Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/5dc195-0d99-483e-b449-ce227042dda2/1/W71IGEEVS878rKezBFwL70pzTbI.mft
File: W71IGEEVS878rKezBFwL70pzTbI.mft (raw, json)
Hash identifier: 1ZNErp8CfwTPcD1dch7ZK6aumNWmZaBex7t2IT2Hlc8=
Subject key identifier: DB:58:C7:F6:8C:F8:9E:00:FD:D2:48:4C:E7:C0:88:78:45:71:9A:E4
Authority key identifier: 5B:BD:48:18:41:15:4B:CE:FC:AC:A7:B3:04:5C:0B:EF:4A:73:4D:B2
Certificate issuer: /CN=5bbd481841154bcefcaca7b3045c0bef4a734db2
Certificate serial: 019D38D34BC88B42C08E3BF75310B2140D87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W71IGEEVS878rKezBFwL70pzTbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/5dc195-0d99-483e-b449-ce227042dda2/1/W71IGEEVS878rKezBFwL70pzTbI.mft
Manifest number: 0242
Signing time: Sun 29 Mar 2026 09:01:04 +0000
Manifest this update: Sun 29 Mar 2026 09:01:04 +0000
Manifest next update: Mon 30 Mar 2026 09:01:04 +0000
Files and hashes: 1: NPY5R79BjDs2BN9ZK1iHmFXoWXk.roa (hash: s2DNO9mL4NaiBwxc12CWZhJRXCSSZJIfWr7Kxeaj0qg=)
2: W71IGEEVS878rKezBFwL70pzTbI.crl (hash: WxshrML8cHZxn5kN33lfLI+R9LFatQyape9HPrdZxIY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/5dc195-0d99-483e-b449-ce227042dda2/1/W71IGEEVS878rKezBFwL70pzTbI.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/5dc195-0d99-483e-b449-ce227042dda2/1/W71IGEEVS878rKezBFwL70pzTbI.mft
rsync://rpki.ripe.net/repository/DEFAULT/W71IGEEVS878rKezBFwL70pzTbI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:4b:c8:8b:42:c0:8e:3b:f7:53:10:b2:14:0d:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bbd481841154bcefcaca7b3045c0bef4a734db2
Validity
Not Before: Mar 29 09:01:04 2026 GMT
Not After : Mar 30 09:01:04 2026 GMT
Subject: CN=db58c7f68cf89e00fdd2484ce7c0887845719ae4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:01:6e:b9:ce:6a:84:3b:f9:e4:b1:d3:36:2a:
b7:0e:74:04:c4:dc:c4:a8:29:14:91:94:e7:67:25:
41:71:b6:f0:4f:7e:7f:d3:ad:c4:d2:67:33:d9:89:
47:40:d4:50:60:c8:d8:9d:91:b8:b0:ea:a7:3e:96:
fe:26:f2:38:63:a6:3a:fb:b1:15:72:5b:fd:3d:61:
df:33:b4:df:76:3e:b4:b6:10:e1:65:6d:fa:ea:79:
ab:8a:16:93:9c:1a:a8:da:e1:2d:70:31:f4:ea:a4:
b7:6d:5a:1c:1b:00:40:49:ea:88:74:54:65:85:5b:
5d:96:c5:a1:45:ca:90:af:e0:1e:5b:1d:71:f1:f4:
1d:1f:17:9c:05:80:10:1d:75:f1:97:76:25:19:73:
38:ff:c3:32:b6:8e:e5:93:48:fb:6b:a4:3d:4a:d7:
8f:9c:84:88:08:87:b1:b4:76:93:01:d1:7f:a2:85:
45:49:cd:1e:cf:f2:98:52:4f:ea:77:49:46:da:c1:
bd:6a:06:ba:86:ef:d6:b1:77:a0:3b:c1:f5:b0:cf:
ca:6e:11:7b:02:75:ae:7d:1d:77:5d:6a:03:f1:c9:
e7:36:d6:f5:32:c6:4b:a0:29:3b:ab:d5:91:51:d9:
6b:e8:aa:b2:19:d1:4f:d1:f0:29:42:42:e2:b8:1b:
68:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:58:C7:F6:8C:F8:9E:00:FD:D2:48:4C:E7:C0:88:78:45:71:9A:E4
X509v3 Authority Key Identifier:
keyid:5B:BD:48:18:41:15:4B:CE:FC:AC:A7:B3:04:5C:0B:EF:4A:73:4D:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W71IGEEVS878rKezBFwL70pzTbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/5dc195-0d99-483e-b449-ce227042dda2/1/W71IGEEVS878rKezBFwL70pzTbI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/5dc195-0d99-483e-b449-ce227042dda2/1/W71IGEEVS878rKezBFwL70pzTbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
71:83:a0:11:00:17:34:cb:56:05:91:29:0a:ff:4c:34:b9:9b:
7f:7b:25:5c:f7:63:dc:b4:d7:92:60:8e:e3:e3:bc:a4:69:40:
ea:14:11:69:db:ed:b4:50:e7:19:6b:a3:fc:05:56:2e:26:c9:
43:39:2b:a7:0f:dd:b2:94:85:ad:9f:fc:bd:62:31:f0:97:b9:
03:29:0c:b3:8a:9d:12:68:25:3e:b9:ef:cc:4b:0b:81:89:e4:
bf:73:8f:03:c8:36:7f:8a:62:a8:70:e9:0b:73:64:30:53:9b:
87:07:f2:38:9c:c3:90:83:5d:3e:6e:87:f9:7d:25:88:83:b1:
6e:f7:94:54:1e:4a:a8:4d:10:55:81:3b:0a:70:b7:ad:24:4f:
cf:f8:4a:28:e6:38:38:98:c1:e6:2f:1b:77:9e:31:fa:fd:6a:
cc:6e:f7:54:54:95:ac:2c:71:4a:dd:55:f2:ea:47:0b:79:d2:
1d:98:ea:6b:26:b8:d4:4a:20:81:b3:ed:94:3c:96:20:ce:b9:
38:8e:0d:3d:1b:0c:45:c0:86:d6:0e:bc:d2:3a:a4:93:d3:b7:
cd:37:1b:cc:05:4b:79:a2:41:1e:af:d4:2f:33:8b:09:cb:5a:
e5:65:84:82:ee:15:a0:f0:61:29:4e:9a:78:12:2e:58:ad:f5:
d7:49:97:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0400vIi0LAjjv3UxCyFA2HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViYmQ0ODE4NDExNTRiY2VmY2FjYTdiMzA0NWMwYmVmNGE3
MzRkYjIwHhcNMjYwMzI5MDkwMTA0WhcNMjYwMzMwMDkwMTA0WjAzMTEwLwYDVQQD
EyhkYjU4YzdmNjhjZjg5ZTAwZmRkMjQ4NGNlN2MwODg3ODQ1NzE5YWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAFuuc5qhDv55LHTNiq3DnQExNzE
qCkUkZTnZyVBcbbwT35/063E0mcz2YlHQNRQYMjYnZG4sOqnPpb+JvI4Y6Y6+7EV
clv9PWHfM7Tfdj60thDhZW366nmrihaTnBqo2uEtcDH06qS3bVocGwBASeqIdFRl
hVtdlsWhRcqQr+AeWx1x8fQdHxecBYAQHXXxl3YlGXM4/8Myto7lk0j7a6Q9SteP
nISICIextHaTAdF/ooVFSc0ez/KYUk/qd0lG2sG9aga6hu/WsXegO8H1sM/KbhF7
AnWufR13XWoD8cnnNtb1MsZLoCk7q9WRUdlr6KqyGdFP0fApQkLiuBtoYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNtYx/aM+J4A/dJITOfAiHhFcZrkMB8GA1UdIwQY
MBaAFFu9SBhBFUvO/KynswRcC+9Kc02yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzcxSUdFRVZTODc4cktlekJGd0w3MHB6VGJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81ZGMxOTUtMGQ5OS00ODNlLWI0NDkt
Y2UyMjcwNDJkZGEyLzEvVzcxSUdFRVZTODc4cktlekJGd0w3MHB6VGJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81ZGMxOTUtMGQ5OS00ODNlLWI0NDktY2UyMjcwNDJkZGEy
LzEvVzcxSUdFRVZTODc4cktlekJGd0w3MHB6VGJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcYOgEQAX
NMtWBZEpCv9MNLmbf3slXPdj3LTXkmCO4+O8pGlA6hQRadvttFDnGWuj/AVWLibJ
Qzkrpw/dspSFrZ/8vWIx8Je5AykMs4qdEmglPrnvzEsLgYnkv3OPA8g2f4piqHDp
C3NkMFObhwfyOJzDkINdPm6H+X0liIOxbveUVB5KqE0QVYE7CnC3rSRPz/hKKOY4
OJjB5i8bd54x+v1qzG73VFSVrCxxSt1V8upHC3nSHZjqaya41EoggbPtlDyWIM65
OI4NPRsMRcCG1g680jqkk9O3zTcbzAVLeaJBHq/ULzOLCcta5WWEgu4VoPBhKU6a
eBIuWK3110mXFw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:08:36 2026 by rpki-client