Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/974749-4d7e-4450-9793-df854f47baf4/1/sPoMerwQeWkV4zW6GXgORz4CeWk.mft
File: sPoMerwQeWkV4zW6GXgORz4CeWk.mft (raw, json)
Hash identifier: /M1gt/bT56qpybYK3qrCDSisN/ujhKCmFBOnhQygJxM=
Subject key identifier: FC:8B:74:5B:FF:5F:74:92:1E:0A:35:EA:1D:C8:09:F6:34:16:EF:7F
Authority key identifier: B0:FA:0C:7A:BC:10:79:69:15:E3:35:BA:19:78:0E:47:3E:02:79:69
Certificate issuer: /CN=b0fa0c7abc10796915e335ba19780e473e027969
Certificate serial: 019D299776B5713414E54C626E14D089E101
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sPoMerwQeWkV4zW6GXgORz4CeWk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/974749-4d7e-4450-9793-df854f47baf4/1/sPoMerwQeWkV4zW6GXgORz4CeWk.mft
Manifest number: 137A
Signing time: Thu 26 Mar 2026 10:01:25 +0000
Manifest this update: Thu 26 Mar 2026 10:01:25 +0000
Manifest next update: Fri 27 Mar 2026 10:01:25 +0000
Files and hashes: 1: LefKdaCkJCuLWYomPbn7aYaCwt8.roa (hash: dTxOv7XhsigiPPaBEnDTEGV1JBMdxI+S2HXrs+TPL+s=)
2: sPoMerwQeWkV4zW6GXgORz4CeWk.crl (hash: n14q3smeKZUzAjpl0u+S3TGORqQnmm3mrvH3r1w0TEc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/974749-4d7e-4450-9793-df854f47baf4/1/sPoMerwQeWkV4zW6GXgORz4CeWk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/974749-4d7e-4450-9793-df854f47baf4/1/sPoMerwQeWkV4zW6GXgORz4CeWk.mft
rsync://rpki.ripe.net/repository/DEFAULT/sPoMerwQeWkV4zW6GXgORz4CeWk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:97:76:b5:71:34:14:e5:4c:62:6e:14:d0:89:e1:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0fa0c7abc10796915e335ba19780e473e027969
Validity
Not Before: Mar 26 10:01:25 2026 GMT
Not After : Mar 27 10:01:25 2026 GMT
Subject: CN=fc8b745bff5f74921e0a35ea1dc809f63416ef7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c1:e4:05:ee:71:10:16:18:49:cc:0e:8e:a4:
c3:2f:6d:15:52:43:9c:9e:39:40:a6:88:f2:e7:4a:
5b:2a:77:c9:1c:71:fa:99:f5:9c:ec:ec:04:00:c6:
04:e6:16:f5:d1:7b:bb:2f:52:b3:5e:bb:7d:80:c6:
d8:47:5d:2d:0d:88:98:29:f0:12:f0:86:24:88:64:
e0:81:6b:b6:65:e9:70:e3:fa:81:83:21:55:c4:63:
52:9c:dc:83:98:d7:84:20:88:8a:30:b6:53:b9:ee:
66:65:97:92:87:e8:c8:0f:99:4b:ff:31:2b:03:f9:
93:26:f8:d1:dc:32:cb:df:62:a1:31:b0:68:eb:90:
ab:fb:a6:ef:d2:86:a6:83:20:86:ec:a2:35:9a:01:
5f:0f:b3:f1:55:18:2a:91:f4:88:a8:e2:6a:ba:b1:
34:bb:25:6e:c7:bf:80:e7:00:96:f0:9a:85:3b:81:
40:13:4a:9e:c4:16:3f:b0:2f:68:16:04:2f:6e:b8:
7d:f5:e8:9d:e4:63:60:74:27:68:84:18:c9:47:da:
d1:74:ea:9d:46:68:d1:e1:59:8e:02:8d:08:97:29:
15:8d:27:b7:fb:9c:1f:5b:88:b9:2b:74:db:bc:9c:
f2:eb:79:6a:ee:bd:79:a6:f7:18:8f:11:e4:43:1f:
1e:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:8B:74:5B:FF:5F:74:92:1E:0A:35:EA:1D:C8:09:F6:34:16:EF:7F
X509v3 Authority Key Identifier:
