Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/d71269-4b56-4572-a711-d84ecb2505c4/1/5UGkwVK194bWI9hcQUZSmc3aM4k.mft
File: 5UGkwVK194bWI9hcQUZSmc3aM4k.mft (raw, json)
Hash identifier: iXK5V94+k17Jnh5vqXnciiZ6Z/h2b0TiK325jaE3PXc=
Subject key identifier: D4:8A:EB:FC:64:8D:F3:F2:DF:91:A0:BB:07:44:D3:4B:BC:73:32:57
Authority key identifier: E5:41:A4:C1:52:B5:F7:86:D6:23:D8:5C:41:46:52:99:CD:DA:33:89
Certificate issuer: /CN=e541a4c152b5f786d623d85c41465299cdda3389
Certificate serial: 019D277249FC54E02BC687DB7ED4BD7C86A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5UGkwVK194bWI9hcQUZSmc3aM4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/d71269-4b56-4572-a711-d84ecb2505c4/1/5UGkwVK194bWI9hcQUZSmc3aM4k.mft
Manifest number: 1889
Signing time: Thu 26 Mar 2026 00:01:34 +0000
Manifest this update: Thu 26 Mar 2026 00:01:34 +0000
Manifest next update: Fri 27 Mar 2026 00:01:34 +0000
Files and hashes: 1: 5UGkwVK194bWI9hcQUZSmc3aM4k.crl (hash: ithgxDw/GDdIqatLDysKSOPYS3tcc0ENMi59nlTS2CE=)
2: Y53-K6eCcM2LGOvi8Fn2PE_O8Hs.roa (hash: epaNlilaUn33+8n2mw835ikIL/eJJhBznXtCVWydLWA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/d71269-4b56-4572-a711-d84ecb2505c4/1/5UGkwVK194bWI9hcQUZSmc3aM4k.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/d71269-4b56-4572-a711-d84ecb2505c4/1/5UGkwVK194bWI9hcQUZSmc3aM4k.mft
rsync://rpki.ripe.net/repository/DEFAULT/5UGkwVK194bWI9hcQUZSmc3aM4k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:72:49:fc:54:e0:2b:c6:87:db:7e:d4:bd:7c:86:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e541a4c152b5f786d623d85c41465299cdda3389
Validity
Not Before: Mar 26 00:01:34 2026 GMT
Not After : Mar 27 00:01:34 2026 GMT
Subject: CN=d48aebfc648df3f2df91a0bb0744d34bbc733257
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:08:22:22:0b:e4:59:29:9a:5a:98:57:f6:52:
9d:9d:3e:d3:2c:3f:98:4f:55:d2:8f:33:2a:f9:0c:
9f:1e:2a:f6:8e:39:8a:4e:0f:fa:79:8f:ea:e0:85:
14:51:ec:dd:1b:0d:c8:d6:2c:9b:00:03:73:43:c5:
a0:9c:aa:36:7a:04:fa:4f:94:f9:4d:e7:80:b1:36:
6a:c2:6a:00:4e:23:06:ef:e0:6f:2f:bd:86:4c:70:
35:c2:14:86:ca:85:9b:33:58:e3:23:fc:14:d1:9f:
56:8a:1b:32:fe:21:f5:1e:b2:af:dd:b8:73:4b:85:
bb:f0:63:56:41:01:76:f0:9f:b3:f8:66:d4:a4:62:
15:90:c7:47:7c:bd:e4:02:73:e9:8c:b3:fa:f9:9f:
3e:02:e3:bc:04:6f:f5:33:ad:43:71:ac:84:16:7c:
e1:2a:f1:3d:0b:77:92:fa:38:c2:76:94:4e:96:b8:
1c:51:a7:64:34:e2:b5:fa:a3:01:14:31:84:60:29:
ea:a1:9e:63:c6:06:e4:c4:de:7d:0e:96:48:ae:ad:
35:17:25:5a:89:e8:d6:ed:ec:99:c9:d5:f9:d5:8e:
47:db:9d:29:fb:12:07:8f:ed:e7:61:71:65:fa:c4:
9f:8e:a9:42:d2:e2:56:d8:2e:48:2f:e9:bf:bc:91:
4d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:8A:EB:FC:64:8D:F3:F2:DF:91:A0:BB:07:44:D3:4B:BC:73:32:57
X509v3 Authority Key Identifier:
keyid:E5:41:A4:C1:52:B5:F7:86:D6:23:D8:5C:41:46:52:99:CD:DA:33:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5UGkwVK194bWI9hcQUZSmc3aM4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/d71269-4b56-4572-a711-d84ecb2505c4/1/5UGkwVK194bWI9hcQUZSmc3aM4k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/d71269-4b56-4572-a711-d84ecb2505c4/1/5UGkwVK194bWI9hcQUZSmc3aM4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0d:76:da:32:a2:b9:52:97:4c:d1:8a:8d:c5:d4:02:b0:4c:e9:
7b:f1:98:7a:73:01:fa:89:cb:97:16:3a:6c:a5:a2:0c:33:1b:
46:27:8e:b0:cf:de:1d:49:8b:50:b4:94:62:28:77:47:9d:5b:
f7:39:af:8d:92:b7:e5:18:3a:0b:50:73:ca:60:50:f5:36:32:
15:ee:4e:2f:34:cd:57:40:cd:c1:b9:09:ee:6d:4f:8e:38:d3:
33:cc:bc:08:24:e9:53:67:de:f6:71:d6:8a:76:cf:57:00:aa:
51:b7:cb:06:d2:1e:5e:fe:18:2c:5e:07:0e:d8:c0:f5:f5:f0:
3f:06:45:b8:0b:1e:4d:5a:fd:98:56:c3:bf:a5:b8:c6:b3:d4:
a9:3d:a4:0b:3a:cd:a8:8a:15:bc:81:01:fc:03:cb:dd:09:83:
e8:53:d3:4d:dc:a9:0a:f8:68:03:6e:ea:6b:14:b4:7c:30:ed:
3a:36:e4:e6:ef:c3:95:fd:47:d7:d7:95:9f:08:c0:be:17:e7:
bd:e3:35:d4:50:b7:0b:24:ad:24:5d:f6:7b:a7:99:2a:65:bd:
4c:7e:d3:02:68:40:d8:d0:63:ad:57:3a:36:f9:9e:8c:c0:79:
28:ad:4d:60:cb:89:21:89:c2:55:2a:45:45:f1:1d:73:12:57:
59:d2:c7:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nckn8VOArxofbftS9fIaiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NDFhNGMxNTJiNWY3ODZkNjIzZDg1YzQxNDY1Mjk5Y2Rk
YTMzODkwHhcNMjYwMzI2MDAwMTM0WhcNMjYwMzI3MDAwMTM0WjAzMTEwLwYDVQQD
EyhkNDhhZWJmYzY0OGRmM2YyZGY5MWEwYmIwNzQ0ZDM0YmJjNzMzMjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwgiIgvkWSmaWphX9lKdnT7TLD+Y
T1XSjzMq+QyfHir2jjmKTg/6eY/q4IUUUezdGw3I1iybAANzQ8WgnKo2egT6T5T5
TeeAsTZqwmoATiMG7+BvL72GTHA1whSGyoWbM1jjI/wU0Z9Wihsy/iH1HrKv3bhz
S4W78GNWQQF28J+z+GbUpGIVkMdHfL3kAnPpjLP6+Z8+AuO8BG/1M61DcayEFnzh
KvE9C3eS+jjCdpROlrgcUadkNOK1+qMBFDGEYCnqoZ5jxgbkxN59DpZIrq01FyVa
iejW7eyZydX51Y5H250p+xIHj+3nYXFl+sSfjqlC0uJW2C5IL+m/vJFN0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNSK6/xkjfPy35GguwdE00u8czJXMB8GA1UdIwQY
MBaAFOVBpMFStfeG1iPYXEFGUpnN2jOJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVVHa3dWSzE5NGJXSTloY1FVWlNtYzNhTTRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9kNzEyNjktNGI1Ni00NTcyLWE3MTEt
ZDg0ZWNiMjUwNWM0LzEvNVVHa3dWSzE5NGJXSTloY1FVWlNtYzNhTTRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9kNzEyNjktNGI1Ni00NTcyLWE3MTEtZDg0ZWNiMjUwNWM0
LzEvNVVHa3dWSzE5NGJXSTloY1FVWlNtYzNhTTRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADXbaMqK5
UpdM0YqNxdQCsEzpe/GYenMB+onLlxY6bKWiDDMbRieOsM/eHUmLULSUYih3R51b
9zmvjZK35Rg6C1BzymBQ9TYyFe5OLzTNV0DNwbkJ7m1PjjjTM8y8CCTpU2fe9nHW
inbPVwCqUbfLBtIeXv4YLF4HDtjA9fXwPwZFuAseTVr9mFbDv6W4xrPUqT2kCzrN
qIoVvIEB/APL3QmD6FPTTdypCvhoA27qaxS0fDDtOjbk5u/Dlf1H19eVnwjAvhfn
veM11FC3CyStJF32e6eZKmW9TH7TAmhA2NBjrVc6NvmejMB5KK1NYMuJIYnCVSpF
RfEdcxJXWdLHjg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:29:34 2026 by rpki-client