Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/d8f845-6250-4df8-90c0-e24b579c9914/1/SS0kreN6IjOTKECddX1H-XlDt6A.mft
File: SS0kreN6IjOTKECddX1H-XlDt6A.mft (raw, json)
Hash identifier: YjTKIpNEmI+4QvgD35jxFL00V8xm52lXDDh8ITxIgW0=
Subject key identifier: 9A:FE:B6:48:08:E2:B5:22:A6:33:20:98:0E:B3:65:3C:60:6B:29:8E
Authority key identifier: 49:2D:24:AD:E3:7A:22:33:93:28:40:9D:75:7D:47:F9:79:43:B7:A0
Certificate issuer: /CN=492d24ade37a22339328409d757d47f97943b7a0
Certificate serial: 019DA4F91316AF99A4EEEACF84E7446763BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SS0kreN6IjOTKECddX1H-XlDt6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/d8f845-6250-4df8-90c0-e24b579c9914/1/SS0kreN6IjOTKECddX1H-XlDt6A.mft
Manifest number: 0FC3
Signing time: Sun 19 Apr 2026 09:01:19 +0000
Manifest this update: Sun 19 Apr 2026 09:01:19 +0000
Manifest next update: Mon 20 Apr 2026 09:01:19 +0000
Files and hashes: 1: NFYt2GuSWXtuOwlW6Nq8CMWtovs.roa (hash: puZ/+ztmFMeMmQqgSFGKCmQg2VYFRDLAAcv+aC1rqdo=)
2: SS0kreN6IjOTKECddX1H-XlDt6A.crl (hash: TIk+SfT1FlA+7lkdFKI6wc5QfJD7RHpTSioQrrS++9o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/d8f845-6250-4df8-90c0-e24b579c9914/1/SS0kreN6IjOTKECddX1H-XlDt6A.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/d8f845-6250-4df8-90c0-e24b579c9914/1/SS0kreN6IjOTKECddX1H-XlDt6A.mft
rsync://rpki.ripe.net/repository/DEFAULT/SS0kreN6IjOTKECddX1H-XlDt6A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a4:f9:13:16:af:99:a4:ee:ea:cf:84:e7:44:67:63:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=492d24ade37a22339328409d757d47f97943b7a0
Validity
Not Before: Apr 19 09:01:19 2026 GMT
Not After : Apr 20 09:01:19 2026 GMT
Subject: CN=9afeb64808e2b522a63320980eb3653c606b298e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:28:fd:4d:ca:2f:ea:ac:21:b3:b3:be:7a:96:
37:95:3e:52:25:85:5b:58:db:64:06:08:19:5e:6b:
98:78:d2:57:b1:c0:c9:46:2d:93:bb:2b:25:cf:98:
32:fc:c4:f1:0b:2f:32:db:80:c8:f3:97:c7:12:3c:
20:f5:ee:00:95:61:63:07:a3:02:36:b9:20:9e:34:
2d:1b:2c:4a:e0:f4:1a:00:66:5f:1d:90:93:fc:03:
9c:b9:96:8b:c8:29:86:a7:89:06:01:fe:52:e8:f2:
7f:95:d5:e7:42:33:68:4b:aa:8b:6b:1e:b0:06:8d:
61:a6:fb:78:8f:40:95:d1:87:4b:26:13:c9:6e:4e:
d2:19:02:cd:b7:eb:f6:37:f0:d8:f6:c3:67:ce:3f:
11:9f:a7:b5:42:77:39:d5:60:8f:b7:5f:7a:96:a3:
54:16:df:ac:13:ba:03:ae:1b:f1:37:b3:38:84:fa:
57:67:ef:87:bc:49:fb:6c:8f:2a:6c:64:41:70:17:
e7:f3:d3:2f:07:1b:54:2f:27:af:0a:72:8c:ae:9d:
37:7e:52:13:7d:28:fc:9f:e5:db:b2:4c:0c:16:b0:
71:ca:ee:be:7a:a8:07:21:34:f0:d9:8d:58:34:b4:
ba:ab:32:40:f5:25:62:91:4f:69:29:30:21:b4:94:
52:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:FE:B6:48:08:E2:B5:22:A6:33:20:98:0E:B3:65:3C:60:6B:29:8E
X509v3 Authority Key Identifier:
keyid:49:2D:24:AD:E3:7A:22:33:93:28:40:9D:75:7D:47:F9:79:43:B7:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SS0kreN6IjOTKECddX1H-XlDt6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/d8f845-6250-4df8-90c0-e24b579c9914/1/SS0kreN6IjOTKECddX1H-XlDt6A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/d8f845-6250-4df8-90c0-e24b579c9914/1/SS0kreN6IjOTKECddX1H-XlDt6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
da:4f:22:fe:0b:aa:66:a1:c5:01:5c:29:f7:06:b0:2e:21:8d:
c3:96:11:66:db:11:a7:2d:7f:bb:f1:93:35:bf:35:91:00:12:
98:5d:e5:e0:e0:e9:ec:a9:86:b1:72:21:dd:37:11:7e:85:f3:
fb:fe:fb:c9:62:99:7f:6a:5b:88:f1:38:6c:94:02:88:ed:8d:
5c:8a:6d:8b:a0:51:c4:90:0d:c3:3b:59:0c:8f:37:c4:1e:f7:
79:46:e4:9c:d2:fe:ac:29:a8:1e:59:4d:14:72:4b:10:c4:e5:
fc:33:1c:3c:b7:68:49:64:8f:04:c0:09:2b:83:11:c5:37:51:
70:33:f6:39:b0:9b:c0:23:99:fe:24:a1:c7:e4:2c:c2:a5:7f:
68:52:e1:e1:03:42:db:00:9e:e2:12:8c:31:70:21:7a:59:f2:
bc:1a:5b:f6:8d:c5:63:1d:02:b7:e4:6c:a5:5c:80:b3:d9:e2:
7c:f1:9f:71:dc:c7:ee:e9:58:d6:38:25:1a:08:11:f2:a6:b2:
2f:b6:37:7c:bc:bd:a9:d6:ae:e9:1a:37:63:9e:5f:82:6f:dd:
17:d5:6c:53:ce:ac:f3:fc:2e:2c:c4:26:56:45:90:95:5d:c3:
60:b6:c8:0f:9b:b2:7f:f2:36:20:ee:81:ee:4f:9f:9a:34:3f:
77:fa:0a:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2k+RMWr5mk7urPhOdEZ2O6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MmQyNGFkZTM3YTIyMzM5MzI4NDA5ZDc1N2Q0N2Y5Nzk0
M2I3YTAwHhcNMjYwNDE5MDkwMTE5WhcNMjYwNDIwMDkwMTE5WjAzMTEwLwYDVQQD
Eyg5YWZlYjY0ODA4ZTJiNTIyYTYzMzIwOTgwZWIzNjUzYzYwNmIyOThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyj9Tcov6qwhs7O+epY3lT5SJYVb
WNtkBggZXmuYeNJXscDJRi2Tuyslz5gy/MTxCy8y24DI85fHEjwg9e4AlWFjB6MC
NrkgnjQtGyxK4PQaAGZfHZCT/AOcuZaLyCmGp4kGAf5S6PJ/ldXnQjNoS6qLax6w
Bo1hpvt4j0CV0YdLJhPJbk7SGQLNt+v2N/DY9sNnzj8Rn6e1Qnc51WCPt196lqNU
Ft+sE7oDrhvxN7M4hPpXZ++HvEn7bI8qbGRBcBfn89MvBxtULyevCnKMrp03flIT
fSj8n+XbskwMFrBxyu6+eqgHITTw2Y1YNLS6qzJA9SVikU9pKTAhtJRSAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJr+tkgI4rUipjMgmA6zZTxgaymOMB8GA1UdIwQY
MBaAFEktJK3jeiIzkyhAnXV9R/l5Q7egMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1Mwa3JlTjZJak9US0VDZGRYMUgtWGxEdDZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9kOGY4NDUtNjI1MC00ZGY4LTkwYzAt
ZTI0YjU3OWM5OTE0LzEvU1Mwa3JlTjZJak9US0VDZGRYMUgtWGxEdDZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS9kOGY4NDUtNjI1MC00ZGY4LTkwYzAtZTI0YjU3OWM5OTE0
LzEvU1Mwa3JlTjZJak9US0VDZGRYMUgtWGxEdDZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2k8i/guq
ZqHFAVwp9wawLiGNw5YRZtsRpy1/u/GTNb81kQASmF3l4ODp7KmGsXIh3TcRfoXz
+/77yWKZf2pbiPE4bJQCiO2NXIpti6BRxJANwztZDI83xB73eUbknNL+rCmoHllN
FHJLEMTl/DMcPLdoSWSPBMAJK4MRxTdRcDP2ObCbwCOZ/iShx+QswqV/aFLh4QNC
2wCe4hKMMXAhelnyvBpb9o3FYx0Ct+RspVyAs9nifPGfcdzH7ulY1jglGggR8qay
L7Y3fLy9qdau6Ro3Y55fgm/dF9VsU86s8/wuLMQmVkWQlV3DYLbID5uyf/I2IO6B
7k+fmjQ/d/oKEQ==
-----END CERTIFICATE-----
Generated at Sun Apr 19 11:36:08 2026 by rpki-client