Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/1f051b-e735-49b8-bc6d-9ef0a59927b1/1/so7x9PiCePTfGec-M4HOzXjgacE.mft
File: so7x9PiCePTfGec-M4HOzXjgacE.mft (raw, json)
Hash identifier: VlKxhIgN6gpc06gKs7CSzvQphAHDw3S3ng5uUA6V/iY=
Subject key identifier: A5:79:6F:3A:91:39:C4:E1:23:8D:F4:98:0A:AA:AC:0A:C9:0A:75:C9
Authority key identifier: B2:8E:F1:F4:F8:82:78:F4:DF:19:E7:3E:33:81:CE:CD:78:E0:69:C1
Certificate issuer: /CN=b28ef1f4f88278f4df19e73e3381cecd78e069c1
Certificate serial: 019D2627E1567FF876D88F5FA20E78FA8E0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/so7x9PiCePTfGec-M4HOzXjgacE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/1f051b-e735-49b8-bc6d-9ef0a59927b1/1/so7x9PiCePTfGec-M4HOzXjgacE.mft
Manifest number: 052F
Signing time: Wed 25 Mar 2026 18:00:40 +0000
Manifest this update: Wed 25 Mar 2026 18:00:40 +0000
Manifest next update: Thu 26 Mar 2026 18:00:40 +0000
Files and hashes: 1: WmDNL-b0WkRscYpfEnZaGcaTcFM.roa (hash: vFHl+C0H692uAua09x2J70xulx0PssETV1wVHPp2xHA=)
2: so7x9PiCePTfGec-M4HOzXjgacE.crl (hash: FeJrK3NgvMC/IIaEVyi2Gv1yfpHvP2ANd0RENGgjip4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/1f051b-e735-49b8-bc6d-9ef0a59927b1/1/so7x9PiCePTfGec-M4HOzXjgacE.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/1f051b-e735-49b8-bc6d-9ef0a59927b1/1/so7x9PiCePTfGec-M4HOzXjgacE.mft
rsync://rpki.ripe.net/repository/DEFAULT/so7x9PiCePTfGec-M4HOzXjgacE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 18:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:27:e1:56:7f:f8:76:d8:8f:5f:a2:0e:78:fa:8e:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b28ef1f4f88278f4df19e73e3381cecd78e069c1
Validity
Not Before: Mar 25 18:00:40 2026 GMT
Not After : Mar 26 18:00:40 2026 GMT
Subject: CN=a5796f3a9139c4e1238df4980aaaac0ac90a75c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e6:28:7a:5b:55:63:6a:64:7f:b4:b9:ac:8e:
f2:68:b2:e0:85:d5:e3:48:a8:cc:4a:6e:3e:df:92:
a7:55:2b:0b:b5:28:85:95:fc:c8:65:5a:c4:94:0d:
ee:2c:41:d8:7b:21:ac:43:3f:ce:7c:74:58:a2:51:
47:ae:f7:1c:b2:17:9b:b4:66:f3:25:82:4e:8c:72:
8c:1d:68:65:76:c5:29:56:09:05:b9:7f:3d:10:19:
b6:a9:38:1f:d9:01:80:cb:fd:2c:37:91:0e:12:51:
2b:e2:48:10:83:e4:b4:75:e6:d1:54:f8:c2:5c:40:
41:e8:86:d1:67:6e:e3:e6:45:bc:0a:a3:ff:13:af:
63:b4:4f:32:81:12:24:e0:61:54:77:49:ee:80:c5:
9b:0a:89:1a:f4:50:b5:4d:bb:49:97:85:0c:80:79:
3c:45:f5:9f:4f:95:bb:6c:8b:ec:23:d4:03:bc:77:
f1:7e:44:dc:61:1f:c0:c5:0e:df:be:da:26:78:c3:
90:43:5a:4f:be:6f:06:fb:03:0a:a3:4d:91:d5:15:
b9:0a:2b:63:0d:35:d3:d9:d0:f0:39:c1:71:d5:8f:
67:8c:17:09:66:3f:27:a7:f8:fe:8e:c4:6a:e1:b7:
17:ec:8b:27:93:7f:c0:4d:4a:4d:11:04:a7:64:04:
74:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:79:6F:3A:91:39:C4:E1:23:8D:F4:98:0A:AA:AC:0A:C9:0A:75:C9
X509v3 Authority Key Identifier:
