Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
File: 20IFnOKR1Jpmkgcxx2faVj7yESQ.mft (raw, json)
Hash identifier: jXRr3e8AGvod6Kf8+wXIL2AFtv0bT4zlYJT6dSTlnRw=
Subject key identifier: C1:76:7B:5B:78:14:24:50:E8:D3:DF:EA:1A:74:5A:C9:C1:51:1A:35
Authority key identifier: DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24
Certificate issuer: /CN=db42059ce291d49a66920731c767da563ef21124
Certificate serial: 019EBEECA9FD79AC397FB9945F3F120EB871
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
Manifest number: 0C56
Signing time: Sat 13 Jun 2026 03:00:41 +0000
Manifest this update: Sat 13 Jun 2026 03:00:41 +0000
Manifest next update: Sun 14 Jun 2026 03:00:41 +0000
Files and hashes: 1: 20IFnOKR1Jpmkgcxx2faVj7yESQ.crl (hash: oBOBy/FWgV5Ed5JpQT7n2eu8HhUnY0F6tM1IuioKgTM=)
2: K_G3q1oHoFkLaOnMyEVLIcn7Qmw.roa (hash: /NaxyStNTlcpIpTarZjjR+9kQ6m4FlTTRFr5N6+rcrM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:be:ec:a9:fd:79:ac:39:7f:b9:94:5f:3f:12:0e:b8:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db42059ce291d49a66920731c767da563ef21124
Validity
Not Before: Jun 13 03:00:41 2026 GMT
Not After : Jun 14 03:00:41 2026 GMT
Subject: CN=c1767b5b78142450e8d3dfea1a745ac9c1511a35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:84:b2:37:31:f0:b1:52:4f:77:2d:e7:15:ff:
39:8b:e0:c4:c7:a1:4b:15:45:f9:7e:bf:d5:e0:e4:
c7:ba:85:fa:ee:20:fc:55:3c:27:ec:ca:c9:4f:9f:
5b:ab:5c:2e:de:6f:e4:cb:8c:36:ff:f4:b4:76:11:
d1:d4:92:a0:e4:82:f5:ed:07:96:8b:99:ef:37:e0:
12:71:f1:4f:ba:1b:13:e1:4a:08:3f:72:d5:10:3a:
bc:11:2f:b6:f8:52:87:40:39:dc:09:54:bb:98:0e:
f3:45:5f:04:c6:45:e5:e3:0e:2f:f1:c5:cb:69:bc:
98:05:af:9f:85:00:64:d1:f5:82:b4:2e:73:26:57:
37:b1:3e:a0:a8:36:b1:34:ce:26:f3:77:d2:e4:11:
4e:42:55:e5:69:97:3f:72:58:13:61:01:5d:b5:60:
c8:40:9b:44:47:cd:1e:8e:0f:b3:77:ae:e0:4b:fb:
c3:b4:83:84:39:b0:b1:60:4e:9b:4e:9c:ad:c7:18:
bf:80:d7:91:a0:a9:cd:56:53:c4:f4:2b:8c:cc:d3:
98:5b:0e:44:db:22:72:01:ea:ce:7b:0f:a5:7d:7f:
18:ee:2c:8b:b6:f3:a5:a6:d8:c1:1e:a5:a8:f9:e2:
51:c8:9b:84:a0:7a:fe:94:cc:f9:25:e1:49:c3:c2:
48:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:76:7B:5B:78:14:24:50:E8:D3:DF:EA:1A:74:5A:C9:C1:51:1A:35
X509v3 Authority Key Identifier:
keyid:DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:cf:41:fc:86:26:57:b7:21:fe:c6:60:7a:c5:c3:50:9c:da:
c3:fd:d1:86:00:0a:ec:25:f5:d2:f1:db:11:da:15:a0:41:9b:
e0:e2:75:3a:19:60:b6:27:11:81:de:7d:04:2a:54:ec:ac:44:
83:4a:7d:af:d6:b0:07:be:fc:b3:f6:87:11:37:80:e0:27:6b:
5d:b0:11:4f:fc:8d:94:94:bd:46:c0:96:c5:03:a7:9c:d8:7c:
5a:f8:1c:5e:d1:10:21:cb:6e:a5:82:26:05:02:16:fd:60:42:
b3:78:59:25:7b:e4:b8:d8:c0:b1:0e:cc:d4:7d:7c:91:fb:f0:
35:ac:60:c3:7e:b5:f7:4c:dd:c5:48:d2:e7:b1:45:f0:5f:d0:
1a:4f:62:86:a3:0b:b0:bc:ed:8c:53:76:99:58:2b:e4:2f:06:
08:0a:d1:6c:c4:1d:0d:91:0d:20:63:91:46:cf:72:00:30:c7:
cd:4a:57:7f:40:52:95:36:68:b4:88:69:6e:01:de:b0:1b:95:
21:65:90:ac:cb:fe:b2:4c:0e:29:c9:b0:df:4d:55:96:76:70:
88:18:f2:6c:c5:1e:03:e6:cd:be:f3:52:5d:c9:8e:44:2b:86:
8c:ed:e0:f7:bc:bb:03:39:64:1e:e8:61:d4:d4:7e:08:01:4b:
24:d5:25:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6+7Kn9eaw5f7mUXz8SDrhxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNDIwNTljZTI5MWQ0OWE2NjkyMDczMWM3NjdkYTU2M2Vm
MjExMjQwHhcNMjYwNjEzMDMwMDQxWhcNMjYwNjE0MDMwMDQxWjAzMTEwLwYDVQQD
EyhjMTc2N2I1Yjc4MTQyNDUwZThkM2RmZWExYTc0NWFjOWMxNTExYTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYSyNzHwsVJPdy3nFf85i+DEx6FL
FUX5fr/V4OTHuoX67iD8VTwn7MrJT59bq1wu3m/ky4w2//S0dhHR1JKg5IL17QeW
i5nvN+AScfFPuhsT4UoIP3LVEDq8ES+2+FKHQDncCVS7mA7zRV8ExkXl4w4v8cXL
abyYBa+fhQBk0fWCtC5zJlc3sT6gqDaxNM4m83fS5BFOQlXlaZc/clgTYQFdtWDI
QJtER80ejg+zd67gS/vDtIOEObCxYE6bTpytxxi/gNeRoKnNVlPE9CuMzNOYWw5E
2yJyAerOew+lfX8Y7iyLtvOlptjBHqWo+eJRyJuEoHr+lMz5JeFJw8JI+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMF2e1t4FCRQ6NPf6hp0WsnBURo1MB8GA1UdIwQY
MBaAFNtCBZzikdSaZpIHMcdn2lY+8hEkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzIt
OTMxMmQwODdkZmNhLzEvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzItOTMxMmQwODdkZmNh
LzEvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh89B/IYm
V7ch/sZgesXDUJzaw/3RhgAK7CX10vHbEdoVoEGb4OJ1OhlgticRgd59BCpU7KxE
g0p9r9awB778s/aHETeA4CdrXbART/yNlJS9RsCWxQOnnNh8WvgcXtEQIctupYIm
BQIW/WBCs3hZJXvkuNjAsQ7M1H18kfvwNaxgw36190zdxUjS57FF8F/QGk9ihqML
sLztjFN2mVgr5C8GCArRbMQdDZENIGORRs9yADDHzUpXf0BSlTZotIhpbgHesBuV
IWWQrMv+skwOKcmw301VlnZwiBjybMUeA+bNvvNSXcmORCuGjO3g97y7AzlkHuhh
1NR+CAFLJNUlGQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:45:55 2026 by rpki-client