Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/4cd72d-d8a5-46ce-8674-0d22232c34a0/1/pOuetVR8f18ar8CtoUCAVBlhhyY.mft
File: pOuetVR8f18ar8CtoUCAVBlhhyY.mft (raw, json)
Hash identifier: D52QC/oQ1XjJFMNrVfHlJJaoHXxEXY/yXJePoaT97bw=
Subject key identifier: AE:87:B3:E5:70:E6:24:AF:32:69:41:D8:02:9B:52:13:F9:AB:3C:BD
Authority key identifier: A4:EB:9E:B5:54:7C:7F:5F:1A:AF:C0:AD:A1:40:80:54:19:61:87:26
Certificate issuer: /CN=a4eb9eb5547c7f5f1aafc0ada140805419618726
Certificate serial: 019D27727180EBEA52F57286246F2E05C2B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pOuetVR8f18ar8CtoUCAVBlhhyY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/4cd72d-d8a5-46ce-8674-0d22232c34a0/1/pOuetVR8f18ar8CtoUCAVBlhhyY.mft
Manifest number: 0C77
Signing time: Thu 26 Mar 2026 00:01:44 +0000
Manifest this update: Thu 26 Mar 2026 00:01:44 +0000
Manifest next update: Fri 27 Mar 2026 00:01:44 +0000
Files and hashes: 1: nNI8cWDrdupy6QxxnpymseWXDm8.roa (hash: /qGCtHyxtyMb0gDue0+bsmpvI9xz1vBM6ikbcYD+rGo=)
2: pOuetVR8f18ar8CtoUCAVBlhhyY.crl (hash: ZJFTPn/f/KY65PmDJNpOJjPvYPI11MSJDGGfdEBpMEs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/4cd72d-d8a5-46ce-8674-0d22232c34a0/1/pOuetVR8f18ar8CtoUCAVBlhhyY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/4cd72d-d8a5-46ce-8674-0d22232c34a0/1/pOuetVR8f18ar8CtoUCAVBlhhyY.mft
rsync://rpki.ripe.net/repository/DEFAULT/pOuetVR8f18ar8CtoUCAVBlhhyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:72:71:80:eb:ea:52:f5:72:86:24:6f:2e:05:c2:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4eb9eb5547c7f5f1aafc0ada140805419618726
Validity
Not Before: Mar 26 00:01:44 2026 GMT
Not After : Mar 27 00:01:44 2026 GMT
Subject: CN=ae87b3e570e624af326941d8029b5213f9ab3cbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:db:42:fb:73:b5:29:05:79:7b:6c:04:61:a4:
cf:10:dc:70:69:9e:28:90:04:22:c2:d9:cd:59:d6:
fb:b8:8c:10:52:b9:c0:19:13:ae:b2:e9:91:72:07:
52:7a:b1:32:dc:79:a7:3a:f6:b8:11:85:c8:0e:6c:
87:b4:ed:f3:f6:e6:8e:2a:f1:4a:59:2b:14:66:89:
e1:48:28:df:c2:5c:e0:85:ce:1e:90:be:3a:39:e2:
ca:7a:cf:bc:28:bd:42:a0:c5:44:68:f5:33:bd:b9:
b0:7c:85:47:55:f6:7b:88:ee:2d:1e:9e:99:99:4a:
cb:a1:0d:26:93:1f:ca:5d:a5:76:c4:c5:6c:22:e3:
da:03:9d:3b:48:84:52:7d:cf:df:b9:07:81:96:dc:
3a:72:fd:5c:0f:3d:54:b0:47:67:e3:4d:5a:15:82:
0c:40:e5:80:b7:71:d3:16:7b:a4:50:f1:2e:2d:ae:
c9:85:c5:30:45:a9:64:04:a3:4c:3e:2f:0d:0a:0f:
fc:b8:bc:e8:00:9c:50:e3:e0:17:b9:7a:b5:05:ba:
36:60:a4:28:2d:9a:66:04:ba:5d:42:c9:a7:d4:59:
6a:32:bc:69:f3:ca:75:fe:0a:80:b2:fb:29:b5:8e:
2b:bb:44:e9:b7:47:09:55:26:30:d6:76:88:6d:eb:
88:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:87:B3:E5:70:E6:24:AF:32:69:41:D8:02:9B:52:13:F9:AB:3C:BD
X509v3 Authority Key Identifier:
keyid:A4:EB:9E:B5:54:7C:7F:5F:1A:AF:C0:AD:A1:40:80:54:19:61:87:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOuetVR8f18ar8CtoUCAVBlhhyY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/4cd72d-d8a5-46ce-8674-0d22232c34a0/1/pOuetVR8f18ar8CtoUCAVBlhhyY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/4cd72d-d8a5-46ce-8674-0d22232c34a0/1/pOuetVR8f18ar8CtoUCAVBlhhyY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
01:bb:66:60:92:f1:55:b5:59:d1:56:db:99:69:23:3a:e0:37:
54:76:91:b1:96:f3:07:43:c6:c7:c5:a5:3b:fd:bb:e2:60:dc:
25:ed:b9:cb:8f:00:6b:94:de:68:61:9c:db:fa:fe:ce:66:39:
ef:51:0b:f8:7b:7a:6e:f7:7a:c7:c7:8b:81:f2:a6:89:c5:c6:
f2:6f:c8:58:72:ca:96:cc:2f:9a:39:c6:ca:62:ba:50:7b:35:
2f:59:07:30:cb:7a:d3:bc:2f:55:89:81:04:27:8f:fc:04:79:
0e:49:b2:ab:25:10:74:7d:19:94:18:b3:ae:a6:68:56:ec:b5:
b7:30:08:63:56:da:5d:70:54:f6:14:ce:f7:bd:77:8f:1f:1c:
75:03:83:dd:b5:9d:d5:21:49:48:36:99:b5:1d:8c:74:7a:00:
b6:b3:1f:cc:aa:d3:a9:54:0f:97:1a:aa:23:63:86:6f:fb:98:
07:33:12:b4:5c:aa:fc:85:65:56:3d:7f:73:87:2d:c0:17:e2:
9b:79:03:60:cc:76:36:e3:fb:4d:ce:76:cf:48:43:f1:02:30:
02:3d:62:4c:e2:72:80:f5:53:17:d5:94:4f:a1:ca:98:46:d0:
0a:42:57:4d:97:29:00:06:ff:47:fb:77:bc:1a:d9:f1:24:47:
b6:d2:de:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncnGA6+pS9XKGJG8uBcKxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZWI5ZWI1NTQ3YzdmNWYxYWFmYzBhZGExNDA4MDU0MTk2
MTg3MjYwHhcNMjYwMzI2MDAwMTQ0WhcNMjYwMzI3MDAwMTQ0WjAzMTEwLwYDVQQD
EyhhZTg3YjNlNTcwZTYyNGFmMzI2OTQxZDgwMjliNTIxM2Y5YWIzY2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09tC+3O1KQV5e2wEYaTPENxwaZ4o
kAQiwtnNWdb7uIwQUrnAGROusumRcgdSerEy3HmnOva4EYXIDmyHtO3z9uaOKvFK
WSsUZonhSCjfwlzghc4ekL46OeLKes+8KL1CoMVEaPUzvbmwfIVHVfZ7iO4tHp6Z
mUrLoQ0mkx/KXaV2xMVsIuPaA507SIRSfc/fuQeBltw6cv1cDz1UsEdn401aFYIM
QOWAt3HTFnukUPEuLa7JhcUwRalkBKNMPi8NCg/8uLzoAJxQ4+AXuXq1Bbo2YKQo
LZpmBLpdQsmn1FlqMrxp88p1/gqAsvsptY4ru0Tpt0cJVSYw1naIbeuI4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK6Hs+Vw5iSvMmlB2AKbUhP5qzy9MB8GA1UdIwQY
MBaAFKTrnrVUfH9fGq/AraFAgFQZYYcmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE91ZXRWUjhmMThhcjhDdG9VQ0FWQmxoaHlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi80Y2Q3MmQtZDhhNS00NmNlLTg2NzQt
MGQyMjIzMmMzNGEwLzEvcE91ZXRWUjhmMThhcjhDdG9VQ0FWQmxoaHlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi80Y2Q3MmQtZDhhNS00NmNlLTg2NzQtMGQyMjIzMmMzNGEw
LzEvcE91ZXRWUjhmMThhcjhDdG9VQ0FWQmxoaHlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAbtmYJLx
VbVZ0VbbmWkjOuA3VHaRsZbzB0PGx8WlO/274mDcJe25y48Aa5TeaGGc2/r+zmY5
71EL+Ht6bvd6x8eLgfKmicXG8m/IWHLKlswvmjnGymK6UHs1L1kHMMt607wvVYmB
BCeP/AR5DkmyqyUQdH0ZlBizrqZoVuy1tzAIY1baXXBU9hTO9713jx8cdQOD3bWd
1SFJSDaZtR2MdHoAtrMfzKrTqVQPlxqqI2OGb/uYBzMStFyq/IVlVj1/c4ctwBfi
m3kDYMx2NuP7Tc52z0hD8QIwAj1iTOJygPVTF9WUT6HKmEbQCkJXTZcpAAb/R/t3
vBrZ8SRHttLeWA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:07:52 2026 by rpki-client