Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft
File: 0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft (raw, json)
Hash identifier: wlzKBNp5jG4crd5dTZiR4sOCDTnbapYZa8XmBQg/bsE=
Subject key identifier: D0:E5:F3:C2:78:BC:30:4E:94:55:DB:3E:24:C0:E3:B2:77:98:43:BA
Authority key identifier: D2:48:18:59:56:E4:43:B5:5B:06:22:00:F9:64:53:7B:C1:0B:C1:30
Certificate issuer: /CN=d248185956e443b55b062200f964537bc10bc130
Certificate serial: 019CAA2199783F1C97DC4F63B05B05DEACD7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft
Manifest number: 04B5
Signing time: Sun 01 Mar 2026 16:00:54 +0000
Manifest this update: Sun 01 Mar 2026 16:00:54 +0000
Manifest next update: Mon 02 Mar 2026 16:00:54 +0000
Files and hashes: 1: 0kgYWVbkQ7VbBiIA-WRTe8ELwTA.crl (hash: WYJAYXBH4Xelps5/oCaU0p9aLwexsCQR/SeHPf19cMQ=)
2: Xudz0hLe8s3SLmiPVONXMND3hRM.roa (hash: oORSmt43XgnSynXZgH2ISuQJ8Cm/DBrmnJwy75rrXHU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft
rsync://rpki.ripe.net/repository/DEFAULT/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 16:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:21:99:78:3f:1c:97:dc:4f:63:b0:5b:05:de:ac:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d248185956e443b55b062200f964537bc10bc130
Validity
Not Before: Mar 1 16:00:54 2026 GMT
Not After : Mar 2 16:00:54 2026 GMT
Subject: CN=d0e5f3c278bc304e9455db3e24c0e3b2779843ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:56:c5:ff:f9:f8:ce:20:fc:2c:a4:08:28:89:
9d:27:75:dd:b2:cb:d7:4d:9c:85:ce:dc:f7:13:00:
73:1b:42:2e:69:52:c4:21:08:8c:45:c1:f5:7c:ea:
96:50:55:b8:a1:f7:46:6f:d1:28:3f:18:97:be:61:
da:cb:2a:6a:e4:84:6a:0b:90:8f:ca:04:7e:55:fc:
80:88:a4:8a:2f:e9:24:3c:b4:bc:85:dc:7c:87:89:
f1:61:44:38:9d:22:35:41:86:90:33:f8:0a:b2:91:
98:40:8b:5c:8e:33:84:57:1f:89:4b:40:a4:71:83:
b0:64:c6:50:2f:08:17:56:87:11:53:fc:1f:35:cf:
cf:76:1f:27:46:2f:17:f0:f6:6a:06:2e:f9:69:ee:
05:4c:4c:15:8c:78:0d:7e:43:10:13:08:6f:dc:83:
76:1a:6f:5e:0f:6c:b6:ff:db:58:76:a7:92:0a:28:
b7:fa:35:7b:0e:ac:22:66:02:15:6d:2d:f7:c0:07:
a3:30:84:20:42:e6:77:1f:87:37:86:a6:68:89:bf:
fa:bb:e9:8a:5e:b3:36:f1:ff:fe:9c:46:9f:42:cf:
91:0b:50:3b:a2:1a:70:a6:87:2f:cc:fd:ab:46:c3:
c5:b0:15:4d:80:9c:14:66:da:f5:78:b0:7c:e8:27:
32:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:E5:F3:C2:78:BC:30:4E:94:55:DB:3E:24:C0:E3:B2:77:98:43:BA
X509v3 Authority Key Identifier:
keyid:D2:48:18:59:56:E4:43:B5:5B:06:22:00:F9:64:53:7B:C1:0B:C1:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2a:27:aa:75:73:a9:62:d9:c2:bd:b0:48:e1:aa:f9:59:3c:8d:
49:09:d9:ac:f2:1f:76:e0:42:c8:47:90:42:a7:79:f7:7b:95:
e7:96:b8:04:f0:cf:13:de:14:13:e3:7e:8e:06:e4:aa:7d:0f:
66:d8:80:a7:3b:a1:31:15:52:bf:36:25:ab:ad:20:a3:2b:3c:
9f:e5:83:22:aa:b0:69:e8:dd:0f:7e:eb:71:1b:43:5d:5c:43:
9f:f1:6e:a3:1f:07:fd:00:c6:9e:a6:69:07:31:bf:cc:bd:33:
af:78:bb:c7:e5:de:2f:f5:44:76:b9:13:a9:e6:f7:0a:07:68:
72:e0:ea:41:43:53:1e:75:e3:03:79:c2:b5:99:48:3f:e7:28:
2b:d6:0b:01:f7:26:42:77:3d:2b:43:d5:34:0f:76:d7:00:49:
c5:44:80:b6:59:01:97:31:65:77:c9:46:0c:4c:47:88:1d:c7:
9d:f3:3f:49:f8:6a:e4:37:15:f2:8c:7b:69:40:76:e6:5a:95:
7d:78:e5:d9:cf:ca:22:af:2b:8e:cb:a2:0d:99:24:b5:e7:df:
80:4b:6f:02:09:cb:15:d8:d5:07:73:d8:82:ed:33:ea:0c:fc:
e1:21:2c:b6:29:36:bf:c9:95:53:b9:8c:64:0e:2a:77:6c:2e:
d9:d3:dc:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqIZl4PxyX3E9jsFsF3qzXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNDgxODU5NTZlNDQzYjU1YjA2MjIwMGY5NjQ1MzdiYzEw
YmMxMzAwHhcNMjYwMzAxMTYwMDU0WhcNMjYwMzAyMTYwMDU0WjAzMTEwLwYDVQQD
EyhkMGU1ZjNjMjc4YmMzMDRlOTQ1NWRiM2UyNGMwZTNiMjc3OTg0M2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVbF//n4ziD8LKQIKImdJ3XdssvX
TZyFztz3EwBzG0IuaVLEIQiMRcH1fOqWUFW4ofdGb9EoPxiXvmHayypq5IRqC5CP
ygR+VfyAiKSKL+kkPLS8hdx8h4nxYUQ4nSI1QYaQM/gKspGYQItcjjOEVx+JS0Ck
cYOwZMZQLwgXVocRU/wfNc/Pdh8nRi8X8PZqBi75ae4FTEwVjHgNfkMQEwhv3IN2
Gm9eD2y2/9tYdqeSCii3+jV7DqwiZgIVbS33wAejMIQgQuZ3H4c3hqZoib/6u+mK
XrM28f/+nEafQs+RC1A7ohpwpocvzP2rRsPFsBVNgJwUZtr1eLB86CcycwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNDl88J4vDBOlFXbPiTA47J3mEO6MB8GA1UdIwQY
MBaAFNJIGFlW5EO1WwYiAPlkU3vBC8EwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGtnWVdWYmtRN1ZiQmlJQS1XUlRlOEVMd1RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZTg3NWEtMDU3Ni00YTE1LWJlMjMt
YWVhMDU0Y2Y0M2JiLzEvMGtnWVdWYmtRN1ZiQmlJQS1XUlRlOEVMd1RBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZTg3NWEtMDU3Ni00YTE1LWJlMjMtYWVhMDU0Y2Y0M2Ji
LzEvMGtnWVdWYmtRN1ZiQmlJQS1XUlRlOEVMd1RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKieqdXOp
YtnCvbBI4ar5WTyNSQnZrPIfduBCyEeQQqd593uV55a4BPDPE94UE+N+jgbkqn0P
ZtiApzuhMRVSvzYlq60goys8n+WDIqqwaejdD37rcRtDXVxDn/Fuox8H/QDGnqZp
BzG/zL0zr3i7x+XeL/VEdrkTqeb3CgdocuDqQUNTHnXjA3nCtZlIP+coK9YLAfcm
Qnc9K0PVNA921wBJxUSAtlkBlzFld8lGDExHiB3HnfM/Sfhq5DcV8ox7aUB25lqV
fXjl2c/KIq8rjsuiDZkkteffgEtvAgnLFdjVB3PYgu0z6gz84SEstik2v8mVU7mM
ZA4qd2wu2dPc9g==
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:27:48 2026 by rpki-client