Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
File: i5HgoQS1s93x9dCOessreeDVZvk.mft (raw, json)
Hash identifier: 304wXZ07fC2Ib3OY2lR8EveYV1YU7klVSZ14cbRcm8A=
Subject key identifier: C8:CB:E0:3D:6F:11:2D:40:7D:55:EA:67:E8:7A:2A:2D:13:09:0C:28
Authority key identifier: 8B:91:E0:A1:04:B5:B3:DD:F1:F5:D0:8E:7A:CB:2B:79:E0:D5:66:F9
Certificate issuer: /CN=8b91e0a104b5b3ddf1f5d08e7acb2b79e0d566f9
Certificate serial: 019D984FA20009871E277C6770C5CAF07F80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i5HgoQS1s93x9dCOessreeDVZvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
Manifest number: 12D0
Signing time: Thu 16 Apr 2026 22:00:48 +0000
Manifest this update: Thu 16 Apr 2026 22:00:48 +0000
Manifest next update: Fri 17 Apr 2026 22:00:48 +0000
Files and hashes: 1: FLemcIiElnlySDQ8j4MbhOGXKNY.roa (hash: +hFqqy7o9aLIrhPQ+Vl9O2F3JN7zKRwx0wl2/DYV2As=)
2: i5HgoQS1s93x9dCOessreeDVZvk.crl (hash: qnAtDObjoyhBLh5YvyA/GRRLM8Lf1LtVA3cq8EAL2Hg=)
3: zL0BeH3r9AkOxhITJlCW5Ja8LGo.roa (hash: oLz5pL1eqyWTu6AOPoAU4vUbkw5hVQwpWZe1I3Dg04k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/i5HgoQS1s93x9dCOessreeDVZvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:98:4f:a2:00:09:87:1e:27:7c:67:70:c5:ca:f0:7f:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b91e0a104b5b3ddf1f5d08e7acb2b79e0d566f9
Validity
Not Before: Apr 16 22:00:48 2026 GMT
Not After : Apr 17 22:00:48 2026 GMT
Subject: CN=c8cbe03d6f112d407d55ea67e87a2a2d13090c28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5d:81:98:5a:0d:86:5d:a5:54:4d:49:9c:da:
e4:a5:c7:40:d8:a0:21:a6:a6:ba:b1:98:81:db:98:
81:b1:86:25:bb:8a:29:91:23:9f:2d:57:a4:58:27:
56:cf:2e:d5:a9:a5:df:c0:12:27:c9:07:e2:f8:94:
29:c9:1c:26:27:65:f1:51:f5:35:64:1f:a2:27:73:
38:f5:4f:47:38:3c:2a:1c:5f:29:2d:dd:e7:4f:ba:
f2:02:06:ab:60:0a:40:58:a4:c9:eb:58:de:ed:cd:
0c:11:58:c8:16:0b:e4:d9:60:9e:10:7e:21:76:ff:
35:3c:99:b7:4a:85:75:d8:f5:cb:61:24:ef:00:78:
19:38:9b:1d:cf:d5:40:e0:be:a7:55:4f:5d:ec:a6:
b1:ca:d3:6c:75:04:77:f1:9b:fa:39:fa:0d:1c:72:
6b:c3:d7:94:00:dd:29:d2:6e:e5:43:17:24:7c:30:
80:0b:ec:32:76:00:81:31:97:0f:8e:bf:86:91:13:
8a:02:0c:0c:a7:ca:ec:66:dc:fa:59:97:10:1b:11:
3c:f3:f2:ef:ac:c4:44:a2:d4:3d:38:03:a5:ac:fb:
0f:43:b2:79:fe:71:96:b9:5e:ce:7a:67:30:4b:91:
95:ac:4a:33:06:03:38:7c:aa:53:fb:d7:42:9d:1b:
35:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:CB:E0:3D:6F:11:2D:40:7D:55:EA:67:E8:7A:2A:2D:13:09:0C:28
X509v3 Authority Key Identifier:
keyid:8B:91:E0:A1:04:B5:B3:DD:F1:F5:D0:8E:7A:CB:2B:79:E0:D5:66:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i5HgoQS1s93x9dCOessreeDVZvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
