Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/5e3185-38c5-4a5b-bf24-c953e3398c63/1/_RHEZUr3AuWW61DRP6SG202bzgo.mft
File: _RHEZUr3AuWW61DRP6SG202bzgo.mft (raw, json)
Hash identifier: HOWf4Wuvnby5leUSfSpm1OOroVQEXdm/sGTAlUSkAko=
Subject key identifier: 97:16:59:B4:04:F0:F0:1F:7A:E1:C4:BF:10:5F:96:20:2F:80:3C:00
Authority key identifier: FD:11:C4:65:4A:F7:02:E5:96:EB:50:D1:3F:A4:86:DB:4D:9B:CE:0A
Certificate issuer: /CN=fd11c4654af702e596eb50d13fa486db4d9bce0a
Certificate serial: 019D38D3A6F4A869CA39FC7BF1717EBDA5F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_RHEZUr3AuWW61DRP6SG202bzgo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/5e3185-38c5-4a5b-bf24-c953e3398c63/1/_RHEZUr3AuWW61DRP6SG202bzgo.mft
Manifest number: 1890
Signing time: Sun 29 Mar 2026 09:01:27 +0000
Manifest this update: Sun 29 Mar 2026 09:01:27 +0000
Manifest next update: Mon 30 Mar 2026 09:01:27 +0000
Files and hashes: 1: RmRjeHQ5LHoRU1fZMCv-SARJc8c.roa (hash: zv/hPQoqGigtS053rI8GEj09bwC8kZaEZlvkwBWS8G8=)
2: _RHEZUr3AuWW61DRP6SG202bzgo.crl (hash: ldeh/5SBg4Zxq2X7TiFHGxX+5Vye0bcWUkxZZVlZCgU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/5e3185-38c5-4a5b-bf24-c953e3398c63/1/_RHEZUr3AuWW61DRP6SG202bzgo.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/5e3185-38c5-4a5b-bf24-c953e3398c63/1/_RHEZUr3AuWW61DRP6SG202bzgo.mft
rsync://rpki.ripe.net/repository/DEFAULT/_RHEZUr3AuWW61DRP6SG202bzgo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:a6:f4:a8:69:ca:39:fc:7b:f1:71:7e:bd:a5:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd11c4654af702e596eb50d13fa486db4d9bce0a
Validity
Not Before: Mar 29 09:01:27 2026 GMT
Not After : Mar 30 09:01:27 2026 GMT
Subject: CN=971659b404f0f01f7ae1c4bf105f96202f803c00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:db:bf:37:6d:6f:c2:5d:f7:32:ec:44:b4:d3:
a9:40:70:e5:59:04:54:f1:2b:2e:08:c6:9a:d3:3c:
70:35:b3:d0:cf:a0:8a:58:63:66:cf:a9:60:d5:95:
38:37:10:f2:d9:08:ce:f4:08:d8:19:c0:de:24:01:
18:92:2c:e5:d0:56:b8:a4:5d:eb:2a:4e:82:53:3d:
86:27:13:b0:ad:2d:f7:6d:59:7d:4f:bd:7f:2d:d4:
b0:ef:b5:56:b4:27:ca:02:74:7b:bf:59:cf:39:5e:
05:97:30:a9:15:45:8a:fb:67:d8:ea:56:fa:98:39:
2b:55:2d:c4:85:ca:54:50:e2:1e:07:d8:3c:92:f6:
9f:e9:93:26:03:06:84:da:3b:8c:43:af:cf:80:e9:
1a:26:c3:c2:cb:21:de:d0:01:e8:18:74:50:46:08:
b5:01:30:f9:60:2b:95:32:16:0a:cc:2a:38:46:d7:
fb:f1:94:97:9b:39:e3:b1:e8:4f:bc:4b:75:9e:9a:
30:86:99:8d:e5:f9:e0:7e:a6:e5:e5:54:f1:71:30:
16:98:b6:39:ed:8f:b2:5e:6c:22:0d:0e:87:94:3a:
98:c6:8d:93:0f:20:23:c9:1a:21:77:5e:dd:08:7f:
f9:09:2a:10:bf:e1:30:fc:57:29:35:ed:e7:40:34:
17:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:16:59:B4:04:F0:F0:1F:7A:E1:C4:BF:10:5F:96:20:2F:80:3C:00
X509v3 Authority Key Identifier:
keyid:FD:11:C4:65:4A:F7:02:E5:96:EB:50:D1:3F:A4:86:DB:4D:9B:CE:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_RHEZUr3AuWW61DRP6SG202bzgo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/5e3185-38c5-4a5b-bf24-c953e3398c63/1/_RHEZUr3AuWW61DRP6SG202bzgo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/5e3185-38c5-4a5b-bf24-c953e3398c63/1/_RHEZUr3AuWW61DRP6SG202bzgo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8e:9b:35:63:fd:4b:e2:da:56:36:7d:f6:97:2d:03:c7:79:64:
a5:e8:90:fb:7b:8b:3c:3a:9f:da:2e:cb:e0:60:80:7a:d8:2d:
b1:6f:3e:c8:5a:ed:71:d9:65:7f:3a:66:44:69:02:56:91:22:
47:ba:5b:80:74:8e:d9:98:95:00:03:f6:ba:79:a9:cf:8e:65:
c2:57:13:27:3f:a1:f5:da:a0:b6:1c:a8:de:07:92:c1:97:61:
e7:6f:74:81:f1:ba:55:e0:1e:76:8a:66:5c:ce:af:a0:3e:77:
84:9e:c7:9f:85:9c:59:06:78:fe:90:62:d6:a6:a9:0e:13:56:
d6:aa:5d:fc:38:ee:90:5c:1e:74:a9:0c:67:64:d2:fa:ee:be:
5e:be:2e:5f:ab:94:a5:6d:d8:0b:f5:12:ba:b7:a7:86:99:b8:
17:39:b4:30:ae:b8:00:d8:1b:a4:ee:4f:f2:07:85:61:94:d4:
59:05:5a:6d:c6:aa:29:18:ab:7e:12:53:d7:32:ab:07:f6:c7:
ae:e5:d7:97:83:9d:cc:51:86:14:5b:05:66:4d:e6:6a:5c:31:
18:62:24:0b:70:2b:ea:81:32:65:03:b9:61:ad:ef:31:99:b1:
7b:53:d7:a3:84:f0:48:97:4a:93:aa:42:c3:21:be:c5:02:79:
fb:bf:e9:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0406b0qGnKOfx78XF+vaXyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMTFjNDY1NGFmNzAyZTU5NmViNTBkMTNmYTQ4NmRiNGQ5
YmNlMGEwHhcNMjYwMzI5MDkwMTI3WhcNMjYwMzMwMDkwMTI3WjAzMTEwLwYDVQQD
Eyg5NzE2NTliNDA0ZjBmMDFmN2FlMWM0YmYxMDVmOTYyMDJmODAzYzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNu/N21vwl33MuxEtNOpQHDlWQRU
8SsuCMaa0zxwNbPQz6CKWGNmz6lg1ZU4NxDy2QjO9AjYGcDeJAEYkizl0Fa4pF3r
Kk6CUz2GJxOwrS33bVl9T71/LdSw77VWtCfKAnR7v1nPOV4FlzCpFUWK+2fY6lb6
mDkrVS3EhcpUUOIeB9g8kvaf6ZMmAwaE2juMQ6/PgOkaJsPCyyHe0AHoGHRQRgi1
ATD5YCuVMhYKzCo4Rtf78ZSXmznjsehPvEt1npowhpmN5fngfqbl5VTxcTAWmLY5
7Y+yXmwiDQ6HlDqYxo2TDyAjyRohd17dCH/5CSoQv+Ew/FcpNe3nQDQXIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJcWWbQE8PAfeuHEvxBfliAvgDwAMB8GA1UdIwQY
MBaAFP0RxGVK9wLllutQ0T+khttNm84KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1JIRVpVcjNBdVdXNjFEUlA2U0cyMDJiemdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC81ZTMxODUtMzhjNS00YTViLWJmMjQt
Yzk1M2UzMzk4YzYzLzEvX1JIRVpVcjNBdVdXNjFEUlA2U0cyMDJiemdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC81ZTMxODUtMzhjNS00YTViLWJmMjQtYzk1M2UzMzk4YzYz
LzEvX1JIRVpVcjNBdVdXNjFEUlA2U0cyMDJiemdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjps1Y/1L
4tpWNn32ly0Dx3lkpeiQ+3uLPDqf2i7L4GCAetgtsW8+yFrtcdllfzpmRGkCVpEi
R7pbgHSO2ZiVAAP2unmpz45lwlcTJz+h9dqgthyo3geSwZdh5290gfG6VeAedopm
XM6voD53hJ7Hn4WcWQZ4/pBi1qapDhNW1qpd/DjukFwedKkMZ2TS+u6+Xr4uX6uU
pW3YC/USurenhpm4Fzm0MK64ANgbpO5P8geFYZTUWQVabcaqKRirfhJT1zKrB/bH
ruXXl4OdzFGGFFsFZk3malwxGGIkC3Ar6oEyZQO5Ya3vMZmxe1PXo4TwSJdKk6pC
wyG+xQJ5+7/p2Q==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:26:54 2026 by rpki-client