Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/b929ce-ec17-4d50-a6ae-79d934e4a99a/1/U1OpqF-hH8S_FW-rTY2EoI5dZvk.mft
File: U1OpqF-hH8S_FW-rTY2EoI5dZvk.mft (raw, json)
Hash identifier: qlgu5JCmfyI900jyNluIV/1T0GNnve+OK+cWSiKBoaI=
Subject key identifier: 9D:BE:60:03:20:93:19:00:0F:E2:B0:45:D9:41:F0:B7:D0:44:52:7C
Authority key identifier: 53:53:A9:A8:5F:A1:1F:C4:BF:15:6F:AB:4D:8D:84:A0:8E:5D:66:F9
Certificate issuer: /CN=5353a9a85fa11fc4bf156fab4d8d84a08e5d66f9
Certificate serial: 019D394155EF16A777E0D73837C64C31A863
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U1OpqF-hH8S_FW-rTY2EoI5dZvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/b929ce-ec17-4d50-a6ae-79d934e4a99a/1/U1OpqF-hH8S_FW-rTY2EoI5dZvk.mft
Manifest number: 1893
Signing time: Sun 29 Mar 2026 11:01:16 +0000
Manifest this update: Sun 29 Mar 2026 11:01:16 +0000
Manifest next update: Mon 30 Mar 2026 11:01:16 +0000
Files and hashes: 1: U1OpqF-hH8S_FW-rTY2EoI5dZvk.crl (hash: UEd6wZjSNbTAoWwbWJuM2V1TE4+YH7QNxF1wBX3aJg8=)
2: mT1y4Vcpn5hGJXQzo130fr7-JU8.roa (hash: 5+RIIvJ1lvndyR9sJPil/4SfnDQMNqbmhhM2Do86aWY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/b929ce-ec17-4d50-a6ae-79d934e4a99a/1/U1OpqF-hH8S_FW-rTY2EoI5dZvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/b929ce-ec17-4d50-a6ae-79d934e4a99a/1/U1OpqF-hH8S_FW-rTY2EoI5dZvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/U1OpqF-hH8S_FW-rTY2EoI5dZvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:41:55:ef:16:a7:77:e0:d7:38:37:c6:4c:31:a8:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5353a9a85fa11fc4bf156fab4d8d84a08e5d66f9
Validity
Not Before: Mar 29 11:01:16 2026 GMT
Not After : Mar 30 11:01:16 2026 GMT
Subject: CN=9dbe6003209319000fe2b045d941f0b7d044527c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a5:af:6a:95:a5:91:8d:70:68:84:d7:52:fd:
64:8d:63:98:68:f0:07:e7:f8:6f:c1:0e:fe:dd:06:
c2:4e:78:61:61:11:41:c4:4a:6e:45:7c:c6:55:d6:
48:12:32:60:dc:c7:da:dd:6f:35:aa:ca:07:3e:32:
c1:c0:9e:d8:12:23:20:ad:ce:cb:85:de:d7:55:fb:
9b:b8:cb:b8:55:aa:82:7b:6d:8f:05:cf:82:83:b2:
3c:71:d4:7d:14:a3:e6:a8:aa:47:13:c1:fc:7f:a4:
0f:a1:38:7b:0f:07:c2:ef:9e:b1:01:12:5b:36:54:
da:41:32:0b:6c:25:8b:e7:9d:57:15:e2:a5:7a:e8:
57:10:e1:e6:a4:c1:27:5b:cc:70:3b:ae:3e:25:d8:
fd:ea:8b:92:7f:aa:b4:bf:eb:67:b0:e5:77:f6:f1:
a8:d4:88:a4:e1:5b:89:8d:6b:6c:9c:02:88:fc:ad:
28:9d:38:bd:9c:df:c4:a3:f9:dd:3f:92:22:d6:46:
d8:28:30:c7:af:8e:ee:64:69:c9:01:bc:8a:39:28:
76:5b:1b:3b:78:df:dc:fa:41:02:d9:bd:73:d5:cc:
13:7e:39:2e:66:ea:1a:75:f1:99:bc:9d:1c:57:55:
da:a7:6d:79:d8:09:05:eb:26:f4:93:8d:97:7a:36:
6b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:BE:60:03:20:93:19:00:0F:E2:B0:45:D9:41:F0:B7:D0:44:52:7C
X509v3 Authority Key Identifier:
keyid:53:53:A9:A8:5F:A1:1F:C4:BF:15:6F:AB:4D:8D:84:A0:8E:5D:66:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1OpqF-hH8S_FW-rTY2EoI5dZvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/b929ce-ec17-4d50-a6ae-79d934e4a99a/1/U1OpqF-hH8S_FW-rTY2EoI5dZvk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/b929ce-ec17-4d50-a6ae-79d934e4a99a/1/U1OpqF-hH8S_FW-rTY2EoI5dZvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
72:67:6a:c3:cd:7e:e8:23:a5:90:c5:05:26:10:bb:90:b7:da:
2d:43:cd:61:31:b6:64:a7:44:d9:c6:3c:7a:a8:83:19:0c:85:
e1:7a:da:ff:f4:4f:66:ea:c0:ce:78:7c:d5:58:ce:71:77:5f:
2d:ef:fe:af:3d:d4:d7:dc:fc:e0:e3:37:76:41:13:92:b0:86:
a2:1d:fa:0b:b5:e4:89:2a:1c:64:62:06:28:be:c2:7c:15:36:
20:77:9c:05:49:7d:21:aa:b3:9c:01:7e:af:3f:b7:05:a4:a5:
99:75:15:49:9c:d8:cb:bb:29:a4:5a:b5:2c:c7:3d:45:17:6b:
90:56:17:11:5c:ba:3d:12:9c:8d:c9:d3:e7:9e:e9:03:21:2b:
25:da:f2:61:47:aa:6b:13:39:a0:86:7a:7f:38:4b:8f:ee:02:
72:95:e9:87:80:92:60:23:5c:3e:f2:d5:33:b5:e1:68:99:05:
8d:4b:a9:77:a8:59:0f:58:b8:cd:78:d6:43:48:e1:a4:79:d2:
d6:b8:68:02:29:4c:2b:51:b1:31:ba:f1:ff:93:2e:2d:12:ba:
82:c7:87:6e:66:fc:31:90:c6:87:d7:7b:f7:9e:f7:5d:ec:22:
5f:b0:90:8c:0a:f7:01:2b:03:0a:4f:c3:6f:27:85:c8:b6:07:
33:1c:43:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QVXvFqd34Nc4N8ZMMahjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNTNhOWE4NWZhMTFmYzRiZjE1NmZhYjRkOGQ4NGEwOGU1
ZDY2ZjkwHhcNMjYwMzI5MTEwMTE2WhcNMjYwMzMwMTEwMTE2WjAzMTEwLwYDVQQD
Eyg5ZGJlNjAwMzIwOTMxOTAwMGZlMmIwNDVkOTQxZjBiN2QwNDQ1MjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6WvapWlkY1waITXUv1kjWOYaPAH
5/hvwQ7+3QbCTnhhYRFBxEpuRXzGVdZIEjJg3Mfa3W81qsoHPjLBwJ7YEiMgrc7L
hd7XVfubuMu4VaqCe22PBc+Cg7I8cdR9FKPmqKpHE8H8f6QPoTh7DwfC756xARJb
NlTaQTILbCWL551XFeKleuhXEOHmpMEnW8xwO64+Jdj96ouSf6q0v+tnsOV39vGo
1Iik4VuJjWtsnAKI/K0onTi9nN/Eo/ndP5Ii1kbYKDDHr47uZGnJAbyKOSh2Wxs7
eN/c+kEC2b1z1cwTfjkuZuoadfGZvJ0cV1Xap2152AkF6yb0k42XejZrlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ2+YAMgkxkAD+KwRdlB8LfQRFJ8MB8GA1UdIwQY
MBaAFFNTqahfoR/EvxVvq02NhKCOXWb5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTFPcHFGLWhIOFNfRlctclRZMkVvSTVkWnZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9iOTI5Y2UtZWMxNy00ZDUwLWE2YWUt
NzlkOTM0ZTRhOTlhLzEvVTFPcHFGLWhIOFNfRlctclRZMkVvSTVkWnZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9iOTI5Y2UtZWMxNy00ZDUwLWE2YWUtNzlkOTM0ZTRhOTlh
LzEvVTFPcHFGLWhIOFNfRlctclRZMkVvSTVkWnZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcmdqw81+
6COlkMUFJhC7kLfaLUPNYTG2ZKdE2cY8eqiDGQyF4Xra//RPZurAznh81VjOcXdf
Le/+rz3U19z84OM3dkETkrCGoh36C7XkiSocZGIGKL7CfBU2IHecBUl9IaqznAF+
rz+3BaSlmXUVSZzYy7sppFq1LMc9RRdrkFYXEVy6PRKcjcnT557pAyErJdryYUeq
axM5oIZ6fzhLj+4CcpXph4CSYCNcPvLVM7XhaJkFjUupd6hZD1i4zXjWQ0jhpHnS
1rhoAilMK1GxMbrx/5MuLRK6gseHbmb8MZDGh9d79573XewiX7CQjAr3ASsDCk/D
byeFyLYHMxxDhw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:06:34 2026 by rpki-client