Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.mft
File: rysOIXo1FoOSIGvac85hlTWgLzU.mft (raw, json)
Hash identifier: o2ytyMbMHmxwIj3JeMoz9lctHwehWixzQLfvOn7ac0g=
Subject key identifier: 3A:4A:85:C3:E0:A0:2F:5E:A7:68:D0:C8:BC:17:0D:1E:2E:B6:47:01
Authority key identifier: AF:2B:0E:21:7A:35:16:83:92:20:6B:DA:73:CE:61:95:35:A0:2F:35
Certificate issuer: /CN=af2b0e217a35168392206bda73ce619535a02f35
Certificate serial: 019CABD9345809CF2B3621DF3CEDADC440A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.mft
Manifest number: 0CEF
Signing time: Mon 02 Mar 2026 00:01:04 +0000
Manifest this update: Mon 02 Mar 2026 00:01:04 +0000
Manifest next update: Tue 03 Mar 2026 00:01:04 +0000
Files and hashes: 1: rysOIXo1FoOSIGvac85hlTWgLzU.crl (hash: pg51TJxxrswMh19wv24CP0TQm7H9/JImO9RJe0HKPPs=)
2: zakSxSI_wYoHQeaPnt8X9AknTHE.roa (hash: DFDQf/fadQ5V13foLZM1hVw4SY7MFQSi7KXroTzcGGo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.mft
rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:d9:34:58:09:cf:2b:36:21:df:3c:ed:ad:c4:40:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af2b0e217a35168392206bda73ce619535a02f35
Validity
Not Before: Mar 2 00:01:04 2026 GMT
Not After : Mar 3 00:01:04 2026 GMT
Subject: CN=3a4a85c3e0a02f5ea768d0c8bc170d1e2eb64701
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b9:1a:ab:84:17:58:4e:08:2a:1d:3b:26:5d:
ce:45:ae:08:48:30:f8:59:d3:34:85:68:46:6f:b1:
f1:e4:0a:20:7c:2c:f4:8d:44:f7:7e:a4:f3:0c:68:
53:7d:58:7b:89:b7:aa:34:9c:b8:fb:f1:6e:53:24:
f4:38:99:f9:4a:40:aa:9e:26:76:72:32:02:6c:1f:
f5:34:78:04:0e:83:78:ea:00:ad:d2:81:91:f6:2e:
1e:5e:7a:4a:25:ff:cf:c1:9e:43:0f:a5:53:ec:55:
40:19:a4:a2:5a:9d:8d:86:0d:b7:92:99:6a:46:c0:
64:43:2c:49:a2:88:71:de:88:ef:70:4e:e3:99:0f:
76:12:be:ed:97:89:46:2b:93:a7:76:f1:d3:6f:91:
1e:1b:d1:9c:d4:bf:13:41:05:35:9c:c3:fe:34:13:
c2:54:49:b2:63:60:96:bd:65:ec:66:74:82:8a:9f:
37:c2:17:9c:ab:83:8d:f9:d7:a9:3b:4d:34:ea:8b:
6f:6f:e6:9d:24:65:b0:29:b3:96:58:aa:38:6e:f5:
b8:88:a4:f5:14:72:c9:3c:3f:29:5c:95:30:3b:a6:
34:b9:70:5a:e4:f3:97:9f:84:1f:09:dc:38:38:3d:
76:12:aa:b8:3b:a6:7e:4d:6d:53:4b:54:a7:36:8a:
67:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:4A:85:C3:E0:A0:2F:5E:A7:68:D0:C8:BC:17:0D:1E:2E:B6:47:01
X509v3 Authority Key Identifier:
keyid:AF:2B:0E:21:7A:35:16:83:92:20:6B:DA:73:CE:61:95:35:A0:2F:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b5:ad:73:2d:b4:da:56:91:51:7f:ed:cd:58:fe:6c:bb:3f:02:
1e:6e:59:1e:e1:1a:8f:fe:3b:80:da:9a:8b:c3:af:ed:83:14:
67:1f:71:0b:75:d4:8c:d8:f6:57:b8:f7:a3:d4:11:fa:a6:9e:
4a:78:6f:10:3b:95:b9:d2:85:01:b0:39:ef:9a:eb:cc:22:26:
cf:a7:fc:02:56:9b:1e:75:b3:b6:91:47:86:6a:77:fd:e2:7f:
55:3f:b9:27:31:82:f5:59:66:13:26:09:67:9c:05:a9:14:62:
8c:ed:e3:96:a4:a9:dc:33:dc:b0:13:40:55:9c:95:91:10:35:
30:c2:e4:30:1b:fc:25:f6:4f:e9:50:49:b4:a3:79:d8:21:2b:
f6:05:76:6e:46:ed:c5:a8:ad:ea:98:17:d7:23:f1:0b:61:30:
90:07:7a:33:55:7a:40:73:dc:3e:ad:5d:03:4e:63:1b:8e:c0:
8b:37:25:e9:7c:27:9d:0b:23:92:b6:b8:04:7c:2d:28:25:6b:
8d:a5:a9:65:77:72:e1:5c:21:4e:53:48:79:0b:25:de:28:f3:
06:6e:7f:b5:0e:4e:da:53:cf:b1:ff:9a:85:04:41:c9:3c:73:
ff:2f:57:29:3e:ab:64:cb:c3:40:6a:9f:39:3b:99:39:43:97:
f8:01:10:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2TRYCc8rNiHfPO2txECnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmIwZTIxN2EzNTE2ODM5MjIwNmJkYTczY2U2MTk1MzVh
MDJmMzUwHhcNMjYwMzAyMDAwMTA0WhcNMjYwMzAzMDAwMTA0WjAzMTEwLwYDVQQD
EygzYTRhODVjM2UwYTAyZjVlYTc2OGQwYzhiYzE3MGQxZTJlYjY0NzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobkaq4QXWE4IKh07Jl3ORa4ISDD4
WdM0hWhGb7Hx5AogfCz0jUT3fqTzDGhTfVh7ibeqNJy4+/FuUyT0OJn5SkCqniZ2
cjICbB/1NHgEDoN46gCt0oGR9i4eXnpKJf/PwZ5DD6VT7FVAGaSiWp2Nhg23kplq
RsBkQyxJoohx3ojvcE7jmQ92Er7tl4lGK5OndvHTb5EeG9Gc1L8TQQU1nMP+NBPC
VEmyY2CWvWXsZnSCip83whecq4ON+depO0006otvb+adJGWwKbOWWKo4bvW4iKT1
FHLJPD8pXJUwO6Y0uXBa5POXn4QfCdw4OD12Eqq4O6Z+TW1TS1SnNopnNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDpKhcPgoC9ep2jQyLwXDR4utkcBMB8GA1UdIwQY
MBaAFK8rDiF6NRaDkiBr2nPOYZU1oC81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9kMjU0MWUtNzU5Ny00ODIwLWJlZDct
ZjBkMTk4MDk4NzRhLzEvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9kMjU0MWUtNzU5Ny00ODIwLWJlZDctZjBkMTk4MDk4NzRh
LzEvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAta1zLbTa
VpFRf+3NWP5suz8CHm5ZHuEaj/47gNqai8Ov7YMUZx9xC3XUjNj2V7j3o9QR+qae
SnhvEDuVudKFAbA575rrzCImz6f8AlabHnWztpFHhmp3/eJ/VT+5JzGC9VlmEyYJ
Z5wFqRRijO3jlqSp3DPcsBNAVZyVkRA1MMLkMBv8JfZP6VBJtKN52CEr9gV2bkbt
xait6pgX1yPxC2EwkAd6M1V6QHPcPq1dA05jG47Aizcl6XwnnQsjkra4BHwtKCVr
jaWpZXdy4VwhTlNIeQsl3ijzBm5/tQ5O2lPPsf+ahQRByTxz/y9XKT6rZMvDQGqf
OTuZOUOX+AEQHw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:01:30 2026 by rpki-client