Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
File: i5HgoQS1s93x9dCOessreeDVZvk.mft (raw, json)
Hash identifier: u7qohjcOuL4uz1sT7pXkqf4f5uQR/5vCWT9DDsmXC24=
Subject key identifier: F8:40:51:28:7F:FF:CD:66:3B:57:01:BB:62:AD:E5:68:E3:5D:CD:00
Authority key identifier: 8B:91:E0:A1:04:B5:B3:DD:F1:F5:D0:8E:7A:CB:2B:79:E0:D5:66:F9
Certificate issuer: /CN=8b91e0a104b5b3ddf1f5d08e7acb2b79e0d566f9
Certificate serial: 019DA3E5CDBA93E053C0377767EB0745961B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i5HgoQS1s93x9dCOessreeDVZvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
Manifest number: 12D6
Signing time: Sun 19 Apr 2026 04:00:39 +0000
Manifest this update: Sun 19 Apr 2026 04:00:39 +0000
Manifest next update: Mon 20 Apr 2026 04:00:39 +0000
Files and hashes: 1: FLemcIiElnlySDQ8j4MbhOGXKNY.roa (hash: +hFqqy7o9aLIrhPQ+Vl9O2F3JN7zKRwx0wl2/DYV2As=)
2: i5HgoQS1s93x9dCOessreeDVZvk.crl (hash: t0kcwWWCndwl/0iX2pa7vbQ3sy9G3+LcUublu9Oi6lg=)
3: zL0BeH3r9AkOxhITJlCW5Ja8LGo.roa (hash: oLz5pL1eqyWTu6AOPoAU4vUbkw5hVQwpWZe1I3Dg04k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/i5HgoQS1s93x9dCOessreeDVZvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a3:e5:cd:ba:93:e0:53:c0:37:77:67:eb:07:45:96:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b91e0a104b5b3ddf1f5d08e7acb2b79e0d566f9
Validity
Not Before: Apr 19 04:00:39 2026 GMT
Not After : Apr 20 04:00:39 2026 GMT
Subject: CN=f84051287fffcd663b5701bb62ade568e35dcd00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:bf:38:d4:6e:11:6a:d6:ff:ac:31:cf:7c:ae:
19:e0:21:70:28:3e:71:39:c7:55:0f:f9:17:ed:b5:
ce:44:03:4a:84:88:87:19:83:f3:5a:b3:b1:d2:63:
51:e3:92:cf:be:af:28:33:97:14:af:1a:52:33:05:
fb:11:de:b5:84:9b:67:31:c6:27:41:11:8c:c6:7b:
2d:0f:af:77:b7:86:9a:84:5e:a6:2a:17:8a:ce:f0:
94:8b:0a:d1:22:e4:ca:87:6a:94:67:40:aa:e5:bb:
dd:23:a8:fc:c6:22:46:a1:9d:a1:a9:c0:bd:24:46:
c5:a9:03:b9:34:3e:0c:43:92:28:0b:70:e8:e8:5d:
e0:54:db:47:8e:e3:9f:02:68:93:93:0d:cd:71:15:
ef:0a:d4:7b:0e:fb:3e:a2:bb:66:e0:95:71:6a:cd:
3f:55:31:28:ea:97:63:8e:c2:14:4d:2f:29:19:07:
5e:ee:52:d4:99:6d:89:bc:eb:22:38:cd:d8:fa:0b:
9b:23:e3:00:d2:97:4b:a3:4a:bc:a0:40:01:2c:cb:
3d:7d:ae:e6:a0:e4:2a:fc:8f:5f:0a:70:7b:5e:35:
a3:d3:46:2e:00:81:00:7c:db:7d:34:16:77:bc:42:
50:02:21:d6:c5:87:66:84:06:22:e8:27:8c:e2:6f:
ba:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:40:51:28:7F:FF:CD:66:3B:57:01:BB:62:AD:E5:68:E3:5D:CD:00
X509v3 Authority Key Identifier:
keyid:8B:91:E0:A1:04:B5:B3:DD:F1:F5:D0:8E:7A:CB:2B:79:E0:D5:66:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i5HgoQS1s93x9dCOessreeDVZvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0c:1c:0e:1a:64:c2:19:96:45:de:0e:66:4d:75:92:1c:a6:4a:
29:7f:8f:2d:87:79:13:73:ac:74:ab:1e:28:69:bc:a1:c1:70:
af:87:31:84:7a:ad:34:ed:2a:30:f4:37:12:f6:e8:e3:fe:2a:
72:35:33:7c:1c:b1:e8:d4:ec:08:61:39:53:50:a3:07:b3:bb:
2f:df:5a:dc:f3:a3:22:e6:f1:a5:51:79:8b:7a:6e:0b:64:9e:
a6:97:06:a4:7f:46:0c:25:f6:83:6f:10:63:88:55:29:dc:7a:
86:25:97:0c:72:20:90:29:2e:b4:9d:93:8c:52:ee:a3:98:46:
3c:7c:70:c5:b2:29:f1:47:8d:4e:b9:8c:e4:78:cb:10:d2:2f:
b5:c0:99:27:aa:5d:24:a7:29:fb:d7:59:3f:f8:04:1e:1a:f4:
dd:a0:f6:14:7d:d3:77:ab:3a:ce:6b:37:93:53:41:a9:fc:f8:
db:1a:17:ce:a0:92:06:19:f2:70:bc:3a:3e:c4:90:8a:60:56:
4c:8e:49:e1:c5:e2:15:fc:4a:c2:9f:70:d3:32:28:88:8b:5a:
73:00:eb:a7:22:4d:ed:4a:26:c9:b9:2d:60:4a:8c:ea:c6:33:
3a:dd:21:f1:74:38:ac:06:63:10:d3:e2:46:5c:65:29:2f:7c:
ae:2f:29:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2j5c26k+BTwDd3Z+sHRZYbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiOTFlMGExMDRiNWIzZGRmMWY1ZDA4ZTdhY2IyYjc5ZTBk
NTY2ZjkwHhcNMjYwNDE5MDQwMDM5WhcNMjYwNDIwMDQwMDM5WjAzMTEwLwYDVQQD
EyhmODQwNTEyODdmZmZjZDY2M2I1NzAxYmI2MmFkZTU2OGUzNWRjZDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/b841G4Ratb/rDHPfK4Z4CFwKD5x
OcdVD/kX7bXORANKhIiHGYPzWrOx0mNR45LPvq8oM5cUrxpSMwX7Ed61hJtnMcYn
QRGMxnstD693t4aahF6mKheKzvCUiwrRIuTKh2qUZ0Cq5bvdI6j8xiJGoZ2hqcC9
JEbFqQO5ND4MQ5IoC3Do6F3gVNtHjuOfAmiTkw3NcRXvCtR7Dvs+ortm4JVxas0/
VTEo6pdjjsIUTS8pGQde7lLUmW2JvOsiOM3Y+gubI+MA0pdLo0q8oEABLMs9fa7m
oOQq/I9fCnB7XjWj00YuAIEAfNt9NBZ3vEJQAiHWxYdmhAYi6CeM4m+68QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPhAUSh//81mO1cBu2Kt5WjjXc0AMB8GA1UdIwQY
MBaAFIuR4KEEtbPd8fXQjnrLK3ng1Wb5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTVIZ29RUzFzOTN4OWRDT2Vzc3JlZURWWnZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9kZmJmYzQtY2MzZi00NzdjLThkNzYt
YThjNTc2MjI0YmEyLzEvaTVIZ29RUzFzOTN4OWRDT2Vzc3JlZURWWnZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9kZmJmYzQtY2MzZi00NzdjLThkNzYtYThjNTc2MjI0YmEy
LzEvaTVIZ29RUzFzOTN4OWRDT2Vzc3JlZURWWnZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADBwOGmTC
GZZF3g5mTXWSHKZKKX+PLYd5E3OsdKseKGm8ocFwr4cxhHqtNO0qMPQ3Evbo4/4q
cjUzfByx6NTsCGE5U1CjB7O7L99a3POjIubxpVF5i3puC2SeppcGpH9GDCX2g28Q
Y4hVKdx6hiWXDHIgkCkutJ2TjFLuo5hGPHxwxbIp8UeNTrmM5HjLENIvtcCZJ6pd
JKcp+9dZP/gEHhr03aD2FH3Td6s6zms3k1NBqfz42xoXzqCSBhnycLw6PsSQimBW
TI5J4cXiFfxKwp9w0zIoiItacwDrpyJN7UomybktYEqM6sYzOt0h8XQ4rAZjENPi
RlxlKS98ri8pnA==
-----END CERTIFICATE-----
Generated at Sun Apr 19 08:53:38 2026 by rpki-client