Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.mft
File: otP5vJZWutwm594auw-nLD1yjdg.mft (raw, json)
Hash identifier: 0oqXBWzbW/m+KPeS6cTAAJOUxmkF3AsNoLNJ7N0+3Fs=
Subject key identifier: 52:7C:AB:7F:C0:31:A3:AE:F8:86:67:E3:F3:78:DB:FD:4C:B8:81:D5
Authority key identifier: A2:D3:F9:BC:96:56:BA:DC:26:E7:DE:1A:BB:0F:A7:2C:3D:72:8D:D8
Certificate issuer: /CN=a2d3f9bc9656badc26e7de1abb0fa72c3d728dd8
Certificate serial: 019CA9EA89FD68ED150E57D80893F625DE12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/otP5vJZWutwm594auw-nLD1yjdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.mft
Manifest number: 04AB
Signing time: Sun 01 Mar 2026 15:00:46 +0000
Manifest this update: Sun 01 Mar 2026 15:00:46 +0000
Manifest next update: Mon 02 Mar 2026 15:00:46 +0000
Files and hashes: 1: otP5vJZWutwm594auw-nLD1yjdg.crl (hash: nJpcJ8N5wQVLIt8CGxRGBFiRw6sHLoWwq0GQqVqver8=)
2: wq9tYLfVQC77CHQnEGOwVihriSc.roa (hash: tQsNymN61pdlaZw2p685YQ4hLAz1lZz1V7NLew6Ch8g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.mft
rsync://rpki.ripe.net/repository/DEFAULT/otP5vJZWutwm594auw-nLD1yjdg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a9:ea:89:fd:68:ed:15:0e:57:d8:08:93:f6:25:de:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2d3f9bc9656badc26e7de1abb0fa72c3d728dd8
Validity
Not Before: Mar 1 15:00:46 2026 GMT
Not After : Mar 2 15:00:46 2026 GMT
Subject: CN=527cab7fc031a3aef88667e3f378dbfd4cb881d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a6:45:ce:90:75:76:6b:a9:95:9a:7b:6c:5e:
a7:8e:a7:21:86:6e:46:5c:9f:28:5f:0a:88:fb:de:
f2:ec:4c:b1:58:cf:71:0f:75:19:97:a3:fa:c8:37:
76:59:7b:61:f9:ff:7a:92:96:e9:23:67:b3:51:8d:
11:cc:0f:36:70:75:7f:64:da:f8:3b:3c:8d:dd:e3:
57:3a:40:b4:c0:c2:88:ae:8a:5a:d9:83:05:2c:d7:
91:91:41:32:6c:74:86:37:c9:84:57:e7:da:7d:b1:
14:0d:f8:0d:f5:da:71:25:42:a2:57:2f:23:35:69:
f1:70:67:e2:cf:eb:ca:a4:39:f8:82:2d:98:b8:c6:
6e:b9:4a:64:4d:c9:d4:45:05:48:2e:6d:a8:61:16:
95:af:39:54:4d:ab:16:e5:3c:09:7d:43:47:80:09:
7e:2c:63:ce:d9:c0:7d:3c:7c:83:ff:68:37:b0:9f:
6e:a4:55:e5:7a:c0:ea:da:8d:87:ab:d8:be:5f:43:
2e:27:98:57:13:fc:b0:b6:7e:81:d7:04:14:1e:a6:
b2:b8:39:40:2c:e6:91:f0:57:9a:bd:91:dd:0e:e8:
fe:20:06:10:7e:84:1a:49:cf:65:c2:b0:f8:68:c3:
2b:7a:11:37:a4:83:26:51:88:6c:d8:73:ae:36:8a:
ce:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:7C:AB:7F:C0:31:A3:AE:F8:86:67:E3:F3:78:DB:FD:4C:B8:81:D5
X509v3 Authority Key Identifier:
keyid:A2:D3:F9:BC:96:56:BA:DC:26:E7:DE:1A:BB:0F:A7:2C:3D:72:8D:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/otP5vJZWutwm594auw-nLD1yjdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
41:b6:48:9d:10:ca:ef:f0:8e:6e:87:05:fa:db:df:a0:b8:c9:
38:05:56:b5:78:18:36:83:86:69:79:f8:8a:93:4b:bc:92:e7:
34:6b:ab:fe:d1:2f:65:90:59:9c:e5:ee:8c:ed:a8:ea:4d:55:
aa:03:bf:39:a3:64:db:f8:08:69:31:71:47:66:5f:a6:02:c5:
c6:ee:91:a4:c3:57:58:60:33:3b:04:67:86:f8:18:a6:cf:8e:
43:26:d5:79:3a:d9:79:28:60:82:50:11:47:9d:a1:14:e0:fb:
59:f0:dd:03:40:f1:d0:41:aa:b7:d3:c7:01:dd:44:d1:cc:11:
c4:30:db:96:d9:32:1b:1a:61:df:0a:12:ad:48:59:9a:11:19:
8c:16:23:15:3f:b6:0b:99:c7:f6:6f:2f:fd:1f:cf:b3:24:fc:
fe:8a:b4:c3:87:c7:13:7e:52:58:2a:aa:6a:bc:6b:60:76:e3:
57:bf:a9:02:b5:5b:ed:ec:f7:85:fb:be:5f:ce:de:9e:da:2c:
25:4c:3b:26:56:38:c9:f3:b3:50:d8:b8:4f:3c:17:11:f4:da:
45:90:ef:b7:f8:66:b1:f6:8e:3e:72:36:ec:52:e9:47:e0:f7:
19:85:5a:ea:12:26:5c:1e:84:17:d7:a8:ce:ef:68:33:05:a9:
d8:f8:aa:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyp6on9aO0VDlfYCJP2Jd4SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZDNmOWJjOTY1NmJhZGMyNmU3ZGUxYWJiMGZhNzJjM2Q3
MjhkZDgwHhcNMjYwMzAxMTUwMDQ2WhcNMjYwMzAyMTUwMDQ2WjAzMTEwLwYDVQQD
Eyg1MjdjYWI3ZmMwMzFhM2FlZjg4NjY3ZTNmMzc4ZGJmZDRjYjg4MWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKZFzpB1dmuplZp7bF6njqchhm5G
XJ8oXwqI+97y7EyxWM9xD3UZl6P6yDd2WXth+f96kpbpI2ezUY0RzA82cHV/ZNr4
OzyN3eNXOkC0wMKIropa2YMFLNeRkUEybHSGN8mEV+fafbEUDfgN9dpxJUKiVy8j
NWnxcGfiz+vKpDn4gi2YuMZuuUpkTcnURQVILm2oYRaVrzlUTasW5TwJfUNHgAl+
LGPO2cB9PHyD/2g3sJ9upFXlesDq2o2Hq9i+X0MuJ5hXE/ywtn6B1wQUHqayuDlA
LOaR8FeavZHdDuj+IAYQfoQaSc9lwrD4aMMrehE3pIMmUYhs2HOuNorOmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFJ8q3/AMaOu+IZn4/N42/1MuIHVMB8GA1UdIwQY
MBaAFKLT+byWVrrcJufeGrsPpyw9co3YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3RQNXZKWld1dHdtNTk0YXV3LW5MRDF5amRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82OGZkMGYtMmI4Ny00NzA0LWEzMmYt
ZDcxMWU4NGMyOWExLzEvb3RQNXZKWld1dHdtNTk0YXV3LW5MRDF5amRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82OGZkMGYtMmI4Ny00NzA0LWEzMmYtZDcxMWU4NGMyOWEx
LzEvb3RQNXZKWld1dHdtNTk0YXV3LW5MRDF5amRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQbZInRDK
7/CObocF+tvfoLjJOAVWtXgYNoOGaXn4ipNLvJLnNGur/tEvZZBZnOXujO2o6k1V
qgO/OaNk2/gIaTFxR2ZfpgLFxu6RpMNXWGAzOwRnhvgYps+OQybVeTrZeShgglAR
R52hFOD7WfDdA0Dx0EGqt9PHAd1E0cwRxDDbltkyGxph3woSrUhZmhEZjBYjFT+2
C5nH9m8v/R/PsyT8/oq0w4fHE35SWCqqarxrYHbjV7+pArVb7ez3hfu+X87entos
JUw7JlY4yfOzUNi4TzwXEfTaRZDvt/hmsfaOPnI27FLpR+D3GYVa6hImXB6EF9eo
zu9oMwWp2Piqjg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:52:13 2026 by rpki-client