Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/7fb254-417a-4180-a4f0-8f2af9b51c5b/1/d8LYpgGX_HveZPw_rRDrLaT-h3k.mft
File: d8LYpgGX_HveZPw_rRDrLaT-h3k.mft (raw, json)
Hash identifier: /LZ//Z4dGvzhrq9g+yrbrOPbVmUihCwhrvnBleQ6Lok=
Subject key identifier: 42:A1:B7:E8:28:08:3C:97:84:4D:3E:3E:2A:2E:38:21:77:24:84:BE
Authority key identifier: 77:C2:D8:A6:01:97:FC:7B:DE:64:FC:3F:AD:10:EB:2D:A4:FE:87:79
Certificate issuer: /CN=77c2d8a60197fc7bde64fc3fad10eb2da4fe8779
Certificate serial: 019D9B504EF6DAB3610C3F29C088D9B1E149
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d8LYpgGX_HveZPw_rRDrLaT-h3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/7fb254-417a-4180-a4f0-8f2af9b51c5b/1/d8LYpgGX_HveZPw_rRDrLaT-h3k.mft
Manifest number: 0918
Signing time: Fri 17 Apr 2026 12:00:24 +0000
Manifest this update: Fri 17 Apr 2026 12:00:24 +0000
Manifest next update: Sat 18 Apr 2026 12:00:24 +0000
Files and hashes: 1: aJHKOA-DMpMHSd964JXfuSmBfY0.roa (hash: oXACImzHioTx7c3QtWHlpndieWC52eNkX76flIoPyqE=)
2: d8LYpgGX_HveZPw_rRDrLaT-h3k.crl (hash: CRCqsQ5BUpfPkPNidGmsBjMJaaEsNrEn+l5WG21KoX0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/7fb254-417a-4180-a4f0-8f2af9b51c5b/1/d8LYpgGX_HveZPw_rRDrLaT-h3k.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/7fb254-417a-4180-a4f0-8f2af9b51c5b/1/d8LYpgGX_HveZPw_rRDrLaT-h3k.mft
rsync://rpki.ripe.net/repository/DEFAULT/d8LYpgGX_HveZPw_rRDrLaT-h3k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:50:4e:f6:da:b3:61:0c:3f:29:c0:88:d9:b1:e1:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77c2d8a60197fc7bde64fc3fad10eb2da4fe8779
Validity
Not Before: Apr 17 12:00:24 2026 GMT
Not After : Apr 18 12:00:24 2026 GMT
Subject: CN=42a1b7e828083c97844d3e3e2a2e3821772484be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ad:db:1d:88:f1:30:a8:55:12:d1:43:a3:24:
fd:89:90:c2:ce:ec:8d:fa:e3:05:54:d2:bf:4d:ac:
74:7d:1d:26:a9:ce:98:55:20:66:42:84:bf:9e:cd:
3e:6b:a0:df:4d:59:2e:ec:e9:cc:05:ea:77:c1:5e:
f8:dd:b1:e5:b1:ef:dd:60:21:04:0c:60:68:5a:c9:
11:ae:c4:61:9c:47:09:cf:89:05:f6:36:4c:a3:75:
f2:57:22:7d:2e:10:6b:59:92:2f:0f:46:e0:3e:4f:
f6:43:af:4d:4e:d2:67:5b:48:a6:4e:c4:e4:fc:5b:
41:04:7e:63:59:a2:94:52:49:e6:ab:4f:f3:2d:8c:
c2:be:6c:de:3f:91:a6:a9:e0:4f:5d:b2:44:75:38:
1e:5a:25:a6:3a:bc:9c:ea:ea:a0:62:04:20:0a:84:
97:8d:89:d1:5f:91:ac:75:d6:ea:32:ec:d1:19:d4:
49:95:7b:9b:8b:e0:e3:b5:d5:97:27:47:ba:49:e4:
a9:a7:e0:a5:44:95:19:29:d9:04:c4:c9:8e:8d:c7:
70:fb:ed:fc:07:4e:92:60:f1:5c:19:07:d4:ff:1f:
3b:c1:29:33:99:7b:cf:c2:5b:b7:48:85:d0:55:d1:
ac:2b:5b:87:63:fe:3a:ab:14:b0:8a:b4:74:e9:b0:
6d:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:A1:B7:E8:28:08:3C:97:84:4D:3E:3E:2A:2E:38:21:77:24:84:BE
X509v3 Authority Key Identifier:
keyid:77:C2:D8:A6:01:97:FC:7B:DE:64:FC:3F:AD:10:EB:2D:A4:FE:87:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8LYpgGX_HveZPw_rRDrLaT-h3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/7fb254-417a-4180-a4f0-8f2af9b51c5b/1/d8LYpgGX_HveZPw_rRDrLaT-h3k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/7fb254-417a-4180-a4f0-8f2af9b51c5b/1/d8LYpgGX_HveZPw_rRDrLaT-h3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
33:a6:bc:17:f1:83:e7:d3:e2:28:42:a0:08:4e:5a:04:a4:52:
75:56:65:0e:0c:50:21:2b:52:67:60:2c:24:01:71:a7:e7:b5:
6f:74:85:61:63:fb:4e:22:62:df:65:e3:80:4c:9d:41:52:80:
86:22:54:13:9f:c1:1f:56:ec:6c:61:0d:ca:30:c2:34:f3:81:
0d:2c:89:a5:d3:32:21:35:d5:34:19:0e:d5:fb:4c:b1:31:68:
3c:4b:44