Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/e9b76a-10b3-47c0-a517-b5e91fc65051/1/pavEOvztcvuSd4covuVxxnj1OFM.mft
File: pavEOvztcvuSd4covuVxxnj1OFM.mft (raw, json)
Hash identifier: VKQGdsqDGYIsgue2vjJEYg1At2gqZ2GOJURJDTztjbk=
Subject key identifier: CA:D2:39:33:F6:A7:DB:C6:65:12:E5:81:4D:6F:12:50:EE:73:80:E5
Authority key identifier: A5:AB:C4:3A:FC:ED:72:FB:92:77:87:28:BE:E5:71:C6:78:F5:38:53
Certificate issuer: /CN=a5abc43afced72fb92778728bee571c678f53853
Certificate serial: 019DCF3E7E6DE991DE4A7301C7A72A93F2B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pavEOvztcvuSd4covuVxxnj1OFM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/e9b76a-10b3-47c0-a517-b5e91fc65051/1/pavEOvztcvuSd4covuVxxnj1OFM.mft
Manifest number: 18DF
Signing time: Mon 27 Apr 2026 14:01:12 +0000
Manifest this update: Mon 27 Apr 2026 14:01:12 +0000
Manifest next update: Tue 28 Apr 2026 14:01:12 +0000
Files and hashes: 1: 7lnc40Qf7cmKBKbjZfYqwpwmGoI.roa (hash: BeI1VtCjRkNwuAsQq6REw2kbuVRCtpMkqUU7iZWA1og=)
2: BGZv9D_VhejCl-jfPTnDgqEd_C8.roa (hash: 24tOC1DrpPlHEZKfZuWIAXFtAWXcsMjorM9au3Z+HuM=)
3: pavEOvztcvuSd4covuVxxnj1OFM.crl (hash: jVDkH8gcMgHNf6HeWq+s1zsvPUnZ5c6d89P/5EICOEs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/e9b76a-10b3-47c0-a517-b5e91fc65051/1/pavEOvztcvuSd4covuVxxnj1OFM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/e9b76a-10b3-47c0-a517-b5e91fc65051/1/pavEOvztcvuSd4covuVxxnj1OFM.mft
rsync://rpki.ripe.net/repository/DEFAULT/pavEOvztcvuSd4covuVxxnj1OFM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 14:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cf:3e:7e:6d:e9:91:de:4a:73:01:c7:a7:2a:93:f2:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5abc43afced72fb92778728bee571c678f53853
Validity
Not Before: Apr 27 14:01:12 2026 GMT
Not After : Apr 28 14:01:12 2026 GMT
Subject: CN=cad23933f6a7dbc66512e5814d6f1250ee7380e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a5:7c:b0:77:0a:94:8a:90:3f:2c:cd:78:4f:
83:e4:e0:25:ff:55:0f:2a:79:1c:0f:8b:dc:01:97:
58:df:22:80:32:93:bd:e2:cc:a6:7b:3b:37:af:07:
a6:67:d6:64:63:d9:7b:5a:7f:9a:f0:ae:ad:dc:71:
a8:d0:5a:b5:91:c7:d5:95:c6:2c:95:6e:3b:8e:d1:
7d:18:50:5f:3b:64:b1:32:c3:c2:86:55:ee:7d:82:
d0:6f:f3:17:d3:d3:0f:09:fb:3d:ca:37:56:e6:7a:
25:7a:37:44:fe:de:ed:c3:b6:d4:81:22:82:aa:a0:
a2:47:f5:66:2d:90:fb:1b:a2:f6:e0:e5:5f:c1:57:
ed:09:73:a5:79:5a:5c:c2:16:d0:04:91:0b:2d:7f:
c2:52:88:d8:c5:1a:2b:49:4a:85:9d:59:d5:a7:13:
e1:83:20:6a:48:3f:cd:3e:7a:d3:48:13:15:8f:94:
44:21:e8:3a:73:e4:8e:27:4f:a9:2b:f3:1b:58:5f:
66:70:51:ed:dd:3f:a4:a0:cc:89:7e:d2:fa:4e:a8:
1f:9a:4f:8a:62:e3:a4:f4:1d:a1:f1:fb:51:ff:c6:
1a:e7:96:fd:93:4e:d7:43:5c:b6:07:37:94:35:c9:
56:ff:4d:79:50:f9:d3:1b:97:a5:f2:28:99:68:14:
cc:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:D2:39:33:F6:A7:DB:C6:65:12:E5:81:4D:6F:12:50:EE:73:80:E5
X509v3 Authority Key Identifier:
keyid:A5:AB:C4:3A:FC:ED:72:FB:92:77:87:28:BE:E5:71:C6:78:F5:38:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pavEOvztcvuSd4covuVxxnj1OFM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/e9b76a-10b3-47c0-a517-b5e91fc65051/1/pavEOvztcvuSd4covuVxxnj1OFM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/e9b76a-10b3-47c0-a517-b5e91fc65051/1/pavEOvztcvuSd4covuVxxnj1OFM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bf:e1:7e:f9:03:57:93:59:97:09:24:0c:05:33:5f:14:98:da:
ef:0d:31:23:de:67:a3:f6:a0:cd:f6:a6:3b:c0:9f:94:1a:ae:
d5:ef:db:ca:4d:41:66:46:02:d3:6e:67:79:7d:7a:1a:ce:f1:
3c:6b:74:50:a3:ab:4f:f7:29:c7:b8:98:28:26:53:ac:18:bb:
05:e3:52:60:b1:ca:54:ea:1d:96:dc:5c:ef:6b:93:80:53:3b:
54:a7:0e:6f:14:28:73:54:93:a6:db:ee:7c:7d:11:e6:28:6d:
f5:7b:e1:51:9f:0b:b4:17:50:5b:fb:d1:73:97:ae:37:94:7a:
8e:c2:4a:c9:f0:1b:9b:84:98:45:5e:3a:16:80:9a:3e:9e:66:
67:dc:e8:4f:68:10:06:de:30:78:a9:c6:c5:ff:9f:56:8c:a7:
36:3a:cf:1c:42:2b:2d:9c:3e:5e:73:bf:21:07:5f:a8:40:de:
12:dd:fb:81:a0:f6:8c:93:e9:8a:2e:02:e2:9e:e3:26:41:70:
00:21:64:8a:e0:ed:b1:44:ff:95:73:16:ef:f9:36:0d:31:ed:
5a:13:49:f3:87:e4:95:11:58:c9:2a:18:93:1b:6e:64:77:36:
a9:9a:c4:7f:f4:56:3e:51:74:d5:4d:4a:7a:a9:33:cb:6c:ed:
0d:76:9e:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3PPn5t6ZHeSnMBx6cqk/K5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWJjNDNhZmNlZDcyZmI5Mjc3ODcyOGJlZTU3MWM2Nzhm
NTM4NTMwHhcNMjYwNDI3MTQwMTEyWhcNMjYwNDI4MTQwMTEyWjAzMTEwLwYDVQQD
EyhjYWQyMzkzM2Y2YTdkYmM2NjUxMmU1ODE0ZDZmMTI1MGVlNzM4MGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqV8sHcKlIqQPyzNeE+D5OAl/1UP
KnkcD4vcAZdY3yKAMpO94symezs3rwemZ9ZkY9l7Wn+a8K6t3HGo0Fq1kcfVlcYs
lW47jtF9GFBfO2SxMsPChlXufYLQb/MX09MPCfs9yjdW5nolejdE/t7tw7bUgSKC
qqCiR/VmLZD7G6L24OVfwVftCXOleVpcwhbQBJELLX/CUojYxRorSUqFnVnVpxPh
gyBqSD/NPnrTSBMVj5REIeg6c+SOJ0+pK/MbWF9mcFHt3T+koMyJftL6Tqgfmk+K
YuOk9B2h8ftR/8Ya55b9k07XQ1y2BzeUNclW/015UPnTG5el8iiZaBTMKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMrSOTP2p9vGZRLlgU1vElDuc4DlMB8GA1UdIwQY
MBaAFKWrxDr87XL7kneHKL7lccZ49ThTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGF2RU92enRjdnVTZDRjb3Z1Vnh4bmoxT0ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9lOWI3NmEtMTBiMy00N2MwLWE1MTct
YjVlOTFmYzY1MDUxLzEvcGF2RU92enRjdnVTZDRjb3Z1Vnh4bmoxT0ZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9lOWI3NmEtMTBiMy00N2MwLWE1MTctYjVlOTFmYzY1MDUx
LzEvcGF2RU92enRjdnVTZDRjb3Z1Vnh4bmoxT0ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAv+F++QNX
k1mXCSQMBTNfFJja7w0xI95no/agzfamO8CflBqu1e/byk1BZkYC025neX16Gs7x
PGt0UKOrT/cpx7iYKCZTrBi7BeNSYLHKVOodltxc72uTgFM7VKcObxQoc1STptvu
fH0R5iht9XvhUZ8LtBdQW/vRc5euN5R6jsJKyfAbm4SYRV46FoCaPp5mZ9zoT2gQ
Bt4weKnGxf+fVoynNjrPHEIrLZw+XnO/IQdfqEDeEt37gaD2jJPpii4C4p7jJkFw
ACFkiuDtsUT/lXMW7/k2DTHtWhNJ84fklRFYySoYkxtuZHc2qZrEf/RWPlF01U1K
eqkzy2ztDXae9w==
-----END CERTIFICATE-----
Generated at Mon Apr 27 19:13:33 2026 by rpki-client