Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/2ce520-ec07-45ef-b587-a2abdadf5f90/1/0luQuJgbWR11p-k14TBKdAdWAv0.mft
File: 0luQuJgbWR11p-k14TBKdAdWAv0.mft (raw, json)
Hash identifier: 7U8jt/rnZNsskd+e4FDHqbmhtcqERCxtAcu8sDr44Hs=
Subject key identifier: A9:71:02:15:67:B1:92:E2:1D:5D:00:82:92:1A:34:4F:A1:F5:70:B3
Authority key identifier: D2:5B:90:B8:98:1B:59:1D:75:A7:E9:35:E1:30:4A:74:07:56:02:FD
Certificate issuer: /CN=d25b90b8981b591d75a7e935e1304a74075602fd
Certificate serial: 019CAAC6C10ED1C3B8BF45427F77B3E530CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0luQuJgbWR11p-k14TBKdAdWAv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/2ce520-ec07-45ef-b587-a2abdadf5f90/1/0luQuJgbWR11p-k14TBKdAdWAv0.mft
Manifest number: 1720
Signing time: Sun 01 Mar 2026 19:01:18 +0000
Manifest this update: Sun 01 Mar 2026 19:01:18 +0000
Manifest next update: Mon 02 Mar 2026 19:01:18 +0000
Files and hashes: 1: 0luQuJgbWR11p-k14TBKdAdWAv0.crl (hash: J7fLVQAlZQFKr6wv0MMrAHjfZUFZxLFZOR4svMMS10A=)
2: PzBJvCvuKoLcfTByzdz7KrKT9g0.roa (hash: 3oZ6E/qyPFCkNxJX9IOFDQ5m/aqdqH2CkJ/hq3ptHGc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/2ce520-ec07-45ef-b587-a2abdadf5f90/1/0luQuJgbWR11p-k14TBKdAdWAv0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/2ce520-ec07-45ef-b587-a2abdadf5f90/1/0luQuJgbWR11p-k14TBKdAdWAv0.mft
rsync://rpki.ripe.net/repository/DEFAULT/0luQuJgbWR11p-k14TBKdAdWAv0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:c6:c1:0e:d1:c3:b8:bf:45:42:7f:77:b3:e5:30:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d25b90b8981b591d75a7e935e1304a74075602fd
Validity
Not Before: Mar 1 19:01:18 2026 GMT
Not After : Mar 2 19:01:18 2026 GMT
Subject: CN=a971021567b192e21d5d0082921a344fa1f570b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:92:81:d2:8e:ea:6c:06:e6:97:e1:cd:17:09:
10:21:52:24:09:c8:86:bb:44:a6:f3:d2:05:63:41:
71:f1:13:cd:8e:9d:58:d4:0f:ea:9c:bd:a8:63:fc:
ff:16:e4:d9:98:dc:9b:11:67:dd:96:0e:0a:1a:e0:
5a:52:c5:4f:0c:46:b0:82:8f:85:6e:85:1a:86:33:
8c:ad:9f:87:8a:2e:c6:b9:c8:83:c7:55:36:0d:76:
d7:e3:8f:50:77:58:8b:84:7d:2d:06:1a:1b:e6:85:
bd:22:2c:b9:4b:63:a4:fc:31:c9:24:3b:da:f4:f9:
cb:d4:b5:16:b1:a6:44:25:b9:50:68:96:03:85:19:
16:c7:98:30:63:dc:af:3a:77:c3:a5:2b:ca:73:0f:
d8:38:21:21:48:6c:eb:d3:1e:4c:3e:dd:31:64:18:
65:52:df:2a:6d:ca:ec:87:0a:f0:b0:26:59:5b:ad:
81:57:85:36:78:88:87:95:59:6e:18:65:a0:86:ea:
02:f2:2e:a9:fa:9f:62:c1:fe:8c:84:06:fe:07:4b:
eb:fa:62:19:a1:f8:a0:df:a5:88:e9:bf:df:57:fa:
2c:e8:17:96:18:e9:93:df:8f:c0:86:12:6e:5a:73:
ae:c0:16:01:17:29:88:a7:8a:82:7c:71:cb:2f:88:
b5:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:71:02:15:67:B1:92:E2:1D:5D:00:82:92:1A:34:4F:A1:F5:70:B3
X509v3 Authority Key Identifier:
keyid:D2:5B:90:B8:98:1B:59:1D:75:A7:E9:35:E1:30:4A:74:07:56:02:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0luQuJgbWR11p-k14TBKdAdWAv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/2ce520-ec07-45ef-b587-a2abdadf5f90/1/0luQuJgbWR11p-k14TBKdAdWAv0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/2ce520-ec07-45ef-b587-a2abdadf5f90/1/0luQuJgbWR11p-k14TBKdAdWAv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1d:82:3e:ed:52:77:85:fd:6b:f2:44:50:d7:63:6d:dc:c0:4a:
f9:5e:61:02:36:a9:ce:ed:6a:b9:63:0a:1e:c0:08:1a:e3:9c:
b2:5e:26:4a:b2:37:0d:9f:7d:1b:b0:1f:13:3a:86:77:fd:39:
81:22:1c:85:df:8d:7f:2b:7c:3a:4e:d6:c6:8a:46:54:6e:38:
7e:1b:24:65:f9:4f:12:e5:68:c8:b9:94:95:f1:b7:f0:c3:f1:
35:3f:ca:ea:1a:99:bb:58:8b:50:af:b1:f5:94:36:f0:0e:b1:
d1:ea:d0:26:a7:9b:2b:19:f4:23:af:31:94:05:19:ed:54:b2:
0c:c9:44:61:8c:18:2a:13:9c:88:8f:43:09:01:bc:c4:15:4e:
71:26:53:1d:7d:dc:8a:fc:5f:19:ee:25:c2:30:6e:dc:48:03:
19:65:68:a6:29:9a:1e:72:16:1b:67:07:79:80:a2:43:85:43:
18:72:5c:af:06:a3:67:31:bd:47:01:50:9d:17:82:69:16:d0:
33:95:5b:33:cf:62:5b:1e:fe:16:ea:9a:b0:e1:c3:52:84:3c:
cd:32:f5:f3:3e:5c:ae:3c:c6:0e:fd:65:b7:de:24:b2:84:1f:
11:85:98:bb:39:f6:42:1e:03:9e:91:55:9e:f6:58:99:4e:57:
2b:6f:52:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxsEO0cO4v0VCf3ez5TDLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNWI5MGI4OTgxYjU5MWQ3NWE3ZTkzNWUxMzA0YTc0MDc1
NjAyZmQwHhcNMjYwMzAxMTkwMTE4WhcNMjYwMzAyMTkwMTE4WjAzMTEwLwYDVQQD
EyhhOTcxMDIxNTY3YjE5MmUyMWQ1ZDAwODI5MjFhMzQ0ZmExZjU3MGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5KB0o7qbAbml+HNFwkQIVIkCciG
u0Sm89IFY0Fx8RPNjp1Y1A/qnL2oY/z/FuTZmNybEWfdlg4KGuBaUsVPDEawgo+F
boUahjOMrZ+Hii7GuciDx1U2DXbX449Qd1iLhH0tBhob5oW9Iiy5S2Ok/DHJJDva
9PnL1LUWsaZEJblQaJYDhRkWx5gwY9yvOnfDpSvKcw/YOCEhSGzr0x5MPt0xZBhl
Ut8qbcrshwrwsCZZW62BV4U2eIiHlVluGGWghuoC8i6p+p9iwf6MhAb+B0vr+mIZ
ofig36WI6b/fV/os6BeWGOmT34/AhhJuWnOuwBYBFymIp4qCfHHLL4i15QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKlxAhVnsZLiHV0AgpIaNE+h9XCzMB8GA1UdIwQY
MBaAFNJbkLiYG1kddafpNeEwSnQHVgL9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGx1UXVKZ2JXUjExcC1rMTRUQktkQWRXQXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yY2U1MjAtZWMwNy00NWVmLWI1ODct
YTJhYmRhZGY1ZjkwLzEvMGx1UXVKZ2JXUjExcC1rMTRUQktkQWRXQXYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8yY2U1MjAtZWMwNy00NWVmLWI1ODctYTJhYmRhZGY1Zjkw
LzEvMGx1UXVKZ2JXUjExcC1rMTRUQktkQWRXQXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHYI+7VJ3
hf1r8kRQ12Nt3MBK+V5hAjapzu1quWMKHsAIGuOcsl4mSrI3DZ99G7AfEzqGd/05
gSIchd+Nfyt8Ok7WxopGVG44fhskZflPEuVoyLmUlfG38MPxNT/K6hqZu1iLUK+x
9ZQ28A6x0erQJqebKxn0I68xlAUZ7VSyDMlEYYwYKhOciI9DCQG8xBVOcSZTHX3c
ivxfGe4lwjBu3EgDGWVopimaHnIWG2cHeYCiQ4VDGHJcrwajZzG9RwFQnReCaRbQ
M5VbM89iWx7+FuqasOHDUoQ8zTL18z5crjzGDv1lt94ksoQfEYWYuzn2Qh4DnpFV
nvZYmU5XK29SFA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:51:28 2026 by rpki-client