Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/6b9626-fb1a-445e-b95a-b002f35be739/1/cdiwl1czMSbftYNIDqji09NGwI0.mft
File: cdiwl1czMSbftYNIDqji09NGwI0.mft (raw, json)
Hash identifier: Df3sRmHIMLC1rJFqFocT2/g7THxE4aXymiEoJ+MoToY=
Subject key identifier: A5:CF:F8:BA:12:40:7E:8C:91:19:D8:EA:85:17:35:F6:B8:D7:6E:3B
Authority key identifier: 71:D8:B0:97:57:33:31:26:DF:B5:83:48:0E:A8:E2:D3:D3:46:C0:8D
Certificate issuer: /CN=71d8b09757333126dfb583480ea8e2d3d346c08d
Certificate serial: 019DA453F777E17D0261C89FE7ED2E51A308
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdiwl1czMSbftYNIDqji09NGwI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/6b9626-fb1a-445e-b95a-b002f35be739/1/cdiwl1czMSbftYNIDqji09NGwI0.mft
Manifest number: 01DF
Signing time: Sun 19 Apr 2026 06:00:59 +0000
Manifest this update: Sun 19 Apr 2026 06:00:59 +0000
Manifest next update: Mon 20 Apr 2026 06:00:59 +0000
Files and hashes: 1: cdiwl1czMSbftYNIDqji09NGwI0.crl (hash: d/Rurj5qxaszHO0wEcPdExQl8v5ruW4/09jZ9TS43NY=)
2: d7QLV60EzdcK6Z9SHb-OI9Vui7M.roa (hash: rchiT/bvXuEanUa+M3WmCKgTEc1BUzo1gca2cFJPRLs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/6b9626-fb1a-445e-b95a-b002f35be739/1/cdiwl1czMSbftYNIDqji09NGwI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/6b9626-fb1a-445e-b95a-b002f35be739/1/cdiwl1czMSbftYNIDqji09NGwI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/cdiwl1czMSbftYNIDqji09NGwI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 04:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a4:53:f7:77:e1:7d:02:61:c8:9f:e7:ed:2e:51:a3:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d8b09757333126dfb583480ea8e2d3d346c08d
Validity
Not Before: Apr 19 06:00:59 2026 GMT
Not After : Apr 20 06:00:59 2026 GMT
Subject: CN=a5cff8ba12407e8c9119d8ea851735f6b8d76e3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:cc:bb:f5:7f:2e:e3:4b:6a:9b:d4:56:e5:8a:
c8:db:3c:2f:10:b9:46:e0:45:33:80:2b:10:72:11:
d3:eb:da:01:75:5f:bc:6c:90:77:65:7e:aa:10:a3:
6d:31:53:f8:f5:1a:36:ce:ec:a5:ae:65:c6:75:89:
16:d7:01:31:5b:c7:a6:ff:c7:18:81:15:15:5c:b5:
bd:9b:2e:16:e5:3e:bf:8e:08:83:b9:ad:9a:cf:86:
07:36:0d:9d:8f:b9:37:74:0b:90:6a:95:f9:21:7d:
31:30:55:de:e3:76:91:00:35:28:66:60:55:4e:62:
88:b3:d6:9c:02:1f:d7:6b:3b:79:ac:d5:33:51:0a:
5b:7a:26:0d:eb:7d:dd:82:21:67:a6:bd:96:d6:e1:
0b:9d:2e:fe:9c:48:5b:c9:1f:e2:3c:0e:51:22:76:
a1:b0:7a:73:b2:f0:9b:4e:5c:cd:91:ba:2d:58:97:
f1:2e:a8:2d:fb:1d:53:e1:6b:dd:9d:50:32:d5:b5:
e6:a1:8d:c0:46:67:53:c2:9f:f1:5a:67:cc:f2:1b:
33:42:a4:9d:16:38:87:ca:7c:5c:5d:eb:86:ab:26:
11:77:d3:e5:d1:72:aa:15:11:b5:60:86:ad:37:1b:
ed:ac:0c:a9:fa:90:68:8c:38:4a:84:62:5a:18:c8:
d8:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:CF:F8:BA:12:40:7E:8C:91:19:D8:EA:85:17:35:F6:B8:D7:6E:3B
X509v3 Authority Key Identifier:
keyid:71:D8:B0:97:57:33:31:26:DF:B5:83:48:0E:A8:E2:D3:D3:46:C0:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdiwl1czMSbftYNIDqji09NGwI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/6b9626-fb1a-445e-b95a-b002f35be739/1/cdiwl1czMSbftYNIDqji09NGwI0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/6b9626-fb1a-445e-b95a-b002f35be739/1/cdiwl1czMSbftYNIDqji09NGwI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
38:f3:8c:b0:f3:62:a2:43:1a:c1:64:d3:d3:85:49:45:de:bb:
1f:8e:4d:cd:05:cf:1c:72:3d:e4:c8:11:c7:e5:14:ee:7b:51:
38:ea:81:9f:05:be:7c:2c:5d:3a:28:08:1e:cf:65:c2:08:bd:
f6:02:ed:65:b9:42:23:16:71:ea:98:7c:b2:10:fe:55:5d:6d:
17:f1:5e:25:57:36:18:60:74:23:4e:f9:6d:0d:fb:5d:7c:5a:
a5:ab:ec:af:ca:b6:b7:30:e4:37:64:e5:3a:cf:c7:77:0f:de:
d6:7e:b4:af:f8:0b:68:e0:6c:9c:a6:d5:39:d2:bd:58:bb:23:
6f:8c:b1:5a:f8:b4:83:1b:62:87:ac:64:fd:36:9b:2a:a2:2a:
62:3c:84:59:cf:f8:2a:7a:85:b9:c3:98:58:88:92:60:fe:83:
28:99:7f:cb:86:7d:75:83:58:c9:07:2a:fa:bb:a0:71:05:ae:
23:90:f2:0f:5c:6e:68:54:38:51:f0:66:aa:b2:9b:83:5f:9d:
ae:f0:62:d7:d9:2f:5e:db:9d:cf:42:aa:9a:1f:90:f9:78:16:
8a:45:2d:df:04:b3:c0:bf:d7:f7:4b:87:70:c9:5c:25:0d:df:
12:7f:54:fc:d2:9d:59:60:79:3a:ff:b9:21:e3:bc:4d:6b:2f:
84:e7:22:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2kU/d34X0CYcif5+0uUaMIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxZDhiMDk3NTczMzMxMjZkZmI1ODM0ODBlYThlMmQzZDM0
NmMwOGQwHhcNMjYwNDE5MDYwMDU5WhcNMjYwNDIwMDYwMDU5WjAzMTEwLwYDVQQD
EyhhNWNmZjhiYTEyNDA3ZThjOTExOWQ4ZWE4NTE3MzVmNmI4ZDc2ZTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcy79X8u40tqm9RW5YrI2zwvELlG
4EUzgCsQchHT69oBdV+8bJB3ZX6qEKNtMVP49Ro2zuylrmXGdYkW1wExW8em/8cY
gRUVXLW9my4W5T6/jgiDua2az4YHNg2dj7k3dAuQapX5IX0xMFXe43aRADUoZmBV
TmKIs9acAh/Xazt5rNUzUQpbeiYN633dgiFnpr2W1uELnS7+nEhbyR/iPA5RInah
sHpzsvCbTlzNkbotWJfxLqgt+x1T4WvdnVAy1bXmoY3ARmdTwp/xWmfM8hszQqSd
FjiHynxcXeuGqyYRd9Pl0XKqFRG1YIatNxvtrAyp+pBojDhKhGJaGMjYhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKXP+LoSQH6MkRnY6oUXNfa41247MB8GA1UdIwQY
MBaAFHHYsJdXMzEm37WDSA6o4tPTRsCNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2Rpd2wxY3pNU2JmdFlOSURxamkwOU5Hd0kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy82Yjk2MjYtZmIxYS00NDVlLWI5NWEt
YjAwMmYzNWJlNzM5LzEvY2Rpd2wxY3pNU2JmdFlOSURxamkwOU5Hd0kwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy82Yjk2MjYtZmIxYS00NDVlLWI5NWEtYjAwMmYzNWJlNzM5
LzEvY2Rpd2wxY3pNU2JmdFlOSURxamkwOU5Hd0kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOPOMsPNi
okMawWTT04VJRd67H45NzQXPHHI95MgRx+UU7ntROOqBnwW+fCxdOigIHs9lwgi9
9gLtZblCIxZx6ph8shD+VV1tF/FeJVc2GGB0I075bQ37XXxapavsr8q2tzDkN2Tl
Os/Hdw/e1n60r/gLaOBsnKbVOdK9WLsjb4yxWvi0gxtih6xk/TabKqIqYjyEWc/4
KnqFucOYWIiSYP6DKJl/y4Z9dYNYyQcq+rugcQWuI5DyD1xuaFQ4UfBmqrKbg1+d
rvBi19kvXtudz0Kqmh+Q+XgWikUt3wSzwL/X90uHcMlcJQ3fEn9U/NKdWWB5Ov+5
IeO8TWsvhOcimQ==
-----END CERTIFICATE-----
Generated at Sun Apr 19 12:54:02 2026 by rpki-client