Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
File: kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft (raw, json)
Hash identifier: x0wie9nzDS7Xmtf8wj4cm2v8eoNoSzVKNDZ0Zgw/hUg=
Subject key identifier: 2F:B9:DE:53:6D:E5:F5:0C:0C:EB:00:FE:56:6A:C9:F0:7E:C1:20:E3
Authority key identifier: 91:DD:0E:48:D9:01:1A:DF:37:66:65:AD:4D:62:CF:31:CE:63:05:8C
Certificate issuer: /CN=91dd0e48d9011adf376665ad4d62cf31ce63058c
Certificate serial: 019CAA8FA1294C1620AA616EE111101F7EC3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
Manifest number: 0F66
Signing time: Sun 01 Mar 2026 18:01:05 +0000
Manifest this update: Sun 01 Mar 2026 18:01:05 +0000
Manifest next update: Mon 02 Mar 2026 18:01:05 +0000
Files and hashes: 1: 851W_kifbk5uWqZqvRWpLulX6u0.roa (hash: JuKr2G5Gk3U/236UNuzcgJrBK5lrJfgVVbIUKV3qpGE=)
2: O-Nsor2Oxzxu124oYRh9Vy2FhcE.roa (hash: vNKhSbKaqeLsUwPvhYAEM7HcTpg7XKHPofG0cQtlia0=)
3: kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl (hash: CoLTQnnjjfrAvwEVm3MRwAUvZdjLFqNh0jhAjJ4oRjY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:8f:a1:29:4c:16:20:aa:61:6e:e1:11:10:1f:7e:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91dd0e48d9011adf376665ad4d62cf31ce63058c
Validity
Not Before: Mar 1 18:01:05 2026 GMT
Not After : Mar 2 18:01:05 2026 GMT
Subject: CN=2fb9de536de5f50c0ceb00fe566ac9f07ec120e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:74:e4:16:d8:ca:b0:b4:2b:e6:7f:c1:a3:35:
63:52:ab:9f:3f:15:e4:31:a4:1c:90:ab:27:65:3f:
7a:ee:38:9f:2c:43:80:8d:c0:c0:55:12:62:cb:90:
eb:d4:6d:e9:ca:f5:29:0c:04:b0:ed:41:d4:5d:4e:
9f:34:bd:52:0d:71:87:b4:27:11:0e:dd:32:32:d0:
75:fb:ac:31:b9:5e:f2:74:b4:d7:3e:a5:70:b8:f1:
79:d8:fb:65:e0:0b:bf:dd:16:14:79:8b:a1:bd:c6:
af:d2:ae:31:9c:43:c1:f8:b6:11:99:ed:2c:8b:8c:
21:ac:e6:74:df:b3:9a:7f:9f:d5:dc:56:cc:a9:72:
62:a5:86:f6:2a:ec:9c:38:52:fe:f0:a3:87:31:dd:
11:16:56:12:ab:41:d1:7a:b5:04:81:a7:6e:f8:77:
fc:b8:ac:7f:48:10:f8:2b:f7:b9:f1:a4:1b:51:4c:
fa:68:62:39:40:67:86:7d:ee:a8:d3:d1:66:4d:6a:
93:4a:d9:64:90:99:96:17:c3:99:3a:76:0e:d5:66:
4e:fd:16:03:68:e8:f5:dd:a1:ee:c0:b9:18:2d:64:
69:3d:e7:fd:ba:a6:6a:e4:82:19:0b:5f:e6:e6:5a:
ab:1c:99:de:02:8d:79:c7:c9:95:67:f3:c9:55:59:
1d:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:B9:DE:53:6D:E5:F5:0C:0C:EB:00:FE:56:6A:C9:F0:7E:C1:20:E3
X509v3 Authority Key Identifier:
keyid:91:DD:0E:48:D9:01:1A:DF:37:66:65:AD:4D:62:CF:31:CE:63:05:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
57:97:82:ba:e1:72:39:05:7b:c9:84:0a:89:35:6c:2c:65:9c:
e9:03:88:7f:b4:92:c6:03:36:9f:72:56:83:c7:ec:d2:a0:bd:
dc:8f:0f:b6:eb:4a:8d:15:53:38:5e:67:ec:31:69:36:4c:0f:
b0:a7:8c:f2:5a:33:6e:c0:65:47:8e:17:0f:ac:d0:09:8d:dc:
02:f3:b7:79:70:09:b1:aa:43:3b:37:86:7e:75:d6:01:94:1f:
1f:03:51:c3:a6:dd:3c:74:e1:2b:a2:04:06:64:01:6d:90:8b:
69:80:d5:68:b9:b8:cd:b1:e3:13:9b:20:7a:31:e1:8c:21:17:
7b:6f:62:49:3f:59:6c:92:b8:7d:6a:f2:e4:85:ca:9c:97:9e:
6b:72:9d:99:af:46:92:89:02:e7:4a:cd:34:5c:89:b2:f8:fe:
80:50:c2:56:88:16:c4:b4:11:2a:5e:28:1b:b0:21:e0:fb:13:
e0:43:a4:c9:bd:d5:38:24:80:70:c6:a7:ba:fa:05:b6:dd:c0:
a1:e8:ab:3a:1d:8e:83:e8:c0:e2:b8:56:69:84:ac:ac:d1:54:
d1:f4:93:e5:07:ef:d1:35:cf:be:95:87:b0:af:b4:07:8c:e6:
f4:c2:f5:e9:51:e4:5d:ed:b7:ac:82:86:27:81:f7:7c:fe:86:
a8:bc:40:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqj6EpTBYgqmFu4REQH37DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZGQwZTQ4ZDkwMTFhZGYzNzY2NjVhZDRkNjJjZjMxY2U2
MzA1OGMwHhcNMjYwMzAxMTgwMTA1WhcNMjYwMzAyMTgwMTA1WjAzMTEwLwYDVQQD
EygyZmI5ZGU1MzZkZTVmNTBjMGNlYjAwZmU1NjZhYzlmMDdlYzEyMGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3TkFtjKsLQr5n/BozVjUqufPxXk
MaQckKsnZT967jifLEOAjcDAVRJiy5Dr1G3pyvUpDASw7UHUXU6fNL1SDXGHtCcR
Dt0yMtB1+6wxuV7ydLTXPqVwuPF52Ptl4Au/3RYUeYuhvcav0q4xnEPB+LYRme0s
i4whrOZ037Oaf5/V3FbMqXJipYb2KuycOFL+8KOHMd0RFlYSq0HRerUEgadu+Hf8
uKx/SBD4K/e58aQbUUz6aGI5QGeGfe6o09FmTWqTStlkkJmWF8OZOnYO1WZO/RYD
aOj13aHuwLkYLWRpPef9uqZq5IIZC1/m5lqrHJneAo15x8mVZ/PJVVkdLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC+53lNt5fUMDOsA/lZqyfB+wSDjMB8GA1UdIwQY
MBaAFJHdDkjZARrfN2ZlrU1izzHOYwWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8xZTlkMDQtZDk0Zi00ZjEzLWJlM2Mt
MTBmMzRmNTU4MzYzLzEva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8xZTlkMDQtZDk0Zi00ZjEzLWJlM2MtMTBmMzRmNTU4MzYz
LzEva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV5eCuuFy
OQV7yYQKiTVsLGWc6QOIf7SSxgM2n3JWg8fs0qC93I8PtutKjRVTOF5n7DFpNkwP
sKeM8lozbsBlR44XD6zQCY3cAvO3eXAJsapDOzeGfnXWAZQfHwNRw6bdPHThK6IE
BmQBbZCLaYDVaLm4zbHjE5sgejHhjCEXe29iST9ZbJK4fWry5IXKnJeea3Kdma9G
kokC50rNNFyJsvj+gFDCVogWxLQRKl4oG7Ah4PsT4EOkyb3VOCSAcManuvoFtt3A
oeirOh2Og+jA4rhWaYSsrNFU0fST5Qfv0TXPvpWHsK+0B4zm9ML16VHkXe23rIKG
J4H3fP6GqLxA6w==
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:02:59 2026 by rpki-client