Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/450b29-40d6-4da3-90b0-929893081866/1/Dh3VOVJaOdhHAU6P6jxkHZc8yGY.mft
File: Dh3VOVJaOdhHAU6P6jxkHZc8yGY.mft (raw, json)
Hash identifier: 8m+NyPkmFF+QtXdsEGyY4CWXQJt20ntaOQdmrWjtwyw=
Subject key identifier: 12:BF:E9:F9:71:92:44:DA:9C:92:AC:0A:7A:D9:2F:7B:FE:F6:83:BB
Authority key identifier: 0E:1D:D5:39:52:5A:39:D8:47:01:4E:8F:EA:3C:64:1D:97:3C:C8:66
Certificate issuer: /CN=0e1dd539525a39d847014e8fea3c641d973cc866
Certificate serial: 019CAC103A4A2DA9946089156F878B4BD464
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dh3VOVJaOdhHAU6P6jxkHZc8yGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/450b29-40d6-4da3-90b0-929893081866/1/Dh3VOVJaOdhHAU6P6jxkHZc8yGY.mft
Manifest number: 07CA
Signing time: Mon 02 Mar 2026 01:01:10 +0000
Manifest this update: Mon 02 Mar 2026 01:01:10 +0000
Manifest next update: Tue 03 Mar 2026 01:01:10 +0000
Files and hashes: 1: Dh3VOVJaOdhHAU6P6jxkHZc8yGY.crl (hash: oBzOfAIrDgdl99gFzeb2O/Lvv8aSGb8V7vtZd8wdqR0=)
2: wWu-RpwUyxS5-QEBD4scp9HUjmY.roa (hash: Vz+DIxi0X/mIEqFNyd8Fjt4ub221xLszyBI1vupEUnQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/450b29-40d6-4da3-90b0-929893081866/1/Dh3VOVJaOdhHAU6P6jxkHZc8yGY.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/450b29-40d6-4da3-90b0-929893081866/1/Dh3VOVJaOdhHAU6P6jxkHZc8yGY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Dh3VOVJaOdhHAU6P6jxkHZc8yGY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:10:3a:4a:2d:a9:94:60:89:15:6f:87:8b:4b:d4:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e1dd539525a39d847014e8fea3c641d973cc866
Validity
Not Before: Mar 2 01:01:10 2026 GMT
Not After : Mar 3 01:01:10 2026 GMT
Subject: CN=12bfe9f9719244da9c92ac0a7ad92f7bfef683bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:41:38:5e:43:c6:24:44:b5:0d:89:62:d9:ff:
39:e5:28:0e:c9:6a:d2:c8:04:e6:c8:22:f2:94:14:
44:ca:9a:39:37:a9:be:da:1c:e7:8b:b5:1d:72:81:
2a:23:80:7b:9e:f0:26:dd:06:da:26:eb:f7:e1:df:
a1:39:a1:12:06:ff:bc:fb:df:b7:bb:4d:d1:c6:df:
5c:1c:33:52:29:cd:15:e6:65:af:96:ed:5f:cd:08:
dd:b8:fd:77:ee:32:76:9c:ca:14:4b:b7:ce:6f:11:
ff:29:ce:c0:d2:dc:88:07:00:92:be:c7:48:30:3e:
3e:5e:32:61:0e:2f:50:ff:58:a0:cf:d2:da:f7:ea:
aa:30:7f:00:64:99:c7:ad:09:b4:d2:f8:84:6d:5d:
31:d1:53:28:5c:cc:31:81:a9:c9:99:ff:d6:93:d9:
f5:59:50:3d:2d:15:ea:d8:b7:ba:69:4a:d6:07:94:
07:43:67:da:a3:2d:43:f8:e1:c4:73:41:e2:66:91:
2e:fc:1d:c2:a5:d2:a3:4a:98:89:e8:5d:06:10:22:
72:2f:ff:d8:3b:a1:10:ae:46:be:97:d0:91:47:31:
3d:3c:e4:ae:da:8a:8a:9d:90:70:29:80:87:3b:8c:
6e:ff:aa:25:c0:a6:22:af:e1:7d:0c:10:16:9a:6a:
6b:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:BF:E9:F9:71:92:44:DA:9C:92:AC:0A:7A:D9:2F:7B:FE:F6:83:BB
X509v3 Authority Key Identifier:
keyid:0E:1D:D5:39:52:5A:39:D8:47:01:4E:8F:EA:3C:64:1D:97:3C:C8:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dh3VOVJaOdhHAU6P6jxkHZc8yGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/450b29-40d6-4da3-90b0-929893081866/1/Dh3VOVJaOdhHAU6P6jxkHZc8yGY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/450b29-40d6-4da3-90b0-929893081866/1/Dh3VOVJaOdhHAU6P6jxkHZc8yGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
59:11:e8:33:3d:6d:38:2e:e1:0f:8e:70:eb:37:74:29:33:ef:
b8:e4:a0:34:89:c9:0e:1a:f3:c6:85:c3:05:83:d7:db:3e:5b:
f3:03:16:c6:a6:56:e4:26:22:1b:ef:27:5c:22:16:66:2f:fb:
c0:a4:a8:0d:9e:a4:ce:7d:90:16:69:ee:d3:03:87:49:e3:0d:
4e:d3:71:69:bc:9e:2f:a4:e8:cd:f4:ac:79:49:94:13:3b:5a:
40:e3:a7:6f:85:4b:4d:33:88:16:b7:7a:91:59:e3:ef:fb:f2:
e4:dc:02:83:b4:65:64:a6:fd:43:19:e9:e3:18:17:0f:56:06:
94:da:0c:57:d0:55:85:7f:cf:42:21:0e:24:29:d4:4e:2f:4f:
15:b0:52:d5:a0:59:b8:a8:61:86:0f:9d:88:c1:48:df:8e:59:
78:e1:15:16:31:e3:9e:53:0a:f8:dd:34:36:45:36:d5:f2:85:
bc:50:09:7b:ea:e1:d9:6c:2f:44:e2:03:35:19:cc:b8:0f:f9:
12:9f:9b:de:c3:d9:92:ec:40:16:f7:54:28:66:c6:00:18:f3:
56:85:c2:9f:82:70:75:71:8a:3e:33:48:a8:32:4a:0e:27:6d:
9a:ea:2d:21:46:f0:9b:cf:5a:9f:94:30:10:c8:3a:86:cd:07:
29:fc:ba:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysEDpKLamUYIkVb4eLS9RkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMWRkNTM5NTI1YTM5ZDg0NzAxNGU4ZmVhM2M2NDFkOTcz
Y2M4NjYwHhcNMjYwMzAyMDEwMTEwWhcNMjYwMzAzMDEwMTEwWjAzMTEwLwYDVQQD
EygxMmJmZTlmOTcxOTI0NGRhOWM5MmFjMGE3YWQ5MmY3YmZlZjY4M2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA10E4XkPGJES1DYli2f855SgOyWrS
yATmyCLylBREypo5N6m+2hzni7UdcoEqI4B7nvAm3QbaJuv34d+hOaESBv+8+9+3
u03Rxt9cHDNSKc0V5mWvlu1fzQjduP137jJ2nMoUS7fObxH/Kc7A0tyIBwCSvsdI
MD4+XjJhDi9Q/1igz9La9+qqMH8AZJnHrQm00viEbV0x0VMoXMwxganJmf/Wk9n1
WVA9LRXq2Le6aUrWB5QHQ2faoy1D+OHEc0HiZpEu/B3CpdKjSpiJ6F0GECJyL//Y
O6EQrka+l9CRRzE9POSu2oqKnZBwKYCHO4xu/6olwKYir+F9DBAWmmprYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBK/6flxkkTanJKsCnrZL3v+9oO7MB8GA1UdIwQY
MBaAFA4d1TlSWjnYRwFOj+o8ZB2XPMhmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGgzVk9WSmFPZGhIQVU2UDZqeGtIWmM4eUdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS80NTBiMjktNDBkNi00ZGEzLTkwYjAt
OTI5ODkzMDgxODY2LzEvRGgzVk9WSmFPZGhIQVU2UDZqeGtIWmM4eUdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS80NTBiMjktNDBkNi00ZGEzLTkwYjAtOTI5ODkzMDgxODY2
LzEvRGgzVk9WSmFPZGhIQVU2UDZqeGtIWmM4eUdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWRHoMz1t
OC7hD45w6zd0KTPvuOSgNInJDhrzxoXDBYPX2z5b8wMWxqZW5CYiG+8nXCIWZi/7
wKSoDZ6kzn2QFmnu0wOHSeMNTtNxabyeL6TozfSseUmUEztaQOOnb4VLTTOIFrd6
kVnj7/vy5NwCg7RlZKb9Qxnp4xgXD1YGlNoMV9BVhX/PQiEOJCnUTi9PFbBS1aBZ
uKhhhg+diMFI345ZeOEVFjHjnlMK+N00NkU21fKFvFAJe+rh2WwvROIDNRnMuA/5
Ep+b3sPZkuxAFvdUKGbGABjzVoXCn4JwdXGKPjNIqDJKDidtmuotIUbwm89an5Qw
EMg6hs0HKfy6FA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:19:09 2026 by rpki-client