Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/045c4b-c0d7-4778-9f44-823ad2c2f5f1/1/BGelYhGyHprHzcj7Y58xCpLCEEw.mft
File: BGelYhGyHprHzcj7Y58xCpLCEEw.mft (raw, json)
Hash identifier: 5d/u9AL7evoz4gS7w/QpuJYGfDmop/krPY5ZiQxONok=
Subject key identifier: A5:84:53:3C:C6:95:F8:38:FE:90:B1:0C:30:D9:CF:FB:7B:AC:D1:DB
Authority key identifier: 04:67:A5:62:11:B2:1E:9A:C7:CD:C8:FB:63:9F:31:0A:92:C2:10:4C
Certificate issuer: /CN=0467a56211b21e9ac7cdc8fb639f310a92c2104c
Certificate serial: 019D992B1DF344A93CCB390FA388B479A9FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BGelYhGyHprHzcj7Y58xCpLCEEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/045c4b-c0d7-4778-9f44-823ad2c2f5f1/1/BGelYhGyHprHzcj7Y58xCpLCEEw.mft
Manifest number: 0FA3
Signing time: Fri 17 Apr 2026 02:00:32 +0000
Manifest this update: Fri 17 Apr 2026 02:00:32 +0000
Manifest next update: Sat 18 Apr 2026 02:00:32 +0000
Files and hashes: 1: 1-WmJXUzndEvurHNC9z-EdX-GqLg.roa (hash: k4/qUPEWtP0yhAjTXryxItYMnfRgWY9Qd/ypPo+vPZA=)
2: BGelYhGyHprHzcj7Y58xCpLCEEw.crl (hash: e0j6POUBNsi0ldEmkTMBURZyqcezoWWHaJ83C4MGtg8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/045c4b-c0d7-4778-9f44-823ad2c2f5f1/1/BGelYhGyHprHzcj7Y58xCpLCEEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/045c4b-c0d7-4778-9f44-823ad2c2f5f1/1/BGelYhGyHprHzcj7Y58xCpLCEEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/BGelYhGyHprHzcj7Y58xCpLCEEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 02:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:2b:1d:f3:44:a9:3c:cb:39:0f:a3:88:b4:79:a9:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0467a56211b21e9ac7cdc8fb639f310a92c2104c
Validity
Not Before: Apr 17 02:00:32 2026 GMT
Not After : Apr 18 02:00:32 2026 GMT
Subject: CN=a584533cc695f838fe90b10c30d9cffb7bacd1db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:b8:38:aa:dc:45:b5:3d:56:e0:4e:4e:c7:bb:
a3:80:13:a3:6d:eb:a2:f1:5a:99:9c:2d:60:a5:a7:
07:16:86:2d:1d:c3:20:58:6f:f4:8a:9b:92:f4:a1:
1c:c4:72:4a:8f:03:18:b6:1e:b3:0c:d6:d5:99:d4:
37:48:c8:27:7e:a4:93:0e:ac:41:83:d4:8e:35:4f:
d3:04:06:c9:76:16:f9:e7:13:77:66:52:a8:63:9f:
29:52:32:30:59:8a:a1:29:2a:91:95:3c:04:8d:5b:
31:28:44:59:bf:63:47:d7:1a:79:f8:82:ea:45:01:
7f:b8:c6:d1:4d:25:46:c1:a4:f3:a6:a0:9e:c3:93:
e1:25:a7:f2:72:91:d6:77:18:43:20:dd:71:0c:9b:
f5:b1:70:aa:cd:ba:8c:93:c7:f3:50:6e:6e:4c:85:
d0:e0:17:83:88:6a:84:20:73:5e:58:2d:08:45:47:
3a:a3:1f:44:38:24:e7:35:53:6a:e5:f0:3a:8f:10:
9e:5c:b4:f6:b3:42:61:cd:21:b7:9e:c5:5d:80:9a:
02:9a:70:b2:74:ff:ee:15:ce:4e:ac:4e:1a:2f:0d:
05:e8:26:5d:ab:bf:66:97:24:c1:2c:7f:cb:62:bc:
f3:05:71:9c:b2:14:18:3a:8b:bb:c5:14:64:f5:28:
5a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:84:53:3C:C6:95:F8:38:FE:90:B1:0C:30:D9:CF:FB:7B:AC:D1:DB
X509v3 Authority Key Identifier:
keyid:04:67:A5:62:11:B2:1E:9A:C7:CD:C8:FB:63:9F:31:0A:92:C2:10:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BGelYhGyHprHzcj7Y58xCpLCEEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/045c4b-c0d7-4778-9f44-823ad2c2f5f1/1/BGelYhGyHprHzcj7Y58xCpLCEEw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/045c4b-c0d7-4778-9f44-823ad2c2f5f1/1/BGelYhGyHprHzcj7Y58xCpLCEEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
76:d7:13:c4:cd:1d:1e:3d:b5:4d:a9:35:1a:91:5a:13:a7:a9:
82:d6:2e:64:4d:72:2b:5c:b9:a2:4a:14:0c:14:bd:f7:38:be:
8a:a4:ac:93:32:38:9f:5e:cf:fa:1a:b7:73:8f:ad:28:25:97:
82:4e:da:85:e5:54:d2:fb:e4:27:d4:c6:ff:ac:29:eb:9a:57:
d4:5d:79:c6:51:82:f9:07:61:17:91:14:18:b0:f2:e8:a7:1c:
bf:48:49:10:5b:70:66:48:99:bc:df:0e:7e:04:45:99:22:25:
3c:01:df:06:51:cb:25:b3:a3:7d:1a:0c:48:2f:1b:67:9c:0a:
2d:be:5d:2e:21:49:91:e7:9c:35:ce:e5:76:ee:a6:ae:95:c1:
89:3d:ba:0e:1c:3f:75:08:58:4d:d1:ff:2f:3b:cd:2b:3d:b6:
93:48:9e:c5:ed:b3:d4:52:94:1f:4b:92:4a:93:53:30:37:40:
32:fc:24:af:ad:8f:26:39:95:c5:ec:23:cf:f0:2c:ee:4d:a5:
63:87:5d:76:77:dd:eb:5b:2c:7a:59:48:7a:40:3c:65:c1:e8:
bf:9f:b2:3d:35:5f:97:6d:09:81:49:15:d0:b1:36:55:e9:2b:
08:c0:49:a9:29:31:91:70:65:02:ee:ac:d5:17:34:79:99:3f:
5e:78:33:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZKx3zRKk8yzkPo4i0ean9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NjdhNTYyMTFiMjFlOWFjN2NkYzhmYjYzOWYzMTBhOTJj
MjEwNGMwHhcNMjYwNDE3MDIwMDMyWhcNMjYwNDE4MDIwMDMyWjAzMTEwLwYDVQQD
EyhhNTg0NTMzY2M2OTVmODM4ZmU5MGIxMGMzMGQ5Y2ZmYjdiYWNkMWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5rg4qtxFtT1W4E5Ox7ujgBOjbeui
8VqZnC1gpacHFoYtHcMgWG/0ipuS9KEcxHJKjwMYth6zDNbVmdQ3SMgnfqSTDqxB
g9SONU/TBAbJdhb55xN3ZlKoY58pUjIwWYqhKSqRlTwEjVsxKERZv2NH1xp5+ILq
RQF/uMbRTSVGwaTzpqCew5PhJafycpHWdxhDIN1xDJv1sXCqzbqMk8fzUG5uTIXQ
4BeDiGqEIHNeWC0IRUc6ox9EOCTnNVNq5fA6jxCeXLT2s0JhzSG3nsVdgJoCmnCy
dP/uFc5OrE4aLw0F6CZdq79mlyTBLH/LYrzzBXGcshQYOou7xRRk9Sha3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKWEUzzGlfg4/pCxDDDZz/t7rNHbMB8GA1UdIwQY
MBaAFARnpWIRsh6ax83I+2OfMQqSwhBMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkdlbFloR3lIcHJIemNqN1k1OHhDcExDRUV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8wNDVjNGItYzBkNy00Nzc4LTlmNDQt
ODIzYWQyYzJmNWYxLzEvQkdlbFloR3lIcHJIemNqN1k1OHhDcExDRUV3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8wNDVjNGItYzBkNy00Nzc4LTlmNDQtODIzYWQyYzJmNWYx
LzEvQkdlbFloR3lIcHJIemNqN1k1OHhDcExDRUV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdtcTxM0d
Hj21Tak1GpFaE6epgtYuZE1yK1y5okoUDBS99zi+iqSskzI4n17P+hq3c4+tKCWX
gk7aheVU0vvkJ9TG/6wp65pX1F15xlGC+QdhF5EUGLDy6Kccv0hJEFtwZkiZvN8O
fgRFmSIlPAHfBlHLJbOjfRoMSC8bZ5wKLb5dLiFJkeecNc7ldu6mrpXBiT26Dhw/
dQhYTdH/LzvNKz22k0iexe2z1FKUH0uSSpNTMDdAMvwkr62PJjmVxewjz/As7k2l
Y4dddnfd61ssellIekA8ZcHov5+yPTVfl20JgUkV0LE2VekrCMBJqSkxkXBlAu6s
1Rc0eZk/XngzYg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 09:47:05 2026 by rpki-client