Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7a8bf2-6cb3-49ae-9e32-8829ee661c64/1/pPhiddwhxh2gzs0Sfpd0zKoysLs.mft
File: pPhiddwhxh2gzs0Sfpd0zKoysLs.mft (raw, json)
Hash identifier: hOyI6VKpbq+lxu7TMlWasIYZQBAkm2yizCmd6f56gho=
Subject key identifier: 97:B2:3A:5D:ED:7A:F7:AE:1C:D1:3B:86:99:CC:1D:F9:2D:8B:6A:7D
Authority key identifier: A4:F8:62:75:DC:21:C6:1D:A0:CE:CD:12:7E:97:74:CC:AA:32:B0:BB
Certificate issuer: /CN=a4f86275dc21c61da0cecd127e9774ccaa32b0bb
Certificate serial: 019D37F70D853B3BBA104E87FD81FD8B58D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pPhiddwhxh2gzs0Sfpd0zKoysLs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7a8bf2-6cb3-49ae-9e32-8829ee661c64/1/pPhiddwhxh2gzs0Sfpd0zKoysLs.mft
Manifest number: 1890
Signing time: Sun 29 Mar 2026 05:00:30 +0000
Manifest this update: Sun 29 Mar 2026 05:00:30 +0000
Manifest next update: Mon 30 Mar 2026 05:00:30 +0000
Files and hashes: 1: SiKhmBqx288_iA8YdORMHjIzhN8.roa (hash: lmaMDWK3PpIdhnJCYtTeNySaUk10VMAD50KNNgmgGiM=)
2: pPhiddwhxh2gzs0Sfpd0zKoysLs.crl (hash: 8HJ/gWRmo5Hz6PCgOFjRDzfU1DzMeVMRv1fllq5aal0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/7a8bf2-6cb3-49ae-9e32-8829ee661c64/1/pPhiddwhxh2gzs0Sfpd0zKoysLs.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/7a8bf2-6cb3-49ae-9e32-8829ee661c64/1/pPhiddwhxh2gzs0Sfpd0zKoysLs.mft
rsync://rpki.ripe.net/repository/DEFAULT/pPhiddwhxh2gzs0Sfpd0zKoysLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 05:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:f7:0d:85:3b:3b:ba:10:4e:87:fd:81:fd:8b:58:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4f86275dc21c61da0cecd127e9774ccaa32b0bb
Validity
Not Before: Mar 29 05:00:30 2026 GMT
Not After : Mar 30 05:00:30 2026 GMT
Subject: CN=97b23a5ded7af7ae1cd13b8699cc1df92d8b6a7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:61:b3:ce:a4:e3:de:99:5b:1f:d4:df:30:f4:
03:c9:9c:b6:f4:78:b2:6f:c8:0f:4e:10:4c:22:0d:
8b:ef:5b:d0:99:a9:3d:39:0e:d6:26:53:33:d6:9e:
cf:54:cf:d6:50:40:5f:b1:8f:17:c7:31:db:27:03:
d2:22:ff:61:58:c1:36:b3:b4:f0:a5:14:68:97:a4:
c9:25:24:b4:2b:0c:c9:90:29:2d:21:9e:2e:db:35:
7d:24:54:65:e7:5d:e8:5b:82:49:77:43:81:2e:78:
d4:ef:54:48:4f:6e:0c:8b:51:4e:43:5c:a0:55:b7:
03:9c:c0:a8:4b:cc:d4:9e:39:95:54:76:80:17:86:
51:f5:aa:fe:41:95:e6:46:f4:f4:51:3a:6f:24:74:
4c:30:f9:c6:af:a1:84:eb:9d:d3:a3:0c:d2:d0:d0:
e4:b6:7e:4a:72:a5:48:09:c4:98:de:56:eb:34:01:
54:a5:0f:40:9b:0e:48:37:ae:6c:1e:62:e0:41:d4:
ef:b8:ab:e6:37:af:50:51:b2:22:07:d2:ad:7a:ce:
08:ee:dc:66:34:66:df:6b:4e:f0:94:ce:16:6b:d7:
9a:b1:8f:c6:d2:c3:bb:4c:5f:de:32:6b:5b:f0:ca:
3e:65:c9:ed:9f:1b:1f:20:60:77:26:53:bc:71:3b:
30:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:B2:3A:5D:ED:7A:F7:AE:1C:D1:3B:86:99:CC:1D:F9:2D:8B:6A:7D
X509v3 Authority Key Identifier:
keyid:A4:F8:62:75:DC:21:C6:1D:A0:CE:CD:12:7E:97:74:CC:AA:32:B0:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pPhiddwhxh2gzs0Sfpd0zKoysLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7a8bf2-6cb3-49ae-9e32-8829ee661c64/1/pPhiddwhxh2gzs0Sfpd0zKoysLs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7a8bf2-6cb3-49ae-9e32-8829ee661c64/1/pPhiddwhxh2gzs0Sfpd0zKoysLs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:5e:bd:86:ab:47:0c:0f:fc:3c:24:4c:fa:18:32:8d:23:f0:
61:9c:65:7f:7e:0b:9c:80:d7:45:0c:74:a4:f0:ad:ff:03:8d:
7d:97:4c:32:86:1e:91:9c:ab:ab:97:4c:c4:25:f9:9f:e2:d5:
28:56:4f:78:62:0d:69:de:b7:0e:db:07:cd:db:a5:24:de:52:
f4:bb:7a:ab:dd:bb:0d:c3:a6:ee:31:5a:fa:8f:27:e7:92:d0:
6f:6d:35:e9:53:a9:62:64:74:08:27:c1:d1:7d:ad:c5:53:51:
34:c4:59:f6:05:8e:d6:81:bb:98:b1:3b:7e:4f:5d:11:21:f3:
f6:00:0e:2e:d3:ca:6b:1e:6d:cf:28:f6:fa:0f:e3:02:50:c8:
90:3a:44:62:e4:ba:17:b2:aa:67:1a:f5:d6:ea:76:e4:4d:cb:
6b:57:91:27:d0:10:bc:11:6b:26:4f:23:12:5e:3b:cc:26:b2:
58:45:51:e2:fe:3b:44:0e:4c:6b:8d:6d:d1:b9:9e:79:26:8d:
6d:43:8d:64:65:d8:f2:de:cf:24:d3:f9:55:9c:5d:97:30:9d:
79:46:e6:f0:82:56:c1:3d:a2:a7:a7:bb:f0:6a:d5:57:8b:5b:
e7:4b:5e:68:79:3b:62:fb:b5:83:33:4b:0f:0d:91:a3:8f:79:
89:de:1e:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ039w2FOzu6EE6H/YH9i1jRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0Zjg2Mjc1ZGMyMWM2MWRhMGNlY2QxMjdlOTc3NGNjYWEz
MmIwYmIwHhcNMjYwMzI5MDUwMDMwWhcNMjYwMzMwMDUwMDMwWjAzMTEwLwYDVQQD
Eyg5N2IyM2E1ZGVkN2FmN2FlMWNkMTNiODY5OWNjMWRmOTJkOGI2YTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGGzzqTj3plbH9TfMPQDyZy29Hiy
b8gPThBMIg2L71vQmak9OQ7WJlMz1p7PVM/WUEBfsY8XxzHbJwPSIv9hWME2s7Tw
pRRol6TJJSS0KwzJkCktIZ4u2zV9JFRl513oW4JJd0OBLnjU71RIT24Mi1FOQ1yg
VbcDnMCoS8zUnjmVVHaAF4ZR9ar+QZXmRvT0UTpvJHRMMPnGr6GE653TowzS0NDk
tn5KcqVICcSY3lbrNAFUpQ9Amw5IN65sHmLgQdTvuKvmN69QUbIiB9Ktes4I7txm
NGbfa07wlM4Wa9easY/G0sO7TF/eMmtb8Mo+ZcntnxsfIGB3JlO8cTswjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJeyOl3teveuHNE7hpnMHfkti2p9MB8GA1UdIwQY
MBaAFKT4YnXcIcYdoM7NEn6XdMyqMrC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFBoaWRkd2h4aDJnenMwU2ZwZDB6S295c0xzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YThiZjItNmNiMy00OWFlLTllMzIt
ODgyOWVlNjYxYzY0LzEvcFBoaWRkd2h4aDJnenMwU2ZwZDB6S295c0xzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YThiZjItNmNiMy00OWFlLTllMzItODgyOWVlNjYxYzY0
LzEvcFBoaWRkd2h4aDJnenMwU2ZwZDB6S295c0xzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADl69hqtH
DA/8PCRM+hgyjSPwYZxlf34LnIDXRQx0pPCt/wONfZdMMoYekZyrq5dMxCX5n+LV
KFZPeGINad63DtsHzdulJN5S9Lt6q927DcOm7jFa+o8n55LQb2016VOpYmR0CCfB
0X2txVNRNMRZ9gWO1oG7mLE7fk9dESHz9gAOLtPKax5tzyj2+g/jAlDIkDpEYuS6
F7KqZxr11up25E3La1eRJ9AQvBFrJk8jEl47zCayWEVR4v47RA5Ma41t0bmeeSaN
bUONZGXY8t7PJNP5VZxdlzCdeUbm8IJWwT2ip6e78GrVV4tb50teaHk7Yvu1gzNL
Dw2Ro495id4ePw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:26:23 2026 by rpki-client