Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft
File: clOCbDGl92CXvNwqL2UZiKE2flM.mft (raw, json)
Hash identifier: dZiuGOpHiwyPS/Wx8qkZvxUbRInU8G+Ldf6/+65Jb2A=
Subject key identifier: A5:A2:40:5D:37:B5:0A:1E:92:21:59:8D:F4:80:E9:60:90:3D:2F:F8
Authority key identifier: 72:53:82:6C:31:A5:F7:60:97:BC:DC:2A:2F:65:19:88:A1:36:7E:53
Certificate issuer: /CN=7253826c31a5f76097bcdc2a2f651988a1367e53
Certificate serial: 019D9B510D05AC36BDA95ABBB0600869F542
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/clOCbDGl92CXvNwqL2UZiKE2flM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft
Manifest number: 0B9A
Signing time: Fri 17 Apr 2026 12:01:13 +0000
Manifest this update: Fri 17 Apr 2026 12:01:13 +0000
Manifest next update: Sat 18 Apr 2026 12:01:13 +0000
Files and hashes: 1: clOCbDGl92CXvNwqL2UZiKE2flM.crl (hash: IDl9lkM3jCnK3Ff4lfkgDpgQBGSHw9iiUlSZ/a06uYg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft
rsync://rpki.ripe.net/repository/DEFAULT/clOCbDGl92CXvNwqL2UZiKE2flM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:51:0d:05:ac:36:bd:a9:5a:bb:b0:60:08:69:f5:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7253826c31a5f76097bcdc2a2f651988a1367e53
Validity
Not Before: Apr 17 12:01:13 2026 GMT
Not After : Apr 18 12:01:13 2026 GMT
Subject: CN=a5a2405d37b50a1e9221598df480e960903d2ff8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:fa:49:ce:d4:a7:b4:c3:95:2a:ab:4a:58:46:
0f:3b:c8:a8:71:b0:08:34:c8:49:b3:7d:c1:b4:97:
cd:a6:46:bf:6f:de:10:d5:f7:bd:b7:72:2f:d5:75:
e7:68:7b:19:b9:23:45:9f:77:d9:1f:e6:82:da:61:
11:99:c5:20:a9:5c:ed:5e:1c:68:c8:d7:0a:f3:2b:
3b:16:5b:9b:d4:63:0f:27:70:de:64:f4:c4:9c:11:
83:fe:9b:3b:ad:d6:93:fb:df:e6:0b:0a:c6:68:0b:
1e:ed:5e:49:f2:62:b1:b2:ea:e0:a3:63:b9:1e:b1:
1c:60:52:6e:16:6d:9c:80:d9:24:76:6d:1d:f3:a3:
4e:2c:ce:68:56:23:9e:96:f5:82:8c:65:2c:5f:3f:
cc:9d:c8:03:7d:e3:e7:ee:7c:8d:dc:84:d5:bd:97:
08:99:97:52:35:69:7d:3f:c8:cd:b0:91:27:fb:75:
06:f9:fd:c5:5a:16:7c:80:a3:36:4c:1c:46:2a:ac:
2c:d8:c0:67:d6:16:f4:eb:bb:25:ba:03:23:31:f3:
22:af:a0:5c:8e:6e:8e:1f:16:a0:c5:58:63:eb:1f:
43:aa:f3:2a:6a:e3:9d:73:d9:ba:ef:0b:3f:94:16:
2d:6c:41:46:28:15:82:5c:e1:dc:32:a3:32:a7:ef:
5b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:A2:40:5D:37:B5:0A:1E:92:21:59:8D:F4:80:E9:60:90:3D:2F:F8
X509v3 Authority Key Identifier:
keyid:72:53:82:6C:31:A5:F7:60:97:BC:DC:2A:2F:65:19:88:A1:36:7E:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/clOCbDGl92CXvNwqL2UZiKE2flM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