keyid:B0:FA:0C:7A:BC:10:79:69:15:E3:35:BA:19:78:0E:47:3E:02:79:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPoMerwQeWkV4zW6GXgORz4CeWk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/974749-4d7e-4450-9793-df854f47baf4/1/sPoMerwQeWkV4zW6GXgORz4CeWk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/974749-4d7e-4450-9793-df854f47baf4/1/sPoMerwQeWkV4zW6GXgORz4CeWk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
14:d6:d0:3a:a3:82:67:54:cc:d6:73:31:65:ae:0a:ed:9f:df:
0f:52:6f:01:b2:6f:e5:ba:84:56:80:4c:48:3a:74:46:39:0a:
82:c7:27:0c:72:c3:34:10:70:eb:cc:b6:5e:b9:c1:29:3c:9c:
10:48:3f:6b:65:e9:d9:8b:69:4a:24:7e:72:aa:69:31:16:a7:
8b:1c:4b:af:ed:90:ae:f8:bd:52:4d:4a:1c:1d:4a:55:25:55:
d6:11:08:3f:43:45:6d:4e:36:4b:81:2d:65:fa:81:4f:89:1d:
a0:23:22:de:27:d6:c7:5d:72:19:9f:4b:7f:ce:48:53:72:7f:
9e:a9:14:df:4c:07:d5:e8:39:88:90:78:0a:e1:28:e4:43:b3:
5f:08:bd:fc:4b:12:86:39:fc:39:d3:bb:53:c0:bb:fd:76:d7:
18:d3:eb:b3:da:4b:81:03:cf:13:6a:6b:68:ef:1c:22:40:37:
86:4f:d1:ee:3b:61:9b:58:33:a8:95:36:bd:50:4d:40:7c:a2:
b5:ac:f6:fb:16:8c:f7:d5:67:ae:dd:5f:d5:b8:00:e0:d9:d0:
44:a5:5e:5f:30:a3:49:33:9c:be:71:8d:f6:28:b6:c5:de:e5:
fa:be:c7:87:9c:42:ce:c3:78:9c:e6:8c:c7:67:2b:cd:e9:19:
d6:96:4d:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pl3a1cTQU5UxibhTQieEBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZmEwYzdhYmMxMDc5NjkxNWUzMzViYTE5NzgwZTQ3M2Uw
Mjc5NjkwHhcNMjYwMzI2MTAwMTI1WhcNMjYwMzI3MTAwMTI1WjAzMTEwLwYDVQQD
EyhmYzhiNzQ1YmZmNWY3NDkyMWUwYTM1ZWExZGM4MDlmNjM0MTZlZjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcHkBe5xEBYYScwOjqTDL20VUkOc
njlApojy50pbKnfJHHH6mfWc7OwEAMYE5hb10Xu7L1KzXrt9gMbYR10tDYiYKfAS
8IYkiGTggWu2Zelw4/qBgyFVxGNSnNyDmNeEIIiKMLZTue5mZZeSh+jID5lL/zEr
A/mTJvjR3DLL32KhMbBo65Cr+6bv0oamgyCG7KI1mgFfD7PxVRgqkfSIqOJqurE0
uyVux7+A5wCW8JqFO4FAE0qexBY/sC9oFgQvbrh99eid5GNgdCdohBjJR9rRdOqd
RmjR4VmOAo0IlykVjSe3+5wfW4i5K3TbvJzy63lq7r15pvcYjxHkQx8edwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPyLdFv/X3SSHgo16h3ICfY0Fu9/MB8GA1UdIwQY
MBaAFLD6DHq8EHlpFeM1uhl4Dkc+AnlpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1BvTWVyd1FlV2tWNHpXNkdYZ09SejRDZVdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC85NzQ3NDktNGQ3ZS00NDUwLTk3OTMt
ZGY4NTRmNDdiYWY0LzEvc1BvTWVyd1FlV2tWNHpXNkdYZ09SejRDZVdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC85NzQ3NDktNGQ3ZS00NDUwLTk3OTMtZGY4NTRmNDdiYWY0
LzEvc1BvTWVyd1FlV2tWNHpXNkdYZ09SejRDZVdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFNbQOqOC
Z1TM1nMxZa4K7Z/fD1JvAbJv5bqEVoBMSDp0RjkKgscnDHLDNBBw68y2XrnBKTyc
EEg/a2Xp2YtpSiR+cqppMRanixxLr+2Qrvi9Uk1KHB1KVSVV1hEIP0NFbU42S4Et
ZfqBT4kdoCMi3ifWx11yGZ9Lf85IU3J/nqkU30wH1eg5iJB4CuEo5EOzXwi9/EsS
hjn8OdO7U8C7/XbXGNPrs9pLgQPPE2praO8cIkA3hk/R7jthm1gzqJU2vVBNQHyi
taz2+xaM99Vnrt1f1bgA4NnQRKVeXzCjSTOcvnGN9ii2xd7l+r7Hh5xCzsN4nOaM
x2crzekZ1pZNwg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:53:39 2026 by rpki-client