Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
File: oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft (raw, json)
Hash identifier: HhnV1ZBHyhzYMl1nJowO1MW6tV8WV9BHQcDyf+prv9I=
Subject key identifier: 9D:43:D5:FD:A4:BE:DF:CC:9E:64:8C:BD:1B:3D:48:7A:18:4C:9E:77
Authority key identifier: A3:23:E0:41:DD:45:96:53:33:E2:B1:47:4F:C5:0B:E2:F0:FA:95:0E
Certificate issuer: /CN=a323e041dd45965333e2b1474fc50be2f0fa950e
Certificate serial: 019D985066F9A50432E3F6B10CAF8CEE524F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
Manifest number: 0CD1
Signing time: Thu 16 Apr 2026 22:01:39 +0000
Manifest this update: Thu 16 Apr 2026 22:01:39 +0000
Manifest next update: Fri 17 Apr 2026 22:01:39 +0000
Files and hashes: 1: oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl (hash: epJTyyF5w5NrC+0PcAYUgC7Ik+2TxU9MR50RXLvl/gI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:98:50:66:f9:a5:04:32:e3:f6:b1:0c:af:8c:ee:52:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a323e041dd45965333e2b1474fc50be2f0fa950e
Validity
Not Before: Apr 16 22:01:39 2026 GMT
Not After : Apr 17 22:01:39 2026 GMT
Subject: CN=9d43d5fda4bedfcc9e648cbd1b3d487a184c9e77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:16:6c:b5:32:b2:ce:49:f7:28:c9:65:ca:73:
c1:3f:2e:17:16:40:2c:11:61:12:34:ce:ac:8c:1e:
b5:ef:f9:14:59:ce:8c:1f:ac:5c:52:66:30:89:28:
f7:ee:00:19:f2:28:c0:21:a8:93:b9:70:03:4a:60:
12:c9:47:bb:43:ea:d9:7c:ac:a0:a5:c5:1e:a4:88:
87:93:94:d9:93:68:2a:3b:4d:fb:61:00:bb:59:9a:
34:d7:e2:d9:ec:40:d8:07:f3:a7:cf:72:46:32:5c:
01:54:07:f4:4f:3b:b4:15:49:99:e5:a6:84:49:1b:
3a:39:16:87:ff:0a:b9:af:0d:79:29:25:b3:d4:96:
e9:01:cb:f9:4e:93:fd:2f:eb:8a:21:8e:08:eb:64:
7e:11:5e:b5:e6:a7:16:fe:5c:2a:25:21:6f:01:8a:
51:7b:bc:6b:44:dd:7b:b3:4a:f8:03:64:b2:7f:e8:
39:b5:bd:d9:75:ab:f2:0f:46:7d:3c:33:80:e6:e6:
1e:d5:50:5e:cc:bd:71:f7:42:9f:d3:9f:19:17:07:
14:08:a8:c8:fc:79:c3:e2:8d:08:27:24:51:cd:44:
f1:b2:59:84:92:06:63:4f:8a:ee:0f:c7:3b:98:e5:
64:b9:7f:1c:d4:29:4f:ce:d2:7c:b6:c4:66:68:d9:
90:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:43:D5:FD:A4:BE:DF:CC:9E:64:8C:BD:1B:3D:48:7A:18:4C:9E:77
X509v3 Authority Key Identifier:
keyid:A3:23:E0:41:DD:45:96:53:33:E2:B1:47:4F:C5:0B:E2:F0:FA:95:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:1e:fd:7d:81:27:c7:81:8d:05:8b:fc:31:5f:ce:59:b2:79:
61:bb:8c:34:cf:1f:a2:43:ac:80:b2:f3:4f:78:8c:bb:51:a8:
c8:15:f3:6e:60:f0:ae:db:5d:53:d5:43:e9:9d:9e:10:e6:d9:
42:c1:5d:65:f9:a8:24:88:95:29:6e:cc:be:95:8b:c0:00:b5:
98:43:a7:99:b0:51:38:55:29:b8:33:4d:6b:1a:74:1f:60:8f:
e9:3e:3d:5e:f9:c1:11:d8:7a:f1:c1:80:50:59:d4:ef:6c:7c:
1e:26:b7:44:76:b0:02:f3:35:92:e8:51:df:2d:e7:ac:94:25:
e7:b5:e1:95:fd:80:6a:5a:6f:0a:20:82:bb:a1:f7:42:e7:b6:
3a:cc:b4:12:85:7e:cf:e3:a5:25:9d:d1:a2:9b:45:be:43:b8:
c4:74:2f:f2:62:4d:f1:54:c0:1e:d2:e0:72:a5:e1:c2:05:35:
3e:05:45:30:b6:e1:5f:ef:6b:09:5f:d0:1b:d8:7b:d4:d2:ed:
19:99:6f:a3:39:27:94:7f:3e:70:1d:e7:89:af:2a:2c:b1:c0:
15:eb:c5:8a:6b:5a:72:29:6b:fc:38:bc:d3:ce:83:92:db:b2:
5a:86:b0:7c:53:6d:01:11:b0:51:c0:be:b4:d5:9a:3c:4b:76:
25:be:19:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YUGb5pQQy4/axDK+M7lJPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjNlMDQxZGQ0NTk2NTMzM2UyYjE0NzRmYzUwYmUyZjBm
YTk1MGUwHhcNMjYwNDE2MjIwMTM5WhcNMjYwNDE3MjIwMTM5WjAzMTEwLwYDVQQD
Eyg5ZDQzZDVmZGE0YmVkZmNjOWU2NDhjYmQxYjNkNDg3YTE4NGM5ZTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRZstTKyzkn3KMllynPBPy4XFkAs
EWESNM6sjB617/kUWc6MH6xcUmYwiSj37gAZ8ijAIaiTuXADSmASyUe7Q+rZfKyg
pcUepIiHk5TZk2gqO037YQC7WZo01+LZ7EDYB/Onz3JGMlwBVAf0Tzu0FUmZ5aaE
SRs6ORaH/wq5rw15KSWz1JbpAcv5TpP9L+uKIY4I62R+EV615qcW/lwqJSFvAYpR
e7xrRN17s0r4A2Syf+g5tb3ZdavyD0Z9PDOA5uYe1VBezL1x90Kf058ZFwcUCKjI
/HnD4o0IJyRRzUTxslmEkgZjT4ruD8c7mOVkuX8c1ClPztJ8tsRmaNmQvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ1D1f2kvt/MnmSMvRs9SHoYTJ53MB8GA1UdIwQY
MBaAFKMj4EHdRZZTM+KxR0/FC+Lw+pUOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9lODMzOWUtZmQ2ZC00MDRkLWE2NGMt
Y2FkYzUxNGFjZTcyLzEvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9lODMzOWUtZmQ2ZC00MDRkLWE2NGMtY2FkYzUxNGFjZTcy
LzEvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACx79fYEn
x4GNBYv8MV/OWbJ5YbuMNM8fokOsgLLzT3iMu1GoyBXzbmDwrttdU9VD6Z2eEObZ
QsFdZfmoJIiVKW7MvpWLwAC1mEOnmbBROFUpuDNNaxp0H2CP6T49XvnBEdh68cGA
UFnU72x8Hia3RHawAvM1kuhR3y3nrJQl57Xhlf2AalpvCiCCu6H3Que2Osy0EoV+
z+OlJZ3RoptFvkO4xHQv8mJN8VTAHtLgcqXhwgU1PgVFMLbhX+9rCV/QG9h71NLt
GZlvozknlH8+cB3nia8qLLHAFevFimtacilr/Di8086DktuyWoawfFNtARGwUcC+
tNWaPEt2Jb4Zrw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:54:06 2026 by rpki-client