Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/5c06bc-8ca1-4091-9418-734fab6fec6f/1/legTEe8dNuzG0SXjbILCb5FbDfc.mft
File: legTEe8dNuzG0SXjbILCb5FbDfc.mft (raw, json)
Hash identifier: O1Urer/mqUTfT/A22gzNBVLmAdygFLRqSG1NFqHr6kA=
Subject key identifier: EA:40:B2:C5:72:DB:D1:24:7A:BB:02:6E:59:C6:99:BF:68:8A:A0:A7
Authority key identifier: 95:E8:13:11:EF:1D:36:EC:C6:D1:25:E3:6C:82:C2:6F:91:5B:0D:F7
Certificate issuer: /CN=95e81311ef1d36ecc6d125e36c82c26f915b0df7
Certificate serial: 019D284DFED8CED719EBFBA6476D06CCE295
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/legTEe8dNuzG0SXjbILCb5FbDfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/5c06bc-8ca1-4091-9418-734fab6fec6f/1/legTEe8dNuzG0SXjbILCb5FbDfc.mft
Manifest number: 13E9
Signing time: Thu 26 Mar 2026 04:01:33 +0000
Manifest this update: Thu 26 Mar 2026 04:01:33 +0000
Manifest next update: Fri 27 Mar 2026 04:01:33 +0000
Files and hashes: 1: _C6lyxoQMU5yOrfGf8iAi-Sl_ow.roa (hash: p2xyfl4wigqQ6in3fdRR4OWjfDysBXxdWoA57WsF6ho=)
2: legTEe8dNuzG0SXjbILCb5FbDfc.crl (hash: eam0OylLO9zz0lqt3R4t+fWeleO5e2vjfXJNPaJF6fc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/5c06bc-8ca1-4091-9418-734fab6fec6f/1/legTEe8dNuzG0SXjbILCb5FbDfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/5c06bc-8ca1-4091-9418-734fab6fec6f/1/legTEe8dNuzG0SXjbILCb5FbDfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/legTEe8dNuzG0SXjbILCb5FbDfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:4d:fe:d8:ce:d7:19:eb:fb:a6:47:6d:06:cc:e2:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95e81311ef1d36ecc6d125e36c82c26f915b0df7
Validity
Not Before: Mar 26 04:01:33 2026 GMT
Not After : Mar 27 04:01:33 2026 GMT
Subject: CN=ea40b2c572dbd1247abb026e59c699bf688aa0a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:f8:54:70:65:c9:bb:bf:fd:d6:64:50:80:30:
65:01:8b:d8:d6:55:3b:62:82:19:10:fc:7b:65:38:
2f:ce:84:cb:5f:04:cc:66:38:16:c0:9a:cc:64:3b:
79:fe:9c:57:38:e0:1b:f4:d3:9e:86:43:13:fd:8a:
e7:01:28:a0:cc:1f:69:a2:96:c5:6e:6f:e8:ba:e5:
2d:24:3a:4b:a8:52:36:54:7d:eb:66:8a:18:2b:44:
18:f9:94:c4:47:81:2f:cb:44:c9:d3:7c:3d:23:fc:
e3:6c:f2:57:46:d3:ec:3c:82:df:fc:d3:32:3d:40:
35:b8:7f:34:51:ee:be:72:89:aa:fb:7f:ab:f1:89:
09:6e:1a:1a:f9:e3:12:70:27:3a:b1:97:c2:44:45:
6c:30:49:46:97:13:5d:ac:6d:ed:3a:d2:9b:9e:f0:
f7:fd:3f:d0:f9:a6:e8:bb:2e:04:fb:73:50:22:3f:
1c:51:b3:6e:01:62:43:6e:dc:ab:61:23:28:e7:25:
ad:e2:b1:48:b6:5a:b6:36:07:37:66:e5:f2:cc:36:
0c:94:92:00:f8:a2:08:45:fa:6b:63:88:ce:68:84:
b0:49:90:24:c7:f2:2c:f7:6d:75:6f:3f:ad:5c:4e:
18:d6:9e:67:c9:49:62:58:4d:78:28:13:5c:d0:5c:
50:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:40:B2:C5:72:DB:D1:24:7A:BB:02:6E:59:C6:99:BF:68:8A:A0:A7
X509v3 Authority Key Identifier:
