Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft
File: tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft (raw, json)
Hash identifier: WqQEbYOZLQHN7FFpA8F4vtHKmR6kSeyMqOha4S6zB1U=
Subject key identifier: 95:A0:4F:FB:1C:99:86:10:6E:A7:5D:67:1D:60:37:06:F5:63:DC:A0
Authority key identifier: B4:36:C0:F0:EC:8B:BE:DF:0F:60:84:4D:FE:4F:E9:39:36:9A:4B:40
Certificate issuer: /CN=b436c0f0ec8bbedf0f60844dfe4fe939369a4b40
Certificate serial: 019CABD8F53AFA2A5E4F1F85363B1E6244FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft
Manifest number: 0577
Signing time: Mon 02 Mar 2026 00:00:48 +0000
Manifest this update: Mon 02 Mar 2026 00:00:48 +0000
Manifest next update: Tue 03 Mar 2026 00:00:48 +0000
Files and hashes: 1: 0lwIzPsGn14owxvXy7_61u8zBPk.roa (hash: RHYNuusrfwoS7Vg7kp1EMywIH/hGj3OELuZX6uFgB7Q=)
2: tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl (hash: et/RaTs1jQN3yIq+ac3UO4ix5XxQpjeRrfpkZeTImZI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:d8:f5:3a:fa:2a:5e:4f:1f:85:36:3b:1e:62:44:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b436c0f0ec8bbedf0f60844dfe4fe939369a4b40
Validity
Not Before: Mar 2 00:00:48 2026 GMT
Not After : Mar 3 00:00:48 2026 GMT
Subject: CN=95a04ffb1c9986106ea75d671d603706f563dca0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7c:be:11:62:0b:12:40:af:53:2a:44:56:4f:
d2:8b:35:b3:c3:83:f0:e7:93:8f:45:35:e5:9f:dd:
59:d7:96:c4:22:9f:32:66:7e:ed:29:e6:83:92:d9:
cf:4f:5e:ec:f6:1b:f8:10:12:c9:e8:4d:30:a7:50:
d9:f7:33:a7:36:3e:95:0b:06:37:89:f6:5d:38:67:
58:cf:eb:6d:2d:88:cb:c7:28:84:9a:be:e5:d3:e0:
04:2d:bb:90:f5:78:b2:d8:e3:d4:cc:bf:b5:6f:82:
12:43:7a:c3:39:81:0f:e9:11:c3:d4:de:32:44:aa:
29:83:88:50:a2:91:77:96:7b:de:47:af:17:b6:a6:
2a:a9:aa:98:c6:99:e9:2d:ce:de:d9:99:4d:49:ee:
28:31:8c:4e:94:9a:28:14:7c:0d:43:0c:fa:d4:17:
b5:e3:c8:73:b7:3f:ba:9c:30:5c:25:22:9e:7f:f8:
90:7c:4c:9d:5f:84:08:14:e8:7d:c6:9a:25:d7:86:
09:40:96:96:a5:fd:ee:66:94:65:97:b4:b8:8f:91:
9d:28:5b:04:50:21:91:45:bd:5d:3e:ce:5b:21:2b:
5f:db:71:4a:c0:69:4f:04:8c:ac:c6:de:d8:16:a8:
a2:16:84:c6:bd:38:d3:55:b3:f6:cc:b2:3b:66:25:
42:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:A0:4F:FB:1C:99:86:10:6E:A7:5D:67:1D:60:37:06:F5:63:DC:A0
X509v3 Authority Key Identifier:
keyid:B4:36:C0:F0:EC:8B:BE:DF:0F:60:84:4D:FE:4F:E9:39:36:9A:4B:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
91:fc:bf:48:84:fc:03:ac:6d:82:ba:b1:a4:f8:78:9e:7b:b8:
95:79:b3:10:15:78:ca:74:5f:c7:b0:d8:e9:8c:2f:2d:7b:b7:
a2:cc:01:3f:da:c7:dd:01:a7:5e:94:a1:4a:44:f2:54:19:28:
82:6c:f0:c5:23:4d:f6:6d:ef:2b:d5:db:62:b8:f4:88:c2:8e:
25:32:57:82:1a:b2:79:4e:c3:3b:ce:17:16:be:65:18:42:54:
95:ae:8b:a6:8a:5d:39:f7:5b:1e:07:77:30:02:42:87:95:45:
bd:f4:ca:9c:e8:64:44:99:da:60:ff:68:17:46:3b:0e:ee:20:
de:88:37:0b:dc:e1:ae:5a:c1:3f:33:27:00:83:b7:d4:77:6d:
18:86:b4:a1:c9:5b:73:21:f4:61:05:e3:60:e9:02:b6:38:39:
d2:4f:0d:7e:83:30:17:18:d0:99:3a:96:b3:6d:37:a2:5e:f1:
34:8e:42:88:4c:71:b1:c1:4f:5f:48:e5:32:db:db:16:47:48:
5d:9d:60:2a:e7:5d:86:7b:19:27:13:64:f5:b2:08:73:74:6b:
5e:9a:af:a0:a8:0e:60:15:c9:80:01:76:93:b6:b6:17:15:0f:
eb:a9:b6:69:ad:87:7b:0a:69:f5:de:12:f2:13:a8:4e:30:61:
d9:81:04:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2PU6+ipeTx+FNjseYkT+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzZjMGYwZWM4YmJlZGYwZjYwODQ0ZGZlNGZlOTM5MzY5
YTRiNDAwHhcNMjYwMzAyMDAwMDQ4WhcNMjYwMzAzMDAwMDQ4WjAzMTEwLwYDVQQD
Eyg5NWEwNGZmYjFjOTk4NjEwNmVhNzVkNjcxZDYwMzcwNmY1NjNkY2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHy+EWILEkCvUypEVk/SizWzw4Pw
55OPRTXln91Z15bEIp8yZn7tKeaDktnPT17s9hv4EBLJ6E0wp1DZ9zOnNj6VCwY3
ifZdOGdYz+ttLYjLxyiEmr7l0+AELbuQ9Xiy2OPUzL+1b4ISQ3rDOYEP6RHD1N4y
RKopg4hQopF3lnveR68XtqYqqaqYxpnpLc7e2ZlNSe4oMYxOlJooFHwNQwz61Be1
48hztz+6nDBcJSKef/iQfEydX4QIFOh9xpol14YJQJaWpf3uZpRll7S4j5GdKFsE
UCGRRb1dPs5bIStf23FKwGlPBIysxt7YFqiiFoTGvTjTVbP2zLI7ZiVCCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJWgT/scmYYQbqddZx1gNwb1Y9ygMB8GA1UdIwQY
MBaAFLQ2wPDsi77fD2CETf5P6Tk2mktAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9kYjY2YWItNzBhYy00MWFkLTk5NTgt
ZGQ4YjVhZmNlZTNiLzEvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9kYjY2YWItNzBhYy00MWFkLTk5NTgtZGQ4YjVhZmNlZTNi
LzEvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkfy/SIT8
A6xtgrqxpPh4nnu4lXmzEBV4ynRfx7DY6YwvLXu3oswBP9rH3QGnXpShSkTyVBko
gmzwxSNN9m3vK9XbYrj0iMKOJTJXghqyeU7DO84XFr5lGEJUla6LpopdOfdbHgd3
MAJCh5VFvfTKnOhkRJnaYP9oF0Y7Du4g3og3C9zhrlrBPzMnAIO31HdtGIa0oclb
cyH0YQXjYOkCtjg50k8NfoMwFxjQmTqWs203ol7xNI5CiExxscFPX0jlMtvbFkdI
XZ1gKuddhnsZJxNk9bIIc3RrXpqvoKgOYBXJgAF2k7a2FxUP66m2aa2Hewpp9d4S
8hOoTjBh2YEEdg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:21:49 2026 by rpki-client