Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
File: ao33d2sW0oLgTGluJYqk-fnOnJg.mft (raw, json)
Hash identifier: itqcmCnugQW/SMZbc1RWloOJVI0NOuw6LfHg1Fm/PYc=
Subject key identifier: D3:39:8F:82:BF:83:00:B6:08:27:8A:B5:EA:06:20:B0:1E:95:E2:FC
Authority key identifier: 6A:8D:F7:77:6B:16:D2:82:E0:4C:69:6E:25:8A:A4:F9:F9:CE:9C:98
Certificate issuer: /CN=6a8df7776b16d282e04c696e258aa4f9f9ce9c98
Certificate serial: 019D9C2D442B4E9E81BB7E0E57FD82D7DC7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
Manifest number: 0CB4
Signing time: Fri 17 Apr 2026 16:01:45 +0000
Manifest this update: Fri 17 Apr 2026 16:01:45 +0000
Manifest next update: Sat 18 Apr 2026 16:01:45 +0000
Files and hashes: 1: GmFXXmDlxbUAsewZb2XP6yyDi4w.roa (hash: t86pSAuRTeL1p9o68CyCCsghXoQGwpFAgB1l7sjE7zs=)
2: ao33d2sW0oLgTGluJYqk-fnOnJg.crl (hash: G3iaXYersM1ogYmyeBQlFnvWTPqsDUQPBrSEqi/OMVo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9c:2d:44:2b:4e:9e:81:bb:7e:0e:57:fd:82:d7:dc:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a8df7776b16d282e04c696e258aa4f9f9ce9c98
Validity
Not Before: Apr 17 16:01:45 2026 GMT
Not After : Apr 18 16:01:45 2026 GMT
Subject: CN=d3398f82bf8300b608278ab5ea0620b01e95e2fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b3:ff:78:d9:a8:ad:4f:1b:61:3a:db:b2:1d:
32:ab:1f:12:65:47:05:c5:16:b8:1f:79:83:dc:cf:
9f:3f:03:ce:4d:34:6c:60:2f:2a:47:24:3d:a5:de:
fd:70:f7:55:8b:91:54:50:0a:e5:6b:80:a4:b4:e5:
5b:93:07:49:61:45:9b:58:d8:8d:8e:36:d2:12:42:
fc:94:36:4b:7b:de:10:d9:71:71:3a:af:c3:a9:33:
ca:e7:19:2f:b4:69:7d:ab:89:52:f2:f6:f5:e0:f7:
65:bc:e3:f8:87:7a:09:9c:84:cc:fa:e0:98:66:df:
8d:2e:99:e6:0d:5c:ea:d7:13:bb:73:09:1d:17:c5:
9a:6a:d4:1c:38:76:ca:ef:3a:fc:44:33:7e:a6:cf:
b0:95:52:f0:22:e8:50:e6:e5:14:05:7f:77:13:15:
93:7f:ee:93:28:32:6d:fc:98:4b:f7:4e:d7:b7:66:
86:16:0a:a8:a2:49:c3:3a:95:58:d9:02:cd:a6:6a:
44:b8:4c:8d:df:a0:a5:c3:74:ec:ab:80:5b:be:e3:
2b:1e:19:a7:38:3f:b6:35:08:ed:aa:53:ce:12:92:
f6:71:34:6d:77:53:4c:87:54:05:63:45:70:53:ad:
fe:50:91:d5:f2:a5:8b:bb:1a:68:cd:ac:f4:e7:ef:
16:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:39:8F:82:BF:83:00:B6:08:27:8A:B5:EA:06:20:B0:1E:95:E2:FC
X509v3 Authority Key Identifier:
keyid:6A:8D:F7:77:6B:16:D2:82:E0:4C:69:6E:25:8A:A4:F9:F9:CE:9C:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
