Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/0f1b8f-1d47-42f0-a050-5a114ef9b2aa/1/US4nvokbGeypvOtT5NwjfFo1Vpc.mft
File: US4nvokbGeypvOtT5NwjfFo1Vpc.mft (raw, json)
Hash identifier: vUo2owkiLu8KKL93yuf6C++ABY8My5HfuaaF8Swsxks=
Subject key identifier: 20:DE:9F:31:B9:45:01:C6:D0:F1:59:10:67:14:45:0D:71:6C:55:60
Authority key identifier: 51:2E:27:BE:89:1B:19:EC:A9:BC:EB:53:E4:DC:23:7C:5A:35:56:97
Certificate issuer: /CN=512e27be891b19eca9bceb53e4dc237c5a355697
Certificate serial: 019D3865BBBCC5404BEF7E538FA27D434A69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/US4nvokbGeypvOtT5NwjfFo1Vpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/0f1b8f-1d47-42f0-a050-5a114ef9b2aa/1/US4nvokbGeypvOtT5NwjfFo1Vpc.mft
Manifest number: 0E8C
Signing time: Sun 29 Mar 2026 07:01:24 +0000
Manifest this update: Sun 29 Mar 2026 07:01:24 +0000
Manifest next update: Mon 30 Mar 2026 07:01:24 +0000
Files and hashes: 1: 4XAM9liM1Y7hRRkcksNiW_aru-A.roa (hash: P0kySiJIZ6zOBwufqTsAfZ+d9KAiQxaN8Hb6kdFbtyE=)
2: US4nvokbGeypvOtT5NwjfFo1Vpc.crl (hash: jyU8G54e6/wW1AfL9yd+O0zRAuQx2/9wkQQ+aEMBZsU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/0f1b8f-1d47-42f0-a050-5a114ef9b2aa/1/US4nvokbGeypvOtT5NwjfFo1Vpc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/0f1b8f-1d47-42f0-a050-5a114ef9b2aa/1/US4nvokbGeypvOtT5NwjfFo1Vpc.mft
rsync://rpki.ripe.net/repository/DEFAULT/US4nvokbGeypvOtT5NwjfFo1Vpc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:65:bb:bc:c5:40:4b:ef:7e:53:8f:a2:7d:43:4a:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=512e27be891b19eca9bceb53e4dc237c5a355697
Validity
Not Before: Mar 29 07:01:24 2026 GMT
Not After : Mar 30 07:01:24 2026 GMT
Subject: CN=20de9f31b94501c6d0f159106714450d716c5560
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:31:77:72:27:65:06:2c:74:fd:ec:c4:d6:7a:
5d:80:e1:bf:97:af:df:f8:91:65:84:d0:28:77:a0:
b5:95:11:83:bd:7e:c5:7a:3f:5f:d4:34:65:67:cc:
2f:3d:81:df:08:4c:38:1a:6b:7c:48:1a:bb:d9:0a:
06:03:c0:8f:3c:10:19:32:57:8f:58:ac:92:40:25:
e1:b2:61:da:fe:4d:07:14:b8:71:c7:d6:79:9f:6b:
48:06:5e:f5:4e:ec:60:27:e5:ea:c7:50:56:a1:7c:
f3:98:1b:77:72:88:2b:e6:c6:3d:ef:7f:4a:fc:63:
8b:c5:07:4f:f9:da:1b:42:f6:9f:a9:7e:65:4d:9d:
75:a9:7f:3c:ef:a0:50:29:83:5d:70:2e:e4:e3:c5:
7d:03:bb:d9:be:03:8d:36:d3:5e:c3:b6:10:44:23:
ca:56:80:64:88:b2:39:07:a4:44:23:f6:35:57:bb:
6f:ef:f1:41:6f:f5:df:22:13:d0:3f:25:9e:f0:51:
89:c1:14:87:cd:bc:b4:59:2c:cd:26:9a:0b:ce:e4:
b3:79:31:7f:77:2f:09:ba:2f:4c:ee:53:ed:bf:53:
0c:20:7c:0c:fd:e2:28:ea:37:3a:06:d4:dd:ee:9a:
92:43:e5:0a:9c:79:81:14:92:d8:98:34:c0:40:a9:
b6:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:DE:9F:31:B9:45:01:C6:D0:F1:59:10:67:14:45:0D:71:6C:55:60
X509v3 Authority Key Identifier:
keyid:51:2E:27:BE:89:1B:19:EC:A9:BC:EB:53:E4:DC:23:7C:5A:35:56:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/US4nvokbGeypvOtT5NwjfFo1Vpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/0f1b8f-1d47-42f0-a050-5a114ef9b2aa/1/US4nvokbGeypvOtT5NwjfFo1Vpc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/0f1b8f-1d47-42f0-a050-5a114ef9b2aa/1/US4nvokbGeypvOtT5NwjfFo1Vpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
91:12:b7:f3:29:1f:96:0a:0a:79:d3:4a:db:e5:1f:00:05:c5:
69:65:ae:20:e1:8f:ba:06:2e:3f:29:a1:a4:76:83:5b:9c:19:
e3:c9:a4:e0:0d:0a:29:c9:6c:b3:64:6e:88:e2:58:05:d5:38:
fe:0d:11:25:46:25:46:f8:ad:b3:4f:da:1e:6f:48:f5:64:09:
9b:05:8a:c8:94:d4:16:59:28:33:06:7c:36:a1:a9:92:ce:0b:
12:8e:6d:0d:27:ae:49:eb:e1:f8:e2:d6:d8:9f:95:33:7f:10:
ce:86:3c:9f:9a:80:5a:b2:c2:4c:00:17:46:c9:d6:2d:89:bf:
32:70:f8:5d:0a:5f:7b:29:97:4a:06:09:13:4f:41:c8:20:7f:
33:73:3a:da:f4:b9:bc:2c:82:d4:1c:ea:ae:2b:07:0b:2b:83:
f9:e8:cf:2e:d2:f1:63:35:4a:44:68:5b:4c:ea:20:e8:46:d1:
de:02:4b:c4:1a:15:99:7d:ef:ea:6d:af:ed:b3:55:b2:c6:70:
87:73:f4:cb:ea:4d:22:1e:96:0a:db:7a:00:0e:41:22:74:82:
5a:90:ff:70:31:73:ea:53:43:24:af:97:e0:72:35:b4:39:8a:
43:d8:f8:83:f7:b1:a6:03:d9:46:18:b1:37:2a:d4:5b:b0:ea:
c5:1d:98:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zbu8xUBL735Tj6J9Q0ppMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMmUyN2JlODkxYjE5ZWNhOWJjZWI1M2U0ZGMyMzdjNWEz
NTU2OTcwHhcNMjYwMzI5MDcwMTI0WhcNMjYwMzMwMDcwMTI0WjAzMTEwLwYDVQQD
EygyMGRlOWYzMWI5NDUwMWM2ZDBmMTU5MTA2NzE0NDUwZDcxNmM1NTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDF3cidlBix0/ezE1npdgOG/l6/f
+JFlhNAod6C1lRGDvX7Fej9f1DRlZ8wvPYHfCEw4Gmt8SBq72QoGA8CPPBAZMleP
WKySQCXhsmHa/k0HFLhxx9Z5n2tIBl71TuxgJ+Xqx1BWoXzzmBt3cogr5sY9739K
/GOLxQdP+dobQvafqX5lTZ11qX8876BQKYNdcC7k48V9A7vZvgONNtNew7YQRCPK
VoBkiLI5B6REI/Y1V7tv7/FBb/XfIhPQPyWe8FGJwRSHzby0WSzNJpoLzuSzeTF/
dy8Jui9M7lPtv1MMIHwM/eIo6jc6BtTd7pqSQ+UKnHmBFJLYmDTAQKm2cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCDenzG5RQHG0PFZEGcURQ1xbFVgMB8GA1UdIwQY
MBaAFFEuJ76JGxnsqbzrU+TcI3xaNVaXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVM0bnZva2JHZXlwdk90VDVOd2pmRm8xVnBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8wZjFiOGYtMWQ0Ny00MmYwLWEwNTAt
NWExMTRlZjliMmFhLzEvVVM0bnZva2JHZXlwdk90VDVOd2pmRm8xVnBjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8wZjFiOGYtMWQ0Ny00MmYwLWEwNTAtNWExMTRlZjliMmFh
LzEvVVM0bnZva2JHZXlwdk90VDVOd2pmRm8xVnBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkRK38ykf
lgoKedNK2+UfAAXFaWWuIOGPugYuPymhpHaDW5wZ48mk4A0KKclss2RuiOJYBdU4
/g0RJUYlRvits0/aHm9I9WQJmwWKyJTUFlkoMwZ8NqGpks4LEo5tDSeuSevh+OLW
2J+VM38QzoY8n5qAWrLCTAAXRsnWLYm/MnD4XQpfeymXSgYJE09ByCB/M3M62vS5
vCyC1BzqrisHCyuD+ejPLtLxYzVKRGhbTOog6EbR3gJLxBoVmX3v6m2v7bNVssZw
h3P0y+pNIh6WCtt6AA5BInSCWpD/cDFz6lNDJK+X4HI1tDmKQ9j4g/expgPZRhix
NyrUW7DqxR2Ytw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:59:09 2026 by rpki-client