keyid:B2:8E:F1:F4:F8:82:78:F4:DF:19:E7:3E:33:81:CE:CD:78:E0:69:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/so7x9PiCePTfGec-M4HOzXjgacE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/1f051b-e735-49b8-bc6d-9ef0a59927b1/1/so7x9PiCePTfGec-M4HOzXjgacE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/1f051b-e735-49b8-bc6d-9ef0a59927b1/1/so7x9PiCePTfGec-M4HOzXjgacE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b8:bf:5a:1f:ac:b1:e4:35:ac:b0:84:3d:86:0f:f4:7f:71:8e:
c7:ec:85:45:4f:b8:ee:e4:4c:70:fd:76:41:0d:e0:39:3a:6b:
b5:f7:6c:56:08:da:61:8a:12:b4:2f:95:e2:c5:e4:54:41:c3:
61:5d:68:63:63:80:e3:5f:62:e1:39:45:d6:0e:81:ff:cd:30:
6b:f2:78:99:c2:11:5c:ad:d6:6d:1c:1c:a3:30:01:62:25:f7:
35:45:6a:03:73:07:6b:5e:38:47:de:2c:93:20:47:64:c4:60:
ae:16:44:cf:a5:ff:d1:0a:08:2b:e9:be:1e:fc:47:69:d4:11:
dd:da:9a:2a:55:9a:cd:5f:8c:7c:29:dd:bb:42:a4:d1:17:9e:
95:a1:e7:d1:89:d6:be:50:38:b6:32:d1:c6:12:41:25:12:cc:
fd:c0:11:c6:12:08:ff:ff:9b:f8:1d:75:cd:79:5c:a7:7a:6e:
7e:7c:dd:16:3c:2a:9e:8c:2b:6b:5b:c6:81:1f:f0:31:be:64:
77:08:b7:f3:8c:2b:f2:5e:f8:a3:af:c1:4e:ef:2f:d7:5a:3d:
e5:10:82:32:51:0c:04:b7:68:4f:14:df:c7:63:42:87:7d:72:
84:46:9b:72:15:48:d2:e5:2e:b9:f4:15:62:16:0d:a7:28:e5:
ed:d4:fb:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mJ+FWf/h22I9fog54+o4PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyOGVmMWY0Zjg4Mjc4ZjRkZjE5ZTczZTMzODFjZWNkNzhl
MDY5YzEwHhcNMjYwMzI1MTgwMDQwWhcNMjYwMzI2MTgwMDQwWjAzMTEwLwYDVQQD
EyhhNTc5NmYzYTkxMzljNGUxMjM4ZGY0OTgwYWFhYWMwYWM5MGE3NWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+YoeltVY2pkf7S5rI7yaLLghdXj
SKjMSm4+35KnVSsLtSiFlfzIZVrElA3uLEHYeyGsQz/OfHRYolFHrvccshebtGbz
JYJOjHKMHWhldsUpVgkFuX89EBm2qTgf2QGAy/0sN5EOElEr4kgQg+S0debRVPjC
XEBB6IbRZ27j5kW8CqP/E69jtE8ygRIk4GFUd0nugMWbCoka9FC1TbtJl4UMgHk8
RfWfT5W7bIvsI9QDvHfxfkTcYR/AxQ7fvtomeMOQQ1pPvm8G+wMKo02R1RW5Citj
DTXT2dDwOcFx1Y9njBcJZj8np/j+jsRq4bcX7Isnk3/ATUpNEQSnZAR0DwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKV5bzqROcThI430mAqqrArJCnXJMB8GA1UdIwQY
MBaAFLKO8fT4gnj03xnnPjOBzs144GnBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc283eDlQaUNlUFRmR2VjLU00SE96WGpnYWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8xZjA1MWItZTczNS00OWI4LWJjNmQt
OWVmMGE1OTkyN2IxLzEvc283eDlQaUNlUFRmR2VjLU00SE96WGpnYWNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8xZjA1MWItZTczNS00OWI4LWJjNmQtOWVmMGE1OTkyN2Ix
LzEvc283eDlQaUNlUFRmR2VjLU00SE96WGpnYWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuL9aH6yx
5DWssIQ9hg/0f3GOx+yFRU+47uRMcP12QQ3gOTprtfdsVgjaYYoStC+V4sXkVEHD
YV1oY2OA419i4TlF1g6B/80wa/J4mcIRXK3WbRwcozABYiX3NUVqA3MHa144R94s
kyBHZMRgrhZEz6X/0QoIK+m+HvxHadQR3dqaKlWazV+MfCndu0Kk0ReelaHn0YnW
vlA4tjLRxhJBJRLM/cARxhII//+b+B11zXlcp3pufnzdFjwqnowra1vGgR/wMb5k
dwi384wr8l74o6/BTu8v11o95RCCMlEMBLdoTxTfx2NCh31yhEabchVI0uUuufQV
YhYNpyjl7dT74g==
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:57:57 2026 by rpki-client