Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/fc522f-b20f-47af-80c6-1a97944c91ca/1/bSID7B5abCZsyjm5rxq-LLILGVo.mft
File: bSID7B5abCZsyjm5rxq-LLILGVo.mft (raw, json)
Hash identifier: 4KSe/+kmeL7Or7DTjDyzfTn06KSQuSRYXek61eX5oHw=
Subject key identifier: DF:39:55:E2:0B:16:F4:99:7D:15:37:92:AC:65:81:6E:65:28:82:9A
Authority key identifier: 6D:22:03:EC:1E:5A:6C:26:6C:CA:39:B9:AF:1A:BE:2C:B2:0B:19:5A
Certificate issuer: /CN=6d2203ec1e5a6c266cca39b9af1abe2cb20b195a
Certificate serial: 019D9A3EF453C9ED4D0E1F5384139B0ECCBA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSID7B5abCZsyjm5rxq-LLILGVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/fc522f-b20f-47af-80c6-1a97944c91ca/1/bSID7B5abCZsyjm5rxq-LLILGVo.mft
Manifest number: 18C1
Signing time: Fri 17 Apr 2026 07:01:49 +0000
Manifest this update: Fri 17 Apr 2026 07:01:49 +0000
Manifest next update: Sat 18 Apr 2026 07:01:49 +0000
Files and hashes: 1: KEjUQVlN-kYa2GK1u7oIUmkIKDw.roa (hash: XXTQdFb/FE8pQqJgVu712tdHVCXz3R+MnP7POS5nFQU=)
2: bSID7B5abCZsyjm5rxq-LLILGVo.crl (hash: 0BSDS9U5BMWpWdE4vjtFxMgB6NI6MpRzCv3Va9mkxic=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/fc522f-b20f-47af-80c6-1a97944c91ca/1/bSID7B5abCZsyjm5rxq-LLILGVo.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/fc522f-b20f-47af-80c6-1a97944c91ca/1/bSID7B5abCZsyjm5rxq-LLILGVo.mft
rsync://rpki.ripe.net/repository/DEFAULT/bSID7B5abCZsyjm5rxq-LLILGVo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:3e:f4:53:c9:ed:4d:0e:1f:53:84:13:9b:0e:cc:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d2203ec1e5a6c266cca39b9af1abe2cb20b195a
Validity
Not Before: Apr 17 07:01:49 2026 GMT
Not After : Apr 18 07:01:49 2026 GMT
Subject: CN=df3955e20b16f4997d153792ac65816e6528829a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:36:63:12:91:e6:33:8d:39:c5:7a:dc:b2:9d:
11:cb:6e:77:8e:00:6b:10:f8:ff:25:c4:2c:38:19:
a3:03:c7:72:f3:d3:3a:01:3c:f3:48:e2:6b:42:21:
86:30:b8:2f:76:20:8d:0a:35:81:be:c7:73:d5:0b:
99:99:01:8a:0b:90:90:e8:b3:a6:2b:30:80:8b:44:
72:7e:7f:cd:1d:f6:52:67:4a:d5:a8:28:ca:61:80:
c8:aa:b3:f0:fe:38:6a:92:75:ad:4b:22:8c:72:14:
35:a4:68:f7:5f:1c:7d:9d:f2:61:ca:75:c7:3b:43:
fa:18:12:54:2c:b2:bf:ea:0c:4f:01:96:37:e9:45:
b2:7c:5d:12:3b:a6:20:1e:b7:58:38:c5:98:c5:4d:
d1:96:2d:b6:d2:c6:0a:ba:79:9d:34:31:a1:e1:a3:
4d:1f:8b:e2:bc:ad:c5:2d:c8:e6:1d:c1:b9:a1:52:
77:7e:63:a1:e0:ab:f0:be:9f:fe:9f:53:14:50:94:
45:ee:d2:99:65:1b:e2:9b:b0:a5:42:a3:bf:fe:23:
93:4f:8a:8b:74:ac:53:0b:18:29:51:30:fa:96:6d:
3c:75:7f:7a:b8:a6:31:c7:30:9b:0c:e8:85:db:8b:
b7:ec:32:be:d1:0c:ec:92:2a:8c:d8:0e:54:42:3f:
c0:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:39:55:E2:0B:16:F4:99:7D:15:37:92:AC:65:81:6E:65:28:82:9A
X509v3 Authority Key Identifier:
keyid:6D:22:03:EC:1E:5A:6C:26:6C:CA:39:B9:AF:1A:BE:2C:B2:0B:19:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSID7B5abCZsyjm5rxq-LLILGVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/fc522f-b20f-47af-80c6-1a97944c91ca/1/bSID7B5abCZsyjm5rxq-LLILGVo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/fc522f-b20f-47af-80c6-1a97944c91ca/1/bSID7B5abCZsyjm5rxq-LLILGVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
14:0c:cb:c4:d3:71:40:8d:8b:12:72:bc:58:87:c4:27:f9:ec:
83:0b:7f:e3:2d:6b:4b:08:b4:ac:3b:72:65:5f:d8:a3:11:55:
b9:52:6f:b2:65:53:9f:16:8f:a0:a4:fe:9d:0b:da:7d:70:c7:
b0:7e:93:e6:cd:75:f4:e2:79:6a:d4:de:a8:43:53:38:0a:0d:
56:6e:ec:f5:ed:31:29:99:9e:05:77:27:8e:d0:46:ab:24:30:
2d:af:b5:a1:1b:0f:82:e4:9b:45:db:25:ea:06:b0:84:ed:ad:
55:08:8a:99:92:ec:c4:18:c9:36:31:e9:bc:01:3a:b8:a0:4e:
47:cd:4e:35:90:a8:c4:7b:5b:f1:2c:5e:0d:58:05:91:20:93:
33:3b:14:15:c1:5e:55:55:b5:9a:6a:48:89:d1:6d:63:72:18:
8f:fa:8b:df:7b:a3:c0:6f:f3:85:c5:5d:8e:61:26:60:9a:02:
42:7a:b1:d7:2b:e0:ae:cc:fa:3a:38:eb:d2:fd:ac:8e:19:d0:
de:4f:1d:99:dd:1f:db:77:e6:72:31:ec:52:77:b9:c8:f4:61:
4c:86:b1:84:3b:bb:bd:6b:2a:0d:c3:97:4a:e8:25:d0:6d:4f:
77:2d:02:bf:bf:4c:0d:5d:e4:f5:76:6e:f8:c5:83:5b:9b:b4:
ab:a4:7f:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aPvRTye1NDh9ThBObDsy6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjIwM2VjMWU1YTZjMjY2Y2NhMzliOWFmMWFiZTJjYjIw
YjE5NWEwHhcNMjYwNDE3MDcwMTQ5WhcNMjYwNDE4MDcwMTQ5WjAzMTEwLwYDVQQD
EyhkZjM5NTVlMjBiMTZmNDk5N2QxNTM3OTJhYzY1ODE2ZTY1Mjg4MjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzZjEpHmM405xXrcsp0Ry253jgBr
EPj/JcQsOBmjA8dy89M6ATzzSOJrQiGGMLgvdiCNCjWBvsdz1QuZmQGKC5CQ6LOm
KzCAi0Ryfn/NHfZSZ0rVqCjKYYDIqrPw/jhqknWtSyKMchQ1pGj3Xxx9nfJhynXH
O0P6GBJULLK/6gxPAZY36UWyfF0SO6YgHrdYOMWYxU3Rli220sYKunmdNDGh4aNN
H4vivK3FLcjmHcG5oVJ3fmOh4Kvwvp/+n1MUUJRF7tKZZRvim7ClQqO//iOTT4qL
dKxTCxgpUTD6lm08dX96uKYxxzCbDOiF24u37DK+0QzskiqM2A5UQj/AXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN85VeILFvSZfRU3kqxlgW5lKIKaMB8GA1UdIwQY
MBaAFG0iA+weWmwmbMo5ua8aviyyCxlaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNJRDdCNWFiQ1pzeWptNXJ4cS1MTElMR1ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9mYzUyMmYtYjIwZi00N2FmLTgwYzYt
MWE5Nzk0NGM5MWNhLzEvYlNJRDdCNWFiQ1pzeWptNXJ4cS1MTElMR1ZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9mYzUyMmYtYjIwZi00N2FmLTgwYzYtMWE5Nzk0NGM5MWNh
LzEvYlNJRDdCNWFiQ1pzeWptNXJ4cS1MTElMR1ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFAzLxNNx
QI2LEnK8WIfEJ/nsgwt/4y1rSwi0rDtyZV/YoxFVuVJvsmVTnxaPoKT+nQvafXDH
sH6T5s119OJ5atTeqENTOAoNVm7s9e0xKZmeBXcnjtBGqyQwLa+1oRsPguSbRdsl
6gawhO2tVQiKmZLsxBjJNjHpvAE6uKBOR81ONZCoxHtb8SxeDVgFkSCTMzsUFcFe
VVW1mmpIidFtY3IYj/qL33ujwG/zhcVdjmEmYJoCQnqx1yvgrsz6Ojjr0v2sjhnQ
3k8dmd0f23fmcjHsUne5yPRhTIaxhDu7vWsqDcOXSugl0G1Pdy0Cv79MDV3k9XZu
+MWDW5u0q6R/Gw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:02:13 2026 by rpki-client