Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/uT2pHx9TY0JyxZEQh85my602FKM.mft
File: uT2pHx9TY0JyxZEQh85my602FKM.mft (raw, json)
Hash identifier: XyAPDqurRwVtYT8kwK1KF9hJzuFp3S7z1Q8W4uyWyDw=
Subject key identifier: FE:42:90:DA:16:B2:EF:96:8F:65:FE:BA:95:1A:B4:BC:32:B5:66:02
Authority key identifier: B9:3D:A9:1F:1F:53:63:42:72:C5:91:10:87:CE:66:CB:AD:36:14:A3
Certificate issuer: /CN=b93da91f1f53634272c5911087ce66cbad3614a3
Certificate serial: 019CAC0F903FB5BCDB95D4393CC306EE047E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uT2pHx9TY0JyxZEQh85my602FKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/uT2pHx9TY0JyxZEQh85my602FKM.mft
Manifest number: 09E5
Signing time: Mon 02 Mar 2026 01:00:26 +0000
Manifest this update: Mon 02 Mar 2026 01:00:26 +0000
Manifest next update: Tue 03 Mar 2026 01:00:26 +0000
Files and hashes: 1: T5RpUZaJxF7WS22xVaYfC5phh5w.roa (hash: 1t4IgY5FT1qa56RFkPSefpzTePRTnBiDJZBSxg9HAjA=)
2: uT2pHx9TY0JyxZEQh85my602FKM.crl (hash: C/L/Jg6DZ2O6tMee59VIj1/t0OUV9pDj9CWyQMWfEPc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/uT2pHx9TY0JyxZEQh85my602FKM.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/uT2pHx9TY0JyxZEQh85my602FKM.mft
rsync://rpki.ripe.net/repository/DEFAULT/uT2pHx9TY0JyxZEQh85my602FKM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:0f:90:3f:b5:bc:db:95:d4:39:3c:c3:06:ee:04:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b93da91f1f53634272c5911087ce66cbad3614a3
Validity
Not Before: Mar 2 01:00:26 2026 GMT
Not After : Mar 3 01:00:26 2026 GMT
Subject: CN=fe4290da16b2ef968f65feba951ab4bc32b56602
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:07:23:54:a7:c1:f6:71:3c:f1:c8:50:46:3e:
e9:10:d5:c5:a1:41:3a:6f:3f:78:fd:fd:a7:e6:34:
58:0c:f3:b4:77:34:1f:b0:a4:81:a2:0e:bf:63:e1:
b7:d1:14:5a:cc:0e:91:e2:3d:4e:05:9d:22:7f:0e:
da:13:fa:a7:0c:00:f7:7b:24:42:4f:03:16:4f:57:
2e:21:23:6f:c5:8f:c1:d6:40:64:a7:f3:55:41:86:
90:ee:1d:d0:d4:63:c2:ef:1b:ff:e5:5f:53:d0:da:
ca:86:ac:61:f7:f1:de:38:4e:31:80:43:a3:95:c1:
5b:fd:ab:5a:c5:1f:75:25:8a:8e:1b:95:7c:fe:86:
c8:30:00:ed:68:9e:13:b9:79:a7:69:f2:27:3a:c5:
34:71:e3:cf:f0:35:b2:9f:e3:8d:ec:c3:af:28:e7:
31:2e:a5:6d:45:5f:23:57:49:83:ac:50:ef:9d:9e:
42:af:3e:d5:58:c0:16:f0:82:bc:ab:8e:fd:7b:92:
89:69:77:0d:b4:af:ca:63:7f:65:b1:57:8a:ae:07:
97:36:43:2f:3a:e0:72:26:f8:49:bf:30:28:66:c2:
81:ba:27:0b:f9:6e:eb:ab:d4:76:1b:ea:62:89:b9:
66:66:da:4e:82:90:a4:c0:a8:9a:ce:66:46:45:32:
03:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:42:90:DA:16:B2:EF:96:8F:65:FE:BA:95:1A:B4:BC:32:B5:66:02
X509v3 Authority Key Identifier:
keyid:B9:3D:A9:1F:1F:53:63:42:72:C5:91:10:87:CE:66:CB:AD:36:14:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uT2pHx9TY0JyxZEQh85my602FKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/uT2pHx9TY0JyxZEQh85my602FKM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/uT2pHx9TY0JyxZEQh85my602FKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
85:68:7b:01:bc:8c:2d:26:00:3e:ea:7e:fc:ec:0f:e6:a7:0d:
7f:cc:c7:54:cf:d3:90:b6:10:77:07:4b:56:f6:29:c4:da:f9:
40:7e:6d:ce:30:1a:fa:1c:3f:fa:35:74:a0:a3:fb:1f:05:26:
fb:a3:5e:d8:55:45:98:9d:70:fb:f3:16:3b:6e:f2:ef:19:79:
29:65:33:2f:6f:40:c9:4f:e0:e1:a3:98:03:5d:d0:23:0e:a1:
d7:4c:bd:c8:14:3c:e7:26:b0:45:c2:2e:b7:db:39:cc:20:c6:
ff:f5:a2:99:1d:b7:a8:89:4f:02:f2:58:c3:1f:c6:c0:86:f8:
e2:0d:1b:3c:2b:d0:ad:d5:35:ad:80:4e:cf:20:f9:2c:9a:8d:
3d:32:c6:fa:34:08:0f:6e:e7:4f:76:34:4f:0e:4f:6f:de:66:
8d:ac:08:da:06:e2:04:38:39:d4:a6:14:7c:dd:3a:65:f4:52:
e7:e5:a4:c2:4c:cd:c6:cb:08:52:c5:bf:ea:a1:62:05:23:94:
b5:a8:4a:69:08:e2:84:cc:35:44:14:2e:2a:dd:38:3e:df:3e:
de:c3:24:4a:31:85:e4:81:a9:de:37:14:5f:81:a6:c7:dd:f3:
5a:57:a9:4b:bc:81:36:1a:1a:0e:09:a8:53:6d:30:3a:6c:27:
a8:48:bf:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysD5A/tbzbldQ5PMMG7gR+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5M2RhOTFmMWY1MzYzNDI3MmM1OTExMDg3Y2U2NmNiYWQz
NjE0YTMwHhcNMjYwMzAyMDEwMDI2WhcNMjYwMzAzMDEwMDI2WjAzMTEwLwYDVQQD
EyhmZTQyOTBkYTE2YjJlZjk2OGY2NWZlYmE5NTFhYjRiYzMyYjU2NjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9QcjVKfB9nE88chQRj7pENXFoUE6
bz94/f2n5jRYDPO0dzQfsKSBog6/Y+G30RRazA6R4j1OBZ0ifw7aE/qnDAD3eyRC
TwMWT1cuISNvxY/B1kBkp/NVQYaQ7h3Q1GPC7xv/5V9T0NrKhqxh9/HeOE4xgEOj
lcFb/ataxR91JYqOG5V8/obIMADtaJ4TuXmnafInOsU0cePP8DWyn+ON7MOvKOcx
LqVtRV8jV0mDrFDvnZ5Crz7VWMAW8IK8q479e5KJaXcNtK/KY39lsVeKrgeXNkMv
OuByJvhJvzAoZsKBuicL+W7rq9R2G+piiblmZtpOgpCkwKiazmZGRTIDDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP5CkNoWsu+Wj2X+upUatLwytWYCMB8GA1UdIwQY
MBaAFLk9qR8fU2NCcsWREIfOZsutNhSjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVQycEh4OVRZMEp5eFpFUWg4NW15NjAyRktNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jYTQ0NzEtMzRkMC00ODE2LTgxZDEt
OGJmNWIxZWQxMjA5LzEvdVQycEh4OVRZMEp5eFpFUWg4NW15NjAyRktNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jYTQ0NzEtMzRkMC00ODE2LTgxZDEtOGJmNWIxZWQxMjA5
LzEvdVQycEh4OVRZMEp5eFpFUWg4NW15NjAyRktNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhWh7AbyM
LSYAPup+/OwP5qcNf8zHVM/TkLYQdwdLVvYpxNr5QH5tzjAa+hw/+jV0oKP7HwUm
+6Ne2FVFmJ1w+/MWO27y7xl5KWUzL29AyU/g4aOYA13QIw6h10y9yBQ85yawRcIu
t9s5zCDG//WimR23qIlPAvJYwx/GwIb44g0bPCvQrdU1rYBOzyD5LJqNPTLG+jQI
D27nT3Y0Tw5Pb95mjawI2gbiBDg51KYUfN06ZfRS5+WkwkzNxssIUsW/6qFiBSOU
tahKaQjihMw1RBQuKt04Pt8+3sMkSjGF5IGp3jcUX4Gmx93zWlepS7yBNhoaDgmo
U20wOmwnqEi/lg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:17:39 2026 by rpki-client