Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/e20aa0-338e-4f33-86ea-6f622fd18d30/1/pOpmDdthAOfTLl02aJp3fKnK-hk.mft
File: pOpmDdthAOfTLl02aJp3fKnK-hk.mft (raw, json)
Hash identifier: ugFmmboSu9agh+oDUq5ydsXtviInOBLBaxgdo69VH1o=
Subject key identifier: 9C:04:18:FF:F3:2E:53:44:55:98:F9:72:28:95:EF:E8:61:55:CB:CD
Authority key identifier: A4:EA:66:0D:DB:61:00:E7:D3:2E:5D:36:68:9A:77:7C:A9:CA:FA:19
Certificate issuer: /CN=a4ea660ddb6100e7d32e5d36689a777ca9cafa19
Certificate serial: 019E1E35F7A9E0A1CC43A48AD36C344C541D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pOpmDdthAOfTLl02aJp3fKnK-hk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/e20aa0-338e-4f33-86ea-6f622fd18d30/1/pOpmDdthAOfTLl02aJp3fKnK-hk.mft
Manifest number: 027C
Signing time: Tue 12 May 2026 22:01:53 +0000
Manifest this update: Tue 12 May 2026 22:01:53 +0000
Manifest next update: Wed 13 May 2026 22:01:53 +0000
Files and hashes: 1: Kuamlf0SJKI-PWFPoz3C6in1jGI.roa (hash: W1juLnVZXFxvmAjMn2DB1U04vvF55AkBRyl1Tp1+qak=)
2: W4rXs973I72wlBGGxrG6cyihd0g.roa (hash: PEZb6rsbaDfrboLCp/JrfG/sBCA684zKkgy1FgXQxTo=)
3: pOpmDdthAOfTLl02aJp3fKnK-hk.crl (hash: 4FtHnlYfza2qdAy87gqICUo/Q9SYyc9ESwjijydPV/k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/e20aa0-338e-4f33-86ea-6f622fd18d30/1/pOpmDdthAOfTLl02aJp3fKnK-hk.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/e20aa0-338e-4f33-86ea-6f622fd18d30/1/pOpmDdthAOfTLl02aJp3fKnK-hk.mft
rsync://rpki.ripe.net/repository/DEFAULT/pOpmDdthAOfTLl02aJp3fKnK-hk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1e:35:f7:a9:e0:a1:cc:43:a4:8a:d3:6c:34:4c:54:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4ea660ddb6100e7d32e5d36689a777ca9cafa19
Validity
Not Before: May 12 22:01:53 2026 GMT
Not After : May 13 22:01:53 2026 GMT
Subject: CN=9c0418fff32e53445598f9722895efe86155cbcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:78:74:85:a4:64:cc:20:a7:e3:21:5c:e0:cb:
24:37:64:e9:70:4e:5d:4c:22:0f:4f:68:60:9d:b6:
3e:d6:bd:02:f7:2f:f0:b5:fa:4c:ba:40:fe:af:c1:
9c:58:18:48:e1:cb:d1:e9:48:f9:45:81:e9:e4:ac:
72:8a:5d:f7:1b:47:4f:04:02:74:82:4f:9e:c2:11:
c3:ea:2d:15:ca:62:5b:26:7f:30:18:cf:32:a7:09:
62:81:99:65:1c:42:d4:fd:78:4e:09:c9:b1:b1:08:
91:b4:f9:75:b1:ee:e5:14:c3:17:75:30:64:79:18:
65:d6:11:71:af:ef:01:80:1c:ca:bd:1e:f3:7b:71:
01:c1:d6:b6:d5:1b:55:88:44:43:d6:93:5e:d9:ae:
b0:7f:fb:3e:7a:9a:26:98:ff:c6:34:29:4c:ab:44:
d2:ce:94:f5:bc:ac:19:f1:52:c3:b2:f7:3a:21:be:
5b:ab:ec:58:e5:20:b6:24:ad:3d:24:f8:e6:fa:37:
24:50:4c:72:f2:54:96:f6:f3:85:87:68:9b:40:60:
ea:3e:ea:41:f9:41:f5:11:e2:a0:14:a5:4d:3f:b9:
a7:e0:35:c3:ab:bf:d4:31:32:81:8c:f5:2c:96:da:
ad:d8:e3:87:79:87:ed:00:2f:78:cd:6e:b5:0b:b3:
17:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:04:18:FF:F3:2E:53:44:55:98:F9:72:28:95:EF:E8:61:55:CB:CD
X509v3 Authority Key Identifier:
keyid:A4:EA:66:0D:DB:61:00:E7:D3:2E:5D:36:68:9A:77:7C:A9:CA:FA:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOpmDdthAOfTLl02aJp3fKnK-hk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/e20aa0-338e-4f33-86ea-6f622fd18d30/1/pOpmDdthAOfTLl02aJp3fKnK-hk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/e20aa0-338e-4f33-86ea-6f622fd18d30/1/pOpmDdthAOfTLl02aJp3fKnK-hk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
47:65:1c:fd:c4:cc:91:b0:e7:0c:18:53:e7:b2:bd:d2:61:13:
45:94:cd:70:72:04:10:57:6a:21:a4:0a:5a:4d:5b:63:4c:95:
51:2b:3c:66:8b:f1:0f:33:f5:bf:52:b4:e9:0b:bc:3a:78:42:
e8:e2:79:86:90:66:1b:d3:e0:30:26:b5:2d:69:05:a2:f9:5c:
50:bf:a6:b9:93:93:48:b9:fc:3c:58:08:3c:0b:64:3d:46:17:
8b:ce:7b:6e:fa:1c:04:20:d6:cf:b2:ec:6d:9c:49:5a:cc:8b:
ec:68:1b:68:e8:2a:29:53:1d:5e:4c:59:6a:cb:e9:b0:56:78:
37:91:ba:16:b8:83:dc:67:65:e8:65:38:32:03:8a:12:72:ba:
f4:7a:ac:95:cf:90:98:bd:fd:52:a3:44:2a:1e:db:28:0e:7f:
c2:46:3b:ce:b1:31:56:fa:e2:d0:24:a5:b3:4f:d4:8a:b1:db:
18:23:dc:56:d1:07:8d:6f:5e:43:f7:fe:ce:10:11:8c:5a:0a:
92:21:e7:a6:d6:23:ce:8e:42:48:70:33:0b:bc:5e:f4:92:cc:
75:cd:5d:71:2e:f5:e8:ca:9d:14:de:7f:83:41:34:70:e7:66:
a5:b4:42:c6:6e:9b:4d:a0:d4:16:d9:f9:bc:54:bc:e1:75:e8:
8a:e1:32:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eNfep4KHMQ6SK02w0TFQdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZWE2NjBkZGI2MTAwZTdkMzJlNWQzNjY4OWE3NzdjYTlj
YWZhMTkwHhcNMjYwNTEyMjIwMTUzWhcNMjYwNTEzMjIwMTUzWjAzMTEwLwYDVQQD
Eyg5YzA0MThmZmYzMmU1MzQ0NTU5OGY5NzIyODk1ZWZlODYxNTVjYmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHh0haRkzCCn4yFc4MskN2TpcE5d
TCIPT2hgnbY+1r0C9y/wtfpMukD+r8GcWBhI4cvR6Uj5RYHp5Kxyil33G0dPBAJ0
gk+ewhHD6i0VymJbJn8wGM8ypwligZllHELU/XhOCcmxsQiRtPl1se7lFMMXdTBk
eRhl1hFxr+8BgBzKvR7ze3EBwda21RtViERD1pNe2a6wf/s+epommP/GNClMq0TS
zpT1vKwZ8VLDsvc6Ib5bq+xY5SC2JK09JPjm+jckUExy8lSW9vOFh2ibQGDqPupB
+UH1EeKgFKVNP7mn4DXDq7/UMTKBjPUsltqt2OOHeYftAC94zW61C7MXewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJwEGP/zLlNEVZj5ciiV7+hhVcvNMB8GA1UdIwQY
MBaAFKTqZg3bYQDn0y5dNmiad3ypyvoZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE9wbURkdGhBT2ZUTGwwMmFKcDNmS25LLWhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9lMjBhYTAtMzM4ZS00ZjMzLTg2ZWEt
NmY2MjJmZDE4ZDMwLzEvcE9wbURkdGhBT2ZUTGwwMmFKcDNmS25LLWhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9lMjBhYTAtMzM4ZS00ZjMzLTg2ZWEtNmY2MjJmZDE4ZDMw
LzEvcE9wbURkdGhBT2ZUTGwwMmFKcDNmS25LLWhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR2Uc/cTM
kbDnDBhT57K90mETRZTNcHIEEFdqIaQKWk1bY0yVUSs8ZovxDzP1v1K06Qu8OnhC
6OJ5hpBmG9PgMCa1LWkFovlcUL+muZOTSLn8PFgIPAtkPUYXi857bvocBCDWz7Ls
bZxJWsyL7GgbaOgqKVMdXkxZasvpsFZ4N5G6FriD3Gdl6GU4MgOKEnK69Hqslc+Q
mL39UqNEKh7bKA5/wkY7zrExVvri0CSls0/UirHbGCPcVtEHjW9eQ/f+zhARjFoK
kiHnptYjzo5CSHAzC7xe9JLMdc1dcS716MqdFN5/g0E0cOdmpbRCxm6bTaDUFtn5
vFS84XXoiuEyhQ==
-----END CERTIFICATE-----
Generated at Wed May 13 03:25:53 2026 by rpki-client