Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/bf0bfe-9554-4b7e-95da-469619d4ecdb/1/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.mft
File: r5ss7-OJoa5JdW7cKzKT5Ygwy4I.mft (raw, json)
Hash identifier: y5tZPZS5ZZgSlvNJcjiTlXFf6EK82Xjd7WRx28rHC7U=
Subject key identifier: 95:F2:5E:7A:E7:C0:AC:E9:17:16:F4:95:1A:1F:4E:D2:E5:3A:46:B9
Authority key identifier: AF:9B:2C:EF:E3:89:A1:AE:49:75:6E:DC:2B:32:93:E5:88:30:CB:82
Certificate issuer: /CN=af9b2cefe389a1ae49756edc2b3293e58830cb82
Certificate serial: 019CAC7E31B9F7AFCEC8DC67670F09CAFF3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/bf0bfe-9554-4b7e-95da-469619d4ecdb/1/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.mft
Manifest number: 0524
Signing time: Mon 02 Mar 2026 03:01:17 +0000
Manifest this update: Mon 02 Mar 2026 03:01:17 +0000
Manifest next update: Tue 03 Mar 2026 03:01:17 +0000
Files and hashes: 1: SW0jIvk1wvk_Jl_m70Mc6YZkuCg.roa (hash: xgcppBoYJknCSghed+wm1HRzdAorIWKU+WyvltEZlPQ=)
2: r5ss7-OJoa5JdW7cKzKT5Ygwy4I.crl (hash: wQNfH2mfFCX7OoC01hOehLanlikMMlRdwIFUq81KG48=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/bf0bfe-9554-4b7e-95da-469619d4ecdb/1/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/bf0bfe-9554-4b7e-95da-469619d4ecdb/1/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.mft
rsync://rpki.ripe.net/repository/DEFAULT/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:7e:31:b9:f7:af:ce:c8:dc:67:67:0f:09:ca:ff:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af9b2cefe389a1ae49756edc2b3293e58830cb82
Validity
Not Before: Mar 2 03:01:17 2026 GMT
Not After : Mar 3 03:01:17 2026 GMT
Subject: CN=95f25e7ae7c0ace91716f4951a1f4ed2e53a46b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:63:0f:c6:26:93:70:18:9b:ee:85:3f:e4:03:
98:0f:92:66:7c:04:60:28:eb:b4:b9:1d:08:e9:bf:
f2:ab:60:42:8f:d9:77:92:3f:b1:b3:ed:37:8b:cf:
23:f9:81:f2:07:75:96:ce:90:46:62:f3:90:0b:4a:
d1:e6:98:32:e1:d6:56:9a:be:c4:51:89:0b:78:07:
87:a7:f2:61:47:f7:f1:62:9c:2b:1a:27:a2:2a:df:
7a:cb:b3:d3:9b:60:16:ed:73:1f:48:66:59:91:d3:
db:1f:c9:69:47:25:66:31:84:22:dd:01:ec:f6:8a:
c0:52:81:a1:cd:27:bc:81:91:e0:bb:50:6a:51:54:
69:09:01:e0:37:30:48:81:95:fa:c8:e2:e5:2c:22:
1f:3e:e4:2d:d7:9f:c0:25:75:aa:a7:7a:c2:6f:fe:
4b:1d:19:8e:a3:31:68:1c:a7:05:61:c1:4a:16:fb:
58:49:7a:75:28:9b:50:5c:a4:36:ba:76:20:27:1c:
9e:d5:4e:f0:14:09:de:49:6f:17:30:93:d4:b5:88:
60:4f:8e:62:ef:f4:a9:5f:94:db:15:2e:bd:e4:6b:
3d:45:24:38:11:f1:2e:db:77:1f:c4:33:fb:d6:01:
40:0c:28:bf:e0:3d:76:d3:ea:b9:9c:9b:46:23:27:
db:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:F2:5E:7A:E7:C0:AC:E9:17:16:F4:95:1A:1F:4E:D2:E5:3A:46:B9
X509v3 Authority Key Identifier:
