Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/248133-8670-4167-a195-6e2f588c0c7e/1/5H78nMPZxL0porvBVVH4LyXPEbo.mft
File: 5H78nMPZxL0porvBVVH4LyXPEbo.mft (raw, json)
Hash identifier: EdhWLrlNV9oNLSSmSPzZSl/AAN/UGUCWQ4APeIEq7WY=
Subject key identifier: AF:BD:13:6F:61:D0:A1:C9:A8:3D:32:42:3E:6C:EA:F0:59:F9:7E:3C
Authority key identifier: E4:7E:FC:9C:C3:D9:C4:BD:29:A2:BB:C1:55:51:F8:2F:25:CF:11:BA
Certificate issuer: /CN=e47efc9cc3d9c4bd29a2bbc15551f82f25cf11ba
Certificate serial: 019CACEB97F2CDBA0D608253D312F54EA047
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5H78nMPZxL0porvBVVH4LyXPEbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/248133-8670-4167-a195-6e2f588c0c7e/1/5H78nMPZxL0porvBVVH4LyXPEbo.mft
Manifest number: 0FFA
Signing time: Mon 02 Mar 2026 05:00:46 +0000
Manifest this update: Mon 02 Mar 2026 05:00:46 +0000
Manifest next update: Tue 03 Mar 2026 05:00:46 +0000
Files and hashes: 1: 5H78nMPZxL0porvBVVH4LyXPEbo.crl (hash: 0NkfPFm9P7oNYDs+TY5BPfjeC8uNCMW9/S7gc19Q3To=)
2: vfg-SAjuqUJDpM-dI7gV1uCQ2uw.roa (hash: R/EtSB73ZGWrRnb/Gf2BJqZ0RYrtTKAiO9HiXzdMKyc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/248133-8670-4167-a195-6e2f588c0c7e/1/5H78nMPZxL0porvBVVH4LyXPEbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/248133-8670-4167-a195-6e2f588c0c7e/1/5H78nMPZxL0porvBVVH4LyXPEbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/5H78nMPZxL0porvBVVH4LyXPEbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 05:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:eb:97:f2:cd:ba:0d:60:82:53:d3:12:f5:4e:a0:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e47efc9cc3d9c4bd29a2bbc15551f82f25cf11ba
Validity
Not Before: Mar 2 05:00:46 2026 GMT
Not After : Mar 3 05:00:46 2026 GMT
Subject: CN=afbd136f61d0a1c9a83d32423e6ceaf059f97e3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:d5:b8:7b:bf:73:98:c0:9f:a4:a1:9f:35:0c:
b8:81:95:36:7e:c5:06:b3:dd:24:ea:ea:fd:32:72:
aa:68:35:15:62:05:24:84:f5:44:16:79:8b:52:69:
fe:a4:2d:74:29:fa:d0:fd:c6:41:4d:7b:54:10:2d:
a7:bb:25:ab:22:e3:dd:e1:8b:ab:3d:dc:3a:19:20:
d6:18:52:33:f2:a1:a0:88:ee:79:8d:0a:57:2b:9b:
13:c9:9b:bd:cd:5f:f3:95:66:d0:5e:60:8e:ba:16:
ca:c9:75:eb:c4:72:dc:36:1d:ab:37:84:0f:13:dc:
ec:e0:46:e7:1c:97:70:53:91:6d:26:b8:cd:0c:b3:
ff:f2:7a:28:e2:fb:ed:b4:50:c3:ec:04:1e:86:bf:
de:ad:6d:81:95:42:01:76:b7:e8:d9:19:c7:52:ce:
9b:67:fa:1c:ea:9f:93:c4:8c:cd:06:3f:d9:f4:d3:
61:35:08:60:22:36:42:54:e3:ae:03:b9:e9:b9:d3:
2d:cc:6e:8d:eb:2a:d3:f6:58:81:e7:91:51:8b:9f:
e6:2c:3b:19:ee:c5:61:b3:71:ad:03:b1:49:80:a9:
78:81:e8:0e:71:36:b7:e4:5f:8b:91:d9:fa:c2:94:
50:aa:f0:47:8a:8a:d3:ae:9d:2f:b5:7a:17:d5:fa:
90:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:BD:13:6F:61:D0:A1:C9:A8:3D:32:42:3E:6C:EA:F0:59:F9:7E:3C
X509v3 Authority Key Identifier:
keyid:E4:7E:FC:9C:C3:D9:C4:BD:29:A2:BB:C1:55:51:F8:2F:25:CF:11:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5H78nMPZxL0porvBVVH4LyXPEbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/248133-8670-4167-a195-6e2f588c0c7e/1/5H78nMPZxL0porvBVVH4LyXPEbo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/248133-8670-4167-a195-6e2f588c0c7e/1/5H78nMPZxL0porvBVVH4LyXPEbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b9:5b:22:83:50:17:53:47:28:3d:cb:aa:6a:16:9e:82:3b:6a:
32:d2:4c:a4:ad:4c:45:c8:fa:f0:10:07:2d:ea:82:91:78:65:
10:a9:e5:10:52:fb:34:ee:9c:67:bf:31:35:71:1b:04:1b:ac:
64:b9:1f:82:a4:8c:e0:0e:a8:c4:0c:c1:7f:91:62:9f:e4:b9:
84:e7:78:22:a1:60:f7:58:c4:5e:91:eb:ad:d8:83:16:e6:d9:
7a:a6:36:5f:a2:d7:24:b6:a7:5f:5d:17:95:61:2a:6c:14:26:
21:a3:c4:3c:d9:fb:da:28:d8:44:26:c8:96:e7:9f:1d:30:2b:
38:e1:fb:d6:cf:70:f6:1b:53:6a:37:58:be:bc:2b:00:a8:e5:
e6:7d:d1:7d:34:32:93:81:98:4f:06:33:83:4c:08:f7:5e:4f:
3b:89:21:df:ec:08:a9:36:91:90:b4:c1:6f:39:28:8f:82:e8:
9e:8f:20:66:c3:7b:72:16:f1:90:76:9a:9b:de:1f:8f:81:12:
2b:cc:f6:c1:bb:b2:cb:f8:12:ef:7d:4c:66:97:47:3e:6a:a3:
ba:20:40:6a:7f:07:4f:2c:11:db:e1:1e:4a:3b:f3:b9:3b:f7:
5f:46:83:71:17:94:57:39:39:54:31:0b:f0:27:a5:b5:c0:db:
7b:d4:3a:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZys65fyzboNYIJT0xL1TqBHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0N2VmYzljYzNkOWM0YmQyOWEyYmJjMTU1NTFmODJmMjVj
ZjExYmEwHhcNMjYwMzAyMDUwMDQ2WhcNMjYwMzAzMDUwMDQ2WjAzMTEwLwYDVQQD
EyhhZmJkMTM2ZjYxZDBhMWM5YTgzZDMyNDIzZTZjZWFmMDU5Zjk3ZTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6dW4e79zmMCfpKGfNQy4gZU2fsUG
s90k6ur9MnKqaDUVYgUkhPVEFnmLUmn+pC10KfrQ/cZBTXtUEC2nuyWrIuPd4Yur
Pdw6GSDWGFIz8qGgiO55jQpXK5sTyZu9zV/zlWbQXmCOuhbKyXXrxHLcNh2rN4QP
E9zs4EbnHJdwU5FtJrjNDLP/8noo4vvttFDD7AQehr/erW2BlUIBdrfo2RnHUs6b
Z/oc6p+TxIzNBj/Z9NNhNQhgIjZCVOOuA7npudMtzG6N6yrT9liB55FRi5/mLDsZ
7sVhs3GtA7FJgKl4gegOcTa35F+Lkdn6wpRQqvBHiorTrp0vtXoX1fqQ3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK+9E29h0KHJqD0yQj5s6vBZ+X48MB8GA1UdIwQY
MBaAFOR+/JzD2cS9KaK7wVVR+C8lzxG6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUg3OG5NUFp4TDBwb3J2QlZWSDRMeVhQRWJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8yNDgxMzMtODY3MC00MTY3LWExOTUt
NmUyZjU4OGMwYzdlLzEvNUg3OG5NUFp4TDBwb3J2QlZWSDRMeVhQRWJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8yNDgxMzMtODY3MC00MTY3LWExOTUtNmUyZjU4OGMwYzdl
LzEvNUg3OG5NUFp4TDBwb3J2QlZWSDRMeVhQRWJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuVsig1AX
U0coPcuqahaegjtqMtJMpK1MRcj68BAHLeqCkXhlEKnlEFL7NO6cZ78xNXEbBBus
ZLkfgqSM4A6oxAzBf5Fin+S5hOd4IqFg91jEXpHrrdiDFubZeqY2X6LXJLanX10X
lWEqbBQmIaPEPNn72ijYRCbIluefHTArOOH71s9w9htTajdYvrwrAKjl5n3RfTQy
k4GYTwYzg0wI915PO4kh3+wIqTaRkLTBbzkoj4Lono8gZsN7chbxkHaam94fj4ES
K8z2wbuyy/gS731MZpdHPmqjuiBAan8HTywR2+EeSjvzuTv3X0aDcReUVzk5VDEL
8CeltcDbe9Q6MQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:18:29 2026 by rpki-client