Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/afc3c8-e952-4070-a546-424462bc949b/1/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.mft
File: pPVTOlJ7Jkyi6DcyhdeA0zor0KE.mft (raw, json)
Hash identifier: numUroLay5JpIDFbe32aS+HAqsLCfCvrYkFydOCe8F0=
Subject key identifier: 31:B6:DD:46:A5:5E:E5:CF:40:FC:AF:14:20:74:BF:83:D8:DD:78:3E
Authority key identifier: A4:F5:53:3A:52:7B:26:4C:A2:E8:37:32:85:D7:80:D3:3A:2B:D0:A1
Certificate issuer: /CN=a4f5533a527b264ca2e8373285d780d33a2bd0a1
Certificate serial: 019D38D31C00B604363705F0AB1FB98B3270
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/afc3c8-e952-4070-a546-424462bc949b/1/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.mft
Manifest number: 0523
Signing time: Sun 29 Mar 2026 09:00:52 +0000
Manifest this update: Sun 29 Mar 2026 09:00:52 +0000
Manifest next update: Mon 30 Mar 2026 09:00:52 +0000
Files and hashes: 1: pPVTOlJ7Jkyi6DcyhdeA0zor0KE.crl (hash: njcuxrUO6NnfjMd5bgnD8QjfcNiY0R1gmlriW64DTfQ=)
2: t83QwmnsF94N1e2quVeWFqxv3Q4.roa (hash: S00r80MkvAcmYicBdHFKql/0j/7ix5B+Lwxl0Q6uMXI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/afc3c8-e952-4070-a546-424462bc949b/1/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/afc3c8-e952-4070-a546-424462bc949b/1/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.mft
rsync://rpki.ripe.net/repository/DEFAULT/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:1c:00:b6:04:36:37:05:f0:ab:1f:b9:8b:32:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4f5533a527b264ca2e8373285d780d33a2bd0a1
Validity
Not Before: Mar 29 09:00:52 2026 GMT
Not After : Mar 30 09:00:52 2026 GMT
Subject: CN=31b6dd46a55ee5cf40fcaf142074bf83d8dd783e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:cf:59:a5:e9:10:48:05:b0:52:bb:56:15:bb:
0a:8f:c8:f8:32:7e:87:4a:b0:ba:aa:b8:eb:30:df:
be:6b:99:49:51:a2:e8:f1:cb:28:10:df:5c:6a:5e:
45:6e:54:5c:9c:9a:1e:d0:64:51:07:e3:97:ef:2c:
37:cc:0a:ba:a3:10:52:b2:ba:e7:5c:d1:c3:07:7c:
7c:6c:c1:04:f9:dd:be:4a:3e:50:be:a3:a7:46:33:
3a:24:21:b7:5a:74:e1:5f:e1:65:e3:9d:e5:56:4e:
ed:32:66:42:96:98:a2:6a:46:b5:f6:3a:c3:50:48:
46:ac:ae:2f:73:05:8d:f3:f7:7e:ae:7e:57:e4:47:
a7:e8:69:73:28:db:59:fa:d4:f0:d6:93:8b:34:27:
53:9b:6c:23:ae:09:0f:94:02:be:dc:ad:ec:f0:01:
0b:84:44:ab:9d:f5:6c:f3:58:80:db:97:5a:64:46:
ee:10:ea:e7:c7:8b:42:82:3e:38:ee:01:4d:bc:83:
7f:1e:8d:66:22:79:77:6d:cf:3b:99:50:31:bc:05:
5c:14:66:c3:ce:41:06:00:e5:a2:84:69:f7:15:e7:
cc:a9:4c:95:c1:31:52:fb:b3:2f:33:9c:09:28:5c:
b5:24:e6:64:86:8a:98:b7:04:a8:35:cc:f2:d3:f2:
d5:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:B6:DD:46:A5:5E:E5:CF:40:FC:AF:14:20:74:BF:83:D8:DD:78:3E
X509v3 Authority Key Identifier:
keyid:A4:F5:53:3A:52:7B:26:4C:A2:E8:37:32:85:D7:80:D3:3A:2B:D0:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/afc3c8-e952-4070-a546-424462bc949b/1/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/afc3c8-e952-4070-a546-424462bc949b/1/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
76:e8:fa:3c:87:bf:b3:c9:21:ac:ec:af:7b:61:ce:a1:08:05:
14:ac:cc:51:ad:ba:dc:b5:80:74:6b:52:e4:8a:66:1b:61:08:
51:fb:b6:9a:0b:50:48:a7:92:ec:a5:6d:aa:70:1c:2f:52:b8:
a4:7d:2a:5c:fd:bd:58:52:f6:ee:f5:b0:59:cb:66:ca:ab:97:
ca:d2:ed:03:27:ba:fa:91:70:70:78:a5:89:df:c0:87:85:1e:
f2:66:8f:5a:6f:37:55:e4:09:c2:e0:b8:5a:71:23:16:b5:41:
90:69:cd:f3:c2:74:ec:74:d0:e0:e6:d4:bd:24:37:fb:6e:dc:
8c:f4:32:3c:5d:4d:6b:18:51:ed:c5:b4:da:cf:53:2b:81:43:
10:43:09:b7:93:98:43:64:92:f0:fb:70:de:e3:81:a1:90:67:
e1:a9:33:47:a9:fa:00:1e:71:fd:28:d5:30:ac:69:85:3a:31:
64:40:de:bd:84:d1:2f:ca:1e:af:2e:19:36:51:3d:fa:3b:a5:
54:8a:17:70:68:bc:0b:30:7b:81:0e:d4:b7:33:3a:7a:af:4f:
13:1e:e3:0e:60:fa:37:fc:f8:f6:a4:a5:e0:6d:df:74:32:c9:
f4:44:1e:3a:7e:3b:51:ef:d1:fd:3b:d4:6f:77:15:5a:f0:45:
db:62:34:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040xwAtgQ2NwXwqx+5izJwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZjU1MzNhNTI3YjI2NGNhMmU4MzczMjg1ZDc4MGQzM2Ey
YmQwYTEwHhcNMjYwMzI5MDkwMDUyWhcNMjYwMzMwMDkwMDUyWjAzMTEwLwYDVQQD
EygzMWI2ZGQ0NmE1NWVlNWNmNDBmY2FmMTQyMDc0YmY4M2Q4ZGQ3ODNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoM9ZpekQSAWwUrtWFbsKj8j4Mn6H
SrC6qrjrMN++a5lJUaLo8csoEN9cal5FblRcnJoe0GRRB+OX7yw3zAq6oxBSsrrn
XNHDB3x8bMEE+d2+Sj5QvqOnRjM6JCG3WnThX+Fl453lVk7tMmZClpiiaka19jrD
UEhGrK4vcwWN8/d+rn5X5Een6GlzKNtZ+tTw1pOLNCdTm2wjrgkPlAK+3K3s8AEL
hESrnfVs81iA25daZEbuEOrnx4tCgj447gFNvIN/Ho1mInl3bc87mVAxvAVcFGbD
zkEGAOWihGn3FefMqUyVwTFS+7MvM5wJKFy1JOZkhoqYtwSoNczy0/LVDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDG23UalXuXPQPyvFCB0v4PY3Xg+MB8GA1UdIwQY
MBaAFKT1UzpSeyZMoug3MoXXgNM6K9ChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFBWVE9sSjdKa3lpNkRjeWhkZUEwem9yMEtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9hZmMzYzgtZTk1Mi00MDcwLWE1NDYt
NDI0NDYyYmM5NDliLzEvcFBWVE9sSjdKa3lpNkRjeWhkZUEwem9yMEtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9hZmMzYzgtZTk1Mi00MDcwLWE1NDYtNDI0NDYyYmM5NDli
LzEvcFBWVE9sSjdKa3lpNkRjeWhkZUEwem9yMEtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAduj6PIe/
s8khrOyve2HOoQgFFKzMUa263LWAdGtS5IpmG2EIUfu2mgtQSKeS7KVtqnAcL1K4
pH0qXP29WFL27vWwWctmyquXytLtAye6+pFwcHilid/Ah4Ue8maPWm83VeQJwuC4
WnEjFrVBkGnN88J07HTQ4ObUvSQ3+27cjPQyPF1NaxhR7cW02s9TK4FDEEMJt5OY
Q2SS8Ptw3uOBoZBn4akzR6n6AB5x/SjVMKxphToxZEDevYTRL8oery4ZNlE9+jul
VIoXcGi8CzB7gQ7UtzM6eq9PEx7jDmD6N/z49qSl4G3fdDLJ9EQeOn47Ue/R/TvU
b3cVWvBF22I0Cw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:49:23 2026 by rpki-client