Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.mft
File: DkOg3wWaUlGkALWh8TIboA0xINI.mft (raw, json)
Hash identifier: STmU2hp+r5VM/DlECwJBByqwS44O7h8n/2g/LB+O87Y=
Subject key identifier: 32:EF:13:59:66:1C:81:39:F1:45:DC:D0:50:9E:23:95:67:F9:0E:2C
Authority key identifier: 0E:43:A0:DF:05:9A:52:51:A4:00:B5:A1:F1:32:1B:A0:0D:31:20:D2
Certificate issuer: /CN=0e43a0df059a5251a400b5a1f1321ba00d3120d2
Certificate serial: 019CAB33F126CF9FDEC8E6D31F27A721212B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DkOg3wWaUlGkALWh8TIboA0xINI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.mft
Manifest number: 1848
Signing time: Sun 01 Mar 2026 21:00:33 +0000
Manifest this update: Sun 01 Mar 2026 21:00:33 +0000
Manifest next update: Mon 02 Mar 2026 21:00:33 +0000
Files and hashes: 1: 4dMXi4_OZ1hIYb5lfSEix8dXAV4.roa (hash: pso0l4AjjbTbnTQh+xQFS2oQ9IVZGMVy1LttU/eMjhU=)
2: DkOg3wWaUlGkALWh8TIboA0xINI.crl (hash: l8CgEqYJQx5Ir9v2cLF+HrCMPnPH25A0qbDeMY2ks5c=)
3: X5rHphgjA2Ovs-Yct52WJKfW_k8.roa (hash: fS9NXooFPX4VLQ4SoiMsokXMu0rmiVlmUkYsHNO+cLI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.mft
rsync://rpki.ripe.net/repository/DEFAULT/DkOg3wWaUlGkALWh8TIboA0xINI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 21:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:33:f1:26:cf:9f:de:c8:e6:d3:1f:27:a7:21:21:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e43a0df059a5251a400b5a1f1321ba00d3120d2
Validity
Not Before: Mar 1 21:00:33 2026 GMT
Not After : Mar 2 21:00:33 2026 GMT
Subject: CN=32ef1359661c8139f145dcd0509e239567f90e2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:a7:05:16:f4:bb:e4:be:f5:ad:7a:ba:0c:48:
e4:14:28:1a:72:a0:58:cd:f0:18:fb:f2:8e:bb:21:
27:72:33:c7:04:64:fa:56:56:bb:49:3b:fa:6d:ca:
66:c8:e6:8f:b1:ce:b1:64:af:d1:d1:8e:28:fb:62:
4c:25:b9:1d:d1:6f:8e:e8:04:2e:5d:6d:0b:9c:ad:
5b:dc:f6:7e:2a:05:88:d2:d6:1d:55:58:fe:24:c3:
e0:0a:88:aa:9e:29:50:74:ce:a3:da:49:11:a1:1b:
59:6e:82:bd:68:28:50:d4:86:9f:30:f2:6d:88:2e:
d7:98:92:11:a8:b0:73:58:b2:a1:c3:65:a6:91:af:
87:d4:b2:84:aa:12:86:71:6f:f4:c5:5f:1c:f7:5e:
9a:65:68:f3:9a:4e:12:b3:6d:92:9b:9f:69:a0:d9:
8b:4a:d1:13:13:5c:58:0f:ac:35:62:96:39:83:69:
ea:3c:be:5f:2f:f5:08:e2:86:59:6e:0f:b3:14:05:
38:f6:92:69:24:71:67:a7:c5:f2:2f:c4:51:4f:09:
2e:d2:42:a8:34:ba:3d:44:09:a0:9f:ba:e1:92:8f:
be:61:00:4f:72:19:5c:05:52:17:6d:c5:e1:b8:95:
a2:82:0d:ca:70:46:d8:c9:74:8e:0e:7f:33:1c:06:
fb:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:EF:13:59:66:1C:81:39:F1:45:DC:D0:50:9E:23:95:67:F9:0E:2C
X509v3 Authority Key Identifier:
keyid:0E:43:A0:DF:05:9A:52:51:A4:00:B5:A1:F1:32:1B:A0:0D:31:20:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DkOg3wWaUlGkALWh8TIboA0xINI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0d:0c:9a:0d:54:f0:68:f6:7f:90:b3:96:b8:9f:c5:4d:89:e6:
56:86:df:30:76:80:d9:ff:de:ef:57:7f:68:e3:58:d1:ac:e8:
65:8c:b9:96:28:b7:51:fb:81:ff:8b:82:b1:8e:d1:1c:17:bd:
d1:32:6c:7b:09:f7:09:84:b2:b7:dd:d8:8e:87:65:99:97:d4:
f8:28:05:6a:49:c0:c2:87:3e:19:4b:3b:30:ad:56:e6:f0:72:
b4:78:e7:5d:86:52:d5:6a:6d:f2:76:d4:04:bd:05:6b:57:31:
fa:96:28:ef:5b:77:f1:89:09:23:04:21:da:d0:cb:a9:ef:26:
b9:58:9a:1f:51:85:e6:68:77:4d:42:95:33:99:19:54:d9:e5:
84:a4:5b:13:c0:18:dc:1d:f3:68:7b:d4:6f:40:16:aa:4f:f9:
40:b7:e1:94:5e:22:9e:6d:5d:09:58:be:3e:df:a2:c3:67:a3:
6c:e3:ea:2f:4b:df:62:b1:97:15:39:67:2e:28:7b:2e:cf:34:
a4:a8:40:ed:4e:bc:9b:15:a0:de:06:53:07:f6:9e:ec:73:60:
df:38:b6:3d:0e:2f:fd:ce:60:ea:22:68:f5:95:47:ba:5a:08:
78:74:27:1f:27:0e:10:fc:e8:5c:62:79:85:2b:b4:82:a8:17:
3c:cf:45:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrM/Emz5/eyObTHyenISErMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNDNhMGRmMDU5YTUyNTFhNDAwYjVhMWYxMzIxYmEwMGQz
MTIwZDIwHhcNMjYwMzAxMjEwMDMzWhcNMjYwMzAyMjEwMDMzWjAzMTEwLwYDVQQD
EygzMmVmMTM1OTY2MWM4MTM5ZjE0NWRjZDA1MDllMjM5NTY3ZjkwZTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3KcFFvS75L71rXq6DEjkFCgacqBY
zfAY+/KOuyEncjPHBGT6Vla7STv6bcpmyOaPsc6xZK/R0Y4o+2JMJbkd0W+O6AQu
XW0LnK1b3PZ+KgWI0tYdVVj+JMPgCoiqnilQdM6j2kkRoRtZboK9aChQ1IafMPJt
iC7XmJIRqLBzWLKhw2Wmka+H1LKEqhKGcW/0xV8c916aZWjzmk4Ss22Sm59poNmL
StETE1xYD6w1YpY5g2nqPL5fL/UI4oZZbg+zFAU49pJpJHFnp8XyL8RRTwku0kKo
NLo9RAmgn7rhko++YQBPchlcBVIXbcXhuJWigg3KcEbYyXSODn8zHAb7jwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDLvE1lmHIE58UXc0FCeI5Vn+Q4sMB8GA1UdIwQY
MBaAFA5DoN8FmlJRpAC1ofEyG6ANMSDSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGtPZzN3V2FVbEdrQUxXaDhUSWJvQTB4SU5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wYmIzM2ItNjhmNy00NzQ4LTg0YWMt
MDA0ZmU0MzNjN2M4LzEvRGtPZzN3V2FVbEdrQUxXaDhUSWJvQTB4SU5JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wYmIzM2ItNjhmNy00NzQ4LTg0YWMtMDA0ZmU0MzNjN2M4
LzEvRGtPZzN3V2FVbEdrQUxXaDhUSWJvQTB4SU5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADQyaDVTw
aPZ/kLOWuJ/FTYnmVobfMHaA2f/e71d/aONY0azoZYy5lii3UfuB/4uCsY7RHBe9
0TJsewn3CYSyt93YjodlmZfU+CgFaknAwoc+GUs7MK1W5vBytHjnXYZS1Wpt8nbU
BL0Fa1cx+pYo71t38YkJIwQh2tDLqe8muViaH1GF5mh3TUKVM5kZVNnlhKRbE8AY
3B3zaHvUb0AWqk/5QLfhlF4inm1dCVi+Pt+iw2ejbOPqL0vfYrGXFTlnLih7Ls80
pKhA7U68mxWg3gZTB/ae7HNg3zi2PQ4v/c5g6iJo9ZVHuloIeHQnHycOEPzoXGJ5
hSu0gqgXPM9FYQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:23:36 2026 by rpki-client