Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/2d7946-db8b-4a57-a70b-2071546b70f9/1/s7a21-XdDDKPbOr36enA0cuMHSI.mft
File: s7a21-XdDDKPbOr36enA0cuMHSI.mft (raw, json)
Hash identifier: R1u3yVU0vf09h+C+7gXIt8MAgOBNJ10Ff8sQ0s5B/ug=
Subject key identifier: 23:12:F7:BD:9C:47:3D:AD:12:CD:94:89:5E:0E:B3:19:6D:D0:62:EB
Authority key identifier: B3:B6:B6:D7:E5:DD:0C:32:8F:6C:EA:F7:E9:E9:C0:D1:CB:8C:1D:22
Certificate issuer: /CN=b3b6b6d7e5dd0c328f6ceaf7e9e9c0d1cb8c1d22
Certificate serial: 019D99D0D5C4A8F0DD15850EC54DAAD8D52D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s7a21-XdDDKPbOr36enA0cuMHSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/2d7946-db8b-4a57-a70b-2071546b70f9/1/s7a21-XdDDKPbOr36enA0cuMHSI.mft
Manifest number: 1685
Signing time: Fri 17 Apr 2026 05:01:33 +0000
Manifest this update: Fri 17 Apr 2026 05:01:33 +0000
Manifest next update: Sat 18 Apr 2026 05:01:33 +0000
Files and hashes: 1: 8vMvZJ6S4wIvSeidLWIqXdB2xEU.roa (hash: YSfZ6yHjbJE8NoHQ6iqadOGUmWSZLkJjEKtjGtKNsbU=)
2: s7a21-XdDDKPbOr36enA0cuMHSI.crl (hash: jNJFfXc8rdEnnQJlZSQKpRnoYIIPyn4vCAIpRhyG3cQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/2d7946-db8b-4a57-a70b-2071546b70f9/1/s7a21-XdDDKPbOr36enA0cuMHSI.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/2d7946-db8b-4a57-a70b-2071546b70f9/1/s7a21-XdDDKPbOr36enA0cuMHSI.mft
rsync://rpki.ripe.net/repository/DEFAULT/s7a21-XdDDKPbOr36enA0cuMHSI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:d0:d5:c4:a8:f0:dd:15:85:0e:c5:4d:aa:d8:d5:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3b6b6d7e5dd0c328f6ceaf7e9e9c0d1cb8c1d22
Validity
Not Before: Apr 17 05:01:33 2026 GMT
Not After : Apr 18 05:01:33 2026 GMT
Subject: CN=2312f7bd9c473dad12cd94895e0eb3196dd062eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:09:be:ad:a7:42:4b:a2:b8:2f:9f:f3:cf:f7:
ba:c6:2c:0c:4c:6e:a1:b0:68:59:28:04:3e:dc:d6:
49:22:98:e9:45:13:ce:8e:a2:f4:8a:86:b2:c8:ff:
51:d9:6e:36:56:0f:4e:5e:4c:fa:22:a9:c9:33:26:
0d:36:3a:8c:13:b9:98:e8:d0:bc:6f:df:02:c2:7c:
3d:7f:24:a1:8e:4d:fd:55:49:8b:e8:0e:80:99:4b:
8c:45:6f:51:38:56:95:8a:46:7a:c4:46:72:64:fb:
d1:63:87:7b:66:31:ab:7b:3a:9b:8e:18:6b:cc:42:
25:35:cb:80:2b:49:32:fb:4d:7e:4e:6a:60:3a:f2:
9a:d7:71:17:0f:a7:0c:1f:9b:b6:18:11:30:08:a9:
f1:21:f5:47:87:75:f5:74:9b:fd:b2:c5:b5:32:4e:
c3:4f:ef:9b:b7:6a:25:44:0d:21:39:6b:3c:5d:78:
bd:24:db:eb:29:cf:0d:be:a8:20:be:5d:12:51:5b:
44:31:93:fe:a0:8b:36:d9:80:f4:f2:41:07:b6:21:
f1:72:ed:c6:60:b3:ca:59:46:4d:38:7d:ab:87:01:
a1:0f:e6:03:6e:ab:d0:85:e0:04:5c:a5:23:78:24:
d8:61:16:66:8a:6c:f7:2c:ac:52:d5:f0:f9:bd:d6:
60:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:12:F7:BD:9C:47:3D:AD:12:CD:94:89:5E:0E:B3:19:6D:D0:62:EB
X509v3 Authority Key Identifier:
keyid:B3:B6:B6:D7:E5:DD:0C:32:8F:6C:EA:F7:E9:E9:C0:D1:CB:8C:1D:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s7a21-XdDDKPbOr36enA0cuMHSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2d7946-db8b-4a57-a70b-2071546b70f9/1/s7a21-XdDDKPbOr36enA0cuMHSI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2d7946-db8b-4a57-a70b-2071546b70f9/1/s7a21-XdDDKPbOr36enA0cuMHSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
89:bf:00:b3:00:64:26:a0:42:e9:79:b7:82:5a:54:b5:9c:e0:
cf:47:a9:bf:e4:6a:17:f3:10:6a:14:92:ab:e8:77:3b:18:26:
09:d1:92:a8:09:75:62:ce:e9:ab:93:cd:74:70:6c:46:02:61:
3a:eb:19:9a:1c:90:5a:40:75:2a:a9:43:98:c6:e9:19:7d:8e:
84:05:10:61:63:c8:95:46:86:bd:0e:c4:64:24:0b:b8:4c:96:
ab:37:f2:a9:03:f6:b7:9c:8f:9a:d6:c1:ae:22:bb:1d:4f:e3:
2c:fe:f5:1d:31:23:78:ee:ff:6e:1e:42:2a:c5:7f:38:e0:5d:
73:26:91:90:fa:08:44:96:cf:0c:ed:96:16:ee:95:42:1e:e3:
d8:a6:3c:b2:9e:09:2d:85:80:7c:b2:be:45:ce:96:74:a7:f9:
8b:bb:06:19:8e:4b:e0:05:79:58:1f:1a:90:86:8e:4b:fe:0e:
20:d3:d5:c8:cc:81:66:99:fe:c7:36:4f:58:ea:2f:af:48:09:
3d:1f:01:b3:74:e7:7b:8b:fe:8a:8d:76:35:e5:a7:c4:7a:fc:
dc:c9:9e:8b:d0:f4:56:ab:87:c3:f2:44:0e:f9:15:c0:51:cc:
c1:17:9f:fb:60:2f:48:97:ce:e9:9b:40:f3:21:ff:eb:4b:bb:
2e:7d:e4:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Z0NXEqPDdFYUOxU2q2NUtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYjZiNmQ3ZTVkZDBjMzI4ZjZjZWFmN2U5ZTljMGQxY2I4
YzFkMjIwHhcNMjYwNDE3MDUwMTMzWhcNMjYwNDE4MDUwMTMzWjAzMTEwLwYDVQQD
EygyMzEyZjdiZDljNDczZGFkMTJjZDk0ODk1ZTBlYjMxOTZkZDA2MmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAm+radCS6K4L5/zz/e6xiwMTG6h
sGhZKAQ+3NZJIpjpRRPOjqL0ioayyP9R2W42Vg9OXkz6IqnJMyYNNjqME7mY6NC8
b98Cwnw9fyShjk39VUmL6A6AmUuMRW9ROFaVikZ6xEZyZPvRY4d7ZjGrezqbjhhr
zEIlNcuAK0ky+01+TmpgOvKa13EXD6cMH5u2GBEwCKnxIfVHh3X1dJv9ssW1Mk7D
T++bt2olRA0hOWs8XXi9JNvrKc8Nvqggvl0SUVtEMZP+oIs22YD08kEHtiHxcu3G
YLPKWUZNOH2rhwGhD+YDbqvQheAEXKUjeCTYYRZmimz3LKxS1fD5vdZgwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCMS972cRz2tEs2UiV4Osxlt0GLrMB8GA1UdIwQY
MBaAFLO2ttfl3Qwyj2zq9+npwNHLjB0iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczdhMjEtWGREREtQYk9yMzZlbkEwY3VNSFNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8yZDc5NDYtZGI4Yi00YTU3LWE3MGIt
MjA3MTU0NmI3MGY5LzEvczdhMjEtWGREREtQYk9yMzZlbkEwY3VNSFNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8yZDc5NDYtZGI4Yi00YTU3LWE3MGItMjA3MTU0NmI3MGY5
LzEvczdhMjEtWGREREtQYk9yMzZlbkEwY3VNSFNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAib8AswBk
JqBC6Xm3glpUtZzgz0epv+RqF/MQahSSq+h3OxgmCdGSqAl1Ys7pq5PNdHBsRgJh
OusZmhyQWkB1KqlDmMbpGX2OhAUQYWPIlUaGvQ7EZCQLuEyWqzfyqQP2t5yPmtbB
riK7HU/jLP71HTEjeO7/bh5CKsV/OOBdcyaRkPoIRJbPDO2WFu6VQh7j2KY8sp4J
LYWAfLK+Rc6WdKf5i7sGGY5L4AV5WB8akIaOS/4OINPVyMyBZpn+xzZPWOovr0gJ
PR8Bs3Tne4v+io12NeWnxHr83Mmei9D0VquHw/JEDvkVwFHMwRef+2AvSJfO6ZtA
8yH/60u7Ln3k6A==
-----END CERTIFICATE-----
Generated at Fri Apr 17 08:04:08 2026 by rpki-client