keyid:AF:9B:2C:EF:E3:89:A1:AE:49:75:6E:DC:2B:32:93:E5:88:30:CB:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bf0bfe-9554-4b7e-95da-469619d4ecdb/1/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bf0bfe-9554-4b7e-95da-469619d4ecdb/1/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
27:46:cf:cf:6a:cf:25:6f:6c:25:29:7d:ae:1d:3e:81:a9:63:
b7:17:a0:22:72:81:18:50:d6:b6:fa:5b:5f:43:99:58:fb:eb:
c2:26:4f:e6:3a:3f:67:cb:0d:1e:7b:5c:8f:33:c6:88:c4:7c:
55:64:f7:c9:af:2d:4e:a6:f5:d9:41:4c:d9:73:02:b7:36:58:
92:38:bc:17:3b:4e:c3:ae:a3:5b:8b:57:74:d8:bf:0b:8a:27:
4d:7f:23:5d:c2:95:4c:6d:12:a0:e4:31:08:39:64:f4:f8:6f:
c9:cd:04:63:6d:69:6e:8e:f7:d3:2b:a4:fb:bf:13:61:57:b9:
46:72:dc:e2:de:0d:cb:c9:27:ae:67:86:23:d0:44:4c:a3:55:
25:ea:e3:4e:ae:3d:4e:3c:84:eb:8b:66:f0:4d:42:ff:26:11:
e0:7f:3d:57:09:8a:ca:38:c0:56:31:97:59:13:12:bd:54:cc:
cb:e9:df:e7:bd:15:7f:e8:11:82:34:14:1f:92:bd:67:bc:a9:
f4:76:82:86:b9:30:cc:29:6a:f2:aa:16:56:b9:a0:b8:30:49:
de:91:fa:dc:16:1c:99:fe:7a:df:31:c5:02:8f:fc:3a:08:c7:
40:e7:86:05:09:6a:36:72:55:18:73:6b:57:58:e8:d5:70:0e:
bd:fe:31:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysfjG596/OyNxnZw8Jyv87MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOWIyY2VmZTM4OWExYWU0OTc1NmVkYzJiMzI5M2U1ODgz
MGNiODIwHhcNMjYwMzAyMDMwMTE3WhcNMjYwMzAzMDMwMTE3WjAzMTEwLwYDVQQD
Eyg5NWYyNWU3YWU3YzBhY2U5MTcxNmY0OTUxYTFmNGVkMmU1M2E0NmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWMPxiaTcBib7oU/5AOYD5JmfARg
KOu0uR0I6b/yq2BCj9l3kj+xs+03i88j+YHyB3WWzpBGYvOQC0rR5pgy4dZWmr7E
UYkLeAeHp/JhR/fxYpwrGieiKt96y7PTm2AW7XMfSGZZkdPbH8lpRyVmMYQi3QHs
9orAUoGhzSe8gZHgu1BqUVRpCQHgNzBIgZX6yOLlLCIfPuQt15/AJXWqp3rCb/5L
HRmOozFoHKcFYcFKFvtYSXp1KJtQXKQ2unYgJxye1U7wFAneSW8XMJPUtYhgT45i
7/SpX5TbFS695Gs9RSQ4EfEu23cfxDP71gFADCi/4D120+q5nJtGIyfbrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJXyXnrnwKzpFxb0lRofTtLlOka5MB8GA1UdIwQY
MBaAFK+bLO/jiaGuSXVu3Csyk+WIMMuCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjVzczctT0pvYTVKZFc3Y0t6S1Q1WWd3eTRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9iZjBiZmUtOTU1NC00YjdlLTk1ZGEt
NDY5NjE5ZDRlY2RiLzEvcjVzczctT0pvYTVKZFc3Y0t6S1Q1WWd3eTRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9iZjBiZmUtOTU1NC00YjdlLTk1ZGEtNDY5NjE5ZDRlY2Ri
LzEvcjVzczctT0pvYTVKZFc3Y0t6S1Q1WWd3eTRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ0bPz2rP
JW9sJSl9rh0+galjtxegInKBGFDWtvpbX0OZWPvrwiZP5jo/Z8sNHntcjzPGiMR8
VWT3ya8tTqb12UFM2XMCtzZYkji8FztOw66jW4tXdNi/C4onTX8jXcKVTG0SoOQx
CDlk9Phvyc0EY21pbo730yuk+78TYVe5RnLc4t4Ny8knrmeGI9BETKNVJerjTq49
TjyE64tm8E1C/yYR4H89VwmKyjjAVjGXWRMSvVTMy+nf570Vf+gRgjQUH5K9Z7yp
9HaChrkwzClq8qoWVrmguDBJ3pH63BYcmf563zHFAo/8OgjHQOeGBQlqNnJVGHNr
V1jo1XAOvf4xhw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:08:34 2026 by rpki-client