70:56:15:05:66:b9:2e:17:df:ec:cb:dc:4b:48:51:40:e0:d4:
b4:a6:49:0b:aa:68:30:f5:ef:fa:70:85:78:d8:92:cc:30:ef:
ec:e6:ea:6f:b6:f4:05:4e:f5:5f:91:68:c5:04:cc:6a:4f:2c:
7f:d6:77:73:91:c2:15:c1:87:bb:0f:53:87:02:6d:ab:61:50:
b0:92:67:1f:07:8f:7f:93:c3:d1:f0:d3:1d:ff:32:6e:d9:07:
2a:fb:5a:04:ee:3f:88:5e:a3:8f:69:42:22:77:1e:c6:2e:65:
0d:2e:17:6b:a0:04:0f:20:5f:29:bd:88:19:92:aa:2e:fb:6a:
25:53:32:c7:aa:11:17:24:0e:20:d8:fc:0a:5d:80:a9:29:07:
73:4d:98:5a:9a:9c:49:09:8b:53:8a:84:f8:b0:4f:6a:8a:f2:
3d:77:a1:f1:ee:fb:ee:6e:00:47:82:fa:b8:04:f5:e3:b0:8a:
ac:91:0a:b9:89:9f:ce:4a:95:5d:aa:58:8f:1f:3f:7e:10:12:
d5:6b:67:71:76:19:a5:c1:f2:83:f5:78:76:29:cd:cd:d6:d9:
18:8d:25:f2:38:be:3a:81:c6:85:4d:8a:3c:25:df:7a:79:9e:
98:fa:9d:43:f1:6a:37:dd:cc:2c:b4:22:87:74:17:30:29:7e:
14:33:5e:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bUQ0FrDa9qVq7sGAIafVCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNTM4MjZjMzFhNWY3NjA5N2JjZGMyYTJmNjUxOTg4YTEz
NjdlNTMwHhcNMjYwNDE3MTIwMTEzWhcNMjYwNDE4MTIwMTEzWjAzMTEwLwYDVQQD
EyhhNWEyNDA1ZDM3YjUwYTFlOTIyMTU5OGRmNDgwZTk2MDkwM2QyZmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/pJztSntMOVKqtKWEYPO8iocbAI
NMhJs33BtJfNpka/b94Q1fe9t3Iv1XXnaHsZuSNFn3fZH+aC2mERmcUgqVztXhxo
yNcK8ys7Flub1GMPJ3DeZPTEnBGD/ps7rdaT+9/mCwrGaAse7V5J8mKxsurgo2O5
HrEcYFJuFm2cgNkkdm0d86NOLM5oViOelvWCjGUsXz/MncgDfePn7nyN3ITVvZcI
mZdSNWl9P8jNsJEn+3UG+f3FWhZ8gKM2TBxGKqws2MBn1hb067slugMjMfMir6Bc
jm6OHxagxVhj6x9DqvMqauOdc9m67ws/lBYtbEFGKBWCXOHcMqMyp+9bGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKWiQF03tQoekiFZjfSA6WCQPS/4MB8GA1UdIwQY
MBaAFHJTgmwxpfdgl7zcKi9lGYihNn5TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2xPQ2JER2w5MkNYdk53cUwyVVppS0UyZmxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy83YTRhNDItN2RjNS00MGMwLTgwNGIt
ZjNmNTFjMTA3MGI5LzEvY2xPQ2JER2w5MkNYdk53cUwyVVppS0UyZmxNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy83YTRhNDItN2RjNS00MGMwLTgwNGItZjNmNTFjMTA3MGI5
LzEvY2xPQ2JER2w5MkNYdk53cUwyVVppS0UyZmxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcFYVBWa5
Lhff7MvcS0hRQODUtKZJC6poMPXv+nCFeNiSzDDv7Obqb7b0BU71X5FoxQTMak8s
f9Z3c5HCFcGHuw9ThwJtq2FQsJJnHwePf5PD0fDTHf8ybtkHKvtaBO4/iF6jj2lC
Incexi5lDS4Xa6AEDyBfKb2IGZKqLvtqJVMyx6oRFyQOINj8Cl2AqSkHc02YWpqc
SQmLU4qE+LBPaoryPXeh8e777m4AR4L6uAT147CKrJEKuYmfzkqVXapYjx8/fhAS
1WtncXYZpcHyg/V4dinNzdbZGI0l8ji+OoHGhU2KPCXfenmemPqdQ/FqN93MLLQi
h3QXMCl+FDNeEg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:25:45 2026 by rpki-client