Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/e6b77f-40e6-4c93-ac32-3db961703ea9/1/sszaHFSHy5ONV-phzC1i0xBw21E.mft
File: sszaHFSHy5ONV-phzC1i0xBw21E.mft (raw, json)
Hash identifier: MaWQYNg9fjL5E+uJUuzzRCxjtMOLM56qYUOCb16GpYw=
Subject key identifier: 44:DC:D3:78:71:D5:6D:5D:D9:94:A4:97:04:80:CE:BD:F2:D4:2C:46
Authority key identifier: B2:CC:DA:1C:54:87:CB:93:8D:57:EA:61:CC:2D:62:D3:10:70:DB:51
Certificate issuer: /CN=b2ccda1c5487cb938d57ea61cc2d62d31070db51
Certificate serial: 019D37F6E5392C4BC8E855923874851C1849
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sszaHFSHy5ONV-phzC1i0xBw21E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/e6b77f-40e6-4c93-ac32-3db961703ea9/1/sszaHFSHy5ONV-phzC1i0xBw21E.mft
Manifest number: 0E96
Signing time: Sun 29 Mar 2026 05:00:20 +0000
Manifest this update: Sun 29 Mar 2026 05:00:20 +0000
Manifest next update: Mon 30 Mar 2026 05:00:20 +0000
Files and hashes: 1: 5WXSL9wWB5JNwpdm1UP4ejoSsRw.roa (hash: 2CKZu3jOCHO6Fw6CJElWpqf72yG47yIKnLWAvdNr280=)
2: sszaHFSHy5ONV-phzC1i0xBw21E.crl (hash: j2A5QdrMrk7gReq3TMbYCjmJvjcldJnEQqcAtqJrYgg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/e6b77f-40e6-4c93-ac32-3db961703ea9/1/sszaHFSHy5ONV-phzC1i0xBw21E.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/e6b77f-40e6-4c93-ac32-3db961703ea9/1/sszaHFSHy5ONV-phzC1i0xBw21E.mft
rsync://rpki.ripe.net/repository/DEFAULT/sszaHFSHy5ONV-phzC1i0xBw21E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 05:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:f6:e5:39:2c:4b:c8:e8:55:92:38:74:85:1c:18:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2ccda1c5487cb938d57ea61cc2d62d31070db51
Validity
Not Before: Mar 29 05:00:20 2026 GMT
Not After : Mar 30 05:00:20 2026 GMT
Subject: CN=44dcd37871d56d5dd994a4970480cebdf2d42c46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:42:85:6b:41:e6:2d:8b:59:ef:f9:9c:91:0f:
13:5a:23:47:e1:31:c5:f0:ce:4b:7e:97:9f:dc:32:
78:be:02:1b:e0:92:73:14:95:5f:2f:d8:80:a3:56:
4c:48:13:38:12:71:4f:1b:15:f0:72:31:29:43:38:
1b:3c:ae:4a:20:63:3c:bf:73:06:b8:31:ed:81:d3:
48:11:eb:b1:e0:46:f6:28:aa:a7:50:17:8f:fe:6c:
8c:a1:ec:5f:ea:b3:65:52:c8:26:5f:af:a7:28:d7:
ac:b6:ab:56:f2:dc:67:21:18:23:81:39:a0:43:b2:
d2:3a:71:82:21:86:39:5f:6e:a2:ef:89:71:a5:7a:
c2:d3:a9:6e:0e:84:52:6e:18:c8:fa:8b:a8:2d:a3:
cb:a8:ed:ac:f4:ed:33:a2:81:f8:3e:b9:95:5d:a8:
27:69:4e:68:57:88:6f:4f:e8:c4:cd:17:d1:d6:14:
1a:97:e1:f2:61:41:43:c2:e3:e4:e6:c2:c3:fe:a7:
5a:10:c7:f3:ad:f6:a7:e9:b6:e5:a6:28:74:23:a9:
7b:20:9b:91:83:e7:b8:a0:31:b1:bc:f1:80:75:b8:
48:66:75:03:37:79:6c:35:fe:55:61:e8:9d:6e:5b:
87:06:e0:e1:db:a3:3e:59:66:42:61:8f:2d:31:bb:
d5:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:DC:D3:78:71:D5:6D:5D:D9:94:A4:97:04:80:CE:BD:F2:D4:2C:46
X509v3 Authority Key Identifier:
keyid:B2:CC:DA:1C:54:87:CB:93:8D:57:EA:61:CC:2D:62:D3:10:70:DB:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sszaHFSHy5ONV-phzC1i0xBw21E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/e6b77f-40e6-4c93-ac32-3db961703ea9/1/sszaHFSHy5ONV-phzC1i0xBw21E.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/e6b77f-40e6-4c93-ac32-3db961703ea9/1/sszaHFSHy5ONV-phzC1i0xBw21E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a0:79:b9:83:fd:27:e4:60:d2:b8:2c:b1:05:4f:1e:a1:e0:ea:
3c:b9:c5:f2:53:64:38:85:a9:24:49:f9:5e:46:ba:77:a8:79:
41:5c:5c:0e:37:e8:8c:fc:16:14:55:18:b1:22:a0:12:b9:1e:
b6:d7:de:28:0c:ee:72:cf:0b:45:3e:5e:b5:1c:57:9e:bc:7b:
94:b6:17:70:cd:a7:fa:49:f1:fb:0a:b4:d9:e2:3f:00:1f:37:
40:de:ae:e9:14:2b:99:6e:be:2d:11:fa:d2:b9:fb:7f:70:0b:
32:06:0d:24:3a:12:a7:78:ed:d0:a3:2c:79:23:4e:24:c5:64:
4a:a4:be:59:2c:72:d4:5f:bc:4d:50:ba:33:dd:31:ab:b7:d7:
17:72:83:79:6c:32:bd:09:f6:f4:3e:0b:96:04:eb:16:74:95:
f2:0f:6e:48:e2:dd:14:78:fa:78:55:88:de:f4:ca:a9:f3:0a:
c5:13:66:c6:15:6d:46:c9:65:52:c2:7a:58:fa:60:d9:58:c3:
f6:1d:09:54:0f:26:23:17:50:67:df:24:60:81:b7:d1:99:b6:
dc:54:e8:f5:b3:18:a2:65:3f:31:fa:f0:94:ed:34:6a:51:3e:
61:e6:22:1e:68:f6:bd:16:4a:c7:2e:ea:61:a3:f5:ac:67:c2:
d0:34:59:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ039uU5LEvI6FWSOHSFHBhJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyY2NkYTFjNTQ4N2NiOTM4ZDU3ZWE2MWNjMmQ2MmQzMTA3
MGRiNTEwHhcNMjYwMzI5MDUwMDIwWhcNMjYwMzMwMDUwMDIwWjAzMTEwLwYDVQQD
Eyg0NGRjZDM3ODcxZDU2ZDVkZDk5NGE0OTcwNDgwY2ViZGYyZDQyYzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykKFa0HmLYtZ7/mckQ8TWiNH4THF
8M5Lfpef3DJ4vgIb4JJzFJVfL9iAo1ZMSBM4EnFPGxXwcjEpQzgbPK5KIGM8v3MG
uDHtgdNIEeux4Eb2KKqnUBeP/myMoexf6rNlUsgmX6+nKNestqtW8txnIRgjgTmg
Q7LSOnGCIYY5X26i74lxpXrC06luDoRSbhjI+ouoLaPLqO2s9O0zooH4PrmVXagn
aU5oV4hvT+jEzRfR1hQal+HyYUFDwuPk5sLD/qdaEMfzrfan6bblpih0I6l7IJuR
g+e4oDGxvPGAdbhIZnUDN3lsNf5VYeidbluHBuDh26M+WWZCYY8tMbvVqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFETc03hx1W1d2ZSklwSAzr3y1CxGMB8GA1UdIwQY
MBaAFLLM2hxUh8uTjVfqYcwtYtMQcNtRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3N6YUhGU0h5NU9OVi1waHpDMWkweEJ3MjFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9lNmI3N2YtNDBlNi00YzkzLWFjMzIt
M2RiOTYxNzAzZWE5LzEvc3N6YUhGU0h5NU9OVi1waHpDMWkweEJ3MjFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9lNmI3N2YtNDBlNi00YzkzLWFjMzItM2RiOTYxNzAzZWE5
LzEvc3N6YUhGU0h5NU9OVi1waHpDMWkweEJ3MjFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoHm5g/0n
5GDSuCyxBU8eoeDqPLnF8lNkOIWpJEn5Xka6d6h5QVxcDjfojPwWFFUYsSKgErke
ttfeKAzucs8LRT5etRxXnrx7lLYXcM2n+knx+wq02eI/AB83QN6u6RQrmW6+LRH6
0rn7f3ALMgYNJDoSp3jt0KMseSNOJMVkSqS+WSxy1F+8TVC6M90xq7fXF3KDeWwy
vQn29D4LlgTrFnSV8g9uSOLdFHj6eFWI3vTKqfMKxRNmxhVtRsllUsJ6WPpg2VjD
9h0JVA8mIxdQZ98kYIG30Zm23FTo9bMYomU/MfrwlO00alE+YeYiHmj2vRZKxy7q
YaP1rGfC0DRZQQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:05:42 2026 by rpki-client