Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/688cae-5f96-4875-8701-944ecec7a423/1/p7He9pWIXq3lzMi0vioCuxYHnpw.mft
File: p7He9pWIXq3lzMi0vioCuxYHnpw.mft (raw, json)
Hash identifier: BlPVCFaHSpyOxAcWjoxsjwgxq6OwaX6DNZ29UTWzyzM=
Subject key identifier: DB:0E:EA:EC:FA:A4:A1:0A:5A:AA:77:83:63:AB:F6:DE:FE:45:9B:F7
Authority key identifier: A7:B1:DE:F6:95:88:5E:AD:E5:CC:C8:B4:BE:2A:02:BB:16:07:9E:9C
Certificate issuer: /CN=a7b1def695885eade5ccc8b4be2a02bb16079e9c
Certificate serial: 019D382E76E9D84E55E686D01BA3CA0320E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p7He9pWIXq3lzMi0vioCuxYHnpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/688cae-5f96-4875-8701-944ecec7a423/1/p7He9pWIXq3lzMi0vioCuxYHnpw.mft
Manifest number: 0AE0
Signing time: Sun 29 Mar 2026 06:01:02 +0000
Manifest this update: Sun 29 Mar 2026 06:01:02 +0000
Manifest next update: Mon 30 Mar 2026 06:01:02 +0000
Files and hashes: 1: Gq2VB9PjY2d42VE1l06FJT2-xes.roa (hash: idiOLZ8yC3ZWBi2Z9igfWCRSUat/SpYrqd26vqS32rI=)
2: p7He9pWIXq3lzMi0vioCuxYHnpw.crl (hash: He1b7RUGIfZJz50lpoeYifEmzQIIi8E+DEaE8QpJfl8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/688cae-5f96-4875-8701-944ecec7a423/1/p7He9pWIXq3lzMi0vioCuxYHnpw.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/688cae-5f96-4875-8701-944ecec7a423/1/p7He9pWIXq3lzMi0vioCuxYHnpw.mft
rsync://rpki.ripe.net/repository/DEFAULT/p7He9pWIXq3lzMi0vioCuxYHnpw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2e:76:e9:d8:4e:55:e6:86:d0:1b:a3:ca:03:20:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7b1def695885eade5ccc8b4be2a02bb16079e9c
Validity
Not Before: Mar 29 06:01:02 2026 GMT
Not After : Mar 30 06:01:02 2026 GMT
Subject: CN=db0eeaecfaa4a10a5aaa778363abf6defe459bf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:9d:88:74:1e:14:7b:c5:f4:0d:66:e8:fd:8e:
9b:18:17:98:a4:ab:18:b1:cd:6c:3d:f1:83:80:45:
59:d0:13:31:59:c9:ca:90:fc:a8:8e:c5:ee:d7:ef:
ab:17:a3:f3:c4:24:e2:25:ab:01:16:bb:78:d4:86:
df:2e:71:ef:be:84:f2:18:32:31:d5:bc:89:3c:fd:
aa:f4:6c:fa:0f:05:4e:36:be:73:9a:b5:52:c7:bc:
53:5b:a6:93:4e:cc:48:01:64:f0:c0:6a:34:d0:8e:
41:33:33:b2:dd:79:06:3b:42:72:73:83:89:db:0f:
ca:b2:4d:4e:01:c8:4c:7d:8c:b8:34:96:e8:d2:3b:
e2:73:b1:14:93:4d:6d:f4:d1:61:71:17:ee:c0:55:
cc:44:ae:94:50:9d:bf:5b:a7:9a:a4:2f:e0:ab:14:
19:09:f2:4f:0a:8e:61:be:bb:6c:48:36:4e:61:3b:
74:34:0f:d3:0b:d8:5b:3e:09:57:cd:d4:97:86:b8:
22:0e:6c:4c:5f:db:bc:dd:4c:e7:ea:9e:3f:89:74:
c4:ca:c4:2d:a9:f8:dc:fe:ba:ef:21:cb:19:73:ff:
9b:34:05:95:3c:ec:a7:4a:99:71:32:1b:b8:bc:a8:
b6:9d:fd:eb:3e:4c:6d:ab:5e:35:87:be:7e:2b:1e:
9b:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:0E:EA:EC:FA:A4:A1:0A:5A:AA:77:83:63:AB:F6:DE:FE:45:9B:F7
X509v3 Authority Key Identifier:
keyid:A7:B1:DE:F6:95:88:5E:AD:E5:CC:C8:B4:BE:2A:02:BB:16:07:9E:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p7He9pWIXq3lzMi0vioCuxYHnpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/688cae-5f96-4875-8701-944ecec7a423/1/p7He9pWIXq3lzMi0vioCuxYHnpw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/688cae-5f96-4875-8701-944ecec7a423/1/p7He9pWIXq3lzMi0vioCuxYHnpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7e:a7:2e:3a:e1:8c:e7:f3:10:15:8b:39:7d:5a:85:fd:15:af:
3f:57:71:4b:7b:a6:db:f3:a5:32:4f:76:13:4f:cf:6c:fd:56:
21:b4:10:c5:ee:75:59:3a:09:13:a5:b8:00:8a:09:72:bd:50:
a0:47:11:8b:0e:8f:66:97:ae:ed:78:e7:ff:cb:64:94:cb:06:
bf:4e:6b:3f:6d:25:4e:25:23:70:24:06:f9:98:28:38:ca:42:
2b:33:25:82:f4:d1:0d:11:08:ca:a7:16:24:be:b7:47:39:96:
eb:62:eb:6b:b3:93:9f:04:79:54:83:68:6f:00:0f:4c:7e:61:
1f:aa:71:48:00:f7:a3:c2:75:a9:d2:18:2a:0c:b2:7a:39:ba:
f3:19:18:34:3c:99:aa:e2:4f:ad:2f:8b:2c:86:f7:fa:d2:59:
df:17:79:f8:8e:85:93:51:a5:1a:a4:81:7b:30:c5:d2:dc:f7:
4d:95:ec:c2:04:ce:ac:aa:2c:20:18:cb:80:39:61:09:3f:39:
68:27:d9:f7:3c:95:68:ea:3e:b1:27:88:b3:15:40:7f:a7:9b:
83:81:b0:9f:1a:bd:c8:91:fd:60:f3:62:ba:78:e9:0e:7b:b2:
04:b0:1d:e3:ce:52:9f:af:b2:83:e5:e0:6b:e8:a2:1c:e1:02:
20:ba:6f:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Lnbp2E5V5obQG6PKAyDpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3YjFkZWY2OTU4ODVlYWRlNWNjYzhiNGJlMmEwMmJiMTYw
NzllOWMwHhcNMjYwMzI5MDYwMTAyWhcNMjYwMzMwMDYwMTAyWjAzMTEwLwYDVQQD
EyhkYjBlZWFlY2ZhYTRhMTBhNWFhYTc3ODM2M2FiZjZkZWZlNDU5YmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn52IdB4Ue8X0DWbo/Y6bGBeYpKsY
sc1sPfGDgEVZ0BMxWcnKkPyojsXu1++rF6PzxCTiJasBFrt41IbfLnHvvoTyGDIx
1byJPP2q9Gz6DwVONr5zmrVSx7xTW6aTTsxIAWTwwGo00I5BMzOy3XkGO0Jyc4OJ
2w/Ksk1OAchMfYy4NJbo0jvic7EUk01t9NFhcRfuwFXMRK6UUJ2/W6eapC/gqxQZ
CfJPCo5hvrtsSDZOYTt0NA/TC9hbPglXzdSXhrgiDmxMX9u83Uzn6p4/iXTEysQt
qfjc/rrvIcsZc/+bNAWVPOynSplxMhu4vKi2nf3rPkxtq141h75+Kx6b6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNsO6uz6pKEKWqp3g2Or9t7+RZv3MB8GA1UdIwQY
MBaAFKex3vaViF6t5czItL4qArsWB56cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDdIZTlwV0lYcTNsek1pMHZpb0N1eFlIbnB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC82ODhjYWUtNWY5Ni00ODc1LTg3MDEt
OTQ0ZWNlYzdhNDIzLzEvcDdIZTlwV0lYcTNsek1pMHZpb0N1eFlIbnB3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC82ODhjYWUtNWY5Ni00ODc1LTg3MDEtOTQ0ZWNlYzdhNDIz
LzEvcDdIZTlwV0lYcTNsek1pMHZpb0N1eFlIbnB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfqcuOuGM
5/MQFYs5fVqF/RWvP1dxS3um2/OlMk92E0/PbP1WIbQQxe51WToJE6W4AIoJcr1Q
oEcRiw6PZpeu7Xjn/8tklMsGv05rP20lTiUjcCQG+ZgoOMpCKzMlgvTRDREIyqcW
JL63RzmW62Lra7OTnwR5VINobwAPTH5hH6pxSAD3o8J1qdIYKgyyejm68xkYNDyZ
quJPrS+LLIb3+tJZ3xd5+I6Fk1GlGqSBezDF0tz3TZXswgTOrKosIBjLgDlhCT85
aCfZ9zyVaOo+sSeIsxVAf6ebg4Gwnxq9yJH9YPNiunjpDnuyBLAd485Sn6+yg+Xg
a+iiHOECILpvyA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:07:28 2026 by rpki-client