Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.mft
File: UGF1T3aJFp9qFQZQlUcmcrorRYk.mft (raw, json)
Hash identifier: 2dj79L53Y9bZD/H45E1Bvu8rU1jHFXFVuyMI1QLor3g=
Subject key identifier: 5F:0A:47:4A:BB:0B:B4:BB:A7:77:44:3B:70:DD:5B:59:6D:7F:D3:57
Authority key identifier: 50:61:75:4F:76:89:16:9F:6A:15:06:50:95:47:26:72:BA:2B:45:89
Certificate issuer: /CN=5061754f7689169f6a15065095472672ba2b4589
Certificate serial: 019D9A0787F301F73C20EE5F8CF605A1E88D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UGF1T3aJFp9qFQZQlUcmcrorRYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.mft
Manifest number: 1036
Signing time: Fri 17 Apr 2026 06:01:17 +0000
Manifest this update: Fri 17 Apr 2026 06:01:17 +0000
Manifest next update: Sat 18 Apr 2026 06:01:17 +0000
Files and hashes: 1: Dso0R9jjpUkdKEuWSQN3IKBjVm0.roa (hash: 9FQomFqWvc60F+2iE+E+hXBWJiV5IXVpIcSj2ui8bw0=)
2: UGF1T3aJFp9qFQZQlUcmcrorRYk.crl (hash: nGoGTotACqRvnQ1W2o9T9bNmx43+MXqeWnxR7akP1VA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.mft
rsync://rpki.ripe.net/repository/DEFAULT/UGF1T3aJFp9qFQZQlUcmcrorRYk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 06:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:07:87:f3:01:f7:3c:20:ee:5f:8c:f6:05:a1:e8:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5061754f7689169f6a15065095472672ba2b4589
Validity
Not Before: Apr 17 06:01:17 2026 GMT
Not After : Apr 18 06:01:17 2026 GMT
Subject: CN=5f0a474abb0bb4bba777443b70dd5b596d7fd357
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:26:a6:b7:a0:4c:2c:03:d3:57:41:5c:7f:df:
b4:7b:0b:9b:fd:e8:9e:31:d6:66:fa:3b:0b:8f:f1:
65:49:49:bd:96:e4:1e:ad:b7:2a:1b:2b:5a:07:2e:
57:1f:87:61:7c:de:e2:43:bf:90:4c:2c:49:06:df:
6a:18:cb:98:ee:fc:8c:89:de:35:83:e8:55:55:b8:
5f:a4:71:d2:f9:53:cc:64:14:1d:e1:49:33:4c:05:
6f:d9:95:aa:1f:95:2c:8e:e5:3e:70:f9:12:4f:ae:
15:17:1d:d6:ff:02:7c:c7:7d:39:a4:47:00:0a:ba:
39:72:52:33:2a:21:8e:01:5c:5d:8f:2d:52:ce:52:
10:80:05:5b:98:fe:f9:c0:2a:7d:dc:3a:6c:ac:02:
ca:66:49:36:c3:36:72:51:f0:56:1c:83:86:47:61:
5a:2d:51:17:8b:17:55:45:c9:b3:bc:e9:ff:a9:03:
94:9b:c7:c0:85:06:b4:11:5a:8d:ba:46:68:8c:47:
c5:c7:fd:ce:88:05:3a:94:45:65:e9:7a:f3:18:6a:
c0:0f:d2:d0:b6:aa:b6:d7:c4:5f:08:06:ba:39:94:
92:fb:80:ff:52:6e:95:23:a9:6f:4b:be:f8:45:d6:
4c:95:af:32:96:f0:db:f5:fd:3d:da:e3:b3:0b:ce:
38:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:0A:47:4A:BB:0B:B4:BB:A7:77:44:3B:70:DD:5B:59:6D:7F:D3:57
X509v3 Authority Key Identifier:
