Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft
File: 23DOek5uSrOk6p8IH1kupfbSuao.mft (raw, json)
Hash identifier: Th32SgRt7Y5GTw1dPyxD3L7MWiQHP+k8I1D3r1lUTQs=
Subject key identifier: 43:D3:AB:80:0B:6A:15:29:56:C1:07:E9:72:8A:03:B3:02:14:EA:A2
Authority key identifier: DB:70:CE:7A:4E:6E:4A:B3:A4:EA:9F:08:1F:59:2E:A5:F6:D2:B9:AA
Certificate issuer: /CN=db70ce7a4e6e4ab3a4ea9f081f592ea5f6d2b9aa
Certificate serial: 019CAC47506441F01D267453F103529BD283
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft
Manifest number: 088A
Signing time: Mon 02 Mar 2026 02:01:20 +0000
Manifest this update: Mon 02 Mar 2026 02:01:20 +0000
Manifest next update: Tue 03 Mar 2026 02:01:20 +0000
Files and hashes: 1: 23DOek5uSrOk6p8IH1kupfbSuao.crl (hash: VSwFtkeHLX4WhbV9aMXpMks3llt7K9k88AQ0JUhY6Yk=)
2: hhh3z06Bpe2m47ehC44Gk6XsxWY.roa (hash: D+hS8HY9ljD+1P/aopr0G/yuhchBVZY0zZMSPMrBOWg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft
rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:47:50:64:41:f0:1d:26:74:53:f1:03:52:9b:d2:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db70ce7a4e6e4ab3a4ea9f081f592ea5f6d2b9aa
Validity
Not Before: Mar 2 02:01:20 2026 GMT
Not After : Mar 3 02:01:20 2026 GMT
Subject: CN=43d3ab800b6a152956c107e9728a03b30214eaa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:77:dc:b2:de:d1:3f:10:e4:35:45:3d:71:45:
b8:3a:8a:f9:3d:ed:8a:d8:99:b6:ba:17:55:4c:47:
48:70:25:86:42:ad:4d:8e:dd:6c:57:37:c9:41:ac:
48:20:ce:75:9d:45:6b:72:8c:32:07:a8:d2:f2:4e:
54:df:2a:37:2d:ae:fb:e4:88:3b:18:68:da:b7:dc:
ca:96:68:17:36:42:c7:92:f6:00:45:d7:0d:ac:a4:
06:e0:c9:db:2e:93:13:6d:74:6d:9d:c2:3d:a2:c2:
46:9b:cf:5e:65:98:81:43:38:b7:d7:c8:cc:51:33:
c1:96:2a:12:bc:18:d5:bb:21:13:c8:b6:c6:1d:5a:
35:ce:70:d7:bf:0a:86:68:e0:b3:1f:81:fd:f3:b6:
b3:06:0f:c5:4c:5a:60:13:e2:64:63:df:e2:60:18:
da:d5:96:63:b1:a6:54:1b:60:43:38:f8:59:26:45:
1e:c4:45:eb:1d:c5:ea:b1:28:ee:0e:9c:00:9b:12:
fa:42:cb:ef:c6:6b:5b:be:53:91:8c:52:cb:3f:77:
b1:c2:8e:78:86:7a:db:de:44:53:77:54:cc:3b:74:
9b:02:ee:c5:8c:5d:ac:64:af:ce:bb:cb:ab:a0:39:
16:3e:df:c4:a5:35:97:9e:14:3a:ba:89:21:4d:9b:
80:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:D3:AB:80:0B:6A:15:29:56:C1:07:E9:72:8A:03:B3:02:14:EA:A2
X509v3 Authority Key Identifier:
keyid:DB:70:CE:7A:4E:6E:4A:B3:A4:EA:9F:08:1F:59:2E:A5:F6:D2:B9:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3a:6b:96:16:81:e0:cf:cd:ab:e0:17:80:64:0b:51:c8:0d:a0:
