Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft
File: 23DOek5uSrOk6p8IH1kupfbSuao.mft (raw, json)
Hash identifier: crpieKc83vbnSt5tXAP2Hs5iZa0ewTB3DAdCFEhxY8w=
Subject key identifier: B2:1B:C9:BE:8F:9F:39:21:96:4E:39:25:4F:75:23:94:5D:28:12:63
Authority key identifier: DB:70:CE:7A:4E:6E:4A:B3:A4:EA:9F:08:1F:59:2E:A5:F6:D2:B9:AA
Certificate issuer: /CN=db70ce7a4e6e4ab3a4ea9f081f592ea5f6d2b9aa
Certificate serial: 019D39410ED32ABEB06C8DB68B2F833F75FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft
Manifest number: 08D3
Signing time: Sun 29 Mar 2026 11:00:57 +0000
Manifest this update: Sun 29 Mar 2026 11:00:57 +0000
Manifest next update: Mon 30 Mar 2026 11:00:57 +0000
Files and hashes: 1: 23DOek5uSrOk6p8IH1kupfbSuao.crl (hash: i3UOj8GYsGNBiCPmi5Kw/ib0DAy879Aj1F6QM5QvkE4=)
2: hhh3z06Bpe2m47ehC44Gk6XsxWY.roa (hash: D+hS8HY9ljD+1P/aopr0G/yuhchBVZY0zZMSPMrBOWg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft
rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 11:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:41:0e:d3:2a:be:b0:6c:8d:b6:8b:2f:83:3f:75:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db70ce7a4e6e4ab3a4ea9f081f592ea5f6d2b9aa
Validity
Not Before: Mar 29 11:00:57 2026 GMT
Not After : Mar 30 11:00:57 2026 GMT
Subject: CN=b21bc9be8f9f3921964e39254f7523945d281263
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1b:06:9d:70:df:4b:b9:20:d0:83:d0:d1:cd:
93:3d:77:f2:4a:d7:ac:8f:cc:fb:97:a7:19:d0:fd:
2a:1f:da:55:76:92:b4:d1:fa:92:3f:0e:1c:98:c0:
64:98:4f:b2:ae:20:e1:a6:ef:10:bc:29:e0:1a:fd:
7d:30:db:9e:8a:31:76:78:62:01:24:fc:ed:50:ca:
8a:ab:36:02:51:ab:63:43:31:7a:3c:e1:3f:22:20:
ab:8d:f5:09:ea:1d:7b:f1:ec:be:91:51:c8:b5:c6:
7c:e1:fd:00:7a:1b:a3:05:09:8a:89:da:39:a9:4e:
79:83:58:b4:cd:5a:ef:1d:4c:ff:7e:10:33:3f:8e:
f4:cf:56:c2:74:b9:2c:88:43:ec:66:50:58:db:3d:
a5:54:11:3b:8f:31:80:d0:5d:af:a3:97:a0:50:b3:
e7:70:02:33:dd:d9:a0:af:8c:33:da:b4:e9:ad:42:
c5:71:b0:3d:c1:3d:ff:73:5b:03:c0:b6:31:a5:6f:
2a:2b:2e:2b:34:ba:44:b6:71:b2:d8:0f:0e:73:b2:
65:ee:d7:79:5c:db:55:29:ed:50:cf:31:8a:8b:d7:
f2:09:e8:8d:b8:32:5a:d9:a3:5c:09:ca:bf:fc:89:
ba:93:21:69:f0:fc:08:5d:76:8e:0f:2e:82:7e:13:
9b:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:1B:C9:BE:8F:9F:39:21:96:4E:39:25:4F:75:23:94:5D:28:12:63
X509v3 Authority Key Identifier:
keyid:DB:70:CE:7A:4E:6E:4A:B3:A4:EA:9F:08:1F:59:2E:A5:F6:D2:B9:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
