Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/5e3249-bebf-4070-9fcd-1b1fc79d0551/1/diI4ozxVDMXfAkTz_G49vZHkw54.mft
File: diI4ozxVDMXfAkTz_G49vZHkw54.mft (raw, json)
Hash identifier: v9HOGtWWjKmir5+msN+S4HZxGdiTcXSAQN9t8JhKdDk=
Subject key identifier: 95:19:83:F9:CC:05:9D:36:9C:4B:07:EC:2A:E8:7A:EA:D5:24:F2:23
Authority key identifier: 76:22:38:A3:3C:55:0C:C5:DF:02:44:F3:FC:6E:3D:BD:91:E4:C3:9E
Certificate issuer: /CN=762238a33c550cc5df0244f3fc6e3dbd91e4c39e
Certificate serial: 019CAB6BF6918371B550651392574F298C79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/diI4ozxVDMXfAkTz_G49vZHkw54.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/5e3249-bebf-4070-9fcd-1b1fc79d0551/1/diI4ozxVDMXfAkTz_G49vZHkw54.mft
Manifest number: 0CB1
Signing time: Sun 01 Mar 2026 22:01:45 +0000
Manifest this update: Sun 01 Mar 2026 22:01:45 +0000
Manifest next update: Mon 02 Mar 2026 22:01:45 +0000
Files and hashes: 1: F7EHLevqhIbYmfRWGh8ETrgh3yU.roa (hash: 0+kmPqOA1TrwEUsZC2FJDlWO1mQqSKgrQDKmrU5ENvM=)
2: diI4ozxVDMXfAkTz_G49vZHkw54.crl (hash: rR47lCQ26OM6+hNbMz79SeJMTEY6fxX75eHfaeuqoFg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/5e3249-bebf-4070-9fcd-1b1fc79d0551/1/diI4ozxVDMXfAkTz_G49vZHkw54.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/5e3249-bebf-4070-9fcd-1b1fc79d0551/1/diI4ozxVDMXfAkTz_G49vZHkw54.mft
rsync://rpki.ripe.net/repository/DEFAULT/diI4ozxVDMXfAkTz_G49vZHkw54.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 22:01:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:6b:f6:91:83:71:b5:50:65:13:92:57:4f:29:8c:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=762238a33c550cc5df0244f3fc6e3dbd91e4c39e
Validity
Not Before: Mar 1 22:01:45 2026 GMT
Not After : Mar 2 22:01:45 2026 GMT
Subject: CN=951983f9cc059d369c4b07ec2ae87aead524f223
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c4:bf:37:01:73:59:d4:39:06:c0:4d:e8:9f:
7f:9f:d2:d3:38:8c:a1:8e:db:67:f7:bb:be:73:e4:
f3:17:6f:b0:0c:1c:0a:2f:6a:ef:7b:b1:6d:89:d3:
6f:43:1e:2e:c6:18:e0:3f:fe:16:32:d0:4e:89:99:
da:e0:4e:d3:66:0a:1f:b8:c2:e9:b8:8a:b1:b3:d3:
5a:59:e1:da:9f:cd:29:d8:c4:5b:5d:1a:b8:4b:ea:
56:d8:ae:22:a6:2c:a6:69:06:f0:14:98:ca:0b:97:
36:e0:08:5c:86:65:51:4b:e7:a1:df:57:f8:52:56:
5c:50:8d:e6:68:de:67:bd:a7:9d:26:ca:f4:b5:6b:
b2:00:b2:3d:54:20:02:f6:73:48:63:1a:e4:ba:1f:
41:ca:56:b8:18:11:4c:fd:72:98:96:de:1d:f4:0f:
63:2f:f5:bf:80:00:88:34:06:4f:21:b2:7e:eb:7c:
d4:7d:5c:2f:00:14:ed:a5:f0:67:4f:dc:b1:83:f3:
35:75:91:11:b2:bf:ea:0a:b1:ba:71:e8:67:ae:95:
4e:3a:74:22:b9:6d:99:2a:c5:4d:e7:5f:76:c8:0a:
5d:93:f6:89:52:5c:12:70:17:0d:21:3d:26:1c:26:
19:e2:e6:3d:b1:bc:a9:29:66:4c:57:35:4d:6d:17:
3e:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:19:83:F9:CC:05:9D:36:9C:4B:07:EC:2A:E8:7A:EA:D5:24:F2:23
X509v3 Authority Key Identifier:
keyid:76:22:38:A3:3C:55:0C:C5:DF:02:44:F3:FC:6E:3D:BD:91:E4:C3:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/diI4ozxVDMXfAkTz_G49vZHkw54.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/5e3249-bebf-4070-9fcd-1b1fc79d0551/1/diI4ozxVDMXfAkTz_G49vZHkw54.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/5e3249-bebf-4070-9fcd-1b1fc79d0551/1/diI4ozxVDMXfAkTz_G49vZHkw54.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
18:e7:68:85:65:05:24:25:ae:0e:27:16:51:e1:74:70:8b:e0:
5c:de:7c:9b:b0:89:7d:4f:d9:5a:6e:01:74:83:b0:36:5c:be:
1f:33:e0:e7:e8:37:a0:97:d3:80:4a:40:54:63:9e:78:e3:52:
78:81:5c:8a:d5:0b:b2:a6:a5:eb:ca:14:26:61:33:68:16:ac:
00:4b:ba:06:c6:4f:5f:7b:76:89:eb:bd:c6:fb:b0:15:17:e9:
e0:f2:f6:9c:12:6c:a6:4a:76:ff:fc:73:cc:73:d7:18:57:1c:
32:95:4e:19:be:89:b1:8f:89:0d:f6:c2:79:e9:7b:79:bd:b3:
b6:b3:5f:8c:14:bc:5f:00:30:7f:d2:04:fb:37:18:3e:2b:5b:
4c:5c:4d:04:3e:7e:f6:81:e7:2a:d9:0c:b7:2a:4e:d9:41:5d:
36:0d:59:55:e2:56:d0:44:44:fe:1c:39:0f:8e:1b:68:01:cf:
07:c4:0e:10:a2:68:8b:52:71:8a:64:e0:0c:5f:4f:a3:bb:2d:
86:8f:dd:d1:44:6f:35:46:06:1d:0a:b3:cb:ed:54:5c:35:33:
48:0e:52:8c:d8:86:2a:81:cb:53:b8:81:a7:a0:a4:a4:2f:9f:
58:b9:c7:02:af:cf:fe:a0:2b:e4:20:85:29:58:a4:50:7e:33:
85:2b:36:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra/aRg3G1UGUTkldPKYx5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2MjIzOGEzM2M1NTBjYzVkZjAyNDRmM2ZjNmUzZGJkOTFl
NGMzOWUwHhcNMjYwMzAxMjIwMTQ1WhcNMjYwMzAyMjIwMTQ1WjAzMTEwLwYDVQQD
Eyg5NTE5ODNmOWNjMDU5ZDM2OWM0YjA3ZWMyYWU4N2FlYWQ1MjRmMjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsS/NwFzWdQ5BsBN6J9/n9LTOIyh
jttn97u+c+TzF2+wDBwKL2rve7FtidNvQx4uxhjgP/4WMtBOiZna4E7TZgofuMLp
uIqxs9NaWeHan80p2MRbXRq4S+pW2K4ipiymaQbwFJjKC5c24AhchmVRS+eh31f4
UlZcUI3maN5nvaedJsr0tWuyALI9VCAC9nNIYxrkuh9Byla4GBFM/XKYlt4d9A9j
L/W/gACINAZPIbJ+63zUfVwvABTtpfBnT9yxg/M1dZERsr/qCrG6cehnrpVOOnQi
uW2ZKsVN5192yApdk/aJUlwScBcNIT0mHCYZ4uY9sbypKWZMVzVNbRc+2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJUZg/nMBZ02nEsH7CroeurVJPIjMB8GA1UdIwQY
MBaAFHYiOKM8VQzF3wJE8/xuPb2R5MOeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGlJNG96eFZETVhmQWtUel9HNDl2WkhrdzU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS81ZTMyNDktYmViZi00MDcwLTlmY2Qt
MWIxZmM3OWQwNTUxLzEvZGlJNG96eFZETVhmQWtUel9HNDl2WkhrdzU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS81ZTMyNDktYmViZi00MDcwLTlmY2QtMWIxZmM3OWQwNTUx
LzEvZGlJNG96eFZETVhmQWtUel9HNDl2WkhrdzU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGOdohWUF
JCWuDicWUeF0cIvgXN58m7CJfU/ZWm4BdIOwNly+HzPg5+g3oJfTgEpAVGOeeONS
eIFcitULsqal68oUJmEzaBasAEu6BsZPX3t2ieu9xvuwFRfp4PL2nBJspkp2//xz
zHPXGFccMpVOGb6JsY+JDfbCeel7eb2ztrNfjBS8XwAwf9IE+zcYPitbTFxNBD5+
9oHnKtkMtypO2UFdNg1ZVeJW0ERE/hw5D44baAHPB8QOEKJoi1JximTgDF9Po7st
ho/d0URvNUYGHQqzy+1UXDUzSA5SjNiGKoHLU7iBp6CkpC+fWLnHAq/P/qAr5CCF
KVikUH4zhSs25g==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:27:02 2026 by rpki-client