Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/3c7c7c-4326-4184-8356-01182f840789/1/pRA1bcClIYlc5h-FSV4G2vehKzs.mft
File: pRA1bcClIYlc5h-FSV4G2vehKzs.mft (raw, json)
Hash identifier: IY8SVQ+OeX2ndB11C5VgQZaUNU9BfE2doEUCQVsjfeE=
Subject key identifier: A7:8E:F8:ED:86:29:54:92:4D:A8:45:96:9B:47:E7:9F:D4:4E:49:68
Authority key identifier: A5:10:35:6D:C0:A5:21:89:5C:E6:1F:85:49:5E:06:DA:F7:A1:2B:3B
Certificate issuer: /CN=a510356dc0a521895ce61f85495e06daf7a12b3b
Certificate serial: 019D38D3A0946C89FDCA485E5A02C628C22C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pRA1bcClIYlc5h-FSV4G2vehKzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/3c7c7c-4326-4184-8356-01182f840789/1/pRA1bcClIYlc5h-FSV4G2vehKzs.mft
Manifest number: 1892
Signing time: Sun 29 Mar 2026 09:01:26 +0000
Manifest this update: Sun 29 Mar 2026 09:01:26 +0000
Manifest next update: Mon 30 Mar 2026 09:01:26 +0000
Files and hashes: 1: A9Bi8Cx9s5eBAL60l2qMt4h9sE0.roa (hash: AC4LzrIhV3YAzRN5mHN75qp4tUeiM+KW6TE9bEVKoxI=)
2: pRA1bcClIYlc5h-FSV4G2vehKzs.crl (hash: OG2b/53dc1qmzfVjGb0XTbe1sLWrQgMrXbXWBP8/u6o=)
3: vdQ8Xor9Vehtiv0Bg_9ca6wd1w8.roa (hash: s2e/NrFq+wqQKph1EQxPVpjpr6FbDPVVUYvD7GykSEw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/3c7c7c-4326-4184-8356-01182f840789/1/pRA1bcClIYlc5h-FSV4G2vehKzs.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/3c7c7c-4326-4184-8356-01182f840789/1/pRA1bcClIYlc5h-FSV4G2vehKzs.mft
rsync://rpki.ripe.net/repository/DEFAULT/pRA1bcClIYlc5h-FSV4G2vehKzs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:a0:94:6c:89:fd:ca:48:5e:5a:02:c6:28:c2:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a510356dc0a521895ce61f85495e06daf7a12b3b
Validity
Not Before: Mar 29 09:01:26 2026 GMT
Not After : Mar 30 09:01:26 2026 GMT
Subject: CN=a78ef8ed862954924da845969b47e79fd44e4968
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:fa:23:1f:6f:bb:dc:6c:f4:4d:ce:94:94:fd:
79:cb:2f:19:69:18:40:c6:70:cd:e3:4b:6b:5c:7a:
c8:70:07:70:fc:ac:e2:cf:17:bb:fb:14:84:a8:2b:
d2:de:c2:39:b3:5a:4e:e0:95:4a:cb:24:36:d2:65:
7a:a3:1d:3c:1d:f5:1e:b7:59:26:65:a9:fc:de:65:
1c:4f:e9:25:1b:c7:08:27:06:78:7c:32:10:20:e6:
a5:74:b0:74:6d:85:57:f6:a3:65:5d:61:6d:e9:6d:
d9:45:da:fb:0e:41:90:07:ef:4d:a2:af:b2:3e:d0:
50:09:a4:1b:c8:c8:a4:19:c3:5c:fc:16:80:ac:da:
0a:6d:58:62:11:24:46:f8:6d:83:fd:17:45:a8:3a:
aa:88:4c:87:ac:03:71:dc:6a:96:bc:70:bb:fe:de:
7f:d8:d7:1e:96:c8:80:9f:2e:3e:cc:f1:f2:57:30:
65:bd:f2:2a:65:f7:4d:a0:60:18:52:3b:55:7e:d4:
81:6e:9d:4c:13:d6:c7:77:e7:26:0a:f2:2d:db:33:
94:6d:6e:6a:16:b7:d0:ed:f1:f3:80:28:e3:c0:dc:
b4:bd:83:49:05:60:d5:9c:7f:97:8b:22:c9:5e:f3:
f2:d9:e7:53:38:fa:f5:45:61:81:5e:13:4c:01:1f:
ac:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:8E:F8:ED:86:29:54:92:4D:A8:45:96:9B:47:E7:9F:D4:4E:49:68
X509v3 Authority Key Identifier:
keyid:A5:10:35:6D:C0:A5:21:89:5C:E6:1F:85:49:5E:06:DA:F7:A1:2B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pRA1bcClIYlc5h-FSV4G2vehKzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/3c7c7c-4326-4184-8356-01182f840789/1/pRA1bcClIYlc5h-FSV4G2vehKzs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/3c7c7c-4326-4184-8356-01182f840789/1/pRA1bcClIYlc5h-FSV4G2vehKzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
58:57:20:2f:7f:b8:75:1d:63:e6:ea:c8:23:4d:58:c4:4c:b2:
e0:cb:ce:52:79:69:c2:d6:8a:6e:f0:0e:7f:15:ac:54:32:a7:
94:11:65:2b:81:83:10:db:97:30:a1:97:06:de:47:d7:c8:7e:
16:95:e5:a5:8a:47:94:4e:92:45:47:a5:29:8e:31:5a:70:fe:
68:36:4d:3b:fb:e5:49:c6:15:a8:a5:8f:2c:c8:83:21:91:c3:
d8:6b:cc:69:20:0c:93:f3:a9:91:09:95:33:5f:63:84:2b:ec:
f1:cd:a1:31:91:47:8e:21:43:e8:ab:6b:cf:50:9f:dd:76:b6:
3d:c5:cd:c4:b2:a4:83:b5:65:3c:f8:2e:09:55:0f:1c:f0:52:
e0:63:94:52:21:9c:a5:30:87:03:91:04:25:06:ea:a5:67:04:
1f:b6:a6:88:7b:2b:85:b9:d9:9c:df:b9:73:c9:d8:58:ff:6d:
ff:d6:d9:39:51:b5:d4:35:5b:1f:11:a2:91:ff:83:35:6f:e6:
42:65:d2:e3:9d:ec:2f:3c:3a:f4:e1:ca:1a:3a:e5:34:1d:8c:
17:2b:e3:b3:7c:6b:91:19:eb:bd:c6:53:20:c7:0c:61:e5:72:
bc:59:38:10:e0:6b:e5:90:ef:21:22:15:16:3a:b3:1a:1d:fa:
c9:ae:8c:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0406CUbIn9ykheWgLGKMIsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MTAzNTZkYzBhNTIxODk1Y2U2MWY4NTQ5NWUwNmRhZjdh
MTJiM2IwHhcNMjYwMzI5MDkwMTI2WhcNMjYwMzMwMDkwMTI2WjAzMTEwLwYDVQQD
EyhhNzhlZjhlZDg2Mjk1NDkyNGRhODQ1OTY5YjQ3ZTc5ZmQ0NGU0OTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPojH2+73Gz0Tc6UlP15yy8ZaRhA
xnDN40trXHrIcAdw/Kzizxe7+xSEqCvS3sI5s1pO4JVKyyQ20mV6ox08HfUet1km
Zan83mUcT+klG8cIJwZ4fDIQIOaldLB0bYVX9qNlXWFt6W3ZRdr7DkGQB+9Noq+y
PtBQCaQbyMikGcNc/BaArNoKbVhiESRG+G2D/RdFqDqqiEyHrANx3GqWvHC7/t5/
2NcelsiAny4+zPHyVzBlvfIqZfdNoGAYUjtVftSBbp1ME9bHd+cmCvIt2zOUbW5q
FrfQ7fHzgCjjwNy0vYNJBWDVnH+XiyLJXvPy2edTOPr1RWGBXhNMAR+s1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKeO+O2GKVSSTahFlptH55/UTkloMB8GA1UdIwQY
MBaAFKUQNW3ApSGJXOYfhUleBtr3oSs7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFJBMWJjQ2xJWWxjNWgtRlNWNEcydmVoS3pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8zYzdjN2MtNDMyNi00MTg0LTgzNTYt
MDExODJmODQwNzg5LzEvcFJBMWJjQ2xJWWxjNWgtRlNWNEcydmVoS3pzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8zYzdjN2MtNDMyNi00MTg0LTgzNTYtMDExODJmODQwNzg5
LzEvcFJBMWJjQ2xJWWxjNWgtRlNWNEcydmVoS3pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWFcgL3+4
dR1j5urII01YxEyy4MvOUnlpwtaKbvAOfxWsVDKnlBFlK4GDENuXMKGXBt5H18h+
FpXlpYpHlE6SRUelKY4xWnD+aDZNO/vlScYVqKWPLMiDIZHD2GvMaSAMk/OpkQmV
M19jhCvs8c2hMZFHjiFD6Ktrz1Cf3Xa2PcXNxLKkg7VlPPguCVUPHPBS4GOUUiGc
pTCHA5EEJQbqpWcEH7amiHsrhbnZnN+5c8nYWP9t/9bZOVG11DVbHxGikf+DNW/m
QmXS453sLzw69OHKGjrlNB2MFyvjs3xrkRnrvcZTIMcMYeVyvFk4EOBr5ZDvISIV
FjqzGh36ya6MmA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:47:38 2026 by rpki-client