Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/508a26-e199-41b9-9e19-f98c75dea292/1/lDyQO00Og7yLLUVDE26c1fOYZPU.mft
File: lDyQO00Og7yLLUVDE26c1fOYZPU.mft (raw, json)
Hash identifier: VfQ/b0nByeU7h42VG0ZH9Oiun9KK/Q86MWCpr8BVEZc=
Subject key identifier: 3F:8E:37:91:3A:89:1B:B8:0B:E8:16:41:C8:74:84:AE:81:57:1D:6A
Authority key identifier: 94:3C:90:3B:4D:0E:83:BC:8B:2D:45:43:13:6E:9C:D5:F3:98:64:F5
Certificate issuer: /CN=943c903b4d0e83bc8b2d4543136e9cd5f39864f5
Certificate serial: 019CABD9DB9C9F18525209E26F0EDE5319FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lDyQO00Og7yLLUVDE26c1fOYZPU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/508a26-e199-41b9-9e19-f98c75dea292/1/lDyQO00Og7yLLUVDE26c1fOYZPU.mft
Manifest number: 0976
Signing time: Mon 02 Mar 2026 00:01:47 +0000
Manifest this update: Mon 02 Mar 2026 00:01:47 +0000
Manifest next update: Tue 03 Mar 2026 00:01:47 +0000
Files and hashes: 1: NvHVcOuHPgyc57kdkgknLviy86E.roa (hash: y99G00GU2pSghDNIsvoE0LPbq8qsxNZ2XK//ZEAFwIQ=)
2: lDyQO00Og7yLLUVDE26c1fOYZPU.crl (hash: i04Dyb1oltaWFwHQXkurJbNtqs+9qZoE2q56G4ag9jY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/508a26-e199-41b9-9e19-f98c75dea292/1/lDyQO00Og7yLLUVDE26c1fOYZPU.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/508a26-e199-41b9-9e19-f98c75dea292/1/lDyQO00Og7yLLUVDE26c1fOYZPU.mft
rsync://rpki.ripe.net/repository/DEFAULT/lDyQO00Og7yLLUVDE26c1fOYZPU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:d9:db:9c:9f:18:52:52:09:e2:6f:0e:de:53:19:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=943c903b4d0e83bc8b2d4543136e9cd5f39864f5
Validity
Not Before: Mar 2 00:01:47 2026 GMT
Not After : Mar 3 00:01:47 2026 GMT
Subject: CN=3f8e37913a891bb80be81641c87484ae81571d6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b5:26:83:5c:16:fe:8c:29:95:bb:83:31:50:
b2:18:d4:5a:f5:3b:22:7f:a7:75:bd:a8:33:5f:87:
06:cf:f0:5d:c3:ef:75:6b:0b:4c:64:89:c2:94:2c:
8a:ac:91:71:60:25:3e:8d:0f:24:57:9e:9a:fd:f8:
f9:94:c6:e2:c4:ea:8d:e4:83:17:6a:76:2f:a0:76:
59:e0:86:48:fe:89:4c:4e:af:ec:7d:cc:31:1f:65:
bc:27:c3:ca:a3:52:45:07:20:f7:28:76:a0:fe:db:
39:4a:e6:1a:0a:6e:8b:78:e2:db:ff:d8:aa:6f:74:
94:f2:a5:54:5d:69:7f:7e:bd:94:13:bf:0d:b8:25:
13:f4:b2:0b:25:2d:d5:79:c2:e9:09:35:5e:e3:92:
77:b5:a6:04:b2:64:c7:1c:91:37:fd:48:bc:6a:7f:
a8:55:7d:95:b1:ac:9b:aa:fc:5b:df:10:1b:6e:3b:
cf:8f:b2:ae:74:f4:e9:df:09:cc:3f:30:cf:fa:db:
7a:74:a5:21:b3:b5:2e:50:9a:0d:7d:0f:9c:4e:37:
02:81:3b:30:f9:e3:19:5a:3e:d3:7e:bf:fe:db:cb:
51:f9:c5:02:1a:f2:5d:f3:27:48:ef:b5:c2:d4:7d:
66:e3:35:36:5e:03:7a:36:1c:13:cc:36:3a:63:15:
f7:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:8E:37:91:3A:89:1B:B8:0B:E8:16:41:C8:74:84:AE:81:57:1D:6A
X509v3 Authority Key Identifier:
keyid:94:3C:90:3B:4D:0E:83:BC:8B:2D:45:43:13:6E:9C:D5:F3:98:64:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lDyQO00Og7yLLUVDE26c1fOYZPU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/508a26-e199-41b9-9e19-f98c75dea292/1/lDyQO00Og7yLLUVDE26c1fOYZPU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/508a26-e199-41b9-9e19-f98c75dea292/1/lDyQO00Og7yLLUVDE26c1fOYZPU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
86:dd:eb:66:ee:de:f0:62:6b:25:c4:07:81:71:99:3b:a7:49:
a0:33:05:c2:da:04:52:0d:ae:3b:51:09:af:e4:56:45:74:cf:
db:b3:67:f4:5d:aa:d0:0d:5d:64:56:d7:41:fa:1c:6c:bb:e5:
c1:d3:48:1b:76:95:10:a2:6c:ec:d8:08:33:a5:2b:d6:85:2e:
d1:8d:d4:21:58:6d:a3:b9:e5:34:70:25:bd:2d:47:7c:0f:05:
0f:c9:00:db:16:38:68:93:07:20:f5:6e:7b:de:87:33:ec:64:
48:a9:54:ae:ad:ff:3b:67:62:15:67:54:e1:a9:bb:92:38:c7:
98:a5:0a:74:a2:03:60:7d:49:11:98:b4:90:95:26:d5:c7:93:
8c:30:5e:5f:84:15:23:bd:3a:96:a9:6a:0e:e0:a1:51:82:11:
71:13:36:e2:7b:3c:9c:2e:be:ad:96:7e:17:c6:e3:6c:ab:6e:
46:5a:1d:41:54:5e:90:c2:f8:95:72:4b:cf:35:c5:80:d8:98:
f3:f4:b5:09:e6:ec:00:22:ca:0d:c7:71:76:12:c1:a5:e0:21:
9b:a0:16:5f:17:1d:52:fc:91:03:6b:f1:fb:53:00:b4:ee:44:
c1:70:c7:0d:55:44:db:5a:b5:7b:76:d9:d1:99:a6:c8:67:44:
88:b8:d0:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2ducnxhSUgnibw7eUxn6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0M2M5MDNiNGQwZTgzYmM4YjJkNDU0MzEzNmU5Y2Q1ZjM5
ODY0ZjUwHhcNMjYwMzAyMDAwMTQ3WhcNMjYwMzAzMDAwMTQ3WjAzMTEwLwYDVQQD
EygzZjhlMzc5MTNhODkxYmI4MGJlODE2NDFjODc0ODRhZTgxNTcxZDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrUmg1wW/owplbuDMVCyGNRa9Tsi
f6d1vagzX4cGz/Bdw+91awtMZInClCyKrJFxYCU+jQ8kV56a/fj5lMbixOqN5IMX
anYvoHZZ4IZI/olMTq/sfcwxH2W8J8PKo1JFByD3KHag/ts5SuYaCm6LeOLb/9iq
b3SU8qVUXWl/fr2UE78NuCUT9LILJS3VecLpCTVe45J3taYEsmTHHJE3/Ui8an+o
VX2Vsaybqvxb3xAbbjvPj7KudPTp3wnMPzDP+tt6dKUhs7UuUJoNfQ+cTjcCgTsw
+eMZWj7Tfr/+28tR+cUCGvJd8ydI77XC1H1m4zU2XgN6NhwTzDY6YxX3QQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD+ON5E6iRu4C+gWQch0hK6BVx1qMB8GA1UdIwQY
MBaAFJQ8kDtNDoO8iy1FQxNunNXzmGT1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbER5UU8wME9nN3lMTFVWREUyNmMxZk9ZWlBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS81MDhhMjYtZTE5OS00MWI5LTllMTkt
Zjk4Yzc1ZGVhMjkyLzEvbER5UU8wME9nN3lMTFVWREUyNmMxZk9ZWlBVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS81MDhhMjYtZTE5OS00MWI5LTllMTktZjk4Yzc1ZGVhMjky
LzEvbER5UU8wME9nN3lMTFVWREUyNmMxZk9ZWlBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAht3rZu7e
8GJrJcQHgXGZO6dJoDMFwtoEUg2uO1EJr+RWRXTP27Nn9F2q0A1dZFbXQfocbLvl
wdNIG3aVEKJs7NgIM6Ur1oUu0Y3UIVhto7nlNHAlvS1HfA8FD8kA2xY4aJMHIPVu
e96HM+xkSKlUrq3/O2diFWdU4am7kjjHmKUKdKIDYH1JEZi0kJUm1ceTjDBeX4QV
I706lqlqDuChUYIRcRM24ns8nC6+rZZ+F8bjbKtuRlodQVRekML4lXJLzzXFgNiY
8/S1CebsACLKDcdxdhLBpeAhm6AWXxcdUvyRA2vx+1MAtO5EwXDHDVVE21q1e3bZ
0ZmmyGdEiLjQrA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:34:36 2026 by rpki-client