Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/5141aa-18d9-4d34-8278-f3096a024e29/1/35qWOAlxTREDtkYNnQ4UoS6FAyU.mft
File: 35qWOAlxTREDtkYNnQ4UoS6FAyU.mft (raw, json)
Hash identifier: lmkZm8rP87HTq2yFxMR6q95W5bAgwjzsbRsIEsQ2lUE=
Subject key identifier: 86:9A:2D:AA:63:CC:45:CF:FA:59:77:5C:0B:B9:1C:8F:D2:29:04:BF
Authority key identifier: DF:9A:96:38:09:71:4D:11:03:B6:46:0D:9D:0E:14:A1:2E:85:03:25
Certificate issuer: /CN=df9a963809714d1103b6460d9d0e14a12e850325
Certificate serial: 019D9AABC53A7F79267E38BB853D133FD7C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/35qWOAlxTREDtkYNnQ4UoS6FAyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/5141aa-18d9-4d34-8278-f3096a024e29/1/35qWOAlxTREDtkYNnQ4UoS6FAyU.mft
Manifest number: 0FA7
Signing time: Fri 17 Apr 2026 09:00:41 +0000
Manifest this update: Fri 17 Apr 2026 09:00:41 +0000
Manifest next update: Sat 18 Apr 2026 09:00:41 +0000
Files and hashes: 1: 35qWOAlxTREDtkYNnQ4UoS6FAyU.crl (hash: 0EbZMaGKF5dLhn+8S5/Rrf1ImiG1YFg6IBD+UMIZwHw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/5141aa-18d9-4d34-8278-f3096a024e29/1/35qWOAlxTREDtkYNnQ4UoS6FAyU.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/5141aa-18d9-4d34-8278-f3096a024e29/1/35qWOAlxTREDtkYNnQ4UoS6FAyU.mft
rsync://rpki.ripe.net/repository/DEFAULT/35qWOAlxTREDtkYNnQ4UoS6FAyU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:ab:c5:3a:7f:79:26:7e:38:bb:85:3d:13:3f:d7:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df9a963809714d1103b6460d9d0e14a12e850325
Validity
Not Before: Apr 17 09:00:41 2026 GMT
Not After : Apr 18 09:00:41 2026 GMT
Subject: CN=869a2daa63cc45cffa59775c0bb91c8fd22904bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9b:2e:86:5e:62:26:c2:1d:21:56:e9:6c:ab:
fc:d7:d7:ad:02:e6:47:4d:a9:34:23:fc:ce:af:60:
1a:9c:3b:5f:25:57:cc:fd:3e:1d:18:cf:2a:6d:c6:
a9:0e:fa:f5:b0:ad:20:ac:39:f8:9b:69:d6:df:e5:
9d:5e:72:ac:80:ae:13:3a:a5:86:21:e6:e0:f3:6c:
23:cd:a0:50:df:cc:34:19:20:6a:bd:98:59:06:e7:
93:30:04:81:83:c1:31:5e:c9:a0:46:16:c4:88:40:
77:17:30:0a:42:4a:cd:26:66:41:ec:e3:e5:48:b4:
4d:42:31:7a:78:d6:ad:54:0f:4f:43:2f:f8:65:4e:
90:97:e7:26:ef:08:15:83:00:03:92:fd:b6:6c:20:
76:41:25:f5:58:74:fe:42:6d:7d:30:95:7a:f3:ca:
7a:72:55:b2:cc:6a:15:92:76:2f:c4:bb:dc:cf:fd:
9c:bc:23:49:5e:ae:16:41:9a:0d:c4:f4:63:9d:11:
cc:ef:a5:2b:89:92:e2:96:a0:b4:20:7c:cd:50:6e:
37:bb:b9:3a:24:49:2f:67:08:e2:47:ca:28:31:7a:
0d:a5:21:f2:02:41:49:e6:6d:34:b8:cd:dd:18:a1:
0b:83:fa:cb:00:79:e5:82:92:02:4d:ac:21:63:aa:
65:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:9A:2D:AA:63:CC:45:CF:FA:59:77:5C:0B:B9:1C:8F:D2:29:04:BF
X509v3 Authority Key Identifier:
