Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/488f90-224e-4634-967f-8f181d3a3e8f/1/jPCwtGoI0ecPy92Hetk5oBMuEmk.mft
File: jPCwtGoI0ecPy92Hetk5oBMuEmk.mft (raw, json)
Hash identifier: OYhAJYDOx3c0E90WQfuF186HlRUnPHcuLqR66Nl/m3Y=
Subject key identifier: 65:FC:B7:5A:BE:B2:81:3D:F3:3D:49:BD:CE:B7:B4:DE:E0:0C:B1:A0
Authority key identifier: 8C:F0:B0:B4:6A:08:D1:E7:0F:CB:DD:87:7A:D9:39:A0:13:2E:12:69
Certificate issuer: /CN=8cf0b0b46a08d1e70fcbdd877ad939a0132e1269
Certificate serial: 019D39AF0CBAE2F13E4565AB32FC58848377
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jPCwtGoI0ecPy92Hetk5oBMuEmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/488f90-224e-4634-967f-8f181d3a3e8f/1/jPCwtGoI0ecPy92Hetk5oBMuEmk.mft
Manifest number: 1433
Signing time: Sun 29 Mar 2026 13:01:06 +0000
Manifest this update: Sun 29 Mar 2026 13:01:06 +0000
Manifest next update: Mon 30 Mar 2026 13:01:06 +0000
Files and hashes: 1: IbKyp9_Uukax1Q8ZI-K3vY0ooZQ.roa (hash: gTefC/kLKJlQRjCqhwo1qEZQvhe2YWlgNO1XB76+Uz8=)
2: jPCwtGoI0ecPy92Hetk5oBMuEmk.crl (hash: 9EAqAwRMqnFxn5sizXbu1iTyMiloS16IobmcFiipzSg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/488f90-224e-4634-967f-8f181d3a3e8f/1/jPCwtGoI0ecPy92Hetk5oBMuEmk.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/488f90-224e-4634-967f-8f181d3a3e8f/1/jPCwtGoI0ecPy92Hetk5oBMuEmk.mft
rsync://rpki.ripe.net/repository/DEFAULT/jPCwtGoI0ecPy92Hetk5oBMuEmk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:af:0c:ba:e2:f1:3e:45:65:ab:32:fc:58:84:83:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8cf0b0b46a08d1e70fcbdd877ad939a0132e1269
Validity
Not Before: Mar 29 13:01:06 2026 GMT
Not After : Mar 30 13:01:06 2026 GMT
Subject: CN=65fcb75abeb2813df33d49bdceb7b4dee00cb1a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ab:16:09:89:89:c8:68:dd:f8:3a:6b:71:5c:
04:1a:fd:f3:94:f0:d9:b0:96:96:a1:0f:de:92:48:
b6:db:30:33:4c:c2:2b:86:0b:eb:a4:e8:8c:e9:66:
81:4e:1f:ee:6b:7b:6b:24:21:c4:e6:5a:9c:63:24:
61:b8:aa:31:d1:a3:64:a6:f3:7d:7a:6e:5c:55:f0:
80:79:44:c7:ac:f8:d1:11:ac:04:c5:38:2c:84:8a:
9d:65:b9:a6:14:59:39:26:a9:99:eb:65:0a:21:8a:
9f:4c:11:0f:6b:aa:95:cf:9a:1f:fb:3d:33:13:dd:
b8:68:f6:75:12:dc:7a:52:6a:b8:83:ed:cd:ab:e3:
e3:81:b8:24:fc:8b:6f:b9:19:d0:38:5d:2d:ec:b8:
4e:19:06:87:5f:3e:ba:30:04:56:13:12:97:2c:53:
2b:c8:59:e2:1f:4f:99:b6:ad:32:f5:e8:ff:a0:dc:
d9:7e:50:03:38:67:1d:4a:de:10:e7:0c:e7:28:4b:
3a:7e:6e:77:a9:b2:4b:89:c5:1b:50:70:cd:69:91:
51:3e:51:0a:72:21:74:b6:cb:03:51:c2:45:0e:e6:
73:7e:f8:98:0d:f8:90:23:85:0f:57:ed:79:42:ae:
34:5d:1b:7f:4f:dd:6f:00:66:18:45:b2:11:52:c3:
3a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:FC:B7:5A:BE:B2:81:3D:F3:3D:49:BD:CE:B7:B4:DE:E0:0C:B1:A0
X509v3 Authority Key Identifier:
keyid:8C:F0:B0:B4:6A:08:D1:E7:0F:CB:DD:87:7A:D9:39:A0:13:2E:12:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jPCwtGoI0ecPy92Hetk5oBMuEmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/488f90-224e-4634-967f-8f181d3a3e8f/1/jPCwtGoI0ecPy92Hetk5oBMuEmk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/488f90-224e-4634-967f-8f181d3a3e8f/1/jPCwtGoI0ecPy92Hetk5oBMuEmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
10:af:fc:05:dd:25:f9:54:1a:59:50:f5:c1:21:c1:f1:0d:8c:
f1:4e:a2:b9:a3:af:b5:10:3c:3e:1b:a0:6a:09:43:bd:b5:30:
37:8f:cb:51:88:9e:ee:d5:6e:2a:5d:7b:3a:f9:c5:b0:3f:0f:
bf:fa:c0:d1:c1:6b:89:f5:95:d9:08:4f:da:22:a8:fc:dc:e0:
df:bd:6d:41:a3:e5:f0:9b:3a:10:ca:6a:cc:ce:c8:1f:3a:d9:
c6:20:84:a4:eb:b8:14:d8:a3:0c:fd:a3:13:49:a6:37:48:29:
dd:74:a0:57:a7:ae:20:fa:bc:e3:54:e6:50:e8:fb:02:cb:99:
8a:a2:65:6e:f6:14:eb:ec:d6:fa:03:95:2e:f2:09:13:f7:8f:
d5:10:a2:01:59:9d:94:d3:4d:bf:59:21:0b:2c:f8:e4:94:f1:
d6:44:f7:9b:39:16:85:be:ed:c6:94:78:cf:7c:84:c1:39:c9:
14:8d:0a:9d:c2:37:68:ed:41:32:e8:3d:e2:20:0d:8d:28:10:
00:28:55:2a:c5:4c:4f:73:6d:3a:6e:16:48:7d:af:3d:1a:b2:
d1:ac:aa:1d:e8:06:e5:6b:d2:cf:2c:2f:d2:cf:9e:32:e4:b1:
24:5c:40:ab:fd:59:dd:8d:86:bd:12:a2:d0:dd:c4:0c:5c:81:
7a:c7:c0:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rwy64vE+RWWrMvxYhIN3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZjBiMGI0NmEwOGQxZTcwZmNiZGQ4NzdhZDkzOWEwMTMy
ZTEyNjkwHhcNMjYwMzI5MTMwMTA2WhcNMjYwMzMwMTMwMTA2WjAzMTEwLwYDVQQD
Eyg2NWZjYjc1YWJlYjI4MTNkZjMzZDQ5YmRjZWI3YjRkZWUwMGNiMWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKsWCYmJyGjd+DprcVwEGv3zlPDZ
sJaWoQ/ekki22zAzTMIrhgvrpOiM6WaBTh/ua3trJCHE5lqcYyRhuKox0aNkpvN9
em5cVfCAeUTHrPjREawExTgshIqdZbmmFFk5JqmZ62UKIYqfTBEPa6qVz5of+z0z
E924aPZ1Etx6Umq4g+3Nq+Pjgbgk/ItvuRnQOF0t7LhOGQaHXz66MARWExKXLFMr
yFniH0+Ztq0y9ej/oNzZflADOGcdSt4Q5wznKEs6fm53qbJLicUbUHDNaZFRPlEK
ciF0tssDUcJFDuZzfviYDfiQI4UPV+15Qq40XRt/T91vAGYYRbIRUsM6hwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGX8t1q+soE98z1Jvc63tN7gDLGgMB8GA1UdIwQY
MBaAFIzwsLRqCNHnD8vdh3rZOaATLhJpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalBDd3RHb0kwZWNQeTkySGV0azVvQk11RW1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy80ODhmOTAtMjI0ZS00NjM0LTk2N2Yt
OGYxODFkM2EzZThmLzEvalBDd3RHb0kwZWNQeTkySGV0azVvQk11RW1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy80ODhmOTAtMjI0ZS00NjM0LTk2N2YtOGYxODFkM2EzZThm
LzEvalBDd3RHb0kwZWNQeTkySGV0azVvQk11RW1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEK/8Bd0l
+VQaWVD1wSHB8Q2M8U6iuaOvtRA8PhugaglDvbUwN4/LUYie7tVuKl17OvnFsD8P
v/rA0cFrifWV2QhP2iKo/Nzg371tQaPl8Js6EMpqzM7IHzrZxiCEpOu4FNijDP2j
E0mmN0gp3XSgV6euIPq841TmUOj7AsuZiqJlbvYU6+zW+gOVLvIJE/eP1RCiAVmd
lNNNv1khCyz45JTx1kT3mzkWhb7txpR4z3yEwTnJFI0KncI3aO1BMug94iANjSgQ
AChVKsVMT3NtOm4WSH2vPRqy0ayqHegG5WvSzywv0s+eMuSxJFxAq/1Z3Y2GvRKi
0N3EDFyBesfAGQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:43:50 2026 by rpki-client