Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.mft
File: duK6XMFQs1PL00ufBF6gUJdAhE0.mft (raw, json)
Hash identifier: E/+8pU1k4GTILMfQT73K5zXj+njJ0Ebdrdzo8320Ng4=
Subject key identifier: 49:69:74:0D:CC:CB:9A:04:3E:37:03:F4:18:00:25:7A:CB:FB:98:EF
Authority key identifier: 76:E2:BA:5C:C1:50:B3:53:CB:D3:4B:9F:04:5E:A0:50:97:40:84:4D
Certificate issuer: /CN=76e2ba5cc150b353cbd34b9f045ea0509740844d
Certificate serial: 019CAAC686814C9C791ADFE7739F0BA0CB56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/duK6XMFQs1PL00ufBF6gUJdAhE0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.mft
Manifest number: 1847
Signing time: Sun 01 Mar 2026 19:01:03 +0000
Manifest this update: Sun 01 Mar 2026 19:01:03 +0000
Manifest next update: Mon 02 Mar 2026 19:01:03 +0000
Files and hashes: 1: 9pt3MDCay7srVLLtOW6VihLRgqg.roa (hash: t8waBrYlHxhkv2G7wxFbB2b8tWVcdcespy2BiSBs4U8=)
2: duK6XMFQs1PL00ufBF6gUJdAhE0.crl (hash: mmeUo7Vmg2TgHN+fD1KzYysgy1sGa9DhD9tF1hRx4o4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.mft
rsync://rpki.ripe.net/repository/DEFAULT/duK6XMFQs1PL00ufBF6gUJdAhE0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:c6:86:81:4c:9c:79:1a:df:e7:73:9f:0b:a0:cb:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76e2ba5cc150b353cbd34b9f045ea0509740844d
Validity
Not Before: Mar 1 19:01:03 2026 GMT
Not After : Mar 2 19:01:03 2026 GMT
Subject: CN=4969740dcccb9a043e3703f41800257acbfb98ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ba:cd:49:ef:98:d2:08:34:e5:14:a2:2a:5a:
c9:35:86:57:34:4f:ed:72:ed:9c:83:ce:e7:79:b1:
2f:78:79:85:b9:29:2c:e1:27:aa:25:4d:59:ee:28:
38:47:39:44:e8:69:4f:08:55:26:89:77:e4:e1:f9:
af:bc:f1:94:ec:08:77:06:a9:c9:d7:4a:08:58:e7:
b7:d1:57:87:e6:19:ba:07:d7:5c:a0:70:d3:7c:cf:
cd:c5:e3:2b:0a:bf:e8:0d:ed:00:70:78:36:2b:49:
b9:34:29:c1:c8:e9:47:66:0c:8b:c0:6e:c5:f2:6b:
6f:19:cd:f1:12:3e:33:ca:e8:43:f8:c4:ed:1b:3d:
56:02:56:50:a9:0d:51:d8:7c:b7:96:04:da:9a:17:
44:fa:84:64:75:78:19:26:2a:74:f5:e4:13:50:32:
7f:6b:49:ea:d3:36:f7:cc:65:0c:74:10:5d:33:15:
59:75:31:23:28:a4:f3:13:93:a4:58:88:20:ea:1e:
27:0c:d2:cc:8e:57:b9:44:b9:0a:e2:7f:18:ed:c6:
b1:ff:48:26:b4:89:73:e9:e4:54:73:63:83:a6:58:
3a:b6:8f:a8:0e:f5:92:2c:8d:d7:b8:4f:d6:c4:eb:
bc:e1:d2:53:4c:86:56:11:fc:fe:6d:cc:05:14:97:
19:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:69:74:0D:CC:CB:9A:04:3E:37:03:F4:18:00:25:7A:CB:FB:98:EF
X509v3 Authority Key Identifier:
keyid:76:E2:BA:5C:C1:50:B3:53:CB:D3:4B:9F:04:5E:A0:50:97:40:84:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/duK6XMFQs1PL00ufBF6gUJdAhE0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
25:3b:14:8f:af:e2:57:2d:3a:2a:45:f0:f8:b6:0f:22:29:5c:
90:de:94:83:71:d5:0d:e2:57:42:70:3c:87:18:26:0b:cc:51:
bb:48:40:32:22:5b:3c:46:ba:9a:53:ca:26:5d:7b:54:bd:e0:
63:25:8f:90:d8:5d:33:97:40:65:ba:86:e5:03:70:48:90:f5:
a5:67:52:24:07:55:86:da:31:6d:54:7a:dd:fc:1f:13:73:e3:
b2:3a:b2:59:f7:fd:8b:c1:9a:40:08:8f:a8:2d:4c:88:13:7f:
b4:cc:e5:50:d4:e8:69:3b:2a:8d:87:41:84:af:f7:e1:0f:12:
0d:bf:c2:31:fd:47:ce:6b:24:e7:2e:b2:33:44:6b:b4:3c:6d:
e5:c6:65:0c:31:99:0b:32:dc:29:78:3d:6a:f7:51:6e:a5:c0:
f4:1d:3c:90:bb:55:e6:5f:6e:20:b9:85:98:a4:77:6e:ca:e7:
69:67:27:7f:c7:97:6b:54:7e:c2:1d:a0:ba:81:6c:85:cc:16:
48:93:90:da:4d:7d:b3:ba:46:0d:13:4b:e2:34:25:2e:8d:52:
ee:63:87:1f:4a:f4:c0:62:c6:f4:00:99:64:0b:6a:7b:92:e4:
3d:46:15:4c:e7:ba:52:e5:5b:63:87:07:f0:90:8f:95:7e:65:
c9:b5:c7:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxoaBTJx5Gt/nc58LoMtWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZTJiYTVjYzE1MGIzNTNjYmQzNGI5ZjA0NWVhMDUwOTc0
MDg0NGQwHhcNMjYwMzAxMTkwMTAzWhcNMjYwMzAyMTkwMTAzWjAzMTEwLwYDVQQD
Eyg0OTY5NzQwZGNjY2I5YTA0M2UzNzAzZjQxODAwMjU3YWNiZmI5OGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrrNSe+Y0gg05RSiKlrJNYZXNE/t
cu2cg87nebEveHmFuSks4SeqJU1Z7ig4RzlE6GlPCFUmiXfk4fmvvPGU7Ah3BqnJ
10oIWOe30VeH5hm6B9dcoHDTfM/NxeMrCr/oDe0AcHg2K0m5NCnByOlHZgyLwG7F
8mtvGc3xEj4zyuhD+MTtGz1WAlZQqQ1R2Hy3lgTamhdE+oRkdXgZJip09eQTUDJ/
a0nq0zb3zGUMdBBdMxVZdTEjKKTzE5OkWIgg6h4nDNLMjle5RLkK4n8Y7cax/0gm
tIlz6eRUc2ODplg6to+oDvWSLI3XuE/WxOu84dJTTIZWEfz+bcwFFJcZnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFElpdA3My5oEPjcD9BgAJXrL+5jvMB8GA1UdIwQY
MBaAFHbiulzBULNTy9NLnwReoFCXQIRNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHVLNlhNRlFzMVBMMDB1ZkJGNmdVSmRBaEUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8zMWQyZWQtOGUyZi00ZmE5LTgzY2Et
NzA0MDVlMzUyOGFmLzEvZHVLNlhNRlFzMVBMMDB1ZkJGNmdVSmRBaEUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8zMWQyZWQtOGUyZi00ZmE5LTgzY2EtNzA0MDVlMzUyOGFm
LzEvZHVLNlhNRlFzMVBMMDB1ZkJGNmdVSmRBaEUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJTsUj6/i
Vy06KkXw+LYPIilckN6Ug3HVDeJXQnA8hxgmC8xRu0hAMiJbPEa6mlPKJl17VL3g
YyWPkNhdM5dAZbqG5QNwSJD1pWdSJAdVhtoxbVR63fwfE3PjsjqyWff9i8GaQAiP
qC1MiBN/tMzlUNToaTsqjYdBhK/34Q8SDb/CMf1Hzmsk5y6yM0RrtDxt5cZlDDGZ
CzLcKXg9avdRbqXA9B08kLtV5l9uILmFmKR3bsrnaWcnf8eXa1R+wh2guoFshcwW
SJOQ2k19s7pGDRNL4jQlLo1S7mOHH0r0wGLG9ACZZAtqe5LkPUYVTOe6UuVbY4cH
8JCPlX5lybXHBQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:42:40 2026 by rpki-client