Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/uT2pHx9TY0JyxZEQh85my602FKM.mft
File: uT2pHx9TY0JyxZEQh85my602FKM.mft (raw, json)
Hash identifier: NO9CQaI/V8D7IsHQLOWIzy41ufJ67ybi0r5WlhNhrvg=
Subject key identifier: 73:83:1D:5F:5D:9E:B1:85:D2:08:61:23:DF:DA:62:5B:C6:E8:DC:56
Authority key identifier: B9:3D:A9:1F:1F:53:63:42:72:C5:91:10:87:CE:66:CB:AD:36:14:A3
Certificate issuer: /CN=b93da91f1f53634272c5911087ce66cbad3614a3
Certificate serial: 019D390A18BFCD8550D43EDCD03C879ED22B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uT2pHx9TY0JyxZEQh85my602FKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/uT2pHx9TY0JyxZEQh85my602FKM.mft
Manifest number: 0A2E
Signing time: Sun 29 Mar 2026 10:00:56 +0000
Manifest this update: Sun 29 Mar 2026 10:00:56 +0000
Manifest next update: Mon 30 Mar 2026 10:00:56 +0000
Files and hashes: 1: T5RpUZaJxF7WS22xVaYfC5phh5w.roa (hash: 1t4IgY5FT1qa56RFkPSefpzTePRTnBiDJZBSxg9HAjA=)
2: uT2pHx9TY0JyxZEQh85my602FKM.crl (hash: HeHji+OOQykhBXnYSNwmIwY6gdaE9Cx5BZ0pthMOSj4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/uT2pHx9TY0JyxZEQh85my602FKM.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/uT2pHx9TY0JyxZEQh85my602FKM.mft
rsync://rpki.ripe.net/repository/DEFAULT/uT2pHx9TY0JyxZEQh85my602FKM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:0a:18:bf:cd:85:50:d4:3e:dc:d0:3c:87:9e:d2:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b93da91f1f53634272c5911087ce66cbad3614a3
Validity
Not Before: Mar 29 10:00:56 2026 GMT
Not After : Mar 30 10:00:56 2026 GMT
Subject: CN=73831d5f5d9eb185d2086123dfda625bc6e8dc56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:51:b9:d4:63:e4:78:1b:e4:e2:78:30:2f:dd:
55:62:e8:54:0b:e4:5b:c2:c5:ed:1f:bc:e3:c6:0d:
e3:0c:f5:86:76:9c:13:85:df:2f:33:b9:5c:ac:e7:
be:57:14:85:28:02:9b:46:13:5a:85:39:64:52:8b:
bc:9d:24:9f:bd:00:20:ed:fe:2a:75:89:88:55:ad:
dd:c3:cb:6b:b9:7d:c4:0e:cd:e3:23:8f:8a:cc:64:
6d:c7:2c:85:b3:27:98:77:2c:9c:1e:01:45:e0:80:
82:de:74:58:cb:eb:fb:33:08:c5:7d:7b:4c:db:e5:
20:c3:87:8e:46:90:00:c6:d3:8f:fc:88:ac:fb:49:
e5:78:2a:8a:3f:f4:bb:8b:20:4a:f7:cb:62:f8:74:
1d:36:98:ce:ee:36:18:5b:8c:cf:08:b3:99:b6:9b:
a9:ed:37:c0:4a:c7:8a:10:12:21:8f:96:d7:fe:fb:
8a:52:32:bf:d9:cb:d5:b2:fb:13:53:e1:00:91:2a:
49:fc:bc:77:dd:16:67:af:de:f8:c6:80:f1:ff:07:
ef:a0:9f:cc:2d:84:db:a4:22:3a:4f:1a:1a:59:d6:
48:9f:ba:bf:99:88:de:ca:fd:13:60:c4:99:d3:56:
70:30:7f:0c:5a:59:a1:ce:f3:f8:91:74:b6:50:b4:
c6:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:83:1D:5F:5D:9E:B1:85:D2:08:61:23:DF:DA:62:5B:C6:E8:DC:56
X509v3 Authority Key Identifier:
keyid:B9:3D:A9:1F:1F:53:63:42:72:C5:91:10:87:CE:66:CB:AD:36:14:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uT2pHx9TY0JyxZEQh85my602FKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/uT2pHx9TY0JyxZEQh85my602FKM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/uT2pHx9TY0JyxZEQh85my602FKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0a:d4:3c:bd:86:e3:26:45:e3:04:b4:df:6f:87:2f:70:55:e8:
8b:f9:33:18:c7:af:8d:43:5c:d7:72:0a:5c:24:f0:28:4a:89:
83:f6:07:59:81:ee:fc:f1:3b:23:0b:41:d5:81:d6:1c:0f:a3:
ec:b0:7d:74:a5:75:97:31:89:94:cd:7b:ad:fd:56:02:6b:16:
ec:2e:52:f6:79:45:0d:ca:16:47:0c:bf:3d:be:21:4e:2b:ca:
7d:0e:95:25:60:b1:15:c3:d0:84:e5:37:57:b5:d3:d0:65:09:
d6:ff:6d:14:32:15:ec:84:49:c9:28:c0:3d:be:08:63:10:2f:
b0:8e:29:42:42:f6:59:7d:40:c6:15:ba:e6:f3:d3:76:f4:56:
95:40:86:91:ab:27:ee:2a:6e:55:32:f4:15:3d:3e:4c:2f:a3:
c6:84:f8:5b:43:fb:9d:7c:db:69:ee:97:3d:f2:01:2e:27:ef:
bb:45:d5:6e:f9:3e:e5:ce:31:b1:11:ae:69:23:e1:82:f8:08:
ff:1a:ac:bd:44:2e:54:73:cd:0a:e6:68:97:6e:fe:f8:4c:aa:
85:55:ce:0d:11:a8:5e:d5:93:db:71:50:7d:51:f0:ee:a5:a2:
6d:47:d1:c7:11:b1:43:3e:d4:71:5c:96:4d:34:c9:9d:2e:5a:
7e:f8:6b:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05Chi/zYVQ1D7c0DyHntIrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5M2RhOTFmMWY1MzYzNDI3MmM1OTExMDg3Y2U2NmNiYWQz
NjE0YTMwHhcNMjYwMzI5MTAwMDU2WhcNMjYwMzMwMTAwMDU2WjAzMTEwLwYDVQQD
Eyg3MzgzMWQ1ZjVkOWViMTg1ZDIwODYxMjNkZmRhNjI1YmM2ZThkYzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVG51GPkeBvk4ngwL91VYuhUC+Rb
wsXtH7zjxg3jDPWGdpwThd8vM7lcrOe+VxSFKAKbRhNahTlkUou8nSSfvQAg7f4q
dYmIVa3dw8truX3EDs3jI4+KzGRtxyyFsyeYdyycHgFF4ICC3nRYy+v7MwjFfXtM
2+Ugw4eORpAAxtOP/Iis+0nleCqKP/S7iyBK98ti+HQdNpjO7jYYW4zPCLOZtpup
7TfASseKEBIhj5bX/vuKUjK/2cvVsvsTU+EAkSpJ/Lx33RZnr974xoDx/wfvoJ/M
LYTbpCI6TxoaWdZIn7q/mYjeyv0TYMSZ01ZwMH8MWlmhzvP4kXS2ULTGGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHODHV9dnrGF0ghhI9/aYlvG6NxWMB8GA1UdIwQY
MBaAFLk9qR8fU2NCcsWREIfOZsutNhSjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVQycEh4OVRZMEp5eFpFUWg4NW15NjAyRktNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jYTQ0NzEtMzRkMC00ODE2LTgxZDEt
OGJmNWIxZWQxMjA5LzEvdVQycEh4OVRZMEp5eFpFUWg4NW15NjAyRktNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jYTQ0NzEtMzRkMC00ODE2LTgxZDEtOGJmNWIxZWQxMjA5
LzEvdVQycEh4OVRZMEp5eFpFUWg4NW15NjAyRktNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACtQ8vYbj
JkXjBLTfb4cvcFXoi/kzGMevjUNc13IKXCTwKEqJg/YHWYHu/PE7IwtB1YHWHA+j
7LB9dKV1lzGJlM17rf1WAmsW7C5S9nlFDcoWRwy/Pb4hTivKfQ6VJWCxFcPQhOU3
V7XT0GUJ1v9tFDIV7IRJySjAPb4IYxAvsI4pQkL2WX1AxhW65vPTdvRWlUCGkasn
7ipuVTL0FT0+TC+jxoT4W0P7nXzbae6XPfIBLifvu0XVbvk+5c4xsRGuaSPhgvgI
/xqsvUQuVHPNCuZol27++EyqhVXODRGoXtWT23FQfVHw7qWibUfRxxGxQz7UcVyW
TTTJnS5afvhrnA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:08:50 2026 by rpki-client