66:70:1f:3f:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbd95ead6d2a1daf2ef687acb4c29e76076b2809
Validity
Not Before: Mar 29 18:01:21 2026 GMT
Not After : Mar 30 18:01:21 2026 GMT
Subject: CN=0c4273c3d8e50fc1146036a98bac28678c85bd8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:58:18:f7:fa:87:c9:58:f6:ad:ba:c7:78:74:
be:28:d5:79:87:d6:af:1c:dd:3c:5e:58:f9:c5:4e:
85:18:db:10:89:61:52:da:36:b6:19:c3:49:9c:43:
ed:3f:ed:47:ca:05:7e:d2:a8:1c:60:b1:07:b4:c2:
a1:29:c3:ac:1a:f0:aa:52:a6:b3:5f:0b:e2:c7:46:
78:8a:27:0e:50:cd:6d:c9:db:2a:e4:e6:e6:79:4d:
a7:66:07:39:1b:59:08:98:05:e0:19:74:03:27:1e:
bc:15:e0:17:8e:1a:49:ff:88:cd:a3:bf:4c:f3:6f:
81:fd:e2:11:0a:a0:a2:6d:98:02:8a:53:9d:82:c2:
13:3d:de:0c:f2:a1:b9:44:2b:84:dc:f6:ec:24:2a:
16:a3:3f:43:36:ff:06:e6:92:41:7b:c7:85:75:97:
da:bc:e4:46:f6:a8:9e:09:d0:b6:63:21:43:1b:34:
ee:e4:d6:d0:df:0d:70:4f:1b:8b:99:5f:35:36:59:
02:44:b4:ea:71:70:73:a7:d9:ec:23:7b:8e:b1:89:
4c:6e:cb:42:e8:fc:54:53:9c:4c:4e:57:45:55:e5:
b6:95:32:37:a0:29:12:d2:76:d8:0a:bf:80:45:4b:
a1:46:6f:04:8f:d4:b3:62:e9:3b:20:17:b4:96:1c:
87:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:42:73:C3:D8:E5:0F:C1:14:60:36:A9:8B:AC:28:67:8C:85:BD:8A
X509v3 Authority Key Identifier:
keyid:CB:D9:5E:AD:6D:2A:1D:AF:2E:F6:87:AC:B4:C2:9E:76:07:6B:28:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y9lerW0qHa8u9oestMKedgdrKAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d16463-89be-4f5b-b2f2-acc41cacf7e1/1/y9lerW0qHa8u9oestMKedgdrKAk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d16463-89be-4f5b-b2f2-acc41cacf7e1/1/y9lerW0qHa8u9oestMKedgdrKAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:b8:5f:fb:7f:d4:60:9b:90:30:5e:f2:02:0d:8e:f4:f2:8d:
0f:ca:af:21:3a:8c:38:12:1b:08:a6:20:43:e0:00:0c:a0:af:
9a:df:ee:81:05:68:82:13:5a:8f:cd:36:fb:1c:64:44:1d:9b:
e9:4f:98:bb:ab:7a:f9:71:1a:c7:3a:98:e4:f4:af:8e:70:0d:
b5:46:2c:45:e0:35:00:2c:fe:9a:1c:16:e6:ad:f8:b9:27:08:
bc:dc:00:3e:f2:77:8c:3a:de:57:c2:39:d1:8b:0c:8e:8a:15:
6c:c3:ee:3e:74:ec:29:cb:c9:39:e0:30:01:f9:e4:f1:84:d7:
0c:68:98:3e:80:89:aa:2c:b3:a5:b6:57:23:39:f1:49:a2:73:
45:29:af:01:3f:bb:6b:b3:4d:4b:1d:f3:5e:87:34:c5:21:d6:
04:76:45:70:c5:6a:91:77:9e:8c:ae:5a:f5:5d:1f:8f:8c:b0:
57:d9:e9:1f:9c:58:24:f7:d6:76:fb:e3:1c:08:b3:14:ec:75:
9b:48:28:c3:8b:ad:79:f7:1b:35:bf:59:72:e6:08:38:6f:fb:
d8:49:31:6d:61:67:e5:78:7d:d4:fc:a3:4a:4e:92:15:6c:23:
df:67:4a:8f:fa:89:ab:3d:86:aa:36:f8:21:c4:13:4f:35:42:
b3:97:ba:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06we7x/sP8aWMUpmZwHz80MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZDk1ZWFkNmQyYTFkYWYyZWY2ODdhY2I0YzI5ZTc2MDc2
YjI4MDkwHhcNMjYwMzI5MTgwMTIxWhcNMjYwMzMwMTgwMTIxWjAzMTEwLwYDVQQD
EygwYzQyNzNjM2Q4ZTUwZmMxMTQ2MDM2YTk4YmFjMjg2NzhjODViZDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFgY9/qHyVj2rbrHeHS+KNV5h9av
HN08Xlj5xU6FGNsQiWFS2ja2GcNJnEPtP+1HygV+0qgcYLEHtMKhKcOsGvCqUqaz
Xwvix0Z4iicOUM1tydsq5ObmeU2nZgc5G1kImAXgGXQDJx68FeAXjhpJ/4jNo79M
82+B/eIRCqCibZgCilOdgsITPd4M8qG5RCuE3PbsJCoWoz9DNv8G5pJBe8eFdZfa
vORG9qieCdC2YyFDGzTu5NbQ3w1wTxuLmV81NlkCRLTqcXBzp9nsI3uOsYlMbstC
6PxUU5xMTldFVeW2lTI3oCkS0nbYCr+ARUuhRm8Ej9SzYuk7IBe0lhyHrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAxCc8PY5Q/BFGA2qYusKGeMhb2KMB8GA1UdIwQY
MBaAFMvZXq1tKh2vLvaHrLTCnnYHaygJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTlsZXJXMHFIYTh1OW9lc3RNS2VkZ2RyS0FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9kMTY0NjMtODliZS00ZjViLWIyZjIt
YWNjNDFjYWNmN2UxLzEveTlsZXJXMHFIYTh1OW9lc3RNS2VkZ2RyS0FrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9kMTY0NjMtODliZS00ZjViLWIyZjItYWNjNDFjYWNmN2Ux
LzEveTlsZXJXMHFIYTh1OW9lc3RNS2VkZ2RyS0FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL7hf+3/U
YJuQMF7yAg2O9PKND8qvITqMOBIbCKYgQ+AADKCvmt/ugQVoghNaj802+xxkRB2b
6U+Yu6t6+XEaxzqY5PSvjnANtUYsReA1ACz+mhwW5q34uScIvNwAPvJ3jDreV8I5
0YsMjooVbMPuPnTsKcvJOeAwAfnk8YTXDGiYPoCJqiyzpbZXIznxSaJzRSmvAT+7
a7NNSx3zXoc0xSHWBHZFcMVqkXeejK5a9V0fj4ywV9npH5xYJPfWdvvjHAizFOx1
m0gow4utefcbNb9ZcuYIOG/72EkxbWFn5Xh91PyjSk6SFWwj32dKj/qJqz2Gqjb4
IcQTTzVCs5e6Jg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 20:49:21 2026 by rpki-client