Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/523b95-3ddc-4818-9265-daaf29211949/1/Dz8TMs_wWyKjpmptTDSPvAHeEVw.mft
File: Dz8TMs_wWyKjpmptTDSPvAHeEVw.mft (raw, json)
Hash identifier: R6zWOlvDqGdVv0pEcRFJkx1H74KyQh3CBdVnt2VKOSk=
Subject key identifier: 36:C5:88:7B:13:3F:85:54:DF:6D:8E:C5:BF:FA:CC:73:33:91:29:A3
Authority key identifier: 0F:3F:13:32:CF:F0:5B:22:A3:A6:6A:6D:4C:34:8F:BC:01:DE:11:5C
Certificate issuer: /CN=0f3f1332cff05b22a3a66a6d4c348fbc01de115c
Certificate serial: 019D9A3F127FAC71202664BF899C5AC81D43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dz8TMs_wWyKjpmptTDSPvAHeEVw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/523b95-3ddc-4818-9265-daaf29211949/1/Dz8TMs_wWyKjpmptTDSPvAHeEVw.mft
Manifest number: 18C1
Signing time: Fri 17 Apr 2026 07:01:57 +0000
Manifest this update: Fri 17 Apr 2026 07:01:57 +0000
Manifest next update: Sat 18 Apr 2026 07:01:57 +0000
Files and hashes: 1: Dz8TMs_wWyKjpmptTDSPvAHeEVw.crl (hash: 7dcdh27UxA68HQprPMZWk7rUSE8Bv4rt3aIR0Jj9Tm8=)
2: dLnEEciYoxf4zHYKdVd3Cs6UXwE.roa (hash: fuSsuZb+gCHUO48DwmuXqWY4VCL5Q795gkNmczjB/Fk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/523b95-3ddc-4818-9265-daaf29211949/1/Dz8TMs_wWyKjpmptTDSPvAHeEVw.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/523b95-3ddc-4818-9265-daaf29211949/1/Dz8TMs_wWyKjpmptTDSPvAHeEVw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Dz8TMs_wWyKjpmptTDSPvAHeEVw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:3f:12:7f:ac:71:20:26:64:bf:89:9c:5a:c8:1d:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f3f1332cff05b22a3a66a6d4c348fbc01de115c
Validity
Not Before: Apr 17 07:01:57 2026 GMT
Not After : Apr 18 07:01:57 2026 GMT
Subject: CN=36c5887b133f8554df6d8ec5bffacc73339129a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:5c:a0:52:02:cf:ea:8c:be:2d:15:52:09:09:
65:9c:c0:48:5e:e5:76:76:06:00:6f:60:83:03:3e:
d8:b8:a9:c1:66:29:0c:6c:b9:fc:ca:f9:9a:7c:2e:
38:cf:4f:37:54:ea:50:b2:78:af:20:a8:c9:45:8b:
0a:24:b6:c0:0b:a5:6d:ae:45:46:e0:65:68:3c:d2:
87:8f:cb:65:a7:48:42:6d:9b:c3:6f:ef:68:60:13:
f5:7e:56:ab:b5:58:da:d3:11:34:27:6b:05:5b:95:
3c:fb:a3:41:95:c3:1b:c2:4b:8f:6a:28:f3:6b:cc:
2a:b3:71:63:bc:10:ab:3c:fc:73:8a:f1:a0:71:15:
c6:8d:3a:40:07:42:31:6a:b0:02:a8:40:8a:f6:6f:
34:a9:fb:06:68:b7:fb:b3:8c:cc:72:2f:53:54:a2:
30:7c:9e:59:fa:77:7d:8d:f3:21:b8:49:5d:69:4a:
1a:8b:9e:c3:b4:03:1a:d6:0c:92:ec:ef:74:fe:0b:
53:c4:49:9b:cb:44:78:74:cb:09:7f:97:20:54:7d:
f6:30:1b:40:cf:23:17:92:5f:a5:0c:fa:d6:e0:47:
04:93:9c:b5:ef:1d:de:ad:f7:ec:6a:68:2f:b9:21:
2e:7c:f3:8d:9a:01:9e:77:95:69:b7:5e:59:9b:16:
65:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:C5:88:7B:13:3F:85:54:DF:6D:8E:C5:BF:FA:CC:73:33:91:29:A3
X509v3 Authority Key Identifier:
keyid:0F:3F:13:32:CF:F0:5B:22:A3:A6:6A:6D:4C:34:8F:BC:01:DE:11:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dz8TMs_wWyKjpmptTDSPvAHeEVw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/523b95-3ddc-4818-9265-daaf29211949/1/Dz8TMs_wWyKjpmptTDSPvAHeEVw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/523b95-3ddc-4818-9265-daaf29211949/1/Dz8TMs_wWyKjpmptTDSPvAHeEVw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
83:43:d2:cd:4b:66:83:04:39:a2:15:67:16:b2:83:7e:e3:12:
47:13:8b:f0:76:5a:f3:d6:3e:2d:c4:d4:9c:4f:eb:01:a7:cb:
ab:1e:c8:23:d4:f6:29:63:80:62:9b:5b:b2:3d:98:76:83:b6:
f0:f7:ef:9d:f2:49:39:3b:6d:f9:98:b1:cb:ff:56:00:c7:e2:
f4:05:ae:d1:dc:ed:c8:10:1e:4b:f7:0f:55:1d:0f:8a:c1:dd:
ec:6a:fc:d0:9a:8a:cd:b0:58:c7:69:ee:bb:67:21:1c:92:da:
a9:87:66:19:bb:a9:b0:e7:f3:86:20:68:fc:b7:31:20:e5:2a:
a4:42:d4:e7:fa:af:0c:4a:a0:1d:85:8a:54:83:65:07:73:e9:
39:08:dc:89:f5:fb:86:33:4e:c5:57:eb:06:26:a4:1e:12:9b:
46:fa:ef:14:fc:6e:d2:28:c2:bd:f4:46:43:64:05:60:fa:71:
f5:6a:f7:e5:56:cb:e2:c8:6d:85:26:20:20:e0:83:05:48:48:
ed:da:67:ae:32:ef:5f:63:81:0b:8c:45:25:ba:13:38:b3:96:
99:bd:1e:95:1e:81:a7:1c:29:9b:30:00:f5:75:43:60:d8:a6:
c5:87:06:fd:95:7c:cb:e5:58:f7:6d:8e:e9:de:7c:47:b4:0b:
5b:2e:19:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aPxJ/rHEgJmS/iZxayB1DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmM2YxMzMyY2ZmMDViMjJhM2E2NmE2ZDRjMzQ4ZmJjMDFk
ZTExNWMwHhcNMjYwNDE3MDcwMTU3WhcNMjYwNDE4MDcwMTU3WjAzMTEwLwYDVQQD
EygzNmM1ODg3YjEzM2Y4NTU0ZGY2ZDhlYzViZmZhY2M3MzMzOTEyOWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0VygUgLP6oy+LRVSCQllnMBIXuV2
dgYAb2CDAz7YuKnBZikMbLn8yvmafC44z083VOpQsnivIKjJRYsKJLbAC6VtrkVG
4GVoPNKHj8tlp0hCbZvDb+9oYBP1flartVja0xE0J2sFW5U8+6NBlcMbwkuPaijz
a8wqs3FjvBCrPPxzivGgcRXGjTpAB0IxarACqECK9m80qfsGaLf7s4zMci9TVKIw
fJ5Z+nd9jfMhuEldaUoai57DtAMa1gyS7O90/gtTxEmby0R4dMsJf5cgVH32MBtA
zyMXkl+lDPrW4EcEk5y17x3erffsamgvuSEufPONmgGed5Vpt15ZmxZlSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDbFiHsTP4VU322Oxb/6zHMzkSmjMB8GA1UdIwQY
MBaAFA8/EzLP8Fsio6ZqbUw0j7wB3hFcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHo4VE1zX3dXeUtqcG1wdFREU1B2QUhlRVZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi81MjNiOTUtM2RkYy00ODE4LTkyNjUt
ZGFhZjI5MjExOTQ5LzEvRHo4VE1zX3dXeUtqcG1wdFREU1B2QUhlRVZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi81MjNiOTUtM2RkYy00ODE4LTkyNjUtZGFhZjI5MjExOTQ5
LzEvRHo4VE1zX3dXeUtqcG1wdFREU1B2QUhlRVZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg0PSzUtm
gwQ5ohVnFrKDfuMSRxOL8HZa89Y+LcTUnE/rAafLqx7II9T2KWOAYptbsj2YdoO2
8PfvnfJJOTtt+Zixy/9WAMfi9AWu0dztyBAeS/cPVR0PisHd7Gr80JqKzbBYx2nu
u2chHJLaqYdmGbupsOfzhiBo/LcxIOUqpELU5/qvDEqgHYWKVINlB3PpOQjcifX7
hjNOxVfrBiakHhKbRvrvFPxu0ijCvfRGQ2QFYPpx9Wr35VbL4shthSYgIOCDBUhI
7dpnrjLvX2OBC4xFJboTOLOWmb0elR6BpxwpmzAA9XVDYNimxYcG/ZV8y+VY922O
6d58R7QLWy4Z1Q==
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:14:46 2026 by rpki-client