Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
File: ao33d2sW0oLgTGluJYqk-fnOnJg.mft (raw, json)
Hash identifier: Syq5RilmOcA2KaQZF67Y8CPWmVMH6TPcSQSNzuhSxSE=
Subject key identifier: 2F:F2:2D:A5:9A:1F:7D:07:0D:A5:7F:C3:62:63:AF:74:0E:1C:D5:25
Authority key identifier: 6A:8D:F7:77:6B:16:D2:82:E0:4C:69:6E:25:8A:A4:F9:F9:CE:9C:98
Certificate issuer: /CN=6a8df7776b16d282e04c696e258aa4f9f9ce9c98
Certificate serial: 019CACB4B08F552B5E64C218C17C9B5F1A9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
Manifest number: 0C38
Signing time: Mon 02 Mar 2026 04:00:48 +0000
Manifest this update: Mon 02 Mar 2026 04:00:48 +0000
Manifest next update: Tue 03 Mar 2026 04:00:48 +0000
Files and hashes: 1: GmFXXmDlxbUAsewZb2XP6yyDi4w.roa (hash: t86pSAuRTeL1p9o68CyCCsghXoQGwpFAgB1l7sjE7zs=)
2: ao33d2sW0oLgTGluJYqk-fnOnJg.crl (hash: fy+LLtvR1xSvvvo8JFI9QtBI1ti2ePl3tGFwT8eCiqE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 04:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:b4:b0:8f:55:2b:5e:64:c2:18:c1:7c:9b:5f:1a:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a8df7776b16d282e04c696e258aa4f9f9ce9c98
Validity
Not Before: Mar 2 04:00:48 2026 GMT
Not After : Mar 3 04:00:48 2026 GMT
Subject: CN=2ff22da59a1f7d070da57fc36263af740e1cd525
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:1c:8f:f9:7c:87:52:42:4e:c0:78:46:83:84:
b8:1d:e8:6f:e1:63:1b:40:a7:8c:e8:46:fd:52:a7:
dc:62:8b:b2:a5:69:f1:37:0b:99:62:65:dc:ab:89:
da:49:61:f9:f7:fd:fd:d3:8f:56:20:25:bb:2f:03:
39:e3:ef:58:eb:a0:a7:88:9b:19:17:de:56:e5:ea:
d3:24:e4:61:54:a8:0b:31:5d:3b:17:c4:d9:76:61:
0e:95:7c:3d:9d:ef:b4:0f:7a:33:9b:a5:d9:b6:f8:
32:39:2e:76:75:16:d9:cf:c1:79:e6:8e:95:71:5a:
14:f4:6d:43:a7:a5:f6:d6:7e:9e:ba:0f:05:ba:4c:
80:41:64:b1:dd:99:5e:35:9d:be:50:14:f0:2f:f8:
83:e9:62:d8:95:31:9b:1e:7e:5f:e7:fa:fa:06:6e:
a2:d3:c2:91:c9:31:f8:c8:22:ad:5a:78:6b:61:d0:
28:80:a1:24:e5:ef:2a:6b:b7:4f:4b:50:e0:9c:53:
1a:a5:d7:a9:ef:75:bc:80:f9:8c:39:b4:6c:8b:89:
13:15:b6:fb:4d:ad:df:b2:f9:8e:a1:17:f4:28:31:
87:9d:2e:88:88:25:10:5e:fe:2d:4a:15:dd:9a:48:
9d:f0:21:5f:98:92:28:df:e1:43:a6:28:1c:47:47:
ab:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:F2:2D:A5:9A:1F:7D:07:0D:A5:7F:C3:62:63:AF:74:0E:1C:D5:25
X509v3 Authority Key Identifier:
keyid:6A:8D:F7:77:6B:16:D2:82:E0:4C:69:6E:25:8A:A4:F9:F9:CE:9C:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ad:bb:82:82:24:80:23:f1:fb:fd:28:02:a4:da:40:60:19:5f:
c1:b0:f6:cb:86:6e:c7:0c:d1:49:44:47:51:5d:2e:cd:28:93:
5a:5a:79:e8:ef:45:00:b5:d3:02:18:48:5b:c1:51:30:ef:1f:
e0:df:10:88:4b:a9:8c:ce:0d:ac:81:ac:8b:5f:0b:ee:49:ad:
b9:3e:21:21:ff:0f:5f:2d:4a:00:9e:0c:3c:95:9b:fc:ed:3d:
5d:aa:0c:86:44:fe:59:de:d3:04:2a:a6:9f:99:b5:0e:d9:94:
4e:e1:b2:3e:19:d4:98:7e:eb:26:02:12:16:fb:25:9b:f2:18:
35:00:93:b9:c2:fe:86:90:66:37:3d:f5:37:a4:b5:15:46:c3:
09:04:82:74:79:4d:51:d8:d0:7a:10:67:b3:89:c5:45:fe:a0:
a9:41:4c:df:e2:97:be:ee:91:5c:1d:57:da:69:95:5e:ab:fc:
bf:29:0d:2f:dc:9c:26:2e:26:d0:d5:03:0d:47:c2:ce:7f:c4:
17:8a:82:d2:a8:36:64:8d:70:d8:e1:47:2a:4c:f1:3a:09:fd:
85:ea:b9:31:2f:fd:13:ad:aa:84:79:ae:3e:12:f2:3b:3a:cf:
c1:a3:a1:41:73:be:c6:66:12:31:20:a8:84:d1:50:fb:dd:01:
56:1c:8b:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZystLCPVSteZMIYwXybXxqbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhOGRmNzc3NmIxNmQyODJlMDRjNjk2ZTI1OGFhNGY5Zjlj
ZTljOTgwHhcNMjYwMzAyMDQwMDQ4WhcNMjYwMzAzMDQwMDQ4WjAzMTEwLwYDVQQD
EygyZmYyMmRhNTlhMWY3ZDA3MGRhNTdmYzM2MjYzYWY3NDBlMWNkNTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxyP+XyHUkJOwHhGg4S4Hehv4WMb
QKeM6Eb9UqfcYouypWnxNwuZYmXcq4naSWH59/39049WICW7LwM54+9Y66CniJsZ
F95W5erTJORhVKgLMV07F8TZdmEOlXw9ne+0D3ozm6XZtvgyOS52dRbZz8F55o6V
cVoU9G1Dp6X21n6eug8FukyAQWSx3ZleNZ2+UBTwL/iD6WLYlTGbHn5f5/r6Bm6i
08KRyTH4yCKtWnhrYdAogKEk5e8qa7dPS1DgnFMapdep73W8gPmMObRsi4kTFbb7
Ta3fsvmOoRf0KDGHnS6IiCUQXv4tShXdmkid8CFfmJIo3+FDpigcR0erLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC/yLaWaH30HDaV/w2Jjr3QOHNUlMB8GA1UdIwQY
MBaAFGqN93drFtKC4ExpbiWKpPn5zpyYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kMzAxY2QtZjUxMy00OTk1LTlkNTUt
MWIzOGIwMjI0NWMxLzEvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kMzAxY2QtZjUxMy00OTk1LTlkNTUtMWIzOGIwMjI0NWMx
LzEvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArbuCgiSA
I/H7/SgCpNpAYBlfwbD2y4ZuxwzRSURHUV0uzSiTWlp56O9FALXTAhhIW8FRMO8f
4N8QiEupjM4NrIGsi18L7kmtuT4hIf8PXy1KAJ4MPJWb/O09XaoMhkT+Wd7TBCqm
n5m1DtmUTuGyPhnUmH7rJgISFvslm/IYNQCTucL+hpBmNz31N6S1FUbDCQSCdHlN
UdjQehBns4nFRf6gqUFM3+KXvu6RXB1X2mmVXqv8vykNL9ycJi4m0NUDDUfCzn/E
F4qC0qg2ZI1w2OFHKkzxOgn9heq5MS/9E62qhHmuPhLyOzrPwaOhQXO+xmYSMSCo
hNFQ+90BVhyLHg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:37:47 2026 by rpki-client