keyid:DF:9A:96:38:09:71:4D:11:03:B6:46:0D:9D:0E:14:A1:2E:85:03:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/35qWOAlxTREDtkYNnQ4UoS6FAyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/5141aa-18d9-4d34-8278-f3096a024e29/1/35qWOAlxTREDtkYNnQ4UoS6FAyU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/5141aa-18d9-4d34-8278-f3096a024e29/1/35qWOAlxTREDtkYNnQ4UoS6FAyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
06:fc:9b:10:4c:f0:fb:cc:1b:2d:e3:36:17:1e:47:3b:9f:61:
55:41:92:13:f0:18:fd:23:88:5f:3f:04:ff:3e:a8:02:f6:1a:
5c:9e:b5:c4:0d:14:de:f0:5e:31:dc:a7:75:1a:5b:8b:11:9c:
e3:0a:ff:5a:86:60:ca:7e:f5:6a:4b:1f:ef:a9:10:e7:1d:f9:
d0:0d:86:da:93:65:46:c0:dd:81:c6:6b:af:19:be:85:52:a7:
90:ce:16:26:16:93:f1:81:be:8d:57:76:02:98:c5:6a:8e:95:
35:43:86:e3:e6:29:c1:74:e0:1d:14:98:37:ed:4b:68:64:df:
e9:5a:29:63:e8:fa:4c:88:55:b2:be:63:49:c6:f1:2c:27:f3:
09:25:89:54:00:f1:16:2d:71:e6:62:bc:b9:b4:7f:7d:fa:1a:
35:78:c3:85:43:c4:08:95:6b:0b:be:6e:7e:6f:d8:27:08:f9:
bf:8f:7c:14:50:2a:28:49:a3:0d:f9:86:93:b5:76:07:a2:22:
26:f6:57:41:b5:2b:d6:69:10:51:dc:f4:83:b2:a8:53:21:c6:
85:91:08:fe:75:2b:91:e9:1f:7b:90:4c:5c:76:52:27:32:12:
88:9b:73:05:16:6a:ec:6c:26:6c:66:4d:56:f3:9d:71:2a:76:
8d:3e:fe:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aq8U6f3kmfji7hT0TP9fAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmOWE5NjM4MDk3MTRkMTEwM2I2NDYwZDlkMGUxNGExMmU4
NTAzMjUwHhcNMjYwNDE3MDkwMDQxWhcNMjYwNDE4MDkwMDQxWjAzMTEwLwYDVQQD
Eyg4NjlhMmRhYTYzY2M0NWNmZmE1OTc3NWMwYmI5MWM4ZmQyMjkwNGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZsuhl5iJsIdIVbpbKv819etAuZH
Tak0I/zOr2AanDtfJVfM/T4dGM8qbcapDvr1sK0grDn4m2nW3+WdXnKsgK4TOqWG
Iebg82wjzaBQ38w0GSBqvZhZBueTMASBg8ExXsmgRhbEiEB3FzAKQkrNJmZB7OPl
SLRNQjF6eNatVA9PQy/4ZU6Ql+cm7wgVgwADkv22bCB2QSX1WHT+Qm19MJV688p6
clWyzGoVknYvxLvcz/2cvCNJXq4WQZoNxPRjnRHM76UriZLilqC0IHzNUG43u7k6
JEkvZwjiR8ooMXoNpSHyAkFJ5m00uM3dGKELg/rLAHnlgpICTawhY6pljQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIaaLapjzEXP+ll3XAu5HI/SKQS/MB8GA1UdIwQY
MBaAFN+aljgJcU0RA7ZGDZ0OFKEuhQMlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzVxV09BbHhUUkVEdGtZTm5RNFVvUzZGQXlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC81MTQxYWEtMThkOS00ZDM0LTgyNzgt
ZjMwOTZhMDI0ZTI5LzEvMzVxV09BbHhUUkVEdGtZTm5RNFVvUzZGQXlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC81MTQxYWEtMThkOS00ZDM0LTgyNzgtZjMwOTZhMDI0ZTI5
LzEvMzVxV09BbHhUUkVEdGtZTm5RNFVvUzZGQXlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABvybEEzw
+8wbLeM2Fx5HO59hVUGSE/AY/SOIXz8E/z6oAvYaXJ61xA0U3vBeMdyndRpbixGc
4wr/WoZgyn71aksf76kQ5x350A2G2pNlRsDdgcZrrxm+hVKnkM4WJhaT8YG+jVd2
ApjFao6VNUOG4+YpwXTgHRSYN+1LaGTf6VopY+j6TIhVsr5jScbxLCfzCSWJVADx
Fi1x5mK8ubR/ffoaNXjDhUPECJVrC75ufm/YJwj5v498FFAqKEmjDfmGk7V2B6Ii
JvZXQbUr1mkQUdz0g7KoUyHGhZEI/nUrkekfe5BMXHZSJzISiJtzBRZq7GwmbGZN
VvOdcSp2jT7+ZQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:57:02 2026 by rpki-client