Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.mft
File: UGF1T3aJFp9qFQZQlUcmcrorRYk.mft (raw, json)
Hash identifier: XzsERcvsgGjRCMtFtrq5Do82eYBcAK3pXEJn3f/odHU=
Subject key identifier: 06:D7:E9:1D:3A:26:BA:00:6C:8B:79:60:70:8D:DB:DC:C8:CE:16:AF
Authority key identifier: 50:61:75:4F:76:89:16:9F:6A:15:06:50:95:47:26:72:BA:2B:45:89
Certificate issuer: /CN=5061754f7689169f6a15065095472672ba2b4589
Certificate serial: 019D2627FCDD4CB6F379422AC120D441E3D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UGF1T3aJFp9qFQZQlUcmcrorRYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.mft
Manifest number: 0FFA
Signing time: Wed 25 Mar 2026 18:00:48 +0000
Manifest this update: Wed 25 Mar 2026 18:00:48 +0000
Manifest next update: Thu 26 Mar 2026 18:00:48 +0000
Files and hashes: 1: Dso0R9jjpUkdKEuWSQN3IKBjVm0.roa (hash: 9FQomFqWvc60F+2iE+E+hXBWJiV5IXVpIcSj2ui8bw0=)
2: UGF1T3aJFp9qFQZQlUcmcrorRYk.crl (hash: RDAaekog0B2kH61ZsPNHxqEzPZdniEB8XR9lDBplacI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.mft
rsync://rpki.ripe.net/repository/DEFAULT/UGF1T3aJFp9qFQZQlUcmcrorRYk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:27:fc:dd:4c:b6:f3:79:42:2a:c1:20:d4:41:e3:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5061754f7689169f6a15065095472672ba2b4589
Validity
Not Before: Mar 25 18:00:48 2026 GMT
Not After : Mar 26 18:00:48 2026 GMT
Subject: CN=06d7e91d3a26ba006c8b7960708ddbdcc8ce16af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e3:83:a3:43:6d:2b:0f:86:c4:38:8d:79:ff:
d3:11:bf:9b:8a:42:56:67:ed:d3:8f:f5:bf:78:32:
b4:97:2d:4e:b5:92:7f:62:7c:64:55:51:09:38:c5:
bc:0e:e0:cf:38:32:60:a6:02:de:23:e2:7a:d0:82:
5a:34:4d:db:f0:12:52:0f:1e:9c:77:90:a8:c7:af:
b8:b8:43:10:50:80:a4:6a:c1:ab:f3:88:f3:96:79:
6c:ba:ab:ea:7f:47:e1:1e:31:28:df:2f:ff:ec:a7:
b4:6a:2e:89:e0:0b:2b:0a:83:a9:b5:59:a2:85:7b:
22:94:cf:bd:df:8b:b7:7d:1d:9a:d0:d9:74:d3:d1:
52:da:7d:12:fb:02:e8:5a:34:00:05:3c:1b:f0:61:
1d:83:2e:6b:05:68:9c:e6:6c:b1:80:ce:5a:b0:99:
b7:ba:b0:de:24:56:ac:49:c8:70:c5:59:81:38:e4:
08:58:a5:21:75:99:5f:c2:24:ea:6d:21:6f:49:43:
c1:d4:04:86:90:0e:47:34:14:07:47:99:49:ed:98:
d3:e8:32:0f:fc:3b:67:10:59:15:ad:a5:69:2d:ee:
89:5b:18:72:d7:56:8b:30:d8:48:7c:ca:dc:e2:8f:
3b:ba:f4:bf:1c:de:f5:4a:61:9e:bf:5f:85:9b:c5:
35:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:D7:E9:1D:3A:26:BA:00:6C:8B:79:60:70:8D:DB:DC:C8:CE:16:AF
X509v3 Authority Key Identifier:
keyid:50:61:75:4F:76:89:16:9F:6A:15:06:50:95:47:26:72:BA:2B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UGF1T3aJFp9qFQZQlUcmcrorRYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b3:8d:fe:78:08:8e:b8:56:7c:88:76:db:b1:5a:03:2a:05:d5:
33:ea:3c:95:71:5c:2f:ca:75:12:90:5a:7c:03:ea:7d:21:48:
fd:eb:d4:3e:5b:d9:6f:4f:86:84:6e:2d:84:64:d0:c5:52:e6:
0e:69:89:5d:05:f7:2b:6d:31:95:95:e6:7f:b8:79:9f:6c:dc:
ec:d0:ce:6f:c8:c7:00:78:51:b5:42:4f:39:a0:62:61:84:db:
8e:ff:c4:d4:90:1e:fe:08:1a:14:22:b5:33:f4:6f:02:8a:99:
69:46:b1:14:eb:c8:ef:98:83:18:ac:a2:1b:89:1d:4f:1b:af:
e9:2a:14:24:be:7c:30:07:65:41:c5:6f:37:21:ef:6d:70:ab:
62:b6:47:2c:e6:5e:51:b9:2e:35:56:9b:f4:34:66:a6:0e:2b:
19:b9:b5:ce:0b:e8:39:79:d2:c6:8a:f7:c7:1a:45:3c:73:a1:
bf:33:fc:4f:21:8a:ea:ba:d6:01:54:21:78:67:1e:a2:0b:bc:
c5:36:d6:c7:88:9e:08:5e:94:22:a3:17:5e:c8:28:ea:aa:4c:
d9:ba:2b:ed:94:b7:4e:e4:68:bf:6f:ec:83:56:7a:7b:44:67:
9b:4d:45:26:7b:8c:94:b0:cc:25:46:ba:b4:f5:a5:84:39:43:
ad:e4:fb:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mJ/zdTLbzeUIqwSDUQePQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNjE3NTRmNzY4OTE2OWY2YTE1MDY1MDk1NDcyNjcyYmEy
YjQ1ODkwHhcNMjYwMzI1MTgwMDQ4WhcNMjYwMzI2MTgwMDQ4WjAzMTEwLwYDVQQD
EygwNmQ3ZTkxZDNhMjZiYTAwNmM4Yjc5NjA3MDhkZGJkY2M4Y2UxNmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleODo0NtKw+GxDiNef/TEb+bikJW
Z+3Tj/W/eDK0ly1OtZJ/YnxkVVEJOMW8DuDPODJgpgLeI+J60IJaNE3b8BJSDx6c
d5Cox6+4uEMQUICkasGr84jzlnlsuqvqf0fhHjEo3y//7Ke0ai6J4AsrCoOptVmi
hXsilM+934u3fR2a0Nl009FS2n0S+wLoWjQABTwb8GEdgy5rBWic5myxgM5asJm3
urDeJFasSchwxVmBOOQIWKUhdZlfwiTqbSFvSUPB1ASGkA5HNBQHR5lJ7ZjT6DIP
/DtnEFkVraVpLe6JWxhy11aLMNhIfMrc4o87uvS/HN71SmGev1+Fm8U18QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAbX6R06JroAbIt5YHCN29zIzhavMB8GA1UdIwQY
MBaAFFBhdU92iRafahUGUJVHJnK6K0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUdGMVQzYUpGcDlxRlFaUWxVY21jcm9yUllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8zYjU5ZDUtNjAyZC00MzUxLTk2YmMt
YTEwODY0OWQ1MWUyLzEvVUdGMVQzYUpGcDlxRlFaUWxVY21jcm9yUllrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8zYjU5ZDUtNjAyZC00MzUxLTk2YmMtYTEwODY0OWQ1MWUy
LzEvVUdGMVQzYUpGcDlxRlFaUWxVY21jcm9yUllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs43+eAiO
uFZ8iHbbsVoDKgXVM+o8lXFcL8p1EpBafAPqfSFI/evUPlvZb0+GhG4thGTQxVLm
DmmJXQX3K20xlZXmf7h5n2zc7NDOb8jHAHhRtUJPOaBiYYTbjv/E1JAe/ggaFCK1
M/RvAoqZaUaxFOvI75iDGKyiG4kdTxuv6SoUJL58MAdlQcVvNyHvbXCrYrZHLOZe
UbkuNVab9DRmpg4rGbm1zgvoOXnSxor3xxpFPHOhvzP8TyGK6rrWAVQheGceogu8
xTbWx4ieCF6UIqMXXsgo6qpM2bor7ZS3TuRov2/sg1Z6e0Rnm01FJnuMlLDMJUa6
tPWlhDlDreT7tQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:06:15 2026 by rpki-client