13:c3:b1:78:e4:1e:73:05:38:a9:46:c2:47:bd:8d:10:f0:c1:
33:ee:7c:29:0a:d9:41:27:76:dd:04:b4:96:2d:ed:8d:46:6f:
51:ce:ea:0b:d7:1f:5b:54:86:d5:39:28:94:08:25:b9:dc:6d:
cd:df:0a:9c:8e:d5:6d:df:9d:b8:8d:8f:21:67:de:bb:52:c6:
9e:8c:3e:b2:80:27:df:d1:d1:33:37:c7:71:3b:17:b2:2b:75:
03:80:a6:00:0b:49:17:30:55:0e:f0:b9:3a:69:f2:1c:93:eb:
00:09:72:df:95:f4:f3:2e:ba:d0:25:fa:cd:94:fd:13:4c:50:
67:d8:d0:be:bc:31:12:43:4e:87:cd:71:d4:46:a4:7a:77:de:
a0:9e:7d:de:91:81:c5:42:25:93:ee:9e:bd:77:8b:a9:30:77:
8a:ca:0d:d9:ae:95:86:4c:7d:96:4c:c2:92:c4:81:81:1e:fa:
9e:40:b7:1e:a9:a5:e9:5a:da:ab:cd:c8:d4:95:95:7e:f0:f8:
8a:81:e4:5e:b0:b2:e9:bc:17:4b:dc:a6:18:ac:ad:41:8b:ad:
7a:1c:bd:c3:b0:af:57:2f:9d:c7:9c:50:06:9f:09:2c:2a:ba:
13:2f:8d:a4:47:bf:43:ec:15:96:12:1e:5d:53:a1:6c:08:d0:
0e:55:19:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QQ7TKr6wbI22iy+DP3X8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNzBjZTdhNGU2ZTRhYjNhNGVhOWYwODFmNTkyZWE1ZjZk
MmI5YWEwHhcNMjYwMzI5MTEwMDU3WhcNMjYwMzMwMTEwMDU3WjAzMTEwLwYDVQQD
EyhiMjFiYzliZThmOWYzOTIxOTY0ZTM5MjU0Zjc1MjM5NDVkMjgxMjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxsGnXDfS7kg0IPQ0c2TPXfyStes
j8z7l6cZ0P0qH9pVdpK00fqSPw4cmMBkmE+yriDhpu8QvCngGv19MNueijF2eGIB
JPztUMqKqzYCUatjQzF6POE/IiCrjfUJ6h178ey+kVHItcZ84f0AehujBQmKido5
qU55g1i0zVrvHUz/fhAzP470z1bCdLksiEPsZlBY2z2lVBE7jzGA0F2vo5egULPn
cAIz3dmgr4wz2rTprULFcbA9wT3/c1sDwLYxpW8qKy4rNLpEtnGy2A8Oc7Jl7td5
XNtVKe1QzzGKi9fyCeiNuDJa2aNcCcq//Im6kyFp8PwIXXaODy6CfhObjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLIbyb6Pnzkhlk45JU91I5RdKBJjMB8GA1UdIwQY
MBaAFNtwznpObkqzpOqfCB9ZLqX20rmqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjNET2VrNXVTck9rNnA4SUgxa3VwZmJTdWFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi85ZGE2MDEtNjM1ZS00ZDA3LTgwOTYt
MmNiMTdiN2JjNjE4LzEvMjNET2VrNXVTck9rNnA4SUgxa3VwZmJTdWFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi85ZGE2MDEtNjM1ZS00ZDA3LTgwOTYtMmNiMTdiN2JjNjE4
LzEvMjNET2VrNXVTck9rNnA4SUgxa3VwZmJTdWFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE8OxeOQe
cwU4qUbCR72NEPDBM+58KQrZQSd23QS0li3tjUZvUc7qC9cfW1SG1TkolAgludxt
zd8KnI7Vbd+duI2PIWfeu1LGnow+soAn39HRMzfHcTsXsit1A4CmAAtJFzBVDvC5
OmnyHJPrAAly35X08y660CX6zZT9E0xQZ9jQvrwxEkNOh81x1EakenfeoJ593pGB
xUIlk+6evXeLqTB3isoN2a6Vhkx9lkzCksSBgR76nkC3Hqml6Vraq83I1JWVfvD4
ioHkXrCy6bwXS9ymGKytQYutehy9w7CvVy+dx5xQBp8JLCq6Ey+NpEe/Q+wVlhIe
XVOhbAjQDlUZwg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:50:52 2026 by rpki-client