51:a2:e0:86:04:48:0f:e7:57:de:8a:70:bc:86:33:65:2b:9a:
96:f1:f0:72:b3:5d:ae:5b:e7:06:5c:ee:ee:12:90:76:6b:a5:
0b:ab:70:f1:bc:32:2c:e6:0b:55:28:3d:fc:df:51:77:04:31:
bb:2f:50:df:3c:96:9a:d0:d0:f9:4e:db:72:41:52:88:c8:23:
67:77:40:4e:c5:7d:5e:ea:32:ad:7f:f0:f7:8d:d1:b2:c6:b6:
df:62:07:02:ac:ce:d3:e7:c4:34:0a:e6:9b:43:6f:d6:8d:8f:
b8:4b:3d:34:6f:60:c4:c2:54:09:a7:1f:77:80:9d:b1:96:8e:
d9:89:cf:4d:e8:68:33:d5:1d:a2:c0:b2:e2:fc:18:fc:dc:67:
31:f2:b2:a0:79:2d:ce:e6:08:48:0b:31:b5:7f:39:9f:ac:b2:
ba:71:06:d7:b9:bc:61:9f:60:92:0f:d0:69:c2:b9:15:cb:49:
aa:de:ae:0c:3d:89:1a:eb:ef:95:48:5a:f4:62:8b:8c:ef:48:
be:6a:8c:1a:42:48:fc:85:43:e8:02:40:8c:6a:e7:a6:64:9c:
21:de:7d:13:6e:6a:64:58:87:4b:ce:2b:80:5f:cf:19:b4:a5:
ae:86:64:14:5e:ca:c9:1e:6f:a4:23:36:99:3f:c5:b6:c4:7a:
d4:95:7c:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YT6IACYceJ3xncMXK8H+AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiOTFlMGExMDRiNWIzZGRmMWY1ZDA4ZTdhY2IyYjc5ZTBk
NTY2ZjkwHhcNMjYwNDE2MjIwMDQ4WhcNMjYwNDE3MjIwMDQ4WjAzMTEwLwYDVQQD
EyhjOGNiZTAzZDZmMTEyZDQwN2Q1NWVhNjdlODdhMmEyZDEzMDkwYzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo12BmFoNhl2lVE1JnNrkpcdA2KAh
pqa6sZiB25iBsYYlu4opkSOfLVekWCdWzy7VqaXfwBInyQfi+JQpyRwmJ2XxUfU1
ZB+iJ3M49U9HODwqHF8pLd3nT7ryAgarYApAWKTJ61je7c0MEVjIFgvk2WCeEH4h
dv81PJm3SoV12PXLYSTvAHgZOJsdz9VA4L6nVU9d7KaxytNsdQR38Zv6OfoNHHJr
w9eUAN0p0m7lQxckfDCAC+wydgCBMZcPjr+GkROKAgwMp8rsZtz6WZcQGxE88/Lv
rMREotQ9OAOlrPsPQ7J5/nGWuV7OemcwS5GVrEozBgM4fKpT+9dCnRs1dQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMjL4D1vES1AfVXqZ+h6Ki0TCQwoMB8GA1UdIwQY
MBaAFIuR4KEEtbPd8fXQjnrLK3ng1Wb5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTVIZ29RUzFzOTN4OWRDT2Vzc3JlZURWWnZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9kZmJmYzQtY2MzZi00NzdjLThkNzYt
YThjNTc2MjI0YmEyLzEvaTVIZ29RUzFzOTN4OWRDT2Vzc3JlZURWWnZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9kZmJmYzQtY2MzZi00NzdjLThkNzYtYThjNTc2MjI0YmEy
LzEvaTVIZ29RUzFzOTN4OWRDT2Vzc3JlZURWWnZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUaLghgRI
D+dX3opwvIYzZSualvHwcrNdrlvnBlzu7hKQdmulC6tw8bwyLOYLVSg9/N9RdwQx
uy9Q3zyWmtDQ+U7bckFSiMgjZ3dATsV9XuoyrX/w943Rssa232IHAqzO0+fENArm
m0Nv1o2PuEs9NG9gxMJUCacfd4CdsZaO2YnPTehoM9UdosCy4vwY/NxnMfKyoHkt
zuYISAsxtX85n6yyunEG17m8YZ9gkg/QacK5FctJqt6uDD2JGuvvlUha9GKLjO9I
vmqMGkJI/IVD6AJAjGrnpmScId59E25qZFiHS84rgF/PGbSlroZkFF7KyR5vpCM2
mT/FtsR61JV8/g==
-----END CERTIFICATE-----
Generated at Fri Apr 17 08:10:25 2026 by rpki-client