Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.mft
File: rysOIXo1FoOSIGvac85hlTWgLzU.mft (raw, json)
Hash identifier: fsy55wKpEImaFjC8THVzzGn8pnliGl0Bv1g+p00lRzI=
Subject key identifier: 3D:1E:D0:6B:F5:84:34:D4:1A:AA:64:16:F3:47:4E:1D:9E:8A:DA:44
Authority key identifier: AF:2B:0E:21:7A:35:16:83:92:20:6B:DA:73:CE:61:95:35:A0:2F:35
Certificate issuer: /CN=af2b0e217a35168392206bda73ce619535a02f35
Certificate serial: 019D389C584E475F8D4CA84ED2ED2CBBB14C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.mft
Manifest number: 0D38
Signing time: Sun 29 Mar 2026 08:01:03 +0000
Manifest this update: Sun 29 Mar 2026 08:01:03 +0000
Manifest next update: Mon 30 Mar 2026 08:01:03 +0000
Files and hashes: 1: QBW11jyT74R8oUHhAinuj7gPXSk.asa (hash: yZJV0811rYsc05YANwSpX99f0QsW0swdHpcFUdFqr0Y=)
2: rysOIXo1FoOSIGvac85hlTWgLzU.crl (hash: fr7pLQbGWaDlsOb7saqIcU1fAngIyVdfctmnrG1l1JQ=)
3: zakSxSI_wYoHQeaPnt8X9AknTHE.roa (hash: DFDQf/fadQ5V13foLZM1hVw4SY7MFQSi7KXroTzcGGo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.mft
rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9c:58:4e:47:5f:8d:4c:a8:4e:d2:ed:2c:bb:b1:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af2b0e217a35168392206bda73ce619535a02f35
Validity
Not Before: Mar 29 08:01:03 2026 GMT
Not After : Mar 30 08:01:03 2026 GMT
Subject: CN=3d1ed06bf58434d41aaa6416f3474e1d9e8ada44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:0a:8d:53:1b:37:35:85:56:11:d7:90:ef:10:
24:68:86:ab:a8:97:f2:15:09:32:20:bb:35:37:48:
5c:bc:b5:b9:2d:94:03:a9:f4:2b:db:ed:d6:ca:f2:
ea:1e:5b:09:5b:f0:85:a0:1e:68:02:d5:2d:b9:78:
34:4e:b9:ed:97:8b:5f:e6:1b:0b:27:c2:6a:ae:4c:
8b:8b:85:54:05:87:ce:f0:db:a6:91:fb:95:f0:0e:
f6:1a:05:c1:1a:1d:1a:81:fb:b2:ff:9a:f8:85:2c:
e5:ba:2f:57:36:11:95:4d:4f:6b:5e:b4:17:40:a0:
6f:76:74:0b:48:a4:07:c7:06:3c:eb:8d:b7:01:aa:
cd:76:5c:48:ab:03:84:91:19:4a:28:65:a8:72:76:
4a:14:cb:66:d6:07:6a:90:cb:1d:d9:43:d3:dc:63:
42:ef:53:e7:a1:28:33:87:71:e8:a7:84:47:6a:6c:
80:d1:08:e8:a4:bd:7e:25:cd:16:4c:31:33:6c:a2:
10:3e:d8:5a:dc:aa:78:d4:e2:8f:bc:dc:64:a4:9b:
be:9c:9f:50:55:7d:d9:d6:0f:e7:2b:b2:32:58:15:
cf:bf:26:3d:96:2e:52:87:d4:c4:fd:51:1a:1d:c6:
3e:62:f2:c9:dc:a2:9a:e3:43:77:ab:73:da:6b:aa:
2c:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:1E:D0:6B:F5:84:34:D4:1A:AA:64:16:F3:47:4E:1D:9E:8A:DA:44
X509v3 Authority Key Identifier:
keyid:AF:2B:0E:21:7A:35:16:83:92:20:6B:DA:73:CE:61:95:35:A0:2F:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
56:d5:f6:be:ce:40:06:3a:57:c1:35:f1:0e:ef:fe:b7:24:de:
c7:e6:33:d9:03:c2:e7:9c:9d:17:94:57:29:b0:5b:07:95:bd:
d3:45:66:15:09:e5:d4:a9:9c:1f:e8:5d:ce:80:fa:d9:db:a4:
17:eb:8a:e8:43:14:e9:41:66:48:b4:44:3f:0d:7e:25:bf:d7:
60:14:75:91:fe:4b:bc:a9:2a:c3:1b:55:5f:42:a1:51:01:8b:
5d:e9:ad:27:27:85:0f:cb:8f:9e:d5:8e:da:6c:ff:16:aa:e6:
eb:25:ea:0a:1f:28:fc:da:d0:d1:8d:85:49:6f:af:2d:fc:a6:
18:97:f2:27:eb:6e:ea:56:21:04:f3:27:0b:17:27:7c:ef:c1:
f9:0d:e8:c4:37:4e:d7:ce:fc:72:3c:7f:f6:be:10:09:e9:09:
4e:71:1e:65:18:38:33:d7:f3:15:46:e5:0b:81:2c:12:3b:49:
7a:e0:21:84:4d:0a:af:6c:bf:d7:11:d9:ec:d3:e7:91:b7:8d:
6b:0a:ff:9d:ae:78:96:c7:81:fd:0d:dd:c5:97:3f:02:1b:23:
38:e9:98:42:79:dd:12:e7:80:fc:6a:61:af:93:56:f6:89:e0:
81:65:3e:e3:b8:5e:e8:b3:e1:5c:9c:ac:5e:27:bc:e6:ec:53:
4d:fa:78:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nFhOR1+NTKhO0u0su7FMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmIwZTIxN2EzNTE2ODM5MjIwNmJkYTczY2U2MTk1MzVh
MDJmMzUwHhcNMjYwMzI5MDgwMTAzWhcNMjYwMzMwMDgwMTAzWjAzMTEwLwYDVQQD
EygzZDFlZDA2YmY1ODQzNGQ0MWFhYTY0MTZmMzQ3NGUxZDllOGFkYTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygqNUxs3NYVWEdeQ7xAkaIarqJfy
FQkyILs1N0hcvLW5LZQDqfQr2+3WyvLqHlsJW/CFoB5oAtUtuXg0Trntl4tf5hsL
J8JqrkyLi4VUBYfO8NumkfuV8A72GgXBGh0agfuy/5r4hSzlui9XNhGVTU9rXrQX
QKBvdnQLSKQHxwY86423AarNdlxIqwOEkRlKKGWocnZKFMtm1gdqkMsd2UPT3GNC
71PnoSgzh3Hop4RHamyA0QjopL1+Jc0WTDEzbKIQPtha3Kp41OKPvNxkpJu+nJ9Q
VX3Z1g/nK7IyWBXPvyY9li5Sh9TE/VEaHcY+YvLJ3KKa40N3q3Paa6osvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD0e0Gv1hDTUGqpkFvNHTh2eitpEMB8GA1UdIwQY
MBaAFK8rDiF6NRaDkiBr2nPOYZU1oC81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9kMjU0MWUtNzU5Ny00ODIwLWJlZDct
ZjBkMTk4MDk4NzRhLzEvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9kMjU0MWUtNzU5Ny00ODIwLWJlZDctZjBkMTk4MDk4NzRh
LzEvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVtX2vs5A
BjpXwTXxDu/+tyTex+Yz2QPC55ydF5RXKbBbB5W900VmFQnl1KmcH+hdzoD62duk
F+uK6EMU6UFmSLREPw1+Jb/XYBR1kf5LvKkqwxtVX0KhUQGLXemtJyeFD8uPntWO
2mz/Fqrm6yXqCh8o/NrQ0Y2FSW+vLfymGJfyJ+tu6lYhBPMnCxcnfO/B+Q3oxDdO
1878cjx/9r4QCekJTnEeZRg4M9fzFUblC4EsEjtJeuAhhE0Kr2y/1xHZ7NPnkbeN
awr/na54lseB/Q3dxZc/AhsjOOmYQnndEueA/Gphr5NW9onggWU+47he6LPhXJys
Xie85uxTTfp4OA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:55:28 2026 by rpki-client