Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.mft
File: UGF1T3aJFp9qFQZQlUcmcrorRYk.mft (raw, json)
Hash identifier: 9zPXzM7KU9nhWb+HoZWWdatCBA5OuKiCbcjx6iSioZI=
Subject key identifier: F4:55:EC:16:4E:4A:6F:C5:5F:E2:E5:D2:AB:78:BF:11:6E:86:29:B0
Authority key identifier: 50:61:75:4F:76:89:16:9F:6A:15:06:50:95:47:26:72:BA:2B:45:89
Certificate issuer: /CN=5061754f7689169f6a15065095472672ba2b4589
Certificate serial: 019D397793B760F37C9BDA709D791C41C077
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UGF1T3aJFp9qFQZQlUcmcrorRYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.mft
Manifest number: 1004
Signing time: Sun 29 Mar 2026 12:00:30 +0000
Manifest this update: Sun 29 Mar 2026 12:00:30 +0000
Manifest next update: Mon 30 Mar 2026 12:00:30 +0000
Files and hashes: 1: Dso0R9jjpUkdKEuWSQN3IKBjVm0.roa (hash: 9FQomFqWvc60F+2iE+E+hXBWJiV5IXVpIcSj2ui8bw0=)
2: UGF1T3aJFp9qFQZQlUcmcrorRYk.crl (hash: VdruBH714qnUcvqLBg0sa+pn2nH68gA2ly1Ut35twyk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.mft
rsync://rpki.ripe.net/repository/DEFAULT/UGF1T3aJFp9qFQZQlUcmcrorRYk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 12:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:77:93:b7:60:f3:7c:9b:da:70:9d:79:1c:41:c0:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5061754f7689169f6a15065095472672ba2b4589
Validity
Not Before: Mar 29 12:00:30 2026 GMT
Not After : Mar 30 12:00:30 2026 GMT
Subject: CN=f455ec164e4a6fc55fe2e5d2ab78bf116e8629b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:7a:07:cf:e2:e0:d3:68:26:29:1a:75:2b:63:
34:70:45:9c:c5:a3:39:b5:82:5d:6f:7a:32:d9:1f:
fe:bd:ce:39:0a:2a:b8:77:84:0b:55:1d:d0:c1:80:
1b:95:04:d7:48:36:06:df:b7:72:a8:83:4c:7a:76:
3c:9a:de:8f:c6:d7:22:70:8b:f7:09:16:3f:ae:b5:
bb:4a:0b:93:82:f3:45:26:f3:f1:a4:e6:b9:ca:c8:
8b:bc:39:91:32:64:c7:23:ff:7d:b6:dc:08:03:32:
0e:20:86:ed:dc:0f:12:7f:0f:d7:b3:f1:19:56:6e:
91:2d:28:e9:6a:91:0a:27:fc:5e:8c:5f:f2:61:db:
a9:3a:0b:92:a0:be:a7:1c:0e:3d:44:12:83:63:dc:
65:dc:0f:5a:d4:09:4b:7a:eb:92:1c:1b:14:e7:87:
1a:28:b4:6d:fe:53:34:ce:7e:e3:7d:77:70:92:cb:
d6:4e:ac:05:31:71:8c:8f:f0:32:bf:f4:7d:3e:01:
65:fe:79:3c:c0:8f:f4:76:f8:a7:fe:6c:69:1d:76:
7a:70:45:f0:70:d5:d3:63:55:f8:c3:5e:9f:f1:84:
66:34:af:36:9e:37:bb:96:d2:5c:fb:43:76:11:bd:
eb:ec:d8:03:62:59:09:95:b8:9b:dd:73:6d:1a:94:
28:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:55:EC:16:4E:4A:6F:C5:5F:E2:E5:D2:AB:78:BF:11:6E:86:29:B0
X509v3 Authority Key Identifier:
