Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
File: v99XKOyr1W70Y3NWlVhmylRoaRo.mft (raw, json)
Hash identifier: gCNDesJ2W2ioIJAXFOk75FAINwa8StKu9QCn6eVxgsE=
Subject key identifier: 80:5E:E5:A1:D3:99:59:AB:5E:10:42:F8:E3:DC:F5:BC:53:23:AB:89
Authority key identifier: BF:DF:57:28:EC:AB:D5:6E:F4:63:73:56:95:58:66:CA:54:68:69:1A
Certificate issuer: /CN=bfdf5728ecabd56ef4637356955866ca5468691a
Certificate serial: 019D98F47244870E00FA62EB8D76C4E90BB0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
Manifest number: 04E4
Signing time: Fri 17 Apr 2026 01:00:49 +0000
Manifest this update: Fri 17 Apr 2026 01:00:49 +0000
Manifest next update: Sat 18 Apr 2026 01:00:49 +0000
Files and hashes: 1: 3BcGBZCHDgJs9gSoEvIJqO6Wdng.roa (hash: QqrBTNsjue3924ijEFZUnNRSzA8ZRhSOavKbIrZOqys=)
2: v99XKOyr1W70Y3NWlVhmylRoaRo.crl (hash: M86xfn0CEE+RdZ2VptJRYuFV5OuLbzlvIdB2F3IZOfA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:98:f4:72:44:87:0e:00:fa:62:eb:8d:76:c4:e9:0b:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfdf5728ecabd56ef4637356955866ca5468691a
Validity
Not Before: Apr 17 01:00:49 2026 GMT
Not After : Apr 18 01:00:49 2026 GMT
Subject: CN=805ee5a1d39959ab5e1042f8e3dcf5bc5323ab89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b0:10:d7:dd:b4:6b:16:87:ca:e8:54:33:25:
ff:5f:90:a8:29:5c:b1:fd:6c:a8:ab:a9:0d:fc:00:
03:bc:66:4f:da:1f:ef:29:06:88:43:36:ce:82:b0:
9d:43:b9:49:74:65:fb:56:f4:38:a6:06:3c:95:c8:
a3:b4:ad:28:43:c8:6e:4d:0c:bb:58:f2:4d:d7:9c:
da:5c:b0:78:97:4b:27:60:ff:4e:38:93:53:da:94:
b6:6c:db:f5:73:e3:83:46:f3:c4:56:b3:94:a3:f8:
b7:1d:83:d2:a0:ac:60:51:56:be:8e:f8:f9:c3:fa:
db:32:f8:d7:1f:ee:6a:ed:99:0b:0f:ca:37:d4:b2:
5c:d1:89:63:99:38:57:f3:d1:38:1c:eb:0f:6c:ae:
70:89:7b:48:b2:15:77:09:f3:4d:16:60:59:9b:fa:
cd:57:90:8d:61:b9:a5:2a:13:a1:ab:7f:cd:44:b5:
60:d6:45:1c:3b:19:c8:11:02:58:91:0e:6a:c6:5c:
f3:18:68:c0:c9:3d:ab:b3:90:92:ec:11:61:84:0c:
9a:47:e6:f5:f9:b4:88:7c:2c:c9:74:3f:d0:aa:ae:
f9:cf:65:66:21:ad:8b:e8:a8:1a:80:94:4b:87:d0:
6a:d0:f2:43:5a:54:e8:f8:61:df:7f:7a:8d:fd:58:
57:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:5E:E5:A1:D3:99:59:AB:5E:10:42:F8:E3:DC:F5:BC:53:23:AB:89
X509v3 Authority Key Identifier:
keyid:BF:DF:57:28:EC:AB:D5:6E:F4:63:73:56:95:58:66:CA:54:68:69:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
