Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/e20aa0-338e-4f33-86ea-6f622fd18d30/1/pOpmDdthAOfTLl02aJp3fKnK-hk.mft
File: pOpmDdthAOfTLl02aJp3fKnK-hk.mft (raw, json)
Hash identifier: e9VGwhed964UEyHmbBYkXHKIOzzVuSVDx9RFqw56PzE=
Subject key identifier: 5E:97:18:73:6C:7E:4F:E8:5E:56:FA:7D:E2:D8:C5:6B:E3:78:66:9C
Authority key identifier: A4:EA:66:0D:DB:61:00:E7:D3:2E:5D:36:68:9A:77:7C:A9:CA:FA:19
Certificate issuer: /CN=a4ea660ddb6100e7d32e5d36689a777ca9cafa19
Certificate serial: 019D2704B6DC8D8CDFF06015992A62EFE7AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pOpmDdthAOfTLl02aJp3fKnK-hk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/e20aa0-338e-4f33-86ea-6f622fd18d30/1/pOpmDdthAOfTLl02aJp3fKnK-hk.mft
Manifest number: 01FC
Signing time: Wed 25 Mar 2026 22:01:53 +0000
Manifest this update: Wed 25 Mar 2026 22:01:53 +0000
Manifest next update: Thu 26 Mar 2026 22:01:53 +0000
Files and hashes: 1: Kuamlf0SJKI-PWFPoz3C6in1jGI.roa (hash: W1juLnVZXFxvmAjMn2DB1U04vvF55AkBRyl1Tp1+qak=)
2: W4rXs973I72wlBGGxrG6cyihd0g.roa (hash: PEZb6rsbaDfrboLCp/JrfG/sBCA684zKkgy1FgXQxTo=)
3: pOpmDdthAOfTLl02aJp3fKnK-hk.crl (hash: 90DdWtbE6qsfRRiJ4owo8xUYjn6EZ1dkgalYPqbnN3g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/e20aa0-338e-4f33-86ea-6f622fd18d30/1/pOpmDdthAOfTLl02aJp3fKnK-hk.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/e20aa0-338e-4f33-86ea-6f622fd18d30/1/pOpmDdthAOfTLl02aJp3fKnK-hk.mft
rsync://rpki.ripe.net/repository/DEFAULT/pOpmDdthAOfTLl02aJp3fKnK-hk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:04:b6:dc:8d:8c:df:f0:60:15:99:2a:62:ef:e7:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4ea660ddb6100e7d32e5d36689a777ca9cafa19
Validity
Not Before: Mar 25 22:01:53 2026 GMT
Not After : Mar 26 22:01:53 2026 GMT
Subject: CN=5e9718736c7e4fe85e56fa7de2d8c56be378669c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:fc:95:e2:e5:2d:b6:ca:09:2b:4d:11:5d:01:
b4:d3:bc:a9:5b:1a:7a:80:66:0f:2a:4d:15:24:69:
04:db:4d:dd:f2:13:b3:70:6d:44:fd:72:e5:c1:7a:
0e:92:44:fd:56:7f:95:32:8a:73:06:83:40:0f:40:
cb:0f:bc:08:63:1c:56:82:0d:a4:76:d6:d5:3a:95:
41:be:b0:97:49:e2:5f:18:40:da:e3:72:0c:3a:cb:
46:4b:9a:14:9e:23:67:a2:db:da:e7:fa:bf:3e:35:
95:16:7d:e0:a9:41:8f:0b:8d:4d:67:75:2f:dd:73:
e6:08:d7:50:64:06:38:b4:41:d5:3f:5d:c6:93:98:
5f:31:b3:da:99:f1:e5:56:4a:8d:29:8a:16:e3:49:
68:92:66:de:b2:31:ba:71:92:c0:19:0b:cc:53:80:
6f:c7:c2:71:50:ae:98:7c:d8:63:e6:cf:26:35:67:
5c:8c:b1:dd:05:3a:40:4d:7e:94:d8:58:c9:df:48:
61:47:14:2a:a6:87:c1:0a:90:36:38:48:77:09:20:
ab:70:39:25:ff:0d:77:e5:43:bf:fa:4c:ca:bc:80:
f9:96:ff:fe:95:1a:bf:f9:29:64:b1:e4:7a:19:70:
2d:69:75:37:57:2c:37:53:74:5b:a6:a0:09:bb:fc:
fe:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:97:18:73:6C:7E:4F:E8:5E:56:FA:7D:E2:D8:C5:6B:E3:78:66:9C
X509v3 Authority Key Identifier:
keyid:A4:EA:66:0D:DB:61:00:E7:D3:2E:5D:36:68:9A:77:7C:A9:CA:FA:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOpmDdthAOfTLl02aJp3fKnK-hk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/e20aa0-338e-4f33-86ea-6f622fd18d30/1/pOpmDdthAOfTLl02aJp3fKnK-hk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/e20aa0-338e-4f33-86ea-6f622fd18d30/1/pOpmDdthAOfTLl02aJp3fKnK-hk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
90:ea:51:9c:79:e9:dc:84:0f:a0:6f:6a:d4:4b:fc:c7:b8:20:
20:f6:c5:c7:fe:10:18:9b:b5:cc:4e:56:1e:70:ca:57:f8:a5:
82:32:ef:0b:46:24:08:b3:22:43:b4:28:cc:70:4c:b6:52:2c:
df:9f:24:0a:27:58:44:10:53:36:56:f6:43:a8:46:d5:b0:d3:
71:42:88:16:2b:64:fb:07:04:83:9c:44:58:03:95:2f:8a:f5:
d2:b9:cd:01:3b:a1:e0:9b:e7:0f:f3:ba:d2:3e:dc:00:ba:f6:
52:04:0b:d9:c3:05:e4:42:f4:92:e8:f7:f6:8d:ab:d9:ff:07:
8f:44:1f:c8:4b:46:76:e8:f4:03:ed:4b:6a:c8:86:49:90:fb:
5f:3c:48:e2:51:e3:c1:c5:48:46:c1:9c:58:5b:61:01:37:c1:
0f:9c:61:1a:f3:73:f7:1a:bb:4f:44:d7:57:ed:ed:69:fe:db:
b7:f0:c1:0b:22:66:aa:31:81:86:97:00:f6:31:45:cd:08:34:
67:e5:c0:b1:7a:c9:da:4b:50:30:a1:af:63:76:1d:e2:cc:35:
fb:51:54:71:4a:46:dd:26:30:4e:26:d9:3a:cc:3c:0f:2d:ba:
d9:82:dc:cc:97:73:21:fb:16:70:f4:9b:c6:25:99:60:62:b0:
b9:99:87:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBLbcjYzf8GAVmSpi7+erMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZWE2NjBkZGI2MTAwZTdkMzJlNWQzNjY4OWE3NzdjYTlj
YWZhMTkwHhcNMjYwMzI1MjIwMTUzWhcNMjYwMzI2MjIwMTUzWjAzMTEwLwYDVQQD
Eyg1ZTk3MTg3MzZjN2U0ZmU4NWU1NmZhN2RlMmQ4YzU2YmUzNzg2NjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1fyV4uUttsoJK00RXQG007ypWxp6
gGYPKk0VJGkE203d8hOzcG1E/XLlwXoOkkT9Vn+VMopzBoNAD0DLD7wIYxxWgg2k
dtbVOpVBvrCXSeJfGEDa43IMOstGS5oUniNnotva5/q/PjWVFn3gqUGPC41NZ3Uv
3XPmCNdQZAY4tEHVP13Gk5hfMbPamfHlVkqNKYoW40lokmbesjG6cZLAGQvMU4Bv
x8JxUK6YfNhj5s8mNWdcjLHdBTpATX6U2FjJ30hhRxQqpofBCpA2OEh3CSCrcDkl
/w135UO/+kzKvID5lv/+lRq/+SlkseR6GXAtaXU3Vyw3U3RbpqAJu/z+rwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF6XGHNsfk/oXlb6feLYxWvjeGacMB8GA1UdIwQY
MBaAFKTqZg3bYQDn0y5dNmiad3ypyvoZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE9wbURkdGhBT2ZUTGwwMmFKcDNmS25LLWhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9lMjBhYTAtMzM4ZS00ZjMzLTg2ZWEt
NmY2MjJmZDE4ZDMwLzEvcE9wbURkdGhBT2ZUTGwwMmFKcDNmS25LLWhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9lMjBhYTAtMzM4ZS00ZjMzLTg2ZWEtNmY2MjJmZDE4ZDMw
LzEvcE9wbURkdGhBT2ZUTGwwMmFKcDNmS25LLWhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkOpRnHnp
3IQPoG9q1Ev8x7ggIPbFx/4QGJu1zE5WHnDKV/ilgjLvC0YkCLMiQ7QozHBMtlIs
358kCidYRBBTNlb2Q6hG1bDTcUKIFitk+wcEg5xEWAOVL4r10rnNATuh4JvnD/O6
0j7cALr2UgQL2cMF5EL0kuj39o2r2f8Hj0QfyEtGduj0A+1LasiGSZD7XzxI4lHj
wcVIRsGcWFthATfBD5xhGvNz9xq7T0TXV+3taf7bt/DBCyJmqjGBhpcA9jFFzQg0
Z+XAsXrJ2ktQMKGvY3Yd4sw1+1FUcUpG3SYwTibZOsw8Dy262YLczJdzIfsWcPSb
xiWZYGKwuZmHgA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:23:37 2026 by rpki-client