Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/6b8ea6-f907-40d1-9e7d-d94e601843d1/1/r4poziKkwZ8XcA9izPi7bC2vUeE.mft
File: r4poziKkwZ8XcA9izPi7bC2vUeE.mft (raw, json)
Hash identifier: XDLO6BRQMCYjJS84A+f7RjLTW3OY1HxHEKzTY3tgdbk=
Subject key identifier: 6C:0A:39:43:0E:BD:1B:93:3B:8D:7D:96:44:E8:0C:0E:28:C1:84:06
Authority key identifier: AF:8A:68:CE:22:A4:C1:9F:17:70:0F:62:CC:F8:BB:6C:2D:AF:51:E1
Certificate issuer: /CN=af8a68ce22a4c19f17700f62ccf8bb6c2daf51e1
Certificate serial: 019D99D0C4FAA76D52836551FD7B7B72E63C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4poziKkwZ8XcA9izPi7bC2vUeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/6b8ea6-f907-40d1-9e7d-d94e601843d1/1/r4poziKkwZ8XcA9izPi7bC2vUeE.mft
Manifest number: 123D
Signing time: Fri 17 Apr 2026 05:01:29 +0000
Manifest this update: Fri 17 Apr 2026 05:01:29 +0000
Manifest next update: Sat 18 Apr 2026 05:01:29 +0000
Files and hashes: 1: r4poziKkwZ8XcA9izPi7bC2vUeE.crl (hash: WlYI8F5G490myG7FQBoQ6wEaiIQ1hRWAQO0Q4cuETMk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/6b8ea6-f907-40d1-9e7d-d94e601843d1/1/r4poziKkwZ8XcA9izPi7bC2vUeE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/6b8ea6-f907-40d1-9e7d-d94e601843d1/1/r4poziKkwZ8XcA9izPi7bC2vUeE.mft
rsync://rpki.ripe.net/repository/DEFAULT/r4poziKkwZ8XcA9izPi7bC2vUeE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:d0:c4:fa:a7:6d:52:83:65:51:fd:7b:7b:72:e6:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af8a68ce22a4c19f17700f62ccf8bb6c2daf51e1
Validity
Not Before: Apr 17 05:01:29 2026 GMT
Not After : Apr 18 05:01:29 2026 GMT
Subject: CN=6c0a39430ebd1b933b8d7d9644e80c0e28c18406
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:90:39:d9:b3:03:50:a5:4a:88:14:c7:66:6c:
14:71:88:34:f0:a7:55:74:cc:f0:3d:bb:67:bc:44:
2a:2d:6c:4a:b5:24:f5:f8:d3:3d:a0:05:09:d0:9f:
3c:c7:5c:27:3b:4f:7f:62:99:f5:f2:c7:02:5c:e8:
ed:00:40:d4:73:aa:58:a6:db:63:6f:c8:63:31:cc:
bd:89:ce:22:ea:6d:0e:18:7e:6b:79:c2:9f:5c:47:
b8:35:3c:fe:4a:55:78:ec:c4:ff:f4:ae:7e:14:d6:
99:c2:98:ec:7c:6f:be:2c:7e:80:80:27:a7:99:c4:
d7:7d:af:82:8e:90:06:d2:5d:9e:0f:cd:72:ac:d6:
3b:b3:28:41:d3:9f:aa:62:c3:98:7b:d9:f4:e5:24:
b5:fd:80:41:4a:6c:7a:3f:b2:9c:cf:4e:e1:df:18:
59:67:91:ab:cf:41:24:3f:7f:48:1e:6c:9d:c5:c9:
b2:32:a9:70:6d:7d:17:c1:2e:7b:72:35:00:ae:7a:
5d:26:a0:1b:19:5b:c3:0c:4f:b1:5f:9b:4e:17:71:
95:f6:01:42:1c:a0:74:21:00:df:92:25:a0:7d:34:
51:09:16:58:00:61:d7:f4:9d:5e:ee:68:da:64:67:
17:f0:2a:94:ab:7e:c3:25:89:ea:f4:33:7c:d0:5d:
94:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:0A:39:43:0E:BD:1B:93:3B:8D:7D:96:44:E8:0C:0E:28:C1:84:06
X509v3 Authority Key Identifier:
keyid:AF:8A:68:CE:22:A4:C1:9F:17:70:0F:62:CC:F8:BB:6C:2D:AF:51:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4poziKkwZ8XcA9izPi7bC2vUeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/6b8ea6-f907-40d1-9e7d-d94e601843d1/1/r4poziKkwZ8XcA9izPi7bC2vUeE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/6b8ea6-f907-40d1-9e7d-d94e601843d1/1/r4poziKkwZ8XcA9izPi7bC2vUeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b7:dc:15:6b:fe:c2:d5:9c:2e:32:81:af:c5:f2:dd:67:f2:83:
5f:0f:d0:30:d2:de:c5:09:cc:80:bc:32:9e:63:51:4a:72:13:
99:ef:dd:bc:2d:6a:77:8e:bc:b0:71:e3:5b:14:0d:a5:58:44:
97:ed:d8:c5:b6:d9:47:74:9f:22:51:be:ee:d0:d1:58:5b:0e:
0a:52:72:f3:1b:e8:83:96:1a:67:9d:23:d5:ab:30:10:40:82:
dc:af:27:3d:36:8e:7f:69:b9:10:fb:2e:2c:f0:10:32:97:80:
e6:81:ec:1a:2f:82:76:de:8e:e1:3e:10:2f:57:c8:66:6a:71:
30:d5:60:a3:be:8b:55:97:17:72:74:27:31:7e:4a:d7:ec:d1:
e5:3b:2c:f0:4b:cc:9e:8e:ea:70:47:26:0e:e0:01:da:5a:c9:
53:ce:f9:88:e2:9c:2c:76:04:24:90:72:f7:fa:2e:93:29:73:
76:a3:f1:85:a1:ec:8d:67:86:8f:0f:b5:0e:70:9a:ee:83:a2:
d2:5b:44:ac:32:fc:7b:66:cc:50:c1:b1:a5:9a:ea:a5:06:c3:
5e:bb:1c:c2:41:30:af:83:11:9f:74:6a:f4:e1:06:02:d6:e8:
2e:49:e9:2a:01:4e:4a:57:22:0b:34:31:89:f7:97:90:30:6d:
84:31:d2:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Z0MT6p21Sg2VR/Xt7cuY8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOGE2OGNlMjJhNGMxOWYxNzcwMGY2MmNjZjhiYjZjMmRh
ZjUxZTEwHhcNMjYwNDE3MDUwMTI5WhcNMjYwNDE4MDUwMTI5WjAzMTEwLwYDVQQD
Eyg2YzBhMzk0MzBlYmQxYjkzM2I4ZDdkOTY0NGU4MGMwZTI4YzE4NDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZA52bMDUKVKiBTHZmwUcYg08KdV
dMzwPbtnvEQqLWxKtST1+NM9oAUJ0J88x1wnO09/Ypn18scCXOjtAEDUc6pYpttj
b8hjMcy9ic4i6m0OGH5recKfXEe4NTz+SlV47MT/9K5+FNaZwpjsfG++LH6AgCen
mcTXfa+CjpAG0l2eD81yrNY7syhB05+qYsOYe9n05SS1/YBBSmx6P7Kcz07h3xhZ
Z5Grz0EkP39IHmydxcmyMqlwbX0XwS57cjUArnpdJqAbGVvDDE+xX5tOF3GV9gFC
HKB0IQDfkiWgfTRRCRZYAGHX9J1e7mjaZGcX8CqUq37DJYnq9DN80F2U6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGwKOUMOvRuTO419lkToDA4owYQGMB8GA1UdIwQY
MBaAFK+KaM4ipMGfF3APYsz4u2wtr1HhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRwb3ppS2t3WjhYY0E5aXpQaTdiQzJ2VWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi82YjhlYTYtZjkwNy00MGQxLTllN2Qt
ZDk0ZTYwMTg0M2QxLzEvcjRwb3ppS2t3WjhYY0E5aXpQaTdiQzJ2VWVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi82YjhlYTYtZjkwNy00MGQxLTllN2QtZDk0ZTYwMTg0M2Qx
LzEvcjRwb3ppS2t3WjhYY0E5aXpQaTdiQzJ2VWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAt9wVa/7C
1ZwuMoGvxfLdZ/KDXw/QMNLexQnMgLwynmNRSnITme/dvC1qd468sHHjWxQNpVhE
l+3YxbbZR3SfIlG+7tDRWFsOClJy8xvog5YaZ50j1aswEECC3K8nPTaOf2m5EPsu
LPAQMpeA5oHsGi+Cdt6O4T4QL1fIZmpxMNVgo76LVZcXcnQnMX5K1+zR5Tss8EvM
no7qcEcmDuAB2lrJU875iOKcLHYEJJBy9/oukylzdqPxhaHsjWeGjw+1DnCa7oOi
0ltErDL8e2bMUMGxpZrqpQbDXrscwkEwr4MRn3Rq9OEGAtboLknpKgFOSlciCzQx
ifeXkDBthDHSvw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:56:58 2026 by rpki-client