97:05:9b:8c:e8:83:69:80:5c:df:ff:0c:c3:48:06:c0:93:77:
71:82:14:6a:0d:73:77:92:fb:b0:b0:d8:e9:63:48:dc:b4:e4:
9a:c2:59:09:6a:1e:d7:f9:dc:63:de:36:db:ed:32:41:48:11:
ad:89:18:09:48:25:28:70:1b:4c:95:4b:f9:4c:59:29:39:53:
7c:78:86:a8:24:37:14:8b:07:1c:f5:77:a4:c2:f1:c5:d4:c1:
4d:d7:ce:59:2b:b5:c0:8c:09:9e:22:e6:a6:f5:b0:42:e8:11:
f9:41:98:a6:a3:38:36:f7:46:e9:22:0a:31:82:3d:1f:31:ce:
4e:10:99:48:9c:9c:4e:af:27:28:01:b2:b3:08:7e:06:fa:52:
b1:17:4c:93:70:12:2a:b2:2e:73:52:e4:b8:df:97:5c:23:16:
c9:df:b3:f0:78:19:df:e2:c4:20:1c:c8:30:2b:86:b1:1d:57:
9a:e1:d4:ce:4f:01:e8:e0:e6:e4:3f:15:19:f4:37:b5:31:d5:
71:39:bb:10:07:72:9f:a1:57:c8:4f:da:f3:49:b3:0f:0f:58:
8d:f5:5d:d2:22:47:75:12:0e:8f:cc:41:c3:33:7f:fe:ff:59:
e9:81:35:c1:f7:cb:d5:17:23:10:ab:5d:dd:e2:b6:ee:4e:67:
dd:2f:7e:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9HJEhw4A+mLrjXbE6QuwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZGY1NzI4ZWNhYmQ1NmVmNDYzNzM1Njk1NTg2NmNhNTQ2
ODY5MWEwHhcNMjYwNDE3MDEwMDQ5WhcNMjYwNDE4MDEwMDQ5WjAzMTEwLwYDVQQD
Eyg4MDVlZTVhMWQzOTk1OWFiNWUxMDQyZjhlM2RjZjViYzUzMjNhYjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbAQ1920axaHyuhUMyX/X5CoKVyx
/Wyoq6kN/AADvGZP2h/vKQaIQzbOgrCdQ7lJdGX7VvQ4pgY8lcijtK0oQ8huTQy7
WPJN15zaXLB4l0snYP9OOJNT2pS2bNv1c+ODRvPEVrOUo/i3HYPSoKxgUVa+jvj5
w/rbMvjXH+5q7ZkLD8o31LJc0YljmThX89E4HOsPbK5wiXtIshV3CfNNFmBZm/rN
V5CNYbmlKhOhq3/NRLVg1kUcOxnIEQJYkQ5qxlzzGGjAyT2rs5CS7BFhhAyaR+b1
+bSIfCzJdD/Qqq75z2VmIa2L6KgagJRLh9Bq0PJDWlTo+GHff3qN/VhXVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIBe5aHTmVmrXhBC+OPc9bxTI6uJMB8GA1UdIwQY
MBaAFL/fVyjsq9Vu9GNzVpVYZspUaGkaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9mY2YzMjItMTdjMS00ZjQwLWE2MTgt
YmQxNGQzNDRiYmYyLzEvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9mY2YzMjItMTdjMS00ZjQwLWE2MTgtYmQxNGQzNDRiYmYy
LzEvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlwWbjOiD
aYBc3/8Mw0gGwJN3cYIUag1zd5L7sLDY6WNI3LTkmsJZCWoe1/ncY9422+0yQUgR
rYkYCUglKHAbTJVL+UxZKTlTfHiGqCQ3FIsHHPV3pMLxxdTBTdfOWSu1wIwJniLm
pvWwQugR+UGYpqM4NvdG6SIKMYI9HzHOThCZSJycTq8nKAGyswh+BvpSsRdMk3AS
KrIuc1LkuN+XXCMWyd+z8HgZ3+LEIBzIMCuGsR1XmuHUzk8B6ODm5D8VGfQ3tTHV
cTm7EAdyn6FXyE/a80mzDw9YjfVd0iJHdRIOj8xBwzN//v9Z6YE1wffL1RcjEKtd
3eK27k5n3S9+ew==
-----END CERTIFICATE-----
Generated at Fri Apr 17 10:07:40 2026 by rpki-client