Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/0d3b2b-e304-4d61-b6d0-27e8f4f1c684/1/U-qhnKJ6b1fyy7TkY3ILQ2rxfeo.mft
File: U-qhnKJ6b1fyy7TkY3ILQ2rxfeo.mft (raw, json)
Hash identifier: hZYVM3hphxHm6MbN6/t+0bs9abm9wJyqSGaCWqoaIs0=
Subject key identifier: 87:EC:70:8D:FC:BA:C7:E8:25:0B:A6:48:63:44:BE:E3:60:73:3D:C6
Authority key identifier: 53:EA:A1:9C:A2:7A:6F:57:F2:CB:B4:E4:63:72:0B:43:6A:F1:7D:EA
Certificate issuer: /CN=53eaa19ca27a6f57f2cbb4e463720b436af17dea
Certificate serial: 019D39778C64E5938442BEEA1E34777E3DA9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U-qhnKJ6b1fyy7TkY3ILQ2rxfeo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/0d3b2b-e304-4d61-b6d0-27e8f4f1c684/1/U-qhnKJ6b1fyy7TkY3ILQ2rxfeo.mft
Manifest number: 0873
Signing time: Sun 29 Mar 2026 12:00:29 +0000
Manifest this update: Sun 29 Mar 2026 12:00:29 +0000
Manifest next update: Mon 30 Mar 2026 12:00:29 +0000
Files and hashes: 1: Tv0ULnXhuU-LX5lHMmtC4uXh3f8.roa (hash: G7sOuhUNSdG8wE7mvWF+cLqHad92elbdv/9zhXuTLxo=)
2: U-qhnKJ6b1fyy7TkY3ILQ2rxfeo.crl (hash: n/uqT1myaSvXNbOTHL3UXSgVqgQ2UpxO0miAoIcKlSo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/0d3b2b-e304-4d61-b6d0-27e8f4f1c684/1/U-qhnKJ6b1fyy7TkY3ILQ2rxfeo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/0d3b2b-e304-4d61-b6d0-27e8f4f1c684/1/U-qhnKJ6b1fyy7TkY3ILQ2rxfeo.mft
rsync://rpki.ripe.net/repository/DEFAULT/U-qhnKJ6b1fyy7TkY3ILQ2rxfeo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:77:8c:64:e5:93:84:42:be:ea:1e:34:77:7e:3d:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53eaa19ca27a6f57f2cbb4e463720b436af17dea
Validity
Not Before: Mar 29 12:00:29 2026 GMT
Not After : Mar 30 12:00:29 2026 GMT
Subject: CN=87ec708dfcbac7e8250ba6486344bee360733dc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:9a:cd:bb:70:58:b7:a9:f3:f9:11:c7:50:df:
a2:58:5f:19:67:2c:47:75:d7:20:67:45:5d:78:dc:
7a:c5:cd:db:0f:9e:6e:f1:a7:9b:6d:62:7b:28:cf:
d7:d9:7f:84:8d:65:bd:12:43:93:64:18:17:25:5a:
3f:d3:34:6c:c5:6e:f3:53:21:7b:7e:c3:25:29:a3:
13:ca:6b:9d:28:6a:0d:31:29:c4:9c:ab:ed:d5:4a:
83:cb:44:6a:65:00:4d:8a:53:5c:25:80:24:74:10:
89:73:93:60:18:e9:6a:17:d6:11:19:ff:34:d8:18:
f2:cd:e4:2a:30:ac:1b:3f:33:6d:58:ca:e8:ad:57:
b8:b2:02:e6:d0:f7:47:6a:cd:4e:b8:9b:0e:53:67:
6a:69:fd:81:02:d8:bf:be:71:89:a9:01:ad:d1:0f:
f4:a3:9f:fd:7f:ee:03:75:c4:ef:69:1a:b3:02:be:
b8:07:ce:14:5e:a5:01:31:6e:96:67:33:db:db:02:
77:45:3d:91:2f:2d:53:c9:e3:e7:be:a8:c4:ce:a1:
94:85:22:6a:6c:5d:6f:77:31:af:19:8b:6a:c1:fa:
06:8e:d9:e4:4d:f5:70:33:93:27:e5:f9:a2:81:d2:
85:31:b7:0b:63:ad:9e:f9:13:a6:8f:c2:54:87:9c:
50:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:EC:70:8D:FC:BA:C7:E8:25:0B:A6:48:63:44:BE:E3:60:73:3D:C6
X509v3 Authority Key Identifier:
keyid:53:EA:A1:9C:A2:7A:6F:57:F2:CB:B4:E4:63:72:0B:43:6A:F1:7D:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U-qhnKJ6b1fyy7TkY3ILQ2rxfeo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/0d3b2b-e304-4d61-b6d0-27e8f4f1c684/1/U-qhnKJ6b1fyy7TkY3ILQ2rxfeo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/0d3b2b-e304-4d61-b6d0-27e8f4f1c684/1/U-qhnKJ6b1fyy7TkY3ILQ2rxfeo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4a:06:82:49:ea:db:67:2e:05:90:fc:9b:76:d4:4c:6f:19:dc:
ec:de:aa:80:dd:e7:3e:16:c8:a1:81:b7:47:ea:ac:08:76:42:
88:e7:18:22:dc:6a:69:0a:c4:74:b1:48:9b:d7:84:65:2e:63:
67:eb:35:72:4f:a8:4c:f6:ae:67:47:d7:38:0a:9b:95:df:10:
3d:aa:16:7d:ea:8b:9a:0e:7e:af:5e:da:68:93:39:c7:cb:3a:
a4:96:24:59:e1:bb:ee:a7:e0:bc:a3:f4:4d:86:65:3b:96:11:
cd:c2:38:84:73:41:a1:25:99:ca:db:e2:ce:e6:99:3e:1a:2c:
45:d0:be:9e:52:b6:e7:ae:62:1d:ad:77:95:6a:cb:f9:87:0e:
c4:83:03:03:f9:dc:44:cf:5a:b0:c6:15:2d:5d:df:18:9c:b2:
2f:41:f3:92:9c:76:aa:4e:ba:24:9a:54:4c:17:5d:61:e7:52:
34:e1:1f:2e:09:cc:a6:9b:09:3e:37:ad:5e:d5:ce:b4:be:e4:
bc:88:71:61:29:14:00:5e:4d:5e:64:86:6e:54:0f:79:75:1d:
11:7d:0f:0c:47:d7:c8:b8:47:51:52:0b:e4:12:f4:a3:db:f2:
08:c4:cb:b3:a8:80:60:11:55:30:9f:42:d1:d7:1f:8e:10:6e:
d3:18:96:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d4xk5ZOEQr7qHjR3fj2pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZWFhMTljYTI3YTZmNTdmMmNiYjRlNDYzNzIwYjQzNmFm
MTdkZWEwHhcNMjYwMzI5MTIwMDI5WhcNMjYwMzMwMTIwMDI5WjAzMTEwLwYDVQQD
Eyg4N2VjNzA4ZGZjYmFjN2U4MjUwYmE2NDg2MzQ0YmVlMzYwNzMzZGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZrNu3BYt6nz+RHHUN+iWF8ZZyxH
ddcgZ0VdeNx6xc3bD55u8aebbWJ7KM/X2X+EjWW9EkOTZBgXJVo/0zRsxW7zUyF7
fsMlKaMTymudKGoNMSnEnKvt1UqDy0RqZQBNilNcJYAkdBCJc5NgGOlqF9YRGf80
2BjyzeQqMKwbPzNtWMrorVe4sgLm0PdHas1OuJsOU2dqaf2BAti/vnGJqQGt0Q/0
o5/9f+4DdcTvaRqzAr64B84UXqUBMW6WZzPb2wJ3RT2RLy1TyePnvqjEzqGUhSJq
bF1vdzGvGYtqwfoGjtnkTfVwM5Mn5fmigdKFMbcLY62e+ROmj8JUh5xQDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIfscI38usfoJQumSGNEvuNgcz3GMB8GA1UdIwQY
MBaAFFPqoZyiem9X8su05GNyC0Nq8X3qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVS1xaG5LSjZiMWZ5eTdUa1kzSUxRMnJ4ZmVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy8wZDNiMmItZTMwNC00ZDYxLWI2ZDAt
MjdlOGY0ZjFjNjg0LzEvVS1xaG5LSjZiMWZ5eTdUa1kzSUxRMnJ4ZmVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy8wZDNiMmItZTMwNC00ZDYxLWI2ZDAtMjdlOGY0ZjFjNjg0
LzEvVS1xaG5LSjZiMWZ5eTdUa1kzSUxRMnJ4ZmVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASgaCSerb
Zy4FkPybdtRMbxnc7N6qgN3nPhbIoYG3R+qsCHZCiOcYItxqaQrEdLFIm9eEZS5j
Z+s1ck+oTPauZ0fXOAqbld8QPaoWfeqLmg5+r17aaJM5x8s6pJYkWeG77qfgvKP0
TYZlO5YRzcI4hHNBoSWZytvizuaZPhosRdC+nlK2565iHa13lWrL+YcOxIMDA/nc
RM9asMYVLV3fGJyyL0Hzkpx2qk66JJpUTBddYedSNOEfLgnMppsJPjetXtXOtL7k
vIhxYSkUAF5NXmSGblQPeXUdEX0PDEfXyLhHUVIL5BL0o9vyCMTLs6iAYBFVMJ9C
0dcfjhBu0xiWmQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:51:31 2026 by rpki-client