Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/544bea-f1ec-4666-81c0-78a4d65693fe/1/D97nlErE2jERKV2B4p3roAwWOpY.mft
File: D97nlErE2jERKV2B4p3roAwWOpY.mft (raw, json)
Hash identifier: tDuY7ssBgWvqaIvBTg1oB1dYDsa7IApYTmHhnM513kU=
Subject key identifier: 21:FB:58:FD:A7:3B:23:65:75:7A:FD:59:78:BC:C7:B2:53:B3:B0:7E
Authority key identifier: 0F:DE:E7:94:4A:C4:DA:31:11:29:5D:81:E2:9D:EB:A0:0C:16:3A:96
Certificate issuer: /CN=0fdee7944ac4da3111295d81e29deba00c163a96
Certificate serial: 019CAD5A352221607155C4738865D455B181
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D97nlErE2jERKV2B4p3roAwWOpY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/544bea-f1ec-4666-81c0-78a4d65693fe/1/D97nlErE2jERKV2B4p3roAwWOpY.mft
Manifest number: 1242
Signing time: Mon 02 Mar 2026 07:01:36 +0000
Manifest this update: Mon 02 Mar 2026 07:01:36 +0000
Manifest next update: Tue 03 Mar 2026 07:01:36 +0000
Files and hashes: 1: D97nlErE2jERKV2B4p3roAwWOpY.crl (hash: O84wL9ZSn6XicbCcJ0oIuXMGfhYx5lQL29i/E97ZhCk=)
2: WgNv7-eEqKwSW95Nva_O1MQX1iY.roa (hash: 9ipqetu8ePvj0pp7eCO9cwEQqK0gXGR/o2mUfaHu77U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/544bea-f1ec-4666-81c0-78a4d65693fe/1/D97nlErE2jERKV2B4p3roAwWOpY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/544bea-f1ec-4666-81c0-78a4d65693fe/1/D97nlErE2jERKV2B4p3roAwWOpY.mft
rsync://rpki.ripe.net/repository/DEFAULT/D97nlErE2jERKV2B4p3roAwWOpY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:5a:35:22:21:60:71:55:c4:73:88:65:d4:55:b1:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0fdee7944ac4da3111295d81e29deba00c163a96
Validity
Not Before: Mar 2 07:01:36 2026 GMT
Not After : Mar 3 07:01:36 2026 GMT
Subject: CN=21fb58fda73b2365757afd5978bcc7b253b3b07e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:4a:da:cb:b3:20:e2:5c:bb:73:d9:5b:a9:91:
ee:dd:b1:11:d9:a8:25:d7:16:f1:fe:2d:bd:d2:1d:
12:eb:13:c3:a5:48:a1:8d:71:37:01:a8:a5:ba:7f:
9b:97:7a:e7:99:d9:38:c7:b0:1d:74:30:07:84:bf:
b6:8b:a3:38:84:d0:50:99:aa:47:06:7e:f4:3d:f3:
92:f8:5b:91:04:3c:c9:7f:87:f3:bf:34:ee:b0:c1:
21:02:46:26:f0:09:64:86:9e:86:c7:c1:81:a7:b7:
aa:45:df:a5:e2:e2:6c:d2:18:ac:53:8a:b3:a8:9e:
02:e0:22:4f:17:6e:fa:db:80:a7:0c:39:94:df:41:
47:2f:83:44:50:85:55:cb:23:0b:94:86:0f:43:aa:
da:45:0a:4b:3d:45:cd:d1:b1:b4:e0:26:1d:a4:aa:
fc:4a:32:1d:d6:1d:45:3e:a7:ce:61:09:3a:56:5b:
65:17:9f:78:bb:da:2f:3e:73:c6:82:2b:9f:6a:da:
38:62:0f:66:1b:a2:e2:86:d5:e1:7e:f5:6d:34:a5:
eb:e3:ee:c8:7c:c0:85:13:3d:cb:03:3f:e4:d5:92:
00:95:f4:dc:34:89:bc:d7:d1:bc:53:1a:1c:51:72:
fd:fa:ff:67:58:be:4d:9b:48:b1:b9:5b:a8:c8:1d:
b7:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:FB:58:FD:A7:3B:23:65:75:7A:FD:59:78:BC:C7:B2:53:B3:B0:7E
X509v3 Authority Key Identifier:
keyid:0F:DE:E7:94:4A:C4:DA:31:11:29:5D:81:E2:9D:EB:A0:0C:16:3A:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D97nlErE2jERKV2B4p3roAwWOpY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/544bea-f1ec-4666-81c0-78a4d65693fe/1/D97nlErE2jERKV2B4p3roAwWOpY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/544bea-f1ec-4666-81c0-78a4d65693fe/1/D97nlErE2jERKV2B4p3roAwWOpY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
53:5e:5e:8d:bd:9b:ec:87:50:2e:02:26:1a:8a:fa:cf:28:5d:
63:43:1f:a3:3c:fe:48:32:43:63:b7:d7:e4:0c:9c:ba:d1:1c:
62:c3:7f:2f:fc:4a:ac:fa:f0:9b:17:b2:52:f9:5a:16:07:3d:
86:95:bd:59:11:4f:bb:07:01:3b:ff:a8:bf:0f:65:37:a6:53:
f7:94:72:2e:11:c3:70:4d:1f:26:30:1e:65:99:62:31:68:30:
3d:1b:6c:8c:da:a3:85:46:4d:ce:66:00:28:08:d7:88:44:75:
00:b5:ad:31:6f:0f:4c:69:9f:d9:f6:7f:e4:e8:fe:ca:19:39:
77:17:c8:96:1b:66:26:31:9e:39:4b:e5:c2:68:69:f5:fe:5c:
37:b6:c4:0d:0b:58:d1:04:84:5e:f1:5f:2f:ad:ba:ca:fb:f8:
1d:ce:46:fc:52:f4:b2:23:45:6a:63:74:96:19:be:38:87:ec:
ee:30:49:01:10:8d:3b:fc:f3:4c:5f:66:0f:72:6d:61:f7:48:
0e:65:8f:4c:03:29:31:0a:44:d8:ca:f2:b3:63:96:89:d1:ee:
52:6c:94:b7:b3:28:d0:b1:4d:47:fa:ad:bd:cc:be:bc:f9:14:
20:52:03:39:98:56:2c:92:d1:30:ec:38:c4:be:b0:e5:65:58:
96:86:82:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWjUiIWBxVcRziGXUVbGBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZGVlNzk0NGFjNGRhMzExMTI5NWQ4MWUyOWRlYmEwMGMx
NjNhOTYwHhcNMjYwMzAyMDcwMTM2WhcNMjYwMzAzMDcwMTM2WjAzMTEwLwYDVQQD
EygyMWZiNThmZGE3M2IyMzY1NzU3YWZkNTk3OGJjYzdiMjUzYjNiMDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEray7Mg4ly7c9lbqZHu3bER2agl
1xbx/i290h0S6xPDpUihjXE3Aailun+bl3rnmdk4x7AddDAHhL+2i6M4hNBQmapH
Bn70PfOS+FuRBDzJf4fzvzTusMEhAkYm8Alkhp6Gx8GBp7eqRd+l4uJs0hisU4qz
qJ4C4CJPF27624CnDDmU30FHL4NEUIVVyyMLlIYPQ6raRQpLPUXN0bG04CYdpKr8
SjId1h1FPqfOYQk6VltlF594u9ovPnPGgiufato4Yg9mG6LihtXhfvVtNKXr4+7I
fMCFEz3LAz/k1ZIAlfTcNIm819G8UxocUXL9+v9nWL5Nm0ixuVuoyB23XwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCH7WP2nOyNldXr9WXi8x7JTs7B+MB8GA1UdIwQY
MBaAFA/e55RKxNoxESldgeKd66AMFjqWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDk3bmxFckUyakVSS1YyQjRwM3JvQXdXT3BZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS81NDRiZWEtZjFlYy00NjY2LTgxYzAt
NzhhNGQ2NTY5M2ZlLzEvRDk3bmxFckUyakVSS1YyQjRwM3JvQXdXT3BZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS81NDRiZWEtZjFlYy00NjY2LTgxYzAtNzhhNGQ2NTY5M2Zl
LzEvRDk3bmxFckUyakVSS1YyQjRwM3JvQXdXT3BZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU15ejb2b
7IdQLgImGor6zyhdY0Mfozz+SDJDY7fX5AycutEcYsN/L/xKrPrwmxeyUvlaFgc9
hpW9WRFPuwcBO/+ovw9lN6ZT95RyLhHDcE0fJjAeZZliMWgwPRtsjNqjhUZNzmYA
KAjXiER1ALWtMW8PTGmf2fZ/5Oj+yhk5dxfIlhtmJjGeOUvlwmhp9f5cN7bEDQtY
0QSEXvFfL626yvv4Hc5G/FL0siNFamN0lhm+OIfs7jBJARCNO/zzTF9mD3JtYfdI
DmWPTAMpMQpE2Mrys2OWidHuUmyUt7Mo0LFNR/qtvcy+vPkUIFIDOZhWLJLRMOw4
xL6w5WVYloaC8Q==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:46:07 2026 by rpki-client