Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.mft
File: 0AL76fCkE2A-3vtzOlMfLiwOnAY.mft (raw, json)
Hash identifier: 0+/Uy2UW9sEdGptCb3MHciGgZQIX/w2SwPbVH79cppQ=
Subject key identifier: DD:50:46:78:A9:41:70:9F:08:A2:A3:E9:04:9F:B1:68:A3:AE:57:72
Authority key identifier: D0:02:FB:E9:F0:A4:13:60:3E:DE:FB:73:3A:53:1F:2E:2C:0E:9C:06
Certificate issuer: /CN=d002fbe9f0a413603edefb733a531f2e2c0e9c06
Certificate serial: 019D9A07125BC8ECDA7BE5417BA8408DD288
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0AL76fCkE2A-3vtzOlMfLiwOnAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.mft
Manifest number: 18C1
Signing time: Fri 17 Apr 2026 06:00:47 +0000
Manifest this update: Fri 17 Apr 2026 06:00:47 +0000
Manifest next update: Sat 18 Apr 2026 06:00:47 +0000
Files and hashes: 1: 0AL76fCkE2A-3vtzOlMfLiwOnAY.crl (hash: RoUWQHzsahcaUibRKnTBeUfPRxyi3kt9vXWU5i07P28=)
2: dsXROTd2qvJarDLFNerpFXp5tvM.roa (hash: g4jlzZr8kyp6l2Rwmj8PdLtnag5RCNjP07Ftz4rMi7Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.mft
rsync://rpki.ripe.net/repository/DEFAULT/0AL76fCkE2A-3vtzOlMfLiwOnAY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 06:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:07:12:5b:c8:ec:da:7b:e5:41:7b:a8:40:8d:d2:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d002fbe9f0a413603edefb733a531f2e2c0e9c06
Validity
Not Before: Apr 17 06:00:47 2026 GMT
Not After : Apr 18 06:00:47 2026 GMT
Subject: CN=dd504678a941709f08a2a3e9049fb168a3ae5772
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d2:60:aa:e9:29:3e:19:39:91:8b:ec:f6:45:
c3:bc:44:59:0f:1c:98:35:23:a8:df:30:3f:90:02:
ce:31:20:a3:dd:00:e7:ab:ff:16:81:3c:be:b3:2d:
ae:0a:4d:e3:8e:9a:81:01:79:6b:63:70:e3:d6:3c:
c3:16:50:3b:fa:ad:10:e9:ad:6d:58:a2:53:52:53:
73:39:89:0a:1a:39:ad:90:a4:96:72:23:d4:03:18:
ba:7d:4e:cb:90:4a:62:4e:13:92:29:e7:ab:2f:45:
1c:f0:5d:ef:ed:38:4f:a8:c2:7f:33:f1:07:88:82:
69:76:0a:b9:66:df:73:e8:67:2f:ee:c6:0f:7a:b3:
b1:e9:78:37:6b:23:72:13:3e:05:5d:5b:c1:39:07:
c0:07:3e:df:73:3f:36:ed:3d:b8:21:a3:d2:5f:9c:
fc:26:ad:62:e0:58:fe:04:3c:9d:31:b2:a0:92:19:
48:c3:d3:c3:ae:fc:7d:d1:ce:76:d5:e9:55:8e:8e:
48:ab:9e:33:17:a9:14:1a:aa:66:a7:cc:25:ac:ff:
1a:95:b3:8f:55:e8:43:a3:ce:32:5a:07:fd:79:b2:
44:72:19:90:75:65:23:64:58:e0:f5:cc:22:62:3c:
50:ef:86:23:2c:af:56:21:91:a3:69:d2:4b:db:ca:
d3:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:50:46:78:A9:41:70:9F:08:A2:A3:E9:04:9F:B1:68:A3:AE:57:72
X509v3 Authority Key Identifier:
keyid:D0:02:FB:E9:F0:A4:13:60:3E:DE:FB:73:3A:53:1F:2E:2C:0E:9C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0AL76fCkE2A-3vtzOlMfLiwOnAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8e:57:e5:f5:31:ef:e5:df:22:29:d4:5b:21:05:2a:fe:e4:a1:
aa:96:93:af:3b:28:26:1e:ff:4c:b2:e5:fc:3d:73:2e:d0:5d:
02:5f:14:b8:2d:6b:ea:2d:ee:fd:96:41:74:b9:96:78:af:77:
3c:73:e5:ed:03:a7:c6:2f:12:b8:e8:37:98:6e:41:64:32:99:
6e:37:60:15:96:42:37:4c:90:ed:04:02:b0:7f:be:f3:c4:bc:
d9:ca:8f:eb:fe:f2:79:cf:23:f2:7f:cb:af:b1:91:41:e5:5a:
89:f0:5c:1b:7c:d9:ad:fe:9d:72:82:e4:0c:66:7a:a1:cf:32:
9f:de:f0:9a:8e:75:5f:c3:6d:66:5f:5f:6c:5f:cf:cb:31:dd:
7b:73:6f:69:d0:a1:32:ea:27:7a:29:8d:e4:15:bd:bd:df:54:
1b:76:e2:84:fa:6d:ed:09:82:87:73:ad:51:bd:82:8a:24:ae:
c9:0d:ec:e1:7e:27:22:38:da:a8:a0:cb:0b:e1:37:e6:20:e1:
52:91:2f:a0:43:8c:53:37:d7:a4:d8:24:4a:9f:62:ad:48:90:
49:13:39:37:7f:b5:fa:d1:f7:52:01:9e:c5:14:33:ce:bf:84:
39:ef:b9:c5:fe:35:63:31:87:8d:40:a5:0f:db:ce:76:ba:8e:
83:b6:9c:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aBxJbyOzae+VBe6hAjdKIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMDJmYmU5ZjBhNDEzNjAzZWRlZmI3MzNhNTMxZjJlMmMw
ZTljMDYwHhcNMjYwNDE3MDYwMDQ3WhcNMjYwNDE4MDYwMDQ3WjAzMTEwLwYDVQQD
EyhkZDUwNDY3OGE5NDE3MDlmMDhhMmEzZTkwNDlmYjE2OGEzYWU1NzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstJgqukpPhk5kYvs9kXDvERZDxyY
NSOo3zA/kALOMSCj3QDnq/8WgTy+sy2uCk3jjpqBAXlrY3Dj1jzDFlA7+q0Q6a1t
WKJTUlNzOYkKGjmtkKSWciPUAxi6fU7LkEpiThOSKeerL0Uc8F3v7ThPqMJ/M/EH
iIJpdgq5Zt9z6Gcv7sYPerOx6Xg3ayNyEz4FXVvBOQfABz7fcz827T24IaPSX5z8
Jq1i4Fj+BDydMbKgkhlIw9PDrvx90c521elVjo5Iq54zF6kUGqpmp8wlrP8albOP
VehDo84yWgf9ebJEchmQdWUjZFjg9cwiYjxQ74YjLK9WIZGjadJL28rT4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN1QRnipQXCfCKKj6QSfsWijrldyMB8GA1UdIwQY
MBaAFNAC++nwpBNgPt77czpTHy4sDpwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFMNzZmQ2tFMkEtM3Z0ek9sTWZMaXdPbkFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS85YmFmYjEtMGM0Mi00MjViLWFhMjkt
MTljMDQ1YzZhMTRmLzEvMEFMNzZmQ2tFMkEtM3Z0ek9sTWZMaXdPbkFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS85YmFmYjEtMGM0Mi00MjViLWFhMjktMTljMDQ1YzZhMTRm
LzEvMEFMNzZmQ2tFMkEtM3Z0ek9sTWZMaXdPbkFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjlfl9THv
5d8iKdRbIQUq/uShqpaTrzsoJh7/TLLl/D1zLtBdAl8UuC1r6i3u/ZZBdLmWeK93
PHPl7QOnxi8SuOg3mG5BZDKZbjdgFZZCN0yQ7QQCsH++88S82cqP6/7yec8j8n/L
r7GRQeVaifBcG3zZrf6dcoLkDGZ6oc8yn97wmo51X8NtZl9fbF/PyzHde3NvadCh
MuoneimN5BW9vd9UG3bihPpt7QmCh3OtUb2CiiSuyQ3s4X4nIjjaqKDLC+E35iDh
UpEvoEOMUzfXpNgkSp9irUiQSRM5N3+1+tH3UgGexRQzzr+EOe+5xf41YzGHjUCl
D9vOdrqOg7aclg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 10:44:08 2026 by rpki-client