Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.mft
File: aYfQBH-x2JEsY_kRMFpxT0OLHnE.mft (raw, json)
Hash identifier: wtTkomGh4Syg12fiq2snCI7fwEWfZ789AH798C4RZ/A=
Subject key identifier: 12:FD:F0:D4:3F:C1:93:BD:E8:F7:2D:DA:AF:2A:E0:A4:BD:1B:37:92
Authority key identifier: 69:87:D0:04:7F:B1:D8:91:2C:63:F9:11:30:5A:71:4F:43:8B:1E:71
Certificate issuer: /CN=6987d0047fb1d8912c63f911305a714f438b1e71
Certificate serial: 019DA4F84B085E69C160D523058F8E99D262
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aYfQBH-x2JEsY_kRMFpxT0OLHnE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.mft
Manifest number: 18C7
Signing time: Sun 19 Apr 2026 09:00:28 +0000
Manifest this update: Sun 19 Apr 2026 09:00:28 +0000
Manifest next update: Mon 20 Apr 2026 09:00:28 +0000
Files and hashes: 1: RxByI3rH_YsmBp9MFWCFAA3GDzM.roa (hash: kPBLDDqbqmranSBPQ+O5l9xhMyzuVrqfoP6GlvpDNU8=)
2: aYfQBH-x2JEsY_kRMFpxT0OLHnE.crl (hash: 3kyPNPdKj5oxzQ6rHaa5oNphDmtmG8nrKMeYBb2s3FY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.mft
rsync://rpki.ripe.net/repository/DEFAULT/aYfQBH-x2JEsY_kRMFpxT0OLHnE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 04:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a4:f8:4b:08:5e:69:c1:60:d5:23:05:8f:8e:99:d2:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6987d0047fb1d8912c63f911305a714f438b1e71
Validity
Not Before: Apr 19 09:00:28 2026 GMT
Not After : Apr 20 09:00:28 2026 GMT
Subject: CN=12fdf0d43fc193bde8f72ddaaf2ae0a4bd1b3792
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:33:82:89:20:39:c8:f5:3d:ff:39:1f:76:f9:
16:f8:00:4b:f0:eb:9c:60:31:7f:73:e5:48:6a:86:
f6:a4:c0:5c:a7:b8:80:f3:a2:38:81:da:a9:a3:81:
5d:b6:7f:9d:db:4f:b2:31:43:0b:06:b8:52:c9:87:
4f:2b:e6:17:10:85:ef:80:0f:00:9b:8b:30:94:d2:
1b:df:b2:a6:42:40:b9:2b:ea:06:12:7b:53:f1:f4:
a1:cc:76:20:34:69:d9:7b:ec:e3:61:3f:fd:2e:9b:
f1:67:af:f9:f0:e5:bb:52:fe:96:d3:17:c5:e0:e1:
b3:31:dd:4d:f6:51:f7:34:e6:b9:1a:83:13:38:ab:
0b:0f:99:4d:67:ba:93:1c:a0:55:25:21:1c:6f:7c:
ad:50:53:d4:dd:c3:01:c4:af:b0:85:f1:05:41:16:
fa:2b:6e:ed:0d:7e:28:0d:07:07:bd:94:5a:72:c7:
fb:30:fa:f5:28:8d:b8:89:91:59:83:95:65:4d:1d:
fc:b5:bc:47:49:0b:0d:65:d7:84:df:75:82:d5:c7:
4e:dc:17:9e:47:06:88:92:e2:18:6c:2b:ea:09:22:
da:5e:87:2a:eb:05:12:f0:08:a2:aa:52:04:66:77:
94:52:b2:91:84:ea:db:94:67:ba:79:00:fc:70:ed:
2a:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:FD:F0:D4:3F:C1:93:BD:E8:F7:2D:DA:AF:2A:E0:A4:BD:1B:37:92
X509v3 Authority Key Identifier:
keyid:69:87:D0:04:7F:B1:D8:91:2C:63:F9:11:30:5A:71:4F:43:8B:1E:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aYfQBH-x2JEsY_kRMFpxT0OLHnE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c6:2f:50:07:00:bb:3c:12:a8:0d:06:56:f9:13:cb:9d:1f:3b:
be:54:65:95:d9:5f:3e:ef:b9:b8:d9:6b:92:37:94:2f:24:35:
8b:b7:a0:2c:65:78:82:c8:49:20:5b:6a:88:f4:a9:96:8c:bf:
d2:b2:a5:c9:c5:38:e4:0c:66:3f:06:1f:32:58:68:ad:f5:c1:
f2:d8:4b:66:a3:da:0b:d3:ea:2e:27:06:bf:e3:a0:5f:72:53:
c9:89:39:82:f3:2f:0e:e1:b7:d9:26:03:9a:10:05:1b:ee:db:
fb:31:f8:17:53:b8:3d:48:f4:9d:8c:96:fd:29:40:d8:93:37:
31:b5:d8:d2:58:f3:a0:01:77:43:9e:9f:20:26:8b:86:6d:32:
fd:0f:3a:ba:83:1f:69:64:95:19:b8:3d:56:76:67:ad:14:4e:
16:c9:84:6a:ef:bf:62:de:2a:0d:50:8d:02:28:d8:be:94:73:
01:2a:57:ea:96:f6:84:f3:09:43:62:df:63:94:5e:9d:2c:34:
9e:b0:39:58:56:44:ba:ea:c2:b5:7f:48:31:a8:d4:d9:a9:78:
73:a6:22:84:37:ed:93:6e:d9:92:3c:0e:c0:18:7d:70:62:7d:
40:bb:67:11:eb:0f:77:ca:07:9e:e0:4d:07:0c:20:0b:56:59:
ec:9f:a3:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2k+EsIXmnBYNUjBY+OmdJiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ODdkMDA0N2ZiMWQ4OTEyYzYzZjkxMTMwNWE3MTRmNDM4
YjFlNzEwHhcNMjYwNDE5MDkwMDI4WhcNMjYwNDIwMDkwMDI4WjAzMTEwLwYDVQQD
EygxMmZkZjBkNDNmYzE5M2JkZThmNzJkZGFhZjJhZTBhNGJkMWIzNzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTOCiSA5yPU9/zkfdvkW+ABL8Ouc
YDF/c+VIaob2pMBcp7iA86I4gdqpo4Fdtn+d20+yMUMLBrhSyYdPK+YXEIXvgA8A
m4swlNIb37KmQkC5K+oGEntT8fShzHYgNGnZe+zjYT/9LpvxZ6/58OW7Uv6W0xfF
4OGzMd1N9lH3NOa5GoMTOKsLD5lNZ7qTHKBVJSEcb3ytUFPU3cMBxK+whfEFQRb6
K27tDX4oDQcHvZRacsf7MPr1KI24iZFZg5VlTR38tbxHSQsNZdeE33WC1cdO3Bee
RwaIkuIYbCvqCSLaXocq6wUS8AiiqlIEZneUUrKRhOrblGe6eQD8cO0qnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBL98NQ/wZO96Pct2q8q4KS9GzeSMB8GA1UdIwQY
MBaAFGmH0AR/sdiRLGP5ETBacU9Dix5xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVlmUUJILXgySkVzWV9rUk1GcHhUME9MSG5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9kODM0NTQtZDM1OS00ZTllLTg0MWMt
NDI5MTRiZTBhYTA0LzEvYVlmUUJILXgySkVzWV9rUk1GcHhUME9MSG5FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9kODM0NTQtZDM1OS00ZTllLTg0MWMtNDI5MTRiZTBhYTA0
LzEvYVlmUUJILXgySkVzWV9rUk1GcHhUME9MSG5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxi9QBwC7
PBKoDQZW+RPLnR87vlRlldlfPu+5uNlrkjeULyQ1i7egLGV4gshJIFtqiPSploy/
0rKlycU45AxmPwYfMlhorfXB8thLZqPaC9PqLicGv+OgX3JTyYk5gvMvDuG32SYD
mhAFG+7b+zH4F1O4PUj0nYyW/SlA2JM3MbXY0ljzoAF3Q56fICaLhm0y/Q86uoMf
aWSVGbg9VnZnrRROFsmEau+/Yt4qDVCNAijYvpRzASpX6pb2hPMJQ2LfY5RenSw0
nrA5WFZEuurCtX9IMajU2al4c6YihDftk27ZkjwOwBh9cGJ9QLtnEesPd8oHnuBN
BwwgC1ZZ7J+jTw==
-----END CERTIFICATE-----
Generated at Sun Apr 19 13:42:47 2026 by rpki-client