keyid:50:61:75:4F:76:89:16:9F:6A:15:06:50:95:47:26:72:BA:2B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UGF1T3aJFp9qFQZQlUcmcrorRYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6c:18:98:ae:23:2a:af:71:74:78:a2:7b:44:dc:04:36:f3:58:
c3:93:f6:95:23:fd:51:c5:ca:3e:99:5b:57:af:96:09:86:14:
d7:b4:48:67:c1:36:9b:76:84:6f:50:a4:e8:03:3f:56:0b:d9:
8f:50:e7:dc:f3:aa:73:61:29:90:1a:7e:a7:be:b4:5e:80:e7:
84:d2:cb:6c:bf:a4:65:2c:dd:3f:e5:83:33:96:42:98:12:dd:
8f:0b:8c:7e:89:cc:81:15:94:0b:bd:be:13:d0:aa:a7:4a:2a:
db:d6:8c:26:1c:7f:1e:1a:9a:70:82:ee:d5:8b:82:97:31:bc:
d6:4b:a2:2c:d4:6f:b0:9d:33:16:90:d3:c8:d5:0c:e3:6a:65:
78:3b:f0:0c:81:e9:24:6a:1f:f1:38:b6:9f:d9:65:b1:68:da:
2b:11:6f:d3:2f:17:9c:f8:ca:48:cf:ee:63:71:9b:08:20:ff:
00:60:85:68:5b:18:04:33:71:ee:a5:89:f2:70:57:12:48:c3:
f9:72:cf:bc:ba:d2:8c:4b:c9:2e:93:e6:ed:ee:9a:57:44:12:
b3:91:31:8d:0e:51:09:07:17:c8:67:4f:4f:f2:2a:df:7e:a4:
f5:71:f7:d8:22:15:24:8a:06:55:ea:fe:56:8a:e7:dc:58:ba:
f2:b7:5d:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d5O3YPN8m9pwnXkcQcB3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNjE3NTRmNzY4OTE2OWY2YTE1MDY1MDk1NDcyNjcyYmEy
YjQ1ODkwHhcNMjYwMzI5MTIwMDMwWhcNMjYwMzMwMTIwMDMwWjAzMTEwLwYDVQQD
EyhmNDU1ZWMxNjRlNGE2ZmM1NWZlMmU1ZDJhYjc4YmYxMTZlODYyOWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznoHz+Lg02gmKRp1K2M0cEWcxaM5
tYJdb3oy2R/+vc45Ciq4d4QLVR3QwYAblQTXSDYG37dyqINMenY8mt6PxtcicIv3
CRY/rrW7SguTgvNFJvPxpOa5ysiLvDmRMmTHI/99ttwIAzIOIIbt3A8Sfw/Xs/EZ
Vm6RLSjpapEKJ/xejF/yYdupOguSoL6nHA49RBKDY9xl3A9a1AlLeuuSHBsU54ca
KLRt/lM0zn7jfXdwksvWTqwFMXGMj/Ayv/R9PgFl/nk8wI/0dvin/mxpHXZ6cEXw
cNXTY1X4w16f8YRmNK82nje7ltJc+0N2Eb3r7NgDYlkJlbib3XNtGpQoxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPRV7BZOSm/FX+Ll0qt4vxFuhimwMB8GA1UdIwQY
MBaAFFBhdU92iRafahUGUJVHJnK6K0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUdGMVQzYUpGcDlxRlFaUWxVY21jcm9yUllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8zYjU5ZDUtNjAyZC00MzUxLTk2YmMt
YTEwODY0OWQ1MWUyLzEvVUdGMVQzYUpGcDlxRlFaUWxVY21jcm9yUllrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8zYjU5ZDUtNjAyZC00MzUxLTk2YmMtYTEwODY0OWQ1MWUy
LzEvVUdGMVQzYUpGcDlxRlFaUWxVY21jcm9yUllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbBiYriMq
r3F0eKJ7RNwENvNYw5P2lSP9UcXKPplbV6+WCYYU17RIZ8E2m3aEb1Ck6AM/VgvZ
j1Dn3POqc2EpkBp+p760XoDnhNLLbL+kZSzdP+WDM5ZCmBLdjwuMfonMgRWUC72+
E9Cqp0oq29aMJhx/HhqacILu1YuClzG81kuiLNRvsJ0zFpDTyNUM42pleDvwDIHp
JGof8Ti2n9llsWjaKxFv0y8XnPjKSM/uY3GbCCD/AGCFaFsYBDNx7qWJ8nBXEkjD
+XLPvLrSjEvJLpPm7e6aV0QSs5ExjQ5RCQcXyGdPT/Iq336k9XH32CIVJIoGVer+
Vorn3Fi68rddKA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 20:24:42 2026 by rpki-client