keyid:50:61:75:4F:76:89:16:9F:6A:15:06:50:95:47:26:72:BA:2B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UGF1T3aJFp9qFQZQlUcmcrorRYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
02:b4:3f:ea:de:ad:e0:03:48:5a:ba:b7:4a:1c:9b:ea:db:0d:
25:33:61:b0:5a:61:ba:f9:72:1b:26:27:e5:cb:5f:a3:4b:63:
2b:5e:df:66:f4:17:93:4a:89:35:7f:d9:de:ab:41:13:42:4a:
ab:e4:9a:3d:c2:a6:bd:11:27:e5:26:04:77:b7:3b:5e:58:19:
0e:06:a3:5f:ea:9d:76:09:4f:76:29:b8:05:5a:f8:8d:97:64:
7c:21:4f:40:ca:8d:30:e0:fe:94:c4:30:f1:0d:c7:3c:c2:2c:
40:44:26:6c:a9:ae:ed:80:4d:36:10:29:17:0e:fc:91:12:f4:
36:a6:27:69:64:69:81:d5:fe:d6:e6:bf:3a:77:d0:8f:9d:23:
5f:f7:b4:d0:c5:8e:a3:99:9b:75:18:83:da:8b:7d:76:01:ed:
f0:40:a8:3c:26:59:26:68:c1:20:14:84:ad:71:9c:79:8a:c4:
0b:f2:f6:0a:ca:4d:6a:4c:4e:0b:d4:24:bc:ad:16:84:72:0b:
f1:bd:5d:a8:71:15:3a:03:75:fc:e7:02:04:ec:e5:a4:ef:6c:
c3:82:37:89:1c:4d:52:1d:df:63:56:53:e4:6f:2e:42:5d:06:
ff:ec:58:0b:96:f5:ad:ae:23:a4:6a:c9:d1:6e:f1:ff:5d:fa:
ce:f0:3d:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aB4fzAfc8IO5fjPYFoeiNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNjE3NTRmNzY4OTE2OWY2YTE1MDY1MDk1NDcyNjcyYmEy
YjQ1ODkwHhcNMjYwNDE3MDYwMTE3WhcNMjYwNDE4MDYwMTE3WjAzMTEwLwYDVQQD
Eyg1ZjBhNDc0YWJiMGJiNGJiYTc3NzQ0M2I3MGRkNWI1OTZkN2ZkMzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1yamt6BMLAPTV0Fcf9+0ewub/eie
MdZm+jsLj/FlSUm9luQerbcqGytaBy5XH4dhfN7iQ7+QTCxJBt9qGMuY7vyMid41
g+hVVbhfpHHS+VPMZBQd4UkzTAVv2ZWqH5UsjuU+cPkST64VFx3W/wJ8x305pEcA
Cro5clIzKiGOAVxdjy1SzlIQgAVbmP75wCp93DpsrALKZkk2wzZyUfBWHIOGR2Fa
LVEXixdVRcmzvOn/qQOUm8fAhQa0EVqNukZojEfFx/3OiAU6lEVl6XrzGGrAD9LQ
tqq218RfCAa6OZSS+4D/Um6VI6lvS774RdZMla8ylvDb9f092uOzC8446wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF8KR0q7C7S7p3dEO3DdW1ltf9NXMB8GA1UdIwQY
MBaAFFBhdU92iRafahUGUJVHJnK6K0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUdGMVQzYUpGcDlxRlFaUWxVY21jcm9yUllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8zYjU5ZDUtNjAyZC00MzUxLTk2YmMt
YTEwODY0OWQ1MWUyLzEvVUdGMVQzYUpGcDlxRlFaUWxVY21jcm9yUllrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8zYjU5ZDUtNjAyZC00MzUxLTk2YmMtYTEwODY0OWQ1MWUy
LzEvVUdGMVQzYUpGcDlxRlFaUWxVY21jcm9yUllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAArQ/6t6t
4ANIWrq3Shyb6tsNJTNhsFphuvlyGyYn5ctfo0tjK17fZvQXk0qJNX/Z3qtBE0JK
q+SaPcKmvREn5SYEd7c7XlgZDgajX+qddglPdim4BVr4jZdkfCFPQMqNMOD+lMQw
8Q3HPMIsQEQmbKmu7YBNNhApFw78kRL0NqYnaWRpgdX+1ua/OnfQj50jX/e00MWO
o5mbdRiD2ot9dgHt8ECoPCZZJmjBIBSErXGceYrEC/L2CspNakxOC9QkvK0WhHIL
8b1dqHEVOgN1/OcCBOzlpO9sw4I3iRxNUh3fY1ZT5G8uQl0G/+xYC5b1ra4jpGrJ
0W7x/136zvA9qw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:04:25 2026 by rpki-client