Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.mft
File: UGF1T3aJFp9qFQZQlUcmcrorRYk.mft (raw, json)
Hash identifier: wQP0TbsSsMwxR4IvlV4v2izsAFyvytU+jiYeEDYzmRM=
Subject key identifier: 03:2A:0B:60:B5:98:5F:D0:85:D0:25:31:17:C4:7E:7D:BC:5A:C1:BA
Authority key identifier: 50:61:75:4F:76:89:16:9F:6A:15:06:50:95:47:26:72:BA:2B:45:89
Certificate issuer: /CN=5061754f7689169f6a15065095472672ba2b4589
Certificate serial: 019CAA8F660167B133E932FB59BB5AAE97CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UGF1T3aJFp9qFQZQlUcmcrorRYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.mft
Manifest number: 0FBA
Signing time: Sun 01 Mar 2026 18:00:50 +0000
Manifest this update: Sun 01 Mar 2026 18:00:50 +0000
Manifest next update: Mon 02 Mar 2026 18:00:50 +0000
Files and hashes: 1: Dso0R9jjpUkdKEuWSQN3IKBjVm0.roa (hash: 9FQomFqWvc60F+2iE+E+hXBWJiV5IXVpIcSj2ui8bw0=)
2: UGF1T3aJFp9qFQZQlUcmcrorRYk.crl (hash: t+KE4FvCMLpL5EFRxWd56hsuSwlroM798WapclFMWeE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.mft
rsync://rpki.ripe.net/repository/DEFAULT/UGF1T3aJFp9qFQZQlUcmcrorRYk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:8f:66:01:67:b1:33:e9:32:fb:59:bb:5a:ae:97:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5061754f7689169f6a15065095472672ba2b4589
Validity
Not Before: Mar 1 18:00:50 2026 GMT
Not After : Mar 2 18:00:50 2026 GMT
Subject: CN=032a0b60b5985fd085d0253117c47e7dbc5ac1ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:49:6a:30:6f:40:3b:e0:d2:8e:41:ad:3a:e2:
78:0c:e6:fb:53:6e:be:56:d2:46:1a:ed:8f:fc:af:
d8:01:db:c1:3d:55:12:84:8e:db:5e:92:d6:a9:20:
42:13:62:09:0d:ad:a2:20:35:0f:23:aa:d3:7f:d0:
83:36:1b:05:9a:6c:0a:5a:b8:b7:f3:b3:97:a7:a7:
ac:b5:50:24:ec:f7:c4:3b:ed:ab:46:07:b3:64:e5:
08:a1:c4:86:61:79:34:51:59:75:f4:c9:da:0c:1e:
6e:66:cb:50:6a:ad:50:9a:c3:7d:11:57:f6:c3:04:
b6:11:da:f4:83:c9:88:80:4e:cb:1b:ed:af:93:89:
60:26:b3:ee:c8:b3:bf:c7:1c:77:dd:16:08:4f:e1:
92:51:a1:f8:64:0f:76:2e:5e:80:c2:bb:28:81:15:
15:e6:de:0e:c4:5e:a2:cc:cd:c5:a3:98:97:ed:53:
a6:af:da:b9:70:1d:5c:06:ca:f7:ef:73:21:2d:92:
1f:fd:8e:e7:a3:9a:e4:fd:0d:1a:4b:0d:03:56:5c:
fe:6b:c6:a1:eb:a5:ef:ad:5b:27:84:93:91:95:53:
bc:80:df:e4:e8:42:ab:9a:d9:9e:05:cc:f2:37:3d:
68:5f:e8:81:ea:d2:23:29:6e:2f:ed:e0:95:fa:7d:
11:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:2A:0B:60:B5:98:5F:D0:85:D0:25:31:17:C4:7E:7D:BC:5A:C1:BA
X509v3 Authority Key Identifier:
keyid:50:61:75:4F:76:89:16:9F:6A:15:06:50:95:47:26:72:BA:2B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UGF1T3aJFp9qFQZQlUcmcrorRYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
54:8d:98:31:f4:3c:8d:fa:dd:d3:77:5a:77:64:f0:70:c0:a6:
cf:4c:36:3d:0e:15:b6:eb:16:08:f3:e5:39:f0:58:b4:b0:42:
a6:02:61:91:29:2b:41:46:c0:04:f2:ee:d2:41:76:74:01:1e:
41:b7:f3:41:ea:66:bc:0a:23:58:c0:7d:56:6c:06:00:d3:7e:
f8:c9:68:43:13:36:69:e9:a4:50:70:4d:c9:ab:1f:39:bb:46:
c0:41:ec:45:a6:41:f8:0c:a6:3c:57:e5:27:db:fe:16:9f:1f:
8c:63:b6:90:ce:b3:db:c5:a3:0a:8a:57:f3:69:9c:91:b7:ac:
32:22:94:fa:c6:23:28:0e:8e:b0:57:b0:fb:46:1c:e1:63:f7:
5f:34:2e:8b:72:10:84:4c:b1:ff:be:e8:de:f4:a2:21:a5:57:
9a:f2:67:a9:c6:9a:7c:61:87:82:05:95:d3:1a:76:f6:4c:87:
9a:d8:29:29:82:52:f0:50:88:b2:07:5f:00:f0:9c:0f:67:c2:
9b:4d:79:10:b7:89:75:d0:f8:da:cf:f3:21:c6:da:31:85:38:
f4:66:47:85:81:65:3e:35:5a:0b:d2:12:b9:45:0d:52:d9:d6:
41:8a:74:44:7b:a1:fa:5d:4a:60:54:69:9c:2c:79:e2:a9:75:
5f:42:36:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqj2YBZ7Ez6TL7WbtarpfPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNjE3NTRmNzY4OTE2OWY2YTE1MDY1MDk1NDcyNjcyYmEy
YjQ1ODkwHhcNMjYwMzAxMTgwMDUwWhcNMjYwMzAyMTgwMDUwWjAzMTEwLwYDVQQD
EygwMzJhMGI2MGI1OTg1ZmQwODVkMDI1MzExN2M0N2U3ZGJjNWFjMWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUlqMG9AO+DSjkGtOuJ4DOb7U26+
VtJGGu2P/K/YAdvBPVUShI7bXpLWqSBCE2IJDa2iIDUPI6rTf9CDNhsFmmwKWri3
87OXp6estVAk7PfEO+2rRgezZOUIocSGYXk0UVl19MnaDB5uZstQaq1QmsN9EVf2
wwS2Edr0g8mIgE7LG+2vk4lgJrPuyLO/xxx33RYIT+GSUaH4ZA92Ll6AwrsogRUV
5t4OxF6izM3Fo5iX7VOmr9q5cB1cBsr373MhLZIf/Y7no5rk/Q0aSw0DVlz+a8ah
66XvrVsnhJORlVO8gN/k6EKrmtmeBczyNz1oX+iB6tIjKW4v7eCV+n0RzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAMqC2C1mF/QhdAlMRfEfn28WsG6MB8GA1UdIwQY
MBaAFFBhdU92iRafahUGUJVHJnK6K0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUdGMVQzYUpGcDlxRlFaUWxVY21jcm9yUllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8zYjU5ZDUtNjAyZC00MzUxLTk2YmMt
YTEwODY0OWQ1MWUyLzEvVUdGMVQzYUpGcDlxRlFaUWxVY21jcm9yUllrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8zYjU5ZDUtNjAyZC00MzUxLTk2YmMtYTEwODY0OWQ1MWUy
LzEvVUdGMVQzYUpGcDlxRlFaUWxVY21jcm9yUllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVI2YMfQ8
jfrd03dad2TwcMCmz0w2PQ4VtusWCPPlOfBYtLBCpgJhkSkrQUbABPLu0kF2dAEe
QbfzQepmvAojWMB9VmwGANN++MloQxM2aemkUHBNyasfObtGwEHsRaZB+AymPFfl
J9v+Fp8fjGO2kM6z28WjCopX82mckbesMiKU+sYjKA6OsFew+0Yc4WP3XzQui3IQ
hEyx/77o3vSiIaVXmvJnqcaafGGHggWV0xp29kyHmtgpKYJS8FCIsgdfAPCcD2fC
m015ELeJddD42s/zIcbaMYU49GZHhYFlPjVaC9ISuUUNUtnWQYp0RHuh+l1KYFRp
nCx54ql1X0I29Q==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:45:01 2026 by rpki-client