keyid:95:E8:13:11:EF:1D:36:EC:C6:D1:25:E3:6C:82:C2:6F:91:5B:0D:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/legTEe8dNuzG0SXjbILCb5FbDfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/5c06bc-8ca1-4091-9418-734fab6fec6f/1/legTEe8dNuzG0SXjbILCb5FbDfc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/5c06bc-8ca1-4091-9418-734fab6fec6f/1/legTEe8dNuzG0SXjbILCb5FbDfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
51:a1:a7:79:20:43:ec:cf:07:ec:ba:03:95:1c:be:d4:7f:09:
dd:ec:18:10:06:79:72:12:6d:bc:34:80:c5:f6:e6:8c:eb:47:
60:62:1a:0a:c0:77:b2:39:8e:a7:16:13:c9:5a:61:4d:ee:7b:
5c:aa:9c:1f:ca:ee:a1:b3:2a:03:a7:0f:77:ee:87:cb:51:d3:
32:3f:73:66:68:cb:9a:61:57:8e:18:01:f2:14:95:d2:81:15:
ab:db:7f:4d:86:d6:28:f0:d7:35:24:98:5f:44:4c:c9:31:77:
db:7c:91:a6:24:ff:67:23:ff:09:b8:b5:2e:22:75:8f:af:8f:
d8:42:2d:fd:3a:92:48:c0:97:aa:14:bc:33:0e:ca:0c:08:17:
e7:62:b7:65:39:c2:18:04:99:ed:92:b7:51:e4:9f:10:cd:3f:
ad:a5:44:68:73:35:85:98:5e:78:08:d8:dc:bb:fa:44:d5:07:
10:2f:17:d8:66:2b:8e:74:1d:d3:c4:93:a8:1f:8b:e0:37:02:
97:49:00:c5:1a:47:0a:a5:c0:c5:1a:36:f3:81:78:9e:3c:72:
a4:71:e9:d4:3e:be:2c:33:dc:af:41:4c:5d:06:77:2b:d9:49:
f0:70:25:2f:17:be:b5:f3:aa:ba:da:45:1e:df:dc:fd:9f:c5:
4c:ad:c3:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTf7YztcZ6/umR20GzOKVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZTgxMzExZWYxZDM2ZWNjNmQxMjVlMzZjODJjMjZmOTE1
YjBkZjcwHhcNMjYwMzI2MDQwMTMzWhcNMjYwMzI3MDQwMTMzWjAzMTEwLwYDVQQD
EyhlYTQwYjJjNTcyZGJkMTI0N2FiYjAyNmU1OWM2OTliZjY4OGFhMGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2vhUcGXJu7/91mRQgDBlAYvY1lU7
YoIZEPx7ZTgvzoTLXwTMZjgWwJrMZDt5/pxXOOAb9NOehkMT/YrnASigzB9popbF
bm/ouuUtJDpLqFI2VH3rZooYK0QY+ZTER4Evy0TJ03w9I/zjbPJXRtPsPILf/NMy
PUA1uH80Ue6+comq+3+r8YkJbhoa+eMScCc6sZfCREVsMElGlxNdrG3tOtKbnvD3
/T/Q+abouy4E+3NQIj8cUbNuAWJDbtyrYSMo5yWt4rFItlq2Ngc3ZuXyzDYMlJIA
+KIIRfprY4jOaISwSZAkx/Is9211bz+tXE4Y1p5nyUliWE14KBNc0FxQUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOpAssVy29EkersCblnGmb9oiqCnMB8GA1UdIwQY
MBaAFJXoExHvHTbsxtEl42yCwm+RWw33MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGVnVEVlOGROdXpHMFNYamJJTENiNUZiRGZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC81YzA2YmMtOGNhMS00MDkxLTk0MTgt
NzM0ZmFiNmZlYzZmLzEvbGVnVEVlOGROdXpHMFNYamJJTENiNUZiRGZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC81YzA2YmMtOGNhMS00MDkxLTk0MTgtNzM0ZmFiNmZlYzZm
LzEvbGVnVEVlOGROdXpHMFNYamJJTENiNUZiRGZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUaGneSBD
7M8H7LoDlRy+1H8J3ewYEAZ5chJtvDSAxfbmjOtHYGIaCsB3sjmOpxYTyVphTe57
XKqcH8ruobMqA6cPd+6Hy1HTMj9zZmjLmmFXjhgB8hSV0oEVq9t/TYbWKPDXNSSY
X0RMyTF323yRpiT/ZyP/Cbi1LiJ1j6+P2EIt/TqSSMCXqhS8Mw7KDAgX52K3ZTnC
GASZ7ZK3UeSfEM0/raVEaHM1hZheeAjY3Lv6RNUHEC8X2GYrjnQd08STqB+L4DcC
l0kAxRpHCqXAxRo284F4njxypHHp1D6+LDPcr0FMXQZ3K9lJ8HAlLxe+tfOqutpF
Ht/c/Z/FTK3DAw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:57:06 2026 by rpki-client