Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/8791a1-e679-4663-a2da-1a513df069fc/1/5PKoZiAvS4y8MzgtboLYHYlkyA4.mft
File: 5PKoZiAvS4y8MzgtboLYHYlkyA4.mft (raw, json)
Hash identifier: lwEl9BQbFgSRpFrqb/2QM5cJIzMobLrgP0t6teTQJ1Q=
Subject key identifier: 66:F0:4C:BB:68:65:45:B5:B1:2E:9B:FB:3A:37:9C:5A:F8:F9:20:E4
Authority key identifier: E4:F2:A8:66:20:2F:4B:8C:BC:33:38:2D:6E:82:D8:1D:89:64:C8:0E
Certificate issuer: /CN=e4f2a866202f4b8cbc33382d6e82d81d8964c80e
Certificate serial: 019D389C2523224495253303B87213BB4FD0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5PKoZiAvS4y8MzgtboLYHYlkyA4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/8791a1-e679-4663-a2da-1a513df069fc/1/5PKoZiAvS4y8MzgtboLYHYlkyA4.mft
Manifest number: 1890
Signing time: Sun 29 Mar 2026 08:00:50 +0000
Manifest this update: Sun 29 Mar 2026 08:00:50 +0000
Manifest next update: Mon 30 Mar 2026 08:00:50 +0000
Files and hashes: 1: 0_tFJYeiflxsIJ9bhjlTeIiAEJc.roa (hash: USV70Tn6bwMKjWSZ09NQefEfFL6vsHQ3fPX3IL9JI1s=)
2: 5PKoZiAvS4y8MzgtboLYHYlkyA4.crl (hash: oSEgf3HKAH7uiGKVUj1FuVLjP0PVNs1cnVzIn5s2QO8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/8791a1-e679-4663-a2da-1a513df069fc/1/5PKoZiAvS4y8MzgtboLYHYlkyA4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/8791a1-e679-4663-a2da-1a513df069fc/1/5PKoZiAvS4y8MzgtboLYHYlkyA4.mft
rsync://rpki.ripe.net/repository/DEFAULT/5PKoZiAvS4y8MzgtboLYHYlkyA4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9c:25:23:22:44:95:25:33:03:b8:72:13:bb:4f:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4f2a866202f4b8cbc33382d6e82d81d8964c80e
Validity
Not Before: Mar 29 08:00:50 2026 GMT
Not After : Mar 30 08:00:50 2026 GMT
Subject: CN=66f04cbb686545b5b12e9bfb3a379c5af8f920e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:fc:04:7c:26:b5:99:45:b5:ac:f6:ff:35:7f:
11:b7:9e:6d:fe:a5:65:50:1e:11:28:a1:16:34:c9:
2b:dc:0c:d8:bb:9c:08:ba:c8:5a:91:e3:e0:00:76:
0f:d7:3f:19:04:8a:2b:a0:e3:14:02:85:bf:21:60:
6f:89:e0:49:fe:2a:50:fc:3a:70:28:4f:13:f1:c8:
09:d2:71:8b:1b:48:9b:7e:1a:a5:df:54:54:ca:b4:
3e:57:9b:ce:1f:a4:97:29:ce:2a:5a:ea:d7:ce:31:
71:73:3d:8a:d9:de:78:8e:18:d4:ff:78:c1:a4:83:
d7:ac:df:33:7c:c5:1c:66:6b:82:e2:23:b1:01:a7:
60:78:2a:55:85:ec:3f:17:d8:62:ac:3d:8b:86:33:
ac:29:f4:10:9a:06:3e:6f:54:c4:9f:21:7d:4e:e9:
ee:0c:81:c6:cc:b0:dd:89:41:9a:64:02:43:5a:f0:
6e:c8:33:3f:8b:46:b3:22:9c:90:7d:15:1f:aa:f1:
69:03:f1:66:25:89:e1:94:6a:a9:da:3c:69:43:a2:
fe:a2:24:80:fc:3b:5e:af:c4:4c:f2:1e:58:38:0c:
df:d2:b3:26:7e:ed:e0:cf:e6:cb:36:82:fb:a7:19:
b2:c7:07:2c:58:1a:7b:23:09:ac:e7:33:16:91:d7:
9c:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:F0:4C:BB:68:65:45:B5:B1:2E:9B:FB:3A:37:9C:5A:F8:F9:20:E4
X509v3 Authority Key Identifier:
keyid:E4:F2:A8:66:20:2F:4B:8C:BC:33:38:2D:6E:82:D8:1D:89:64:C8:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5PKoZiAvS4y8MzgtboLYHYlkyA4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/8791a1-e679-4663-a2da-1a513df069fc/1/5PKoZiAvS4y8MzgtboLYHYlkyA4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/8791a1-e679-4663-a2da-1a513df069fc/1/5PKoZiAvS4y8MzgtboLYHYlkyA4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6c:fe:7d:e2:c5:af:f8:cc:71:89:93:25:74:d1:de:41:8f:44:
f7:cc:70:af:49:24:a1:86:17:5f:8e:67:0c:7c:7b:1d:35:aa:
30:4a:20:5f:4c:01:4b:dd:2b:21:2d:a5:5d:ab:4c:02:73:a3:
72:07:ff:d7:6a:c0:05:56:b3:d1:df:1b:e3:41:80:53:b8:c0:
7f:ef:73:49:85:b8:b7:c1:c2:e2:de:58:8b:b6:d0:7d:12:1c:
b1:05:57:53:85:19:b8:7d:82:8b:71:2c:0d:df:b8:9b:19:80:
87:ec:fb:55:a6:55:3d:51:61:f6:b5:29:fd:0d:0b:5f:0c:da:
cd:e1:13:36:b3:41:65:83:45:95:22:5a:68:d6:68:8f:3d:f2:
1c:9e:66:3e:87:68:db:38:12:51:74:48:91:06:13:36:a0:54:
36:b1:35:b1:bd:7e:43:8a:56:ac:d1:c1:fe:93:98:dd:99:ac:
b8:f6:22:7f:06:62:26:0b:da:0f:90:36:16:02:67:20:63:a3:
14:b7:35:12:d9:75:63:09:49:62:05:d1:ea:36:88:7f:71:ec:
4b:5e:a4:63:a6:78:a2:ac:5d:02:1f:0f:10:5a:83:b9:7d:f0:
b2:76:32:da:95:3f:aa:03:8a:70:e3:85:7c:a7:1a:17:a5:c9:
10:e6:8f:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nCUjIkSVJTMDuHITu0/QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0ZjJhODY2MjAyZjRiOGNiYzMzMzgyZDZlODJkODFkODk2
NGM4MGUwHhcNMjYwMzI5MDgwMDUwWhcNMjYwMzMwMDgwMDUwWjAzMTEwLwYDVQQD
Eyg2NmYwNGNiYjY4NjU0NWI1YjEyZTliZmIzYTM3OWM1YWY4ZjkyMGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5PwEfCa1mUW1rPb/NX8Rt55t/qVl
UB4RKKEWNMkr3AzYu5wIushakePgAHYP1z8ZBIoroOMUAoW/IWBvieBJ/ipQ/Dpw
KE8T8cgJ0nGLG0ibfhql31RUyrQ+V5vOH6SXKc4qWurXzjFxcz2K2d54jhjU/3jB
pIPXrN8zfMUcZmuC4iOxAadgeCpVhew/F9hirD2LhjOsKfQQmgY+b1TEnyF9Tunu
DIHGzLDdiUGaZAJDWvBuyDM/i0azIpyQfRUfqvFpA/FmJYnhlGqp2jxpQ6L+oiSA
/Dter8RM8h5YOAzf0rMmfu3gz+bLNoL7pxmyxwcsWBp7Iwms5zMWkdecAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGbwTLtoZUW1sS6b+zo3nFr4+SDkMB8GA1UdIwQY
MBaAFOTyqGYgL0uMvDM4LW6C2B2JZMgOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVBLb1ppQXZTNHk4TXpndGJvTFlIWWxreUE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy84NzkxYTEtZTY3OS00NjYzLWEyZGEt
MWE1MTNkZjA2OWZjLzEvNVBLb1ppQXZTNHk4TXpndGJvTFlIWWxreUE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy84NzkxYTEtZTY3OS00NjYzLWEyZGEtMWE1MTNkZjA2OWZj
LzEvNVBLb1ppQXZTNHk4TXpndGJvTFlIWWxreUE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbP594sWv
+MxxiZMldNHeQY9E98xwr0kkoYYXX45nDHx7HTWqMEogX0wBS90rIS2lXatMAnOj
cgf/12rABVaz0d8b40GAU7jAf+9zSYW4t8HC4t5Yi7bQfRIcsQVXU4UZuH2Ci3Es
Dd+4mxmAh+z7VaZVPVFh9rUp/Q0LXwzazeETNrNBZYNFlSJaaNZojz3yHJ5mPodo
2zgSUXRIkQYTNqBUNrE1sb1+Q4pWrNHB/pOY3ZmsuPYifwZiJgvaD5A2FgJnIGOj
FLc1Etl1YwlJYgXR6jaIf3HsS16kY6Z4oqxdAh8PEFqDuX3wsnYy2pU/qgOKcOOF
fKcaF6XJEOaPPQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:27:41 2026 by rpki-client