Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/a5e94c-08be-4fce-8ec9-18ece368266f/1/UsSOG7ZyzaaEZADov41taWg1178.mft
File: UsSOG7ZyzaaEZADov41taWg1178.mft (raw, json)
Hash identifier: B9XdI7c6INvQAhr7LGniX8D7xv86PfuMdzttpfn6NNI=
Subject key identifier: 4B:95:2C:53:6A:C2:A0:8D:78:81:AE:5D:F1:82:C5:79:72:B6:25:29
Authority key identifier: 52:C4:8E:1B:B6:72:CD:A6:84:64:00:E8:BF:8D:6D:69:68:35:D7:BF
Certificate issuer: /CN=52c48e1bb672cda6846400e8bf8d6d696835d7bf
Certificate serial: 019D29CE42EFB4464128E8F6B9F112FECAAD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UsSOG7ZyzaaEZADov41taWg1178.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/a5e94c-08be-4fce-8ec9-18ece368266f/1/UsSOG7ZyzaaEZADov41taWg1178.mft
Manifest number: 0ABF
Signing time: Thu 26 Mar 2026 11:01:16 +0000
Manifest this update: Thu 26 Mar 2026 11:01:16 +0000
Manifest next update: Fri 27 Mar 2026 11:01:16 +0000
Files and hashes: 1: Pxtr7Gbm8FoWkqDWUIVtrs362Ec.roa (hash: Hjsu0JAwI6gJ3DPtZLzsxv8mvLUzo+rKbsqMaxC3bYY=)
2: UsSOG7ZyzaaEZADov41taWg1178.crl (hash: 6T412N01w+HKX8L1H1UFpp7qyU3SGIOmZS/qwc+W6A4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/a5e94c-08be-4fce-8ec9-18ece368266f/1/UsSOG7ZyzaaEZADov41taWg1178.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/a5e94c-08be-4fce-8ec9-18ece368266f/1/UsSOG7ZyzaaEZADov41taWg1178.mft
rsync://rpki.ripe.net/repository/DEFAULT/UsSOG7ZyzaaEZADov41taWg1178.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:ce:42:ef:b4:46:41:28:e8:f6:b9:f1:12:fe:ca:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52c48e1bb672cda6846400e8bf8d6d696835d7bf
Validity
Not Before: Mar 26 11:01:16 2026 GMT
Not After : Mar 27 11:01:16 2026 GMT
Subject: CN=4b952c536ac2a08d7881ae5df182c57972b62529
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:59:5c:ab:25:49:53:51:ca:a6:5e:24:3a:0e:
87:c0:e7:0a:6e:ed:df:02:d6:5c:90:51:e0:d6:3d:
75:62:01:8a:00:fa:f5:5a:8a:28:46:64:bd:b9:96:
1e:ee:4f:09:42:d2:1a:bc:b3:27:ed:33:d1:45:08:
1d:7b:25:5f:03:c7:c9:b4:9f:17:58:4a:0e:14:39:
96:e6:54:3b:87:c4:76:2f:80:45:58:c3:f0:87:e6:
90:80:db:62:63:5f:31:0c:db:6f:0e:2d:fa:8d:f8:
1d:2f:ac:9e:e5:28:cc:71:f3:f7:5d:18:21:8c:20:
2c:fc:94:44:bd:f9:04:a7:36:52:58:b4:d5:78:5d:
43:bc:82:11:28:27:b7:4f:78:89:d7:fc:9c:a2:fb:
c8:49:85:1f:81:49:d5:cd:c9:e8:12:96:fd:03:78:
4c:4f:8f:af:d8:4b:fb:69:d5:85:fa:95:34:d9:04:
22:56:c5:d8:79:b7:77:ed:fd:c5:a8:80:02:7c:a1:
9c:bd:e5:9c:02:b8:6e:35:b6:1e:1f:8f:58:13:9c:
3f:22:dc:7a:5e:6a:6c:50:bc:d0:24:c1:0a:a6:ee:
13:cf:39:f8:db:a2:d4:c2:ca:27:30:78:27:1d:92:
23:0e:ae:bb:dd:cd:a0:4e:88:c3:21:7c:86:21:e3:
62:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:95:2C:53:6A:C2:A0:8D:78:81:AE:5D:F1:82:C5:79:72:B6:25:29
X509v3 Authority Key Identifier:
keyid:52:C4:8E:1B:B6:72:CD:A6:84:64:00:E8:BF:8D:6D:69:68:35:D7:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UsSOG7ZyzaaEZADov41taWg1178.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/a5e94c-08be-4fce-8ec9-18ece368266f/1/UsSOG7ZyzaaEZADov41taWg1178.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/a5e94c-08be-4fce-8ec9-18ece368266f/1/UsSOG7ZyzaaEZADov41taWg1178.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:e0:1f:a7:3e:f8:bb:ba:d1:7e:0b:f5:f5:5f:73:3a:26:d2:
4d:f9:ee:e4:df:bf:90:e9:d7:7c:53:87:05:da:9a:8f:0e:b8:
a7:02:2a:b7:73:83:79:aa:a6:db:0c:53:2d:f5:1a:62:ad:ae:
5a:5e:29:ca:ef:f4:5e:4f:59:4e:d2:a1:7f:21:e9:4f:9b:43:
b2:fa:a1:1b:8f:61:c7:0c:a8:3c:7a:47:e6:78:e0:80:16:46:
20:4f:23:b1:b6:66:e7:dc:5a:2e:dc:a6:7d:f0:e3:5d:eb:74:
5c:d5:8a:51:e1:05:d8:1e:92:c2:a6:fa:42:c5:64:59:2a:e7:
86:06:f5:c1:75:3b:a5:20:68:2a:13:8b:d7:59:de:eb:02:cf:
89:d6:7b:8a:12:11:fc:94:df:9e:36:b4:2c:ef:7f:96:54:bf:
a1:67:71:95:f3:48:e1:49:00:fb:e8:c5:c5:59:fc:75:77:dd:
de:27:32:56:fc:d4:6b:de:88:52:56:74:f1:10:48:5e:2d:ca:
0c:7a:0c:70:ac:45:9d:7d:13:79:2a:5a:e3:7b:d3:26:cb:d9:
55:f9:fe:83:03:b4:fb:0b:b5:21:8e:a1:7d:63:64:14:3f:d1:
e5:c8:00:96:dd:04:32:eb:df:0a:e7:28:83:8e:84:f6:24:65:
52:66:5d:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzkLvtEZBKOj2ufES/sqtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyYzQ4ZTFiYjY3MmNkYTY4NDY0MDBlOGJmOGQ2ZDY5Njgz
NWQ3YmYwHhcNMjYwMzI2MTEwMTE2WhcNMjYwMzI3MTEwMTE2WjAzMTEwLwYDVQQD
Eyg0Yjk1MmM1MzZhYzJhMDhkNzg4MWFlNWRmMTgyYzU3OTcyYjYyNTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFlcqyVJU1HKpl4kOg6HwOcKbu3f
AtZckFHg1j11YgGKAPr1WoooRmS9uZYe7k8JQtIavLMn7TPRRQgdeyVfA8fJtJ8X
WEoOFDmW5lQ7h8R2L4BFWMPwh+aQgNtiY18xDNtvDi36jfgdL6ye5SjMcfP3XRgh
jCAs/JREvfkEpzZSWLTVeF1DvIIRKCe3T3iJ1/ycovvISYUfgUnVzcnoEpb9A3hM
T4+v2Ev7adWF+pU02QQiVsXYebd37f3FqIACfKGcveWcArhuNbYeH49YE5w/Itx6
XmpsULzQJMEKpu4Tzzn426LUwsonMHgnHZIjDq673c2gTojDIXyGIeNicwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEuVLFNqwqCNeIGuXfGCxXlytiUpMB8GA1UdIwQY
MBaAFFLEjhu2cs2mhGQA6L+NbWloNde/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXNTT0c3Wnl6YWFFWkFEb3Y0MXRhV2cxMTc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hNWU5NGMtMDhiZS00ZmNlLThlYzkt
MThlY2UzNjgyNjZmLzEvVXNTT0c3Wnl6YWFFWkFEb3Y0MXRhV2cxMTc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hNWU5NGMtMDhiZS00ZmNlLThlYzktMThlY2UzNjgyNjZm
LzEvVXNTT0c3Wnl6YWFFWkFEb3Y0MXRhV2cxMTc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL+Afpz74
u7rRfgv19V9zOibSTfnu5N+/kOnXfFOHBdqajw64pwIqt3ODeaqm2wxTLfUaYq2u
Wl4pyu/0Xk9ZTtKhfyHpT5tDsvqhG49hxwyoPHpH5njggBZGIE8jsbZm59xaLtym
ffDjXet0XNWKUeEF2B6Swqb6QsVkWSrnhgb1wXU7pSBoKhOL11ne6wLPidZ7ihIR
/JTfnja0LO9/llS/oWdxlfNI4UkA++jFxVn8dXfd3icyVvzUa96IUlZ08RBIXi3K
DHoMcKxFnX0TeSpa43vTJsvZVfn+gwO0+wu1IY6hfWNkFD/R5cgAlt0EMuvfCuco
g46E9iRlUmZdjA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:14:16 2026 by rpki-client