Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/87b768-1545-494a-84f9-1cf50a536026/1/p5Z9dsLUZyDUz6wEWfo8PSIAUEQ.mft
File: p5Z9dsLUZyDUz6wEWfo8PSIAUEQ.mft (raw, json)
Hash identifier: lDqMb0kwtkQhn4e0MtBQEEgOIPZvj7L5hJ06VInvny4=
Subject key identifier: D1:A0:01:9F:7C:67:11:B2:3C:A4:5D:FD:1D:2A:98:FE:EC:71:7E:73
Authority key identifier: A7:96:7D:76:C2:D4:67:20:D4:CF:AC:04:59:FA:3C:3D:22:00:50:44
Certificate issuer: /CN=a7967d76c2d46720d4cfac0459fa3c3d22005044
Certificate serial: 019D37525F72951A334E27527209437535EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p5Z9dsLUZyDUz6wEWfo8PSIAUEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/87b768-1545-494a-84f9-1cf50a536026/1/p5Z9dsLUZyDUz6wEWfo8PSIAUEQ.mft
Manifest number: 1596
Signing time: Sun 29 Mar 2026 02:00:38 +0000
Manifest this update: Sun 29 Mar 2026 02:00:38 +0000
Manifest next update: Mon 30 Mar 2026 02:00:38 +0000
Files and hashes: 1: OawgqQGPtlwEMOxGkAtl6L82H4Q.roa (hash: K2gpWslD9/HiQy1xYHGfxNVNM4NYrBOnVdVEvGdhuWM=)
2: p5Z9dsLUZyDUz6wEWfo8PSIAUEQ.crl (hash: xUouvO1m+DE9ASdCYSa3BrkOPutrSNxBoj0pbIMJaog=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/87b768-1545-494a-84f9-1cf50a536026/1/p5Z9dsLUZyDUz6wEWfo8PSIAUEQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/87b768-1545-494a-84f9-1cf50a536026/1/p5Z9dsLUZyDUz6wEWfo8PSIAUEQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/p5Z9dsLUZyDUz6wEWfo8PSIAUEQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 02:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:52:5f:72:95:1a:33:4e:27:52:72:09:43:75:35:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7967d76c2d46720d4cfac0459fa3c3d22005044
Validity
Not Before: Mar 29 02:00:38 2026 GMT
Not After : Mar 30 02:00:38 2026 GMT
Subject: CN=d1a0019f7c6711b23ca45dfd1d2a98feec717e73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:7c:70:55:19:34:f9:9c:36:3f:07:96:4a:a5:
30:d1:14:dd:51:1e:db:78:ac:5e:4f:89:ee:f1:b0:
23:57:24:05:68:f3:c5:59:6b:c5:3e:db:be:fd:93:
f7:36:bc:a3:86:a0:5b:d0:3a:b8:e6:32:3d:d1:9c:
7d:82:33:64:23:79:3a:d2:15:c3:ab:0f:4e:bf:4d:
d3:fd:2d:09:0a:1f:89:9c:5d:06:4d:45:2d:8b:36:
99:7c:3d:d5:16:3c:0d:d4:26:fd:d6:d6:e0:34:03:
b0:e5:6e:bc:0b:55:00:ec:dc:3e:b1:d3:e0:80:c5:
d6:8d:23:f6:77:46:0d:fe:a7:1a:b3:44:5a:6e:27:
66:26:fc:c9:d8:73:c8:31:15:e0:4b:b6:88:58:6c:
0c:3f:9e:c5:c1:18:ac:12:e4:b4:8b:b1:09:c6:aa:
5e:8f:da:38:91:6f:0a:5e:fd:d3:91:3d:99:10:0e:
b2:4b:e6:47:fe:a6:b7:f7:c1:e7:fe:a7:0d:2c:ee:
42:b9:a1:0d:21:53:57:a2:33:18:1b:ca:20:a1:ec:
e0:da:64:8b:04:39:3a:e7:e6:9e:25:dc:01:22:08:
0f:00:4b:5c:a6:36:bb:ff:2a:b2:6f:5f:2f:11:75:
09:a2:9a:43:e9:b9:71:c4:9d:1a:d1:75:a9:c9:bb:
10:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:A0:01:9F:7C:67:11:B2:3C:A4:5D:FD:1D:2A:98:FE:EC:71:7E:73
X509v3 Authority Key Identifier:
keyid:A7:96:7D:76:C2:D4:67:20:D4:CF:AC:04:59:FA:3C:3D:22:00:50:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p5Z9dsLUZyDUz6wEWfo8PSIAUEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/87b768-1545-494a-84f9-1cf50a536026/1/p5Z9dsLUZyDUz6wEWfo8PSIAUEQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/87b768-1545-494a-84f9-1cf50a536026/1/p5Z9dsLUZyDUz6wEWfo8PSIAUEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
72:76:93:8d:8a:9c:f5:99:b1:78:69:bd:66:8c:67:8a:7a:4d:
15:67:8c:90:e4:a6:fa:e2:51:a7:73:6a:54:91:d6:6f:c4:f8:
57:f2:e7:4b:0d:3a:a4:e4:ec:7a:0a:68:2d:ec:2c:ef:26:5a:
c2:62:d1:ce:52:0f:c9:b6:e7:70:46:a9:f8:4e:4b:05:fe:0b:
a6:80:54:34:70:ff:23:21:77:62:31:54:c4:cf:27:a8:a0:ee:
f0:56:0f:2a:31:ea:9e:98:58:a9:40:25:25:9a:d5:2b:f2:bc:
95:73:10:15:9e:59:0d:21:b5:15:13:58:57:07:e6:d8:2a:4c:
e2:e8:80:ba:5b:73:4d:66:eb:93:43:15:5f:e7:f7:90:7b:85:
03:9e:ad:de:f0:fd:0e:df:7e:6b:66:94:dd:58:f5:bc:1d:2a:
6e:de:8f:1a:19:4f:28:95:92:c5:db:df:be:74:97:9f:57:8a:
fe:4c:13:ba:9e:9c:5b:80:dc:10:72:ca:1d:f6:3d:7e:b4:46:
9f:94:b9:fa:b3:f6:71:4f:0c:bb:8b:d1:3d:b0:3b:d7:48:ff:
8c:01:e3:18:32:7a:e8:b3:5c:98:85:12:93:45:83:13:52:85:
27:21:68:e1:a5:de:cb:75:b1:b5:bd:2b:48:26:85:55:76:34:
f8:9b:b0:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03Ul9ylRozTidScglDdTXrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3OTY3ZDc2YzJkNDY3MjBkNGNmYWMwNDU5ZmEzYzNkMjIw
MDUwNDQwHhcNMjYwMzI5MDIwMDM4WhcNMjYwMzMwMDIwMDM4WjAzMTEwLwYDVQQD
EyhkMWEwMDE5ZjdjNjcxMWIyM2NhNDVkZmQxZDJhOThmZWVjNzE3ZTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHxwVRk0+Zw2PweWSqUw0RTdUR7b
eKxeT4nu8bAjVyQFaPPFWWvFPtu+/ZP3NryjhqBb0Dq45jI90Zx9gjNkI3k60hXD
qw9Ov03T/S0JCh+JnF0GTUUtizaZfD3VFjwN1Cb91tbgNAOw5W68C1UA7Nw+sdPg
gMXWjSP2d0YN/qcas0RabidmJvzJ2HPIMRXgS7aIWGwMP57FwRisEuS0i7EJxqpe
j9o4kW8KXv3TkT2ZEA6yS+ZH/qa398Hn/qcNLO5CuaENIVNXojMYG8ogoezg2mSL
BDk65+aeJdwBIggPAEtcpja7/yqyb18vEXUJoppD6blxxJ0a0XWpybsQLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNGgAZ98ZxGyPKRd/R0qmP7scX5zMB8GA1UdIwQY
MBaAFKeWfXbC1Gcg1M+sBFn6PD0iAFBEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDVaOWRzTFVaeURVejZ3RVdmbzhQU0lBVUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS84N2I3NjgtMTU0NS00OTRhLTg0Zjkt
MWNmNTBhNTM2MDI2LzEvcDVaOWRzTFVaeURVejZ3RVdmbzhQU0lBVUVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS84N2I3NjgtMTU0NS00OTRhLTg0ZjktMWNmNTBhNTM2MDI2
LzEvcDVaOWRzTFVaeURVejZ3RVdmbzhQU0lBVUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcnaTjYqc
9ZmxeGm9ZoxninpNFWeMkOSm+uJRp3NqVJHWb8T4V/LnSw06pOTsegpoLews7yZa
wmLRzlIPybbncEap+E5LBf4LpoBUNHD/IyF3YjFUxM8nqKDu8FYPKjHqnphYqUAl
JZrVK/K8lXMQFZ5ZDSG1FRNYVwfm2CpM4uiAultzTWbrk0MVX+f3kHuFA56t3vD9
Dt9+a2aU3Vj1vB0qbt6PGhlPKJWSxdvfvnSXn1eK/kwTup6cW4DcEHLKHfY9frRG
n5S5+rP2cU8Mu4vRPbA710j/jAHjGDJ66LNcmIUSk0WDE1KFJyFo4aXey3Wxtb0r
SCaFVXY0+JuwZA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:29:39 2026 by rpki-client