de:fa:50:8f:c5:3b:43:8a:2b:0b:e0:3a:b2:20:89:a6:e5:27:
63:0a:85:54:8b:08:ce:6a:90:34:52:3b:d1:97:97:7c:c8:30:
59:ec:f4:b9:aa:16:55:2d:b3:1b:51:f6:76:5b:48:77:83:1c:
a1:ab:04:51:7f:a5:89:bb:d6:c9:af:0d:ef:8c:fa:90:51:6d:
43:e9:24:33:0a:90:a6:cb:94:8c:40:cb:21:e2:3f:e8:da:2c:
b6:1b:b0:19:1e:9d:36:a5:b7:9c:2d:5c:ca:ad:a4:2d:cf:75:
9c:c4:9b:d2:05:be:96:fd:9b:1f:6e:c4:b0:ec:20:93:5c:7b:
da:16:a7:c3:40:8b:22:6b:b7:64:2a:1d:4e:94:dc:b9:0d:45:
db:62:3f:43:27:e4:7d:bf:d7:4b:e5:75:9c:ce:44:9b:d7:4a:
28:4b:93:7d:49:df:a4:37:1e:1b:81:a1:d3:d4:e9:e0:44:76:
be:21:d2:ae:6d:8e:37:36:8d:d9:07:49:82:45:31:64:b1:04:
50:34:01:74:d8:e0:36:0a:4a:c7:16:90:1e:2a:b1:45:5d:15:
82:f9:19:85:55:47:e9:fe:f4:5b:72:fb:47:02:ec:cd:bd:2a:
15:0f:90:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysR1BkQfAdJnRT8QNSm9KDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNzBjZTdhNGU2ZTRhYjNhNGVhOWYwODFmNTkyZWE1ZjZk
MmI5YWEwHhcNMjYwMzAyMDIwMTIwWhcNMjYwMzAzMDIwMTIwWjAzMTEwLwYDVQQD
Eyg0M2QzYWI4MDBiNmExNTI5NTZjMTA3ZTk3MjhhMDNiMzAyMTRlYWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Hfcst7RPxDkNUU9cUW4Oor5Pe2K
2Jm2uhdVTEdIcCWGQq1Njt1sVzfJQaxIIM51nUVrcowyB6jS8k5U3yo3La775Ig7
GGjat9zKlmgXNkLHkvYARdcNrKQG4MnbLpMTbXRtncI9osJGm89eZZiBQzi318jM
UTPBlioSvBjVuyETyLbGHVo1znDXvwqGaOCzH4H987azBg/FTFpgE+JkY9/iYBja
1ZZjsaZUG2BDOPhZJkUexEXrHcXqsSjuDpwAmxL6QsvvxmtbvlORjFLLP3exwo54
hnrb3kRTd1TMO3SbAu7FjF2sZK/Ou8uroDkWPt/EpTWXnhQ6uokhTZuAiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEPTq4ALahUpVsEH6XKKA7MCFOqiMB8GA1UdIwQY
MBaAFNtwznpObkqzpOqfCB9ZLqX20rmqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjNET2VrNXVTck9rNnA4SUgxa3VwZmJTdWFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi85ZGE2MDEtNjM1ZS00ZDA3LTgwOTYt
MmNiMTdiN2JjNjE4LzEvMjNET2VrNXVTck9rNnA4SUgxa3VwZmJTdWFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi85ZGE2MDEtNjM1ZS00ZDA3LTgwOTYtMmNiMTdiN2JjNjE4
LzEvMjNET2VrNXVTck9rNnA4SUgxa3VwZmJTdWFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOmuWFoHg
z82r4BeAZAtRyA2g3vpQj8U7Q4orC+A6siCJpuUnYwqFVIsIzmqQNFI70ZeXfMgw
Wez0uaoWVS2zG1H2dltId4McoasEUX+libvWya8N74z6kFFtQ+kkMwqQpsuUjEDL
IeI/6NosthuwGR6dNqW3nC1cyq2kLc91nMSb0gW+lv2bH27EsOwgk1x72hanw0CL
Imu3ZCodTpTcuQ1F22I/Qyfkfb/XS+V1nM5Em9dKKEuTfUnfpDceG4Gh09Tp4ER2
viHSrm2ONzaN2QdJgkUxZLEEUDQBdNjgNgpKxxaQHiqxRV0VgvkZhVVH6f70W3L7
RwLszb0qFQ+QSg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:41:26 2026 by rpki-client