Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/25c91d-5a05-46a2-9a79-420cc251e5eb/1/pHwKyKnV9ixJHUsXyyErUsDnVgc.mft
File: pHwKyKnV9ixJHUsXyyErUsDnVgc.mft (raw, json)
Hash identifier: dfyeYFRTaJmeqQVfyPT8d1L95yGvBa1UEGVtMGERuXI=
Subject key identifier: BB:A1:B0:0A:EE:13:E0:D2:8F:F5:9C:A4:5C:87:BF:B2:E4:EE:4A:E6
Authority key identifier: A4:7C:0A:C8:A9:D5:F6:2C:49:1D:4B:17:CB:21:2B:52:C0:E7:56:07
Certificate issuer: /CN=a47c0ac8a9d5f62c491d4b17cb212b52c0e75607
Certificate serial: 019D3752576D23D4070E34D586BE3484CEA7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pHwKyKnV9ixJHUsXyyErUsDnVgc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/25c91d-5a05-46a2-9a79-420cc251e5eb/1/pHwKyKnV9ixJHUsXyyErUsDnVgc.mft
Manifest number: 14D2
Signing time: Sun 29 Mar 2026 02:00:36 +0000
Manifest this update: Sun 29 Mar 2026 02:00:36 +0000
Manifest next update: Mon 30 Mar 2026 02:00:36 +0000
Files and hashes: 1: mSRNwBt4HyvxOKDrOMFnswIgda4.roa (hash: 7d61GNgLmLVgIgZ3h9dpanvVUYVfZYRsvyeUkivWWd4=)
2: pHwKyKnV9ixJHUsXyyErUsDnVgc.crl (hash: dd+7xu/kJTlnIs5hTbgX8wKlINFi/MPwxjqXvVBhQas=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/25c91d-5a05-46a2-9a79-420cc251e5eb/1/pHwKyKnV9ixJHUsXyyErUsDnVgc.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/25c91d-5a05-46a2-9a79-420cc251e5eb/1/pHwKyKnV9ixJHUsXyyErUsDnVgc.mft
rsync://rpki.ripe.net/repository/DEFAULT/pHwKyKnV9ixJHUsXyyErUsDnVgc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:52:57:6d:23:d4:07:0e:34:d5:86:be:34:84:ce:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a47c0ac8a9d5f62c491d4b17cb212b52c0e75607
Validity
Not Before: Mar 29 02:00:36 2026 GMT
Not After : Mar 30 02:00:36 2026 GMT
Subject: CN=bba1b00aee13e0d28ff59ca45c87bfb2e4ee4ae6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:48:fd:9c:3d:0f:26:b2:4e:71:50:72:eb:95:
bd:0e:40:38:0f:f8:06:e7:4a:29:20:84:c2:82:c9:
1e:45:be:7a:6d:3d:75:20:32:79:39:b3:0e:61:b6:
8e:b2:6c:68:ae:f1:06:42:54:5b:f3:97:40:3b:08:
90:54:2c:16:32:e6:11:b7:80:78:90:ba:ce:14:48:
bf:22:6c:d8:9b:fc:38:4e:46:a6:9e:2e:dd:fc:57:
7c:cf:a3:61:f0:30:91:cb:95:3b:39:6e:4f:23:c7:
24:b7:8d:73:8e:ea:bc:70:2a:69:c0:e9:df:20:6a:
7b:ed:c9:06:01:a9:80:3f:a0:88:1a:17:2f:86:bc:
05:96:d2:43:0d:04:42:d4:8d:e8:aa:ff:cf:60:69:
5b:f4:98:3c:89:11:61:59:f7:ba:59:f9:82:6c:11:
18:e3:7a:a9:1f:94:16:5e:da:38:11:a7:b6:86:10:
bd:b7:4a:c9:bd:22:f5:26:02:34:6f:81:67:57:f1:
04:e8:4a:b1:91:5c:77:cb:01:39:f8:10:74:0a:45:
7e:98:71:df:ab:a7:77:08:1a:20:c1:ce:8c:02:52:
54:df:60:2e:cd:91:1f:40:a9:90:dd:99:98:e7:78:
77:cf:dd:57:ea:5f:7d:8d:61:78:8e:a2:b8:ec:2b:
bb:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:A1:B0:0A:EE:13:E0:D2:8F:F5:9C:A4:5C:87:BF:B2:E4:EE:4A:E6
X509v3 Authority Key Identifier:
keyid:A4:7C:0A:C8:A9:D5:F6:2C:49:1D:4B:17:CB:21:2B:52:C0:E7:56:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pHwKyKnV9ixJHUsXyyErUsDnVgc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/25c91d-5a05-46a2-9a79-420cc251e5eb/1/pHwKyKnV9ixJHUsXyyErUsDnVgc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/25c91d-5a05-46a2-9a79-420cc251e5eb/1/pHwKyKnV9ixJHUsXyyErUsDnVgc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
36:aa:fa:24:de:ee:9e:c0:62:fd:82:a8:c3:05:0c:14:62:fd:
70:3c:63:2e:36:af:c3:12:eb:8d:5b:23:20:54:03:ec:f1:1e:
9e:c8:cd:3e:c6:e8:82:27:51:1d:e5:18:52:a1:76:a6:6d:99:
7d:cf:b3:e4:62:f7:91:04:ea:8b:26:89:4f:ed:eb:82:8f:7e:
b1:e2:16:ca:d8:e9:e1:cb:52:33:9b:8e:92:64:13:f3:65:c8:
b3:92:35:0c:96:e1:90:fe:f8:b5:78:9b:49:db:43:b9:58:94:
f5:a5:12:e5:ef:6b:df:c8:0a:33:02:65:31:11:7e:ba:df:eb:
8b:57:47:1d:db:dc:6a:95:dd:c7:ca:f7:89:42:3b:4c:31:a9:
ba:a0:cc:fc:01:06:86:2d:e6:96:e9:af:a6:fd:bb:5b:d4:00:
91:c0:4a:0e:a7:a8:f1:6e:c1:a7:d9:ea:50:d0:37:8d:8d:7f:
90:98:d7:7b:02:ad:75:d1:51:aa:37:a9:63:14:90:9a:60:9b:
e8:13:f4:db:43:c3:00:11:16:1f:ae:d9:c3:ff:4a:d7:8c:98:
b2:0a:51:4d:5d:29:6d:05:cc:77:e1:2f:ce:de:c8:f5:6e:96:
a1:aa:f8:9c:2a:ff:b8:e1:8a:ca:8f:37:b4:91:ac:54:57:64:
b0:9e:00:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UldtI9QHDjTVhr40hM6nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0N2MwYWM4YTlkNWY2MmM0OTFkNGIxN2NiMjEyYjUyYzBl
NzU2MDcwHhcNMjYwMzI5MDIwMDM2WhcNMjYwMzMwMDIwMDM2WjAzMTEwLwYDVQQD
EyhiYmExYjAwYWVlMTNlMGQyOGZmNTljYTQ1Yzg3YmZiMmU0ZWU0YWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0j9nD0PJrJOcVBy65W9DkA4D/gG
50opIITCgskeRb56bT11IDJ5ObMOYbaOsmxorvEGQlRb85dAOwiQVCwWMuYRt4B4
kLrOFEi/ImzYm/w4Tkamni7d/Fd8z6Nh8DCRy5U7OW5PI8ckt41zjuq8cCppwOnf
IGp77ckGAamAP6CIGhcvhrwFltJDDQRC1I3oqv/PYGlb9Jg8iRFhWfe6WfmCbBEY
43qpH5QWXto4Eae2hhC9t0rJvSL1JgI0b4FnV/EE6EqxkVx3ywE5+BB0CkV+mHHf
q6d3CBogwc6MAlJU32AuzZEfQKmQ3ZmY53h3z91X6l99jWF4jqK47Cu7FwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLuhsAruE+DSj/WcpFyHv7Lk7krmMB8GA1UdIwQY
MBaAFKR8Csip1fYsSR1LF8shK1LA51YHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEh3S3lLblY5aXhKSFVzWHl5RXJVc0RuVmdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8yNWM5MWQtNWEwNS00NmEyLTlhNzkt
NDIwY2MyNTFlNWViLzEvcEh3S3lLblY5aXhKSFVzWHl5RXJVc0RuVmdjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8yNWM5MWQtNWEwNS00NmEyLTlhNzktNDIwY2MyNTFlNWVi
LzEvcEh3S3lLblY5aXhKSFVzWHl5RXJVc0RuVmdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANqr6JN7u
nsBi/YKowwUMFGL9cDxjLjavwxLrjVsjIFQD7PEensjNPsbogidRHeUYUqF2pm2Z
fc+z5GL3kQTqiyaJT+3rgo9+seIWytjp4ctSM5uOkmQT82XIs5I1DJbhkP74tXib
SdtDuViU9aUS5e9r38gKMwJlMRF+ut/ri1dHHdvcapXdx8r3iUI7TDGpuqDM/AEG
hi3mlumvpv27W9QAkcBKDqeo8W7Bp9nqUNA3jY1/kJjXewKtddFRqjepYxSQmmCb
6BP020PDABEWH67Zw/9K14yYsgpRTV0pbQXMd+Evzt7I9W6Woar4nCr/uOGKyo83
tJGsVFdksJ4AsA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:27:28 2026 by rpki-client