80:27:d5:ba:ed:04:42:cf:c9:76:5b:20:7f:04:5a:97:9f:f0:
cd:82:71:bb:f8:89:73:88:b5:12:da:82:10:6c:be:17:ec:0d:
f3:53:aa:fd:30:30:74:2b:52:e9:f5:59:0d:73:88:ec:47:11:
98:5c:30:6f:7f:85:14:8a:6f:8f:96:79:fb:da:e4:6e:f9:c9:
74:01:f0:59:05:9e:f3:7a:7a:57:91:2f:bb:71:59:95:d6:a7:
a9:38:b6:24:c3:47:d9:22:5b:95:61:1e:c1:fc:c9:a5:33:59:
e0:9e:57:ce:e9:37:03:c7:dc:d3:da:cc:48:e4:de:b4:b8:87:
50:5b:f2:bc:be:d0:b3:f5:f6:71:ca:11:4d:f7:32:88:8d:ed:
d1:0c:b2:5c:e7:31:e2:f5:b5:6e:7a:92:b5:fd:0a:fa:2a:fb:
b7:3e:c9:de:ef:b4:36:80:e4:a6:b5:f8:5b:e2:cf:ba:df:0f:
44:e4:a0:d4:ed:fd:99:22:55:17:65:31:8a:e6:73:50:c7:88:
47:e9:1e:d4:72:6d:bb:7a:7d:56:56:b2:87:87:cb:ac:67:8f:
94:75:11:62:f8:8e:6f:30:41:45:c7:e4:ac:17:97:50:4f:be:
14:e6:76:bb:84:ed:87:80:14:ec:b8:d2:c4:c3:bd:91:cf:43:
fa:07:ae:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2cLUQrTp6Bu34OV/2C19x9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhOGRmNzc3NmIxNmQyODJlMDRjNjk2ZTI1OGFhNGY5Zjlj
ZTljOTgwHhcNMjYwNDE3MTYwMTQ1WhcNMjYwNDE4MTYwMTQ1WjAzMTEwLwYDVQQD
EyhkMzM5OGY4MmJmODMwMGI2MDgyNzhhYjVlYTA2MjBiMDFlOTVlMmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprP/eNmorU8bYTrbsh0yqx8SZUcF
xRa4H3mD3M+fPwPOTTRsYC8qRyQ9pd79cPdVi5FUUArla4CktOVbkwdJYUWbWNiN
jjbSEkL8lDZLe94Q2XFxOq/DqTPK5xkvtGl9q4lS8vb14PdlvOP4h3oJnITM+uCY
Zt+NLpnmDVzq1xO7cwkdF8WaatQcOHbK7zr8RDN+ps+wlVLwIuhQ5uUUBX93ExWT
f+6TKDJt/JhL907Xt2aGFgqooknDOpVY2QLNpmpEuEyN36Clw3Tsq4BbvuMrHhmn
OD+2NQjtqlPOEpL2cTRtd1NMh1QFY0VwU63+UJHV8qWLuxpozaz05+8WtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNM5j4K/gwC2CCeKteoGILAeleL8MB8GA1UdIwQY
MBaAFGqN93drFtKC4ExpbiWKpPn5zpyYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kMzAxY2QtZjUxMy00OTk1LTlkNTUt
MWIzOGIwMjI0NWMxLzEvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kMzAxY2QtZjUxMy00OTk1LTlkNTUtMWIzOGIwMjI0NWMx
LzEvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgCfVuu0E
Qs/JdlsgfwRal5/wzYJxu/iJc4i1EtqCEGy+F+wN81Oq/TAwdCtS6fVZDXOI7EcR
mFwwb3+FFIpvj5Z5+9rkbvnJdAHwWQWe83p6V5Evu3FZldanqTi2JMNH2SJblWEe
wfzJpTNZ4J5Xzuk3A8fc09rMSOTetLiHUFvyvL7Qs/X2ccoRTfcyiI3t0QyyXOcx
4vW1bnqStf0K+ir7tz7J3u+0NoDkprX4W+LPut8PROSg1O39mSJVF2UxiuZzUMeI
R+ke1HJtu3p9Vlayh4fLrGePlHURYviObzBBRcfkrBeXUE++FOZ2u4Tth4AU7LjS
xMO9kc9D+geugQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 20:37:21 2026 by rpki-client