Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/ePKehzghWcpegTh9fud-US-tFjY.mft
File: ePKehzghWcpegTh9fud-US-tFjY.mft (raw, json)
Hash identifier: QEs731bB/qaHrb2gze3Nip4R/1Pu5TXfQz6MR8yiRDI=
Subject key identifier: 02:EC:E0:37:79:BC:0E:68:43:F1:66:15:01:20:13:F1:D0:A3:F7:77
Authority key identifier: 78:F2:9E:87:38:21:59:CA:5E:81:38:7D:7E:E7:7E:51:2F:AD:16:36
Certificate issuer: /CN=78f29e87382159ca5e81387d7ee77e512fad1636
Certificate serial: 019D389BDA953DE762CD392B72EFE63EF1BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ePKehzghWcpegTh9fud-US-tFjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/ePKehzghWcpegTh9fud-US-tFjY.mft
Manifest number: 08E5
Signing time: Sun 29 Mar 2026 08:00:31 +0000
Manifest this update: Sun 29 Mar 2026 08:00:31 +0000
Manifest next update: Mon 30 Mar 2026 08:00:31 +0000
Files and hashes: 1: 0QQAvh0exmMpHPDAs7CMxVMVnMI.roa (hash: 93g3niuIRwIzAYWdelbmRnbYmNDd25Jgu86ahLHoBFE=)
2: ePKehzghWcpegTh9fud-US-tFjY.crl (hash: bD+wOEPmiWt7IuENy3U5UUYknY7qpV99fSHOZeh8i5I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/ePKehzghWcpegTh9fud-US-tFjY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/ePKehzghWcpegTh9fud-US-tFjY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ePKehzghWcpegTh9fud-US-tFjY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9b:da:95:3d:e7:62:cd:39:2b:72:ef:e6:3e:f1:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78f29e87382159ca5e81387d7ee77e512fad1636
Validity
Not Before: Mar 29 08:00:31 2026 GMT
Not After : Mar 30 08:00:31 2026 GMT
Subject: CN=02ece03779bc0e6843f16615012013f1d0a3f777
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:0e:7b:15:c9:95:df:fd:34:b1:bd:2c:7c:5e:
5c:55:4c:a7:d7:bb:dc:28:0c:80:a1:87:7b:cc:3b:
34:7a:cd:96:f8:14:97:b8:91:80:d5:28:89:91:88:
1e:ee:7b:2e:50:51:28:22:43:5a:6b:61:3e:c5:e7:
cb:6f:cf:82:3d:a7:58:8d:1f:fa:fe:1f:43:9e:c1:
00:d4:df:cf:06:c4:7e:6b:f6:d0:bb:4b:3d:54:ec:
94:9d:8f:04:6e:22:82:73:12:ec:9c:c8:4e:05:a8:
3c:8a:f5:08:72:bc:89:97:4a:5b:27:fe:b5:20:02:
ff:45:c8:58:c9:71:00:03:6c:07:1c:16:a0:94:fc:
53:97:52:5a:29:56:bc:f9:cb:20:3a:ca:b9:c3:f4:
de:06:d2:b4:e4:a0:f8:56:92:84:d7:71:0a:f2:18:
3c:da:5c:c5:b7:59:ab:2e:e0:6b:69:a5:12:53:6c:
6f:1e:7c:0f:ec:dd:17:08:16:95:36:65:49:74:22:
e3:b6:b6:63:85:31:78:4c:66:51:9b:31:23:0c:06:
2a:66:5e:00:e0:9d:47:90:c5:75:08:0c:be:8b:be:
6a:6b:67:66:65:14:92:b9:a0:50:9d:9d:f7:2f:c2:
c8:f6:d0:2e:c9:e2:c1:52:58:34:b2:ea:6e:6a:19:
09:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:EC:E0:37:79:BC:0E:68:43:F1:66:15:01:20:13:F1:D0:A3:F7:77
X509v3 Authority Key Identifier:
keyid:78:F2:9E:87:38:21:59:CA:5E:81:38:7D:7E:E7:7E:51:2F:AD:16:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ePKehzghWcpegTh9fud-US-tFjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/ePKehzghWcpegTh9fud-US-tFjY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/ePKehzghWcpegTh9fud-US-tFjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
90:5a:c9:14:b0:5f:b3:e3:ff:2a:3d:25:06:cb:b4:0c:48:16:
23:1f:e0:ec:0a:c2:31:de:ba:1a:8c:da:e3:08:d6:66:81:b8:
8d:a3:22:b1:54:88:1a:71:ed:e7:9d:49:da:98:36:01:14:35:
72:f6:88:43:b4:8d:2e:0d:3c:2c:4d:d9:b8:f5:ec:b3:d2:c7:
16:ae:2f:bf:41:fc:42:d0:aa:cc:2c:51:10:10:f0:31:79:39:
17:94:40:15:0d:5f:b3:f4:f2:be:17:92:2b:19:cb:3e:e6:c6:
59:12:c8:af:5d:31:9e:5d:16:cb:98:5f:e7:33:71:ba:49:05:
cd:56:7d:cf:ce:61:f8:ed:51:3c:fd:9f:e0:64:52:bf:f8:aa:
26:61:9f:60:35:84:18:6c:eb:bf:93:e9:59:cc:9f:f3:19:cf:
f6:bc:67:47:e8:c8:2c:65:b8:db:08:33:16:2d:aa:e5:5e:ea:
7b:6f:d0:74:09:eb:8f:72:eb:ba:7e:9c:e5:72:ce:d5:59:1e:
86:1e:a2:83:22:01:eb:bc:ae:30:2f:34:f4:1d:19:17:82:d4:
3e:53:11:53:13:bf:e9:78:26:34:d6:b4:58:be:25:db:7b:34:
15:de:44:ba:9b:b5:b1:b9:55:be:13:ba:83:20:9f:64:91:94:
ba:27:51:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m9qVPedizTkrcu/mPvG8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4ZjI5ZTg3MzgyMTU5Y2E1ZTgxMzg3ZDdlZTc3ZTUxMmZh
ZDE2MzYwHhcNMjYwMzI5MDgwMDMxWhcNMjYwMzMwMDgwMDMxWjAzMTEwLwYDVQQD
EygwMmVjZTAzNzc5YmMwZTY4NDNmMTY2MTUwMTIwMTNmMWQwYTNmNzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsw57FcmV3/00sb0sfF5cVUyn17vc
KAyAoYd7zDs0es2W+BSXuJGA1SiJkYge7nsuUFEoIkNaa2E+xefLb8+CPadYjR/6
/h9DnsEA1N/PBsR+a/bQu0s9VOyUnY8EbiKCcxLsnMhOBag8ivUIcryJl0pbJ/61
IAL/RchYyXEAA2wHHBaglPxTl1JaKVa8+csgOsq5w/TeBtK05KD4VpKE13EK8hg8
2lzFt1mrLuBraaUSU2xvHnwP7N0XCBaVNmVJdCLjtrZjhTF4TGZRmzEjDAYqZl4A
4J1HkMV1CAy+i75qa2dmZRSSuaBQnZ33L8LI9tAuyeLBUlg0supuahkJCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFALs4Dd5vA5oQ/FmFQEgE/HQo/d3MB8GA1UdIwQY
MBaAFHjynoc4IVnKXoE4fX7nflEvrRY2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVBLZWh6Z2hXY3BlZ1RoOWZ1ZC1VUy10RmpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9hNGI0OGItNDYyZS00NWE2LTg2MGQt
ODJmODljYmEyNmQ4LzEvZVBLZWh6Z2hXY3BlZ1RoOWZ1ZC1VUy10RmpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9hNGI0OGItNDYyZS00NWE2LTg2MGQtODJmODljYmEyNmQ4
LzEvZVBLZWh6Z2hXY3BlZ1RoOWZ1ZC1VUy10RmpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkFrJFLBf
s+P/Kj0lBsu0DEgWIx/g7ArCMd66Goza4wjWZoG4jaMisVSIGnHt551J2pg2ARQ1
cvaIQ7SNLg08LE3ZuPXss9LHFq4vv0H8QtCqzCxREBDwMXk5F5RAFQ1fs/TyvheS
KxnLPubGWRLIr10xnl0Wy5hf5zNxukkFzVZ9z85h+O1RPP2f4GRSv/iqJmGfYDWE
GGzrv5PpWcyf8xnP9rxnR+jILGW42wgzFi2q5V7qe2/QdAnrj3Lrun6c5XLO1Vke
hh6igyIB67yuMC809B0ZF4LUPlMRUxO/6XgmNNa0WL4l23s0Fd5Eupu1sblVvhO6
gyCfZJGUuidRrw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:19:25 2026 by rpki-client