Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/a48585-7ca7-4195-8bff-502004240e1f/1/umRE3CHMvvATTXZD6u_X7I-pWLg.mft
File: umRE3CHMvvATTXZD6u_X7I-pWLg.mft (raw, json)
Hash identifier: 7b5ZDtfME6AaxhdZ2ULzBY0VWJY8AcMyW1ghEw5cEbg=
Subject key identifier: FE:CD:61:A3:5A:BA:94:B8:6A:C5:48:EE:B4:4B:C1:A5:43:86:5A:9C
Authority key identifier: BA:64:44:DC:21:CC:BE:F0:13:4D:76:43:EA:EF:D7:EC:8F:A9:58:B8
Certificate issuer: /CN=ba6444dc21ccbef0134d7643eaefd7ec8fa958b8
Certificate serial: 019D2DAAF57725EE2ADC914EE7C50CB9E0A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/umRE3CHMvvATTXZD6u_X7I-pWLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/a48585-7ca7-4195-8bff-502004240e1f/1/umRE3CHMvvATTXZD6u_X7I-pWLg.mft
Manifest number: 27
Signing time: Fri 27 Mar 2026 05:01:11 +0000
Manifest this update: Fri 27 Mar 2026 05:01:11 +0000
Manifest next update: Sat 28 Mar 2026 05:01:11 +0000
Files and hashes: 1: NV7bonbzUdYDsES4VO4pRJ8bb0U.roa (hash: /TP4uRljbjgho85/nd4chEgZ45xnysDKS/rWil/Kvpw=)
2: umRE3CHMvvATTXZD6u_X7I-pWLg.crl (hash: gtRpwkxoDel5GMWdwKxiyLtp0cMaCiM7rnlKoUMAKjM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/a48585-7ca7-4195-8bff-502004240e1f/1/umRE3CHMvvATTXZD6u_X7I-pWLg.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/a48585-7ca7-4195-8bff-502004240e1f/1/umRE3CHMvvATTXZD6u_X7I-pWLg.mft
rsync://rpki.ripe.net/repository/DEFAULT/umRE3CHMvvATTXZD6u_X7I-pWLg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Mar 2026 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2d:aa:f5:77:25:ee:2a:dc:91:4e:e7:c5:0c:b9:e0:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6444dc21ccbef0134d7643eaefd7ec8fa958b8
Validity
Not Before: Mar 27 05:01:11 2026 GMT
Not After : Mar 28 05:01:11 2026 GMT
Subject: CN=fecd61a35aba94b86ac548eeb44bc1a543865a9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:c6:4e:08:a6:98:4d:ab:15:ce:19:82:0d:62:
40:20:e5:75:91:64:c6:0b:bf:d7:7d:fb:db:06:c9:
10:d8:e6:ec:9e:18:b1:bd:b6:d4:bf:88:0e:72:18:
af:74:8e:2c:f0:4f:14:92:04:f2:58:64:30:bc:18:
a7:01:a2:f6:c7:53:1b:a3:32:29:db:a1:2f:d2:17:
f8:94:ad:78:c5:91:29:e8:c2:6a:ec:d8:5d:df:12:
6f:8f:d8:28:4a:6e:5d:56:97:8a:af:f6:58:33:1b:
bf:c6:65:12:12:df:27:52:2a:8d:33:04:72:46:f3:
f8:14:8e:7b:c0:94:d2:23:0b:ee:7f:c9:29:f4:87:
cc:0c:15:84:17:53:bb:af:b6:47:a2:32:ee:05:00:
45:74:0c:29:f9:fc:80:07:a0:9e:b0:e8:d4:7e:ca:
5d:a1:24:a0:99:e4:2d:90:eb:95:0f:fc:71:1a:3c:
45:86:86:43:21:bb:d3:4a:c8:a7:b4:0d:18:71:43:
5b:c8:a6:2e:df:1f:bc:fc:a3:56:0d:04:8f:0e:8b:
13:cf:1f:d1:cd:86:82:d2:8a:5f:c5:7c:fb:ca:1d:
ca:4d:ce:22:ba:ec:1c:ee:00:da:09:18:b6:5c:a3:
de:fe:d1:91:4d:d5:88:b3:3c:6a:ff:97:38:de:de:
27:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:CD:61:A3:5A:BA:94:B8:6A:C5:48:EE:B4:4B:C1:A5:43:86:5A:9C
X509v3 Authority Key Identifier:
keyid:BA:64:44:DC:21:CC:BE:F0:13:4D:76:43:EA:EF:D7:EC:8F:A9:58:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/umRE3CHMvvATTXZD6u_X7I-pWLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a48585-7ca7-4195-8bff-502004240e1f/1/umRE3CHMvvATTXZD6u_X7I-pWLg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a48585-7ca7-4195-8bff-502004240e1f/1/umRE3CHMvvATTXZD6u_X7I-pWLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ed:1c:e3:8c:df:a6:d9:01:5f:c7:dc:00:c3:8f:93:3e:1e:f2:
f4:d2:e5:52:6d:1c:af:d7:61:da:c3:37:98:15:70:79:3f:31:
97:f7:8f:95:d9:69:99:d9:5d:53:e1:e7:8f:94:d6:30:70:a4:
5e:30:59:67:4f:48:05:6b:e3:21:04:b2:97:f9:2e:f3:86:74:
89:97:09:64:eb:dd:28:cf:ea:63:1c:21:6a:a1:94:0b:81:53:
78:bf:78:8b:6d:3a:d8:68:e4:06:6b:4d:e6:f1:2d:b3:81:7e:
f2:ff:3d:5a:cf:7d:5d:e7:00:57:c7:b8:40:61:c1:78:ce:81:
68:45:f9:8d:b4:e8:36:c9:e5:5f:41:e0:e7:3b:38:ce:df:1b:
38:8b:26:da:01:26:08:70:a5:6a:05:4e:7e:88:f4:ad:f2:91:
7f:09:2c:1c:4e:90:91:b0:ff:bc:7f:af:b4:fc:ff:2f:eb:c5:
6e:bc:58:a4:fc:24:a1:c9:2a:bc:6e:f9:9d:c7:1d:15:be:fe:
99:8b:67:64:1b:c1:55:a0:fe:01:7e:d3:a5:17:1a:fc:61:44:
fc:a4:2b:5a:73:6a:f8:3a:06:cf:77:cb:31:40:c9:29:11:2a:
71:ae:f4:f0:b6:b7:ac:9a:a4:9a:78:e6:99:67:e3:bb:d5:34:
a3:57:ea:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0tqvV3Je4q3JFO58UMueCmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNjQ0NGRjMjFjY2JlZjAxMzRkNzY0M2VhZWZkN2VjOGZh
OTU4YjgwHhcNMjYwMzI3MDUwMTExWhcNMjYwMzI4MDUwMTExWjAzMTEwLwYDVQQD
EyhmZWNkNjFhMzVhYmE5NGI4NmFjNTQ4ZWViNDRiYzFhNTQzODY1YTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA48ZOCKaYTasVzhmCDWJAIOV1kWTG
C7/XffvbBskQ2ObsnhixvbbUv4gOchivdI4s8E8UkgTyWGQwvBinAaL2x1MbozIp
26Ev0hf4lK14xZEp6MJq7Nhd3xJvj9goSm5dVpeKr/ZYMxu/xmUSEt8nUiqNMwRy
RvP4FI57wJTSIwvuf8kp9IfMDBWEF1O7r7ZHojLuBQBFdAwp+fyAB6CesOjUfspd
oSSgmeQtkOuVD/xxGjxFhoZDIbvTSsintA0YcUNbyKYu3x+8/KNWDQSPDosTzx/R
zYaC0opfxXz7yh3KTc4iuuwc7gDaCRi2XKPe/tGRTdWIszxq/5c43t4n6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP7NYaNaupS4asVI7rRLwaVDhlqcMB8GA1UdIwQY
MBaAFLpkRNwhzL7wE012Q+rv1+yPqVi4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW1SRTNDSE12dkFUVFhaRDZ1X1g3SS1wV0xnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9hNDg1ODUtN2NhNy00MTk1LThiZmYt
NTAyMDA0MjQwZTFmLzEvdW1SRTNDSE12dkFUVFhaRDZ1X1g3SS1wV0xnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9hNDg1ODUtN2NhNy00MTk1LThiZmYtNTAyMDA0MjQwZTFm
LzEvdW1SRTNDSE12dkFUVFhaRDZ1X1g3SS1wV0xnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA7RzjjN+m
2QFfx9wAw4+TPh7y9NLlUm0cr9dh2sM3mBVweT8xl/ePldlpmdldU+Hnj5TWMHCk
XjBZZ09IBWvjIQSyl/ku84Z0iZcJZOvdKM/qYxwhaqGUC4FTeL94i2062GjkBmtN
5vEts4F+8v89Ws99XecAV8e4QGHBeM6BaEX5jbToNsnlX0Hg5zs4zt8bOIsm2gEm
CHClagVOfoj0rfKRfwksHE6QkbD/vH+vtPz/L+vFbrxYpPwkockqvG75nccdFb7+
mYtnZBvBVaD+AX7TpRca/GFE/KQrWnNq+DoGz3fLMUDJKREqca708La3rJqkmnjm
mWfju9U0o1fqog==
-----END CERTIFICATE-----
Generated at Fri Mar 27 07:33:58 2026 by rpki-client