Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/758467-6818-4e84-87ba-5d838668bebe/1/vygFmS5lMdPaMe4a9rzVwG0Ctso.mft
File: vygFmS5lMdPaMe4a9rzVwG0Ctso.mft (raw, json)
Hash identifier: 0wBTeX8xbIDESCBkHK8jgbOs+6ijrTs2BsFEzmMeOLU=
Subject key identifier: 12:BB:43:00:0D:49:8B:72:3B:FD:25:78:F7:D7:3A:84:65:0F:04:89
Authority key identifier: BF:28:05:99:2E:65:31:D3:DA:31:EE:1A:F6:BC:D5:C0:6D:02:B6:CA
Certificate issuer: /CN=bf2805992e6531d3da31ee1af6bcd5c06d02b6ca
Certificate serial: 019D9C2D31E1203D455668F7B1EE66E1EF0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vygFmS5lMdPaMe4a9rzVwG0Ctso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/758467-6818-4e84-87ba-5d838668bebe/1/vygFmS5lMdPaMe4a9rzVwG0Ctso.mft
Manifest number: 18C3
Signing time: Fri 17 Apr 2026 16:01:40 +0000
Manifest this update: Fri 17 Apr 2026 16:01:40 +0000
Manifest next update: Sat 18 Apr 2026 16:01:40 +0000
Files and hashes: 1: 1-cSechBeG_43VlV3W2mEZPKzYGE.roa (hash: 9e/rHvRg0gRAUAYkVXIF5QXnGheb2t+lp0PsH5x3v20=)
2: M8hdjmtzd8hrW3Y8l4qmpPKkDK0.roa (hash: J/z8EzYcLAwxjC5JuidTonZF1YMKXrRg2Bt2mDC3F7U=)
3: vygFmS5lMdPaMe4a9rzVwG0Ctso.crl (hash: RycxU44kB6q23cdCwYoAV/0DJjmpmDfNvaoe8Kf/7NY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/758467-6818-4e84-87ba-5d838668bebe/1/vygFmS5lMdPaMe4a9rzVwG0Ctso.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/758467-6818-4e84-87ba-5d838668bebe/1/vygFmS5lMdPaMe4a9rzVwG0Ctso.mft
rsync://rpki.ripe.net/repository/DEFAULT/vygFmS5lMdPaMe4a9rzVwG0Ctso.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9c:2d:31:e1:20:3d:45:56:68:f7:b1:ee:66:e1:ef:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf2805992e6531d3da31ee1af6bcd5c06d02b6ca
Validity
Not Before: Apr 17 16:01:40 2026 GMT
Not After : Apr 18 16:01:40 2026 GMT
Subject: CN=12bb43000d498b723bfd2578f7d73a84650f0489
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f6:28:78:2b:bd:fe:22:c3:e8:fb:e6:63:31:
20:75:1a:24:ef:20:73:ba:64:91:21:37:e5:20:12:
c1:69:6a:8a:a6:88:4d:2d:51:2a:b1:f5:0c:e0:8c:
31:a1:9c:34:a7:34:bf:f1:48:be:2b:e8:dd:aa:bf:
82:2a:85:41:81:dd:b5:22:a3:91:ad:b6:c8:d8:97:
ae:76:01:e6:0d:eb:a1:0a:61:87:d2:13:a0:b7:2d:
00:94:30:1b:4b:36:4f:cb:0a:28:8f:3b:48:00:49:
ed:85:0c:1c:a1:a7:f6:61:b4:c3:40:46:ed:c8:32:
ba:fe:e0:d9:bd:a8:0c:1b:99:a6:ef:e6:6b:d5:20:
b1:14:f9:3e:fc:c3:3b:70:a1:3f:dc:b3:92:e3:a1:
35:ca:3f:f8:ae:0e:76:cc:e3:59:90:8b:81:09:76:
06:de:65:05:e8:45:b7:e3:eb:ba:c4:55:a7:3a:b5:
47:76:6c:23:b0:42:fd:5d:a1:7f:3a:e7:d5:8d:a1:
0f:19:ea:5a:3e:b8:ec:31:dd:b2:a3:51:7f:5d:f3:
e3:53:51:7d:4c:55:30:09:8a:c2:eb:15:67:bd:46:
35:87:3e:d3:8c:f5:53:5b:f7:0d:11:16:83:58:b1:
88:59:73:67:87:77:99:95:8f:aa:e7:2a:43:4d:0c:
50:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:BB:43:00:0D:49:8B:72:3B:FD:25:78:F7:D7:3A:84:65:0F:04:89
X509v3 Authority Key Identifier:
keyid:BF:28:05:99:2E:65:31:D3:DA:31:EE:1A:F6:BC:D5:C0:6D:02:B6:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vygFmS5lMdPaMe4a9rzVwG0Ctso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/758467-6818-4e84-87ba-5d838668bebe/1/vygFmS5lMdPaMe4a9rzVwG0Ctso.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/758467-6818-4e84-87ba-5d838668bebe/1/vygFmS5lMdPaMe4a9rzVwG0Ctso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:56:8c:2b:43:7e:f0:c2:27:25:6d:b4:ec:77:ad:e4:c0:bb:
83:69:bc:2f:ee:12:56:ef:86:9d:89:14:47:3d:c1:25:06:b4:
f4:d3:52:d0:dd:b1:37:4a:5c:fb:3b:a2:b6:4b:6d:7f:de:e8:
8a:49:f8:0f:cc:4a:d1:ef:d4:21:fc:56:77:e6:2e:35:95:27:
a3:91:44:2c:e6:bd:74:66:9f:0e:a1:e4:a5:0e:ee:9a:0a:4b:
e3:fc:7a:cc:be:dd:2a:bd:72:0d:ac:02:53:ea:3c:d2:40:e7:
4f:ca:55:07:8a:cf:7c:55:8f:ae:c7:ae:d3:14:ad:f5:e6:46:
8b:e6:73:de:5c:19:35:5f:66:bc:e0:83:aa:66:24:78:5b:f5:
92:17:60:29:61:ee:62:b6:8b:b1:cb:16:4e:b2:65:82:95:3a:
81:54:39:4a:21:96:af:b6:e7:13:46:22:e0:e3:79:b5:6d:7e:
a5:7b:b3:f6:ba:4b:90:79:c2:05:d2:90:9c:69:fc:fd:9b:5a:
35:52:48:04:9c:1e:b6:8c:58:34:bc:63:d5:04:09:cd:3e:9d:
2c:a2:dc:ae:6f:f7:5a:9a:5b:44:c4:f8:17:32:2f:02:0d:92:
fe:2a:e6:08:d8:c5:d7:12:2b:8d:40:d9:04:f9:1d:8d:f0:4c:
95:e6:6f:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2cLTHhID1FVmj3se5m4e8MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMjgwNTk5MmU2NTMxZDNkYTMxZWUxYWY2YmNkNWMwNmQw
MmI2Y2EwHhcNMjYwNDE3MTYwMTQwWhcNMjYwNDE4MTYwMTQwWjAzMTEwLwYDVQQD
EygxMmJiNDMwMDBkNDk4YjcyM2JmZDI1NzhmN2Q3M2E4NDY1MGYwNDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfYoeCu9/iLD6PvmYzEgdRok7yBz
umSRITflIBLBaWqKpohNLVEqsfUM4IwxoZw0pzS/8Ui+K+jdqr+CKoVBgd21IqOR
rbbI2JeudgHmDeuhCmGH0hOgty0AlDAbSzZPywoojztIAEnthQwcoaf2YbTDQEbt
yDK6/uDZvagMG5mm7+Zr1SCxFPk+/MM7cKE/3LOS46E1yj/4rg52zONZkIuBCXYG
3mUF6EW34+u6xFWnOrVHdmwjsEL9XaF/OufVjaEPGepaPrjsMd2yo1F/XfPjU1F9
TFUwCYrC6xVnvUY1hz7TjPVTW/cNERaDWLGIWXNnh3eZlY+q5ypDTQxQRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBK7QwANSYtyO/0lePfXOoRlDwSJMB8GA1UdIwQY
MBaAFL8oBZkuZTHT2jHuGva81cBtArbKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnlnRm1TNWxNZFBhTWU0YTlyelZ3RzBDdHNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi83NTg0NjctNjgxOC00ZTg0LTg3YmEt
NWQ4Mzg2NjhiZWJlLzEvdnlnRm1TNWxNZFBhTWU0YTlyelZ3RzBDdHNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi83NTg0NjctNjgxOC00ZTg0LTg3YmEtNWQ4Mzg2NjhiZWJl
LzEvdnlnRm1TNWxNZFBhTWU0YTlyelZ3RzBDdHNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIVaMK0N+
8MInJW207Het5MC7g2m8L+4SVu+GnYkURz3BJQa09NNS0N2xN0pc+zuitkttf97o
ikn4D8xK0e/UIfxWd+YuNZUno5FELOa9dGafDqHkpQ7umgpL4/x6zL7dKr1yDawC
U+o80kDnT8pVB4rPfFWPrseu0xSt9eZGi+Zz3lwZNV9mvOCDqmYkeFv1khdgKWHu
YraLscsWTrJlgpU6gVQ5SiGWr7bnE0Yi4ON5tW1+pXuz9rpLkHnCBdKQnGn8/Zta
NVJIBJwetoxYNLxj1QQJzT6dLKLcrm/3WppbRMT4FzIvAg2S/irmCNjF1xIrjUDZ
BPkdjfBMleZvTQ==
-----END CERTIFICATE-----
Generated at Sat Apr 18 00:23:15 2026 by rpki-client