Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/2820d1-fd20-4889-834f-d527ce0d9930/1/MFxE6MlhoUUNCqshLw3scX0d77Y.mft
File: MFxE6MlhoUUNCqshLw3scX0d77Y.mft (raw, json)
Hash identifier: sa+PuVHc8y6ohVeYYj51jSQu2tJUuJh7JIZYCRpsMoQ=
Subject key identifier: CB:75:D1:78:54:B7:99:C2:00:FE:A9:3D:12:7E:9F:E0:34:B2:BC:01
Authority key identifier: 30:5C:44:E8:C9:61:A1:45:0D:0A:AB:21:2F:0D:EC:71:7D:1D:EF:B6
Certificate issuer: /CN=305c44e8c961a1450d0aab212f0dec717d1defb6
Certificate serial: 019D992B828C1A21B5DFDE61B3C3C61B4948
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MFxE6MlhoUUNCqshLw3scX0d77Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/2820d1-fd20-4889-834f-d527ce0d9930/1/MFxE6MlhoUUNCqshLw3scX0d77Y.mft
Manifest number: 18C2
Signing time: Fri 17 Apr 2026 02:00:58 +0000
Manifest this update: Fri 17 Apr 2026 02:00:58 +0000
Manifest next update: Sat 18 Apr 2026 02:00:58 +0000
Files and hashes: 1: 4s2LfJgezExAwyLPh90eBZdMtsA.roa (hash: QROHTNbuhK/OLqAPPL7ZK974ElG4KehFHzzkBDXusl4=)
2: MFxE6MlhoUUNCqshLw3scX0d77Y.crl (hash: ttDRZoQOxSM/2kXcDpdnWJQvq9Zl4ubFnasn58n6+Dk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/2820d1-fd20-4889-834f-d527ce0d9930/1/MFxE6MlhoUUNCqshLw3scX0d77Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/2820d1-fd20-4889-834f-d527ce0d9930/1/MFxE6MlhoUUNCqshLw3scX0d77Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/MFxE6MlhoUUNCqshLw3scX0d77Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:2b:82:8c:1a:21:b5:df:de:61:b3:c3:c6:1b:49:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=305c44e8c961a1450d0aab212f0dec717d1defb6
Validity
Not Before: Apr 17 02:00:58 2026 GMT
Not After : Apr 18 02:00:58 2026 GMT
Subject: CN=cb75d17854b799c200fea93d127e9fe034b2bc01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3a:9f:fd:42:38:d6:b4:b9:c0:8a:51:bc:4c:
2e:bd:10:ef:d3:f0:77:89:5c:4e:86:7d:d1:20:55:
ec:73:a0:3d:02:f9:c4:07:33:cf:74:f0:33:91:b0:
80:a4:03:c8:71:2a:ef:34:12:8a:af:dc:6a:63:93:
0e:f2:96:30:0a:b8:4f:7d:a8:2e:44:36:8f:6d:08:
b9:78:de:1d:72:d9:82:e7:58:5f:02:bc:a8:41:94:
a4:6f:26:48:50:95:f8:27:70:32:7e:28:df:7d:96:
96:71:a2:f9:1f:0b:b3:d9:06:34:e3:94:94:91:e8:
28:94:b5:39:cc:fa:30:09:6a:e3:d2:50:55:1d:f3:
c0:f7:7b:da:27:77:10:73:ed:3c:d5:55:c4:c3:fe:
c3:af:8c:ae:5b:a5:6b:84:95:28:4d:d4:7e:88:15:
bf:01:08:01:08:39:95:38:d0:be:45:a1:03:cb:9b:
20:10:ca:e3:65:b9:fb:42:77:4a:0b:bf:4f:ec:18:
b5:e1:df:67:ae:1e:31:b6:5c:37:88:2d:a8:62:f8:
30:cb:33:88:bd:44:9d:73:0e:1d:1f:8f:67:39:76:
6c:fe:2a:b8:6c:a0:ac:59:70:01:5f:a0:27:7b:7a:
68:fb:e3:be:58:8d:f1:38:cf:32:68:c3:81:45:e3:
5a:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:75:D1:78:54:B7:99:C2:00:FE:A9:3D:12:7E:9F:E0:34:B2:BC:01
X509v3 Authority Key Identifier:
keyid:30:5C:44:E8:C9:61:A1:45:0D:0A:AB:21:2F:0D:EC:71:7D:1D:EF:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MFxE6MlhoUUNCqshLw3scX0d77Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/2820d1-fd20-4889-834f-d527ce0d9930/1/MFxE6MlhoUUNCqshLw3scX0d77Y.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/2820d1-fd20-4889-834f-d527ce0d9930/1/MFxE6MlhoUUNCqshLw3scX0d77Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5f:28:b9:12:db:a8:3c:dc:2b:e0:f8:21:31:eb:69:4d:6d:ac:
43:c7:2f:ef:d6:20:a4:76:f0:90:e9:6c:45:73:72:04:1a:b3:
b4:1d:8c:29:00:b1:98:82:d6:1d:68:b3:75:e9:35:58:81:4c:
c3:e6:e0:ca:71:8b:8f:08:05:81:bd:95:36:af:6c:23:a9:b1:
a7:69:79:c3:81:28:79:b7:c4:27:06:70:bb:1f:3c:0c:16:37:
31:e2:f6:eb:25:ca:d0:bd:c9:01:fa:7e:17:c9:a7:39:98:28:
f6:c6:da:d9:84:ef:84:68:65:cf:d9:53:34:24:73:df:a2:ed:
82:4c:69:e1:fc:18:20:7c:68:94:66:85:1f:8f:09:bc:d8:d6:
d3:a7:50:2b:e2:7b:d0:f1:e2:57:d9:ed:94:6d:ef:97:5e:72:
37:f1:71:e9:73:9e:51:e4:15:6c:50:ed:1e:95:5b:79:90:b2:
25:58:78:f9:82:86:34:2f:c3:68:bc:26:6f:ea:7a:7d:4a:91:
f5:46:36:be:6d:eb:d0:16:0f:f6:a3:b3:21:89:08:b7:3d:01:
b2:44:be:b4:72:fd:b6:aa:17:4c:52:18:0e:0f:02:b5:22:09:
b3:64:80:fc:a4:e7:31:ed:2e:50:52:4c:f0:7c:e6:40:51:53:
cd:f7:b1:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZK4KMGiG1395hs8PGG0lIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNWM0NGU4Yzk2MWExNDUwZDBhYWIyMTJmMGRlYzcxN2Qx
ZGVmYjYwHhcNMjYwNDE3MDIwMDU4WhcNMjYwNDE4MDIwMDU4WjAzMTEwLwYDVQQD
EyhjYjc1ZDE3ODU0Yjc5OWMyMDBmZWE5M2QxMjdlOWZlMDM0YjJiYzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjqf/UI41rS5wIpRvEwuvRDv0/B3
iVxOhn3RIFXsc6A9AvnEBzPPdPAzkbCApAPIcSrvNBKKr9xqY5MO8pYwCrhPfagu
RDaPbQi5eN4dctmC51hfAryoQZSkbyZIUJX4J3AyfijffZaWcaL5Hwuz2QY045SU
kegolLU5zPowCWrj0lBVHfPA93vaJ3cQc+081VXEw/7Dr4yuW6VrhJUoTdR+iBW/
AQgBCDmVONC+RaEDy5sgEMrjZbn7QndKC79P7Bi14d9nrh4xtlw3iC2oYvgwyzOI
vUSdcw4dH49nOXZs/iq4bKCsWXABX6Ane3po++O+WI3xOM8yaMOBReNaWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMt10XhUt5nCAP6pPRJ+n+A0srwBMB8GA1UdIwQY
MBaAFDBcROjJYaFFDQqrIS8N7HF9He+2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUZ4RTZNbGhvVVVOQ3FzaEx3M3NjWDBkNzdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS8yODIwZDEtZmQyMC00ODg5LTgzNGYt
ZDUyN2NlMGQ5OTMwLzEvTUZ4RTZNbGhvVVVOQ3FzaEx3M3NjWDBkNzdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS8yODIwZDEtZmQyMC00ODg5LTgzNGYtZDUyN2NlMGQ5OTMw
LzEvTUZ4RTZNbGhvVVVOQ3FzaEx3M3NjWDBkNzdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXyi5Etuo
PNwr4PghMetpTW2sQ8cv79YgpHbwkOlsRXNyBBqztB2MKQCxmILWHWizdek1WIFM
w+bgynGLjwgFgb2VNq9sI6mxp2l5w4EoebfEJwZwux88DBY3MeL26yXK0L3JAfp+
F8mnOZgo9sba2YTvhGhlz9lTNCRz36Ltgkxp4fwYIHxolGaFH48JvNjW06dQK+J7
0PHiV9ntlG3vl15yN/Fx6XOeUeQVbFDtHpVbeZCyJVh4+YKGNC/DaLwmb+p6fUqR
9UY2vm3r0BYP9qOzIYkItz0BskS+tHL9tqoXTFIYDg8CtSIJs2SA/KTnMe0uUFJM
8HzmQFFTzfexFw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 04:02:05 2026 by rpki-client