Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/d01d58-5418-4217-89ae-23a84eedd956/1/0zWMPscfwZpqyYRrr03lmDY1cpM.mft
File: 0zWMPscfwZpqyYRrr03lmDY1cpM.mft (raw, json)
Hash identifier: gsJcPucCO3RmX8yTEB781RS3TJD4Ps3CguLzykz5tik=
Subject key identifier: DB:1F:B6:43:61:3C:5F:1B:D3:C1:DC:CE:68:74:E8:15:8B:D0:82:1F
Authority key identifier: D3:35:8C:3E:C7:1F:C1:9A:6A:C9:84:6B:AF:4D:E5:98:36:35:72:93
Certificate issuer: /CN=d3358c3ec71fc19a6ac9846baf4de59836357293
Certificate serial: 019D3940BB0C0FC9C89AB33999DC0FB31BED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0zWMPscfwZpqyYRrr03lmDY1cpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/d01d58-5418-4217-89ae-23a84eedd956/1/0zWMPscfwZpqyYRrr03lmDY1cpM.mft
Manifest number: 1821
Signing time: Sun 29 Mar 2026 11:00:36 +0000
Manifest this update: Sun 29 Mar 2026 11:00:36 +0000
Manifest next update: Mon 30 Mar 2026 11:00:36 +0000
Files and hashes: 1: 0zWMPscfwZpqyYRrr03lmDY1cpM.crl (hash: YlY+j99kY/zJQT1HijzxaDEMQkJWFQT80lLNtNCWc1I=)
2: kd2XyIAA-MPLC2WR1qBq8uj_YCs.roa (hash: Pu4TD0igNqCoga7095gS2kWNo5RYGEJpD46HuH2Gwbk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/d01d58-5418-4217-89ae-23a84eedd956/1/0zWMPscfwZpqyYRrr03lmDY1cpM.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/d01d58-5418-4217-89ae-23a84eedd956/1/0zWMPscfwZpqyYRrr03lmDY1cpM.mft
rsync://rpki.ripe.net/repository/DEFAULT/0zWMPscfwZpqyYRrr03lmDY1cpM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 11:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:40:bb:0c:0f:c9:c8:9a:b3:39:99:dc:0f:b3:1b:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3358c3ec71fc19a6ac9846baf4de59836357293
Validity
Not Before: Mar 29 11:00:36 2026 GMT
Not After : Mar 30 11:00:36 2026 GMT
Subject: CN=db1fb643613c5f1bd3c1dcce6874e8158bd0821f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:53:88:f7:40:b1:55:6d:2d:65:e6:0c:20:38:
5f:a6:79:9b:8a:14:1a:c7:92:d3:8b:9b:ad:27:0b:
4c:be:20:cf:41:e6:53:58:dc:6e:d8:47:dc:c2:b8:
c6:aa:6b:5c:66:51:61:f2:a7:e0:1b:6e:96:62:38:
52:76:54:76:8a:23:a4:5a:00:2b:f9:d1:2e:4e:57:
ed:ed:f3:5f:cd:82:2b:f8:9b:f8:a8:9e:83:95:c9:
25:d5:fd:4d:33:51:76:cf:e8:c4:94:c4:c3:56:9e:
67:bb:f6:a4:99:88:93:37:96:e4:f9:0b:be:11:bc:
3d:45:bf:3a:d4:01:a8:33:91:50:bd:b8:82:f7:8f:
be:3b:59:df:b0:0a:ec:06:6b:8a:ec:43:cb:f2:ff:
bd:8f:3f:83:b4:dd:50:72:a8:86:d7:3a:f9:4a:85:
b0:a6:c9:61:c8:98:65:14:49:d8:c4:bf:5c:1b:f8:
bd:66:69:64:c1:b1:9c:b0:bc:82:5f:44:db:d4:92:
2a:30:23:04:cc:bd:67:28:68:b8:52:79:e5:25:08:
a0:75:92:67:23:e1:ba:0a:d9:a7:af:32:8f:2b:46:
d2:3e:e8:cd:96:1b:c8:b5:25:1e:03:23:b0:6d:da:
b0:4a:99:ed:35:ff:a3:01:a7:3f:bf:de:97:b1:2a:
5e:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:1F:B6:43:61:3C:5F:1B:D3:C1:DC:CE:68:74:E8:15:8B:D0:82:1F
X509v3 Authority Key Identifier:
keyid:D3:35:8C:3E:C7:1F:C1:9A:6A:C9:84:6B:AF:4D:E5:98:36:35:72:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0zWMPscfwZpqyYRrr03lmDY1cpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/d01d58-5418-4217-89ae-23a84eedd956/1/0zWMPscfwZpqyYRrr03lmDY1cpM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/d01d58-5418-4217-89ae-23a84eedd956/1/0zWMPscfwZpqyYRrr03lmDY1cpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:fe:06:5f:62:04:86:0a:49:61:df:e6:bc:c7:9b:c3:60:ae:
f9:6f:cc:a9:4c:7e:0c:8d:a8:e0:16:6c:56:e4:10:4f:59:20:
c9:d2:87:d0:ea:3a:c3:36:47:29:2e:e2:7c:9b:f7:de:cb:be:
25:b2:9a:b8:6d:f2:f8:b1:de:c7:9f:80:41:47:5a:f7:bd:e9:
c4:52:2a:57:04:04:77:48:7b:46:53:63:bd:7a:cd:1d:d2:41:
b4:16:ab:71:ad:57:6b:85:f5:68:00:56:4a:85:0c:7b:e9:cd:
33:f1:89:cf:be:fe:e9:b6:1d:06:8a:db:11:49:a7:7f:22:d7:
38:18:db:41:28:98:22:66:b1:d6:d8:5f:b8:f7:ff:a5:77:69:
cb:ad:93:35:82:78:2f:39:df:ae:1b:4d:86:a2:a5:0c:84:6f:
08:52:4d:b5:80:74:19:87:13:4e:95:f1:ae:84:89:3f:dc:6e:
dc:cf:91:ef:82:ba:aa:59:b7:a9:43:ad:6b:35:7a:96:3a:8f:
ba:22:70:a3:c2:1e:92:c4:14:4c:56:2e:52:32:b7:65:e8:ae:
0a:53:1c:0e:0a:ef:0b:47:3d:4e:54:fa:4a:a6:72:8e:fd:54:
f2:d1:56:ea:a0:07:a3:1b:9c:2a:65:91:0e:4d:bf:37:30:bf:
9d:cd:ff:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QLsMD8nImrM5mdwPsxvtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMzU4YzNlYzcxZmMxOWE2YWM5ODQ2YmFmNGRlNTk4MzYz
NTcyOTMwHhcNMjYwMzI5MTEwMDM2WhcNMjYwMzMwMTEwMDM2WjAzMTEwLwYDVQQD
EyhkYjFmYjY0MzYxM2M1ZjFiZDNjMWRjY2U2ODc0ZTgxNThiZDA4MjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA21OI90CxVW0tZeYMIDhfpnmbihQa
x5LTi5utJwtMviDPQeZTWNxu2EfcwrjGqmtcZlFh8qfgG26WYjhSdlR2iiOkWgAr
+dEuTlft7fNfzYIr+Jv4qJ6Dlckl1f1NM1F2z+jElMTDVp5nu/akmYiTN5bk+Qu+
Ebw9Rb861AGoM5FQvbiC94++O1nfsArsBmuK7EPL8v+9jz+DtN1QcqiG1zr5SoWw
pslhyJhlFEnYxL9cG/i9ZmlkwbGcsLyCX0Tb1JIqMCMEzL1nKGi4UnnlJQigdZJn
I+G6CtmnrzKPK0bSPujNlhvItSUeAyOwbdqwSpntNf+jAac/v96XsSpe2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNsftkNhPF8b08Hczmh06BWL0IIfMB8GA1UdIwQY
MBaAFNM1jD7HH8GaasmEa69N5Zg2NXKTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHpXTVBzY2Z3WnBxeVlScnIwM2xtRFkxY3BNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9kMDFkNTgtNTQxOC00MjE3LTg5YWUt
MjNhODRlZWRkOTU2LzEvMHpXTVBzY2Z3WnBxeVlScnIwM2xtRFkxY3BNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9kMDFkNTgtNTQxOC00MjE3LTg5YWUtMjNhODRlZWRkOTU2
LzEvMHpXTVBzY2Z3WnBxeVlScnIwM2xtRFkxY3BNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGv4GX2IE
hgpJYd/mvMebw2Cu+W/MqUx+DI2o4BZsVuQQT1kgydKH0Oo6wzZHKS7ifJv33su+
JbKauG3y+LHex5+AQUda973pxFIqVwQEd0h7RlNjvXrNHdJBtBarca1Xa4X1aABW
SoUMe+nNM/GJz77+6bYdBorbEUmnfyLXOBjbQSiYImax1thfuPf/pXdpy62TNYJ4
LznfrhtNhqKlDIRvCFJNtYB0GYcTTpXxroSJP9xu3M+R74K6qlm3qUOtazV6ljqP
uiJwo8IeksQUTFYuUjK3ZeiuClMcDgrvC0c9TlT6SqZyjv1U8tFW6qAHoxucKmWR
Dk2/NzC/nc3/HA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 21:21:02 2026 by rpki-client