Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
File: 20IFnOKR1Jpmkgcxx2faVj7yESQ.mft (raw, json)
Hash identifier: bR60z2nMod1tukPusMfVS30ZrBxdXWE1zMSuT5ZwJRk=
Subject key identifier: 31:A7:5F:D7:D6:43:C0:DE:37:B3:F6:A8:BA:36:B9:03:16:5D:93:B5
Authority key identifier: DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24
Certificate issuer: /CN=db42059ce291d49a66920731c767da563ef21124
Certificate serial: 019CA9EB7234D146D95F3B85B2BED60AA837
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
Manifest number: 0B42
Signing time: Sun 01 Mar 2026 15:01:45 +0000
Manifest this update: Sun 01 Mar 2026 15:01:45 +0000
Manifest next update: Mon 02 Mar 2026 15:01:45 +0000
Files and hashes: 1: 20IFnOKR1Jpmkgcxx2faVj7yESQ.crl (hash: 8tsoFMrjG6/iysWd0MAPanaITtrJ+EP2+/7wOpx7hAQ=)
2: K_G3q1oHoFkLaOnMyEVLIcn7Qmw.roa (hash: /NaxyStNTlcpIpTarZjjR+9kQ6m4FlTTRFr5N6+rcrM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a9:eb:72:34:d1:46:d9:5f:3b:85:b2:be:d6:0a:a8:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db42059ce291d49a66920731c767da563ef21124
Validity
Not Before: Mar 1 15:01:45 2026 GMT
Not After : Mar 2 15:01:45 2026 GMT
Subject: CN=31a75fd7d643c0de37b3f6a8ba36b903165d93b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:37:9b:7c:c9:28:60:7a:50:ff:19:9a:cc:c3:
d2:1b:82:c7:a1:f0:25:a4:46:4b:a9:ff:6a:b8:ae:
a1:0f:fb:b3:5d:39:90:21:a5:8d:67:82:34:c7:9d:
a0:8a:2e:79:55:d2:bb:09:33:13:1d:3f:6a:ac:71:
84:d1:4d:6f:e0:d6:2a:1d:08:37:6c:9c:29:2c:c2:
ce:ae:4b:c2:f7:4c:ca:28:2f:d7:f1:7b:ed:9c:7d:
2b:52:b7:b9:0f:bf:ea:6a:45:a9:bd:bc:4e:08:67:
9f:ae:2f:5a:91:fe:56:42:79:6f:c2:74:fc:ab:68:
8b:2f:06:dd:99:c1:3b:b9:65:e9:a0:c5:99:b0:54:
66:e5:28:c8:42:b1:8f:2f:bb:ef:a2:a4:04:d1:af:
3b:25:6a:85:78:ba:39:4f:f5:f8:0d:11:2d:6e:d3:
ff:e7:1f:02:53:94:73:55:09:81:90:4f:4e:df:dd:
75:4c:e4:fe:36:92:76:7a:10:11:10:e3:30:ed:b5:
b8:68:e4:92:59:e5:f2:b8:b9:11:0f:c0:f3:84:45:
b2:22:5e:e6:e3:9a:9e:4a:ff:bd:fb:f7:83:60:e8:
d8:de:47:98:10:db:dc:56:c2:47:70:c3:98:35:9f:
15:93:a0:d3:84:5f:e7:f5:47:aa:0b:51:43:67:2d:
94:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:A7:5F:D7:D6:43:C0:DE:37:B3:F6:A8:BA:36:B9:03:16:5D:93:B5
X509v3 Authority Key Identifier:
keyid:DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
af:cf:d4:82:f9:49:ed:bc:c5:4f:3f:00:d6:be:58:a4:a3:c7:
f0:de:dc:85:7f:1a:74:bf:64:9a:28:9d:43:16:98:c2:e0:d3:
40:c6:7c:a3:b5:14:bf:d7:6f:86:bf:64:54:94:94:92:e9:39:
a4:69:4b:e8:91:3d:9e:bd:dc:f5:16:3f:c4:b8:63:d5:6a:a3:
83:ba:3d:ef:65:1b:f2:5d:76:f8:af:4d:d3:83:7b:2c:01:ec:
e9:aa:f3:7b:e4:b3:39:17:bc:11:74:35:b8:42:34:5a:cd:0d:
a3:bc:40:58:bd:ef:ff:76:10:65:af:81:42:6f:ee:3d:f4:7c:
7c:f8:c1:14:27:00:68:ca:ab:8b:8e:32:99:1a:c6:f8:62:76:
8e:ad:05:18:aa:5b:53:49:10:9b:d7:94:dd:69:ed:fe:6a:e2:
0e:e4:ab:0f:7f:e1:51:3d:25:f5:9f:24:32:59:52:e9:51:4c:
fb:9f:c1:5b:4d:a8:db:80:fb:88:bf:7e:04:db:99:50:c6:28:
9e:6e:97:43:8a:74:a9:6b:26:87:b2:87:42:1f:43:51:f0:ef:
05:a0:c7:90:28:cc:77:16:ce:e3:e7:fe:4d:17:bf:60:1d:c9:
c6:eb:fc:67:8c:99:1d:c5:f5:69:f5:f9:ec:7e:32:c0:aa:94:
46:3e:7c:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyp63I00UbZXzuFsr7WCqg3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNDIwNTljZTI5MWQ0OWE2NjkyMDczMWM3NjdkYTU2M2Vm
MjExMjQwHhcNMjYwMzAxMTUwMTQ1WhcNMjYwMzAyMTUwMTQ1WjAzMTEwLwYDVQQD
EygzMWE3NWZkN2Q2NDNjMGRlMzdiM2Y2YThiYTM2YjkwMzE2NWQ5M2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0DebfMkoYHpQ/xmazMPSG4LHofAl
pEZLqf9quK6hD/uzXTmQIaWNZ4I0x52gii55VdK7CTMTHT9qrHGE0U1v4NYqHQg3
bJwpLMLOrkvC90zKKC/X8XvtnH0rUre5D7/qakWpvbxOCGefri9akf5WQnlvwnT8
q2iLLwbdmcE7uWXpoMWZsFRm5SjIQrGPL7vvoqQE0a87JWqFeLo5T/X4DREtbtP/
5x8CU5RzVQmBkE9O3911TOT+NpJ2ehAREOMw7bW4aOSSWeXyuLkRD8DzhEWyIl7m
45qeSv+9+/eDYOjY3keYENvcVsJHcMOYNZ8Vk6DThF/n9UeqC1FDZy2UnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDGnX9fWQ8DeN7P2qLo2uQMWXZO1MB8GA1UdIwQY
MBaAFNtCBZzikdSaZpIHMcdn2lY+8hEkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzIt
OTMxMmQwODdkZmNhLzEvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzItOTMxMmQwODdkZmNh
LzEvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr8/UgvlJ
7bzFTz8A1r5YpKPH8N7chX8adL9kmiidQxaYwuDTQMZ8o7UUv9dvhr9kVJSUkuk5
pGlL6JE9nr3c9RY/xLhj1Wqjg7o972Ub8l12+K9N04N7LAHs6arze+SzORe8EXQ1
uEI0Ws0No7xAWL3v/3YQZa+BQm/uPfR8fPjBFCcAaMqri44ymRrG+GJ2jq0FGKpb
U0kQm9eU3Wnt/mriDuSrD3/hUT0l9Z8kMllS6VFM+5/BW02o24D7iL9+BNuZUMYo
nm6XQ4p0qWsmh7KHQh9DUfDvBaDHkCjMdxbO4+f+TRe/YB3Jxuv8Z4yZHcX1afX5
7H4ywKqURj586w==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:59:12 2026 by rpki-client