Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
File: a0P3ovQ2ixel4DXOS9km-KFC1os.mft (raw, json)
Hash identifier: 5LmfraoY8dew/t6rwXKbm7iVX8NP1gU9fx25nsv32fQ=
Subject key identifier: E7:75:0A:36:DA:35:F2:82:FE:9F:44:1F:55:12:6E:F3:A3:A4:6F:A2
Authority key identifier: 6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B
Certificate issuer: /CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b
Certificate serial: 019CAB3451CD90AD4E554589C5DD0612386E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
Manifest number: 1845
Signing time: Sun 01 Mar 2026 21:00:58 +0000
Manifest this update: Sun 01 Mar 2026 21:00:58 +0000
Manifest next update: Mon 02 Mar 2026 21:00:58 +0000
Files and hashes: 1: MuWBM4y_8sU7g6FEyEJdZpch7MA.roa (hash: polciHBhuEIudcpVsohkilsNPMnWK3IMSBDrJXYyToE=)
2: a0P3ovQ2ixel4DXOS9km-KFC1os.crl (hash: FjDlWB/1j9SRdjARDx5bOEYq+iRXf7PFyfRoCS09UdU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:34:51:cd:90:ad:4e:55:45:89:c5:dd:06:12:38:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b
Validity
Not Before: Mar 1 21:00:58 2026 GMT
Not After : Mar 2 21:00:58 2026 GMT
Subject: CN=e7750a36da35f282fe9f441f55126ef3a3a46fa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a7:51:5b:97:af:6f:cd:4a:da:6d:56:24:24:
c3:ee:64:9f:9f:e0:91:17:ec:77:9b:d8:69:a0:00:
0b:5e:7d:70:55:31:73:6e:08:cd:68:30:b0:09:c8:
ce:12:82:bb:3f:c8:d5:dc:d9:d6:07:e1:aa:8e:de:
b9:69:76:ca:f2:05:3c:2b:fc:4a:36:63:98:24:25:
47:c7:b4:0a:40:1e:3c:5f:75:98:89:3f:f9:21:2d:
50:b7:49:b5:cb:ae:06:67:38:92:78:03:8a:b7:96:
28:0d:00:ff:54:a1:3c:33:ff:bd:c5:31:4d:69:c6:
c3:5f:a1:e5:2b:68:79:6d:3d:f7:37:17:ed:6d:09:
ad:48:29:8a:f2:91:52:be:79:19:bf:56:08:38:27:
9a:f6:b2:90:2a:13:26:7a:8f:5d:d2:c0:e9:78:52:
f8:91:00:dc:c6:57:df:0b:32:23:2b:1c:fb:4f:a8:
82:bb:c3:13:a6:f1:a0:eb:d4:59:0f:d2:2f:94:df:
3d:9b:a5:77:30:ad:fa:91:c4:e3:d0:82:96:ec:26:
79:a8:06:18:00:dc:1e:ca:b2:05:6d:b0:05:43:7f:
c7:dd:8b:1f:91:60:2e:78:d8:55:fb:4a:c5:b4:c3:
97:3f:22:98:99:47:b1:4f:ab:6d:6e:90:59:fb:ca:
5b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:75:0A:36:DA:35:F2:82:FE:9F:44:1F:55:12:6E:F3:A3:A4:6F:A2
X509v3 Authority Key Identifier:
keyid:6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a3:fb:8d:39:2f:a0:05:af:b6:0f:7f:42:08:de:35:a6:ba:97:
c4:db:64:2b:3e:b9:77:bc:27:b4:12:88:9e:d7:87:7d:15:00:
b9:e0:2b:af:84:5d:25:18:5e:b9:bc:a5:c5:63:8f:8c:a3:e6:
e1:5b:57:89:f7:5d:bc:b0:9e:b5:47:2b:d5:40:4a:47:35:f1:
d3:ff:c4:ca:a3:b0:62:69:17:c7:86:54:e6:e3:17:24:ff:9e:
2d:80:12:3e:df:90:b8:91:d8:24:9c:68:45:71:5a:2e:82:7d:
1c:40:c1:cb:84:0b:eb:61:0d:1a:76:1c:20:f6:23:24:43:54:
e4:07:0d:ae:75:ef:dc:f8:9e:1f:53:56:f5:32:b8:73:87:7b:
c1:18:1a:59:d6:dc:c1:11:10:72:bd:23:e6:38:cf:90:40:98:
74:40:0a:17:c0:7d:0c:51:5e:94:9a:d7:ba:61:6a:2c:02:7b:
23:56:d9:84:eb:be:a6:32:18:01:f9:9f:cb:9c:3f:dd:5d:d8:
f3:65:7a:19:3c:26:68:39:55:8a:98:d8:fc:d4:de:81:b6:89:
2e:60:b5:02:04:81:5d:dc:2d:2b:f2:c8:4f:4a:20:c2:49:55:
5f:91:aa:67:e8:1a:0a:c0:f2:6a:44:03:9a:2f:c9:0e:bf:42:
d4:9e:22:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrNFHNkK1OVUWJxd0GEjhuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNDNmN2EyZjQzNjhiMTdhNWUwMzVjZTRiZDkyNmY4YTE0
MmQ2OGIwHhcNMjYwMzAxMjEwMDU4WhcNMjYwMzAyMjEwMDU4WjAzMTEwLwYDVQQD
EyhlNzc1MGEzNmRhMzVmMjgyZmU5ZjQ0MWY1NTEyNmVmM2EzYTQ2ZmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqdRW5evb81K2m1WJCTD7mSfn+CR
F+x3m9hpoAALXn1wVTFzbgjNaDCwCcjOEoK7P8jV3NnWB+Gqjt65aXbK8gU8K/xK
NmOYJCVHx7QKQB48X3WYiT/5IS1Qt0m1y64GZziSeAOKt5YoDQD/VKE8M/+9xTFN
acbDX6HlK2h5bT33NxftbQmtSCmK8pFSvnkZv1YIOCea9rKQKhMmeo9d0sDpeFL4
kQDcxlffCzIjKxz7T6iCu8MTpvGg69RZD9IvlN89m6V3MK36kcTj0IKW7CZ5qAYY
ANweyrIFbbAFQ3/H3YsfkWAueNhV+0rFtMOXPyKYmUexT6ttbpBZ+8pbBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOd1CjbaNfKC/p9EH1USbvOjpG+iMB8GA1UdIwQY
MBaAFGtD96L0NosXpeA1zkvZJvihQtaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMt
MzViMDMxMzZkZDAzLzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMtMzViMDMxMzZkZDAz
LzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo/uNOS+g
Ba+2D39CCN41prqXxNtkKz65d7wntBKInteHfRUAueArr4RdJRheubylxWOPjKPm
4VtXifddvLCetUcr1UBKRzXx0//EyqOwYmkXx4ZU5uMXJP+eLYASPt+QuJHYJJxo
RXFaLoJ9HEDBy4QL62ENGnYcIPYjJENU5AcNrnXv3PieH1NW9TK4c4d7wRgaWdbc
wREQcr0j5jjPkECYdEAKF8B9DFFelJrXumFqLAJ7I1bZhOu+pjIYAfmfy5w/3V3Y
82V6GTwmaDlVipjY/NTegbaJLmC1AgSBXdwtK/LIT0ogwklVX5GqZ+gaCsDyakQD
mi/JDr9C1J4iJg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:44:13 2026 by rpki-client