Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/o2n7GRvuUc3HQUppYxl_hrvzE6s.mft
File: o2n7GRvuUc3HQUppYxl_hrvzE6s.mft (raw, json)
Hash identifier: AeoH7xc1Zzye7dWc7K0YDMr/rAXRRvbPi48DI29y6ck=
Subject key identifier: B3:AC:76:E3:67:31:DF:94:23:01:1F:25:BB:44:88:87:6A:CC:0A:AE
Authority key identifier: A3:69:FB:19:1B:EE:51:CD:C7:41:4A:69:63:19:7F:86:BB:F3:13:AB
Certificate issuer: /CN=a369fb191bee51cdc7414a6963197f86bbf313ab
Certificate serial: 019CAA8F76FB0029514658EFB4544B9FAA50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o2n7GRvuUc3HQUppYxl_hrvzE6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/o2n7GRvuUc3HQUppYxl_hrvzE6s.mft
Manifest number: 12A7
Signing time: Sun 01 Mar 2026 18:00:54 +0000
Manifest this update: Sun 01 Mar 2026 18:00:54 +0000
Manifest next update: Mon 02 Mar 2026 18:00:54 +0000
Files and hashes: 1: o2n7GRvuUc3HQUppYxl_hrvzE6s.crl (hash: 8r9ENFGFapMFCKOapHn7U7zXfgTsELJsug5xsrw6Nhw=)
2: u-PjOq1WjK6PsqFBvXy59id7R_I.roa (hash: Pz8fOepb3H13pqdKO3L1FSkff2yUOqZGUk6QeB6m10U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/o2n7GRvuUc3HQUppYxl_hrvzE6s.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/o2n7GRvuUc3HQUppYxl_hrvzE6s.mft
rsync://rpki.ripe.net/repository/DEFAULT/o2n7GRvuUc3HQUppYxl_hrvzE6s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:8f:76:fb:00:29:51:46:58:ef:b4:54:4b:9f:aa:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a369fb191bee51cdc7414a6963197f86bbf313ab
Validity
Not Before: Mar 1 18:00:54 2026 GMT
Not After : Mar 2 18:00:54 2026 GMT
Subject: CN=b3ac76e36731df9423011f25bb4488876acc0aae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:05:22:e8:45:49:52:db:fa:bf:7b:69:a5:2e:
76:58:a3:37:db:4a:23:be:55:11:f8:3a:d4:10:09:
7a:5a:8d:4c:d5:68:38:ea:40:6d:8f:fe:00:bb:51:
1c:f1:68:b5:68:dc:a6:54:20:6f:de:65:35:75:88:
80:d3:e4:72:9d:6a:c4:cb:19:aa:c2:a4:48:ac:f2:
df:49:e6:55:51:98:22:eb:3e:b5:a3:2a:67:77:c1:
2f:39:c1:17:65:12:83:31:ba:d3:4a:fc:80:e0:96:
ff:4e:1d:6a:d5:7f:78:4a:3d:79:68:86:02:de:6c:
f5:15:ee:d7:8b:1f:90:c2:56:ec:98:05:80:8b:73:
7e:4f:ad:11:3f:68:10:0d:c2:5c:94:e1:df:50:bb:
74:76:1b:5a:3e:42:5c:fa:d0:5e:74:9e:53:7f:5f:
88:9c:b5:74:16:e9:a9:33:54:9c:ab:6e:e9:28:3e:
1d:d7:33:2e:09:03:e0:9c:f6:6b:8e:3b:ad:05:4c:
2f:ee:5b:e5:46:07:aa:89:83:e7:8c:b4:1f:ef:f4:
ec:1d:19:a0:23:89:29:c4:e7:b9:57:5f:45:8e:47:
00:f9:77:ce:86:e6:fd:61:ed:e2:8b:43:39:f0:e4:
c3:5f:2a:2d:a4:3f:e4:79:e3:9e:18:17:fa:3b:ea:
39:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:AC:76:E3:67:31:DF:94:23:01:1F:25:BB:44:88:87:6A:CC:0A:AE
X509v3 Authority Key Identifier:
keyid:A3:69:FB:19:1B:EE:51:CD:C7:41:4A:69:63:19:7F:86:BB:F3:13:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2n7GRvuUc3HQUppYxl_hrvzE6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/o2n7GRvuUc3HQUppYxl_hrvzE6s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/o2n7GRvuUc3HQUppYxl_hrvzE6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:84:de:c8:9e:41:07:eb:8a:78:e2:5d:c0:61:56:8e:4c:00:
ae:bb:12:f2:57:88:19:dc:8f:46:8b:5e:e2:7e:fd:d4:4b:49:
cd:af:f6:78:a2:31:82:aa:58:8f:95:4f:d0:11:79:09:fe:5f:
1a:bd:15:9d:de:eb:52:7a:68:17:b6:ed:25:6b:41:9d:3b:91:
ad:ad:00:d4:cb:15:f7:a0:31:75:60:f4:20:0c:7b:89:d1:fc:
01:6e:ff:a8:2e:ae:ef:ea:a7:b8:3b:1a:28:00:b6:08:90:4a:
73:a8:d5:bb:ec:d6:9d:ae:cc:45:a2:78:c0:2a:67:2d:ba:8a:
32:8e:00:b7:a5:18:7a:a9:c3:8f:6a:6e:f7:0e:c0:19:6e:71:
66:a6:a6:09:76:aa:d3:e3:7c:10:fb:ae:5c:57:52:41:9d:f3:
53:53:87:7a:28:02:8c:b1:52:52:38:fa:71:cb:7e:bb:00:31:
99:c0:5d:4c:06:8a:89:37:a3:02:97:25:65:e9:f3:92:71:9e:
0a:86:61:76:c8:f8:20:63:c2:7b:8e:02:b0:ba:c4:5c:44:7a:
33:73:7c:16:b9:be:94:31:5f:13:47:64:10:48:2d:e3:64:b4:
7f:02:ab:db:76:b4:6f:9f:ca:c0:14:f4:f0:90:a9:ed:3c:87:
fa:95:c8:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqj3b7AClRRljvtFRLn6pQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNjlmYjE5MWJlZTUxY2RjNzQxNGE2OTYzMTk3Zjg2YmJm
MzEzYWIwHhcNMjYwMzAxMTgwMDU0WhcNMjYwMzAyMTgwMDU0WjAzMTEwLwYDVQQD
EyhiM2FjNzZlMzY3MzFkZjk0MjMwMTFmMjViYjQ0ODg4NzZhY2MwYWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgUi6EVJUtv6v3tppS52WKM320oj
vlUR+DrUEAl6Wo1M1Wg46kBtj/4Au1Ec8Wi1aNymVCBv3mU1dYiA0+RynWrEyxmq
wqRIrPLfSeZVUZgi6z61oypnd8EvOcEXZRKDMbrTSvyA4Jb/Th1q1X94Sj15aIYC
3mz1Fe7Xix+QwlbsmAWAi3N+T60RP2gQDcJclOHfULt0dhtaPkJc+tBedJ5Tf1+I
nLV0FumpM1Scq27pKD4d1zMuCQPgnPZrjjutBUwv7lvlRgeqiYPnjLQf7/TsHRmg
I4kpxOe5V19FjkcA+XfOhub9Ye3ii0M58OTDXyotpD/keeOeGBf6O+o5HwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLOsduNnMd+UIwEfJbtEiIdqzAquMB8GA1UdIwQY
MBaAFKNp+xkb7lHNx0FKaWMZf4a78xOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzJuN0dSdnVVYzNIUVVwcFl4bF9ocnZ6RTZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8yMGRhNjAtYzcxOS00YmUxLThlNGYt
ZTE4MDUyZjM4MWJiLzEvbzJuN0dSdnVVYzNIUVVwcFl4bF9ocnZ6RTZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8yMGRhNjAtYzcxOS00YmUxLThlNGYtZTE4MDUyZjM4MWJi
LzEvbzJuN0dSdnVVYzNIUVVwcFl4bF9ocnZ6RTZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG4TeyJ5B
B+uKeOJdwGFWjkwArrsS8leIGdyPRote4n791EtJza/2eKIxgqpYj5VP0BF5Cf5f
Gr0Vnd7rUnpoF7btJWtBnTuRra0A1MsV96AxdWD0IAx7idH8AW7/qC6u7+qnuDsa
KAC2CJBKc6jVu+zWna7MRaJ4wCpnLbqKMo4At6UYeqnDj2pu9w7AGW5xZqamCXaq
0+N8EPuuXFdSQZ3zU1OHeigCjLFSUjj6cct+uwAxmcBdTAaKiTejApclZenzknGe
CoZhdsj4IGPCe44CsLrEXER6M3N8Frm+lDFfE0dkEEgt42S0fwKr23a0b5/KwBT0
8JCp7TyH+pXIdg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:58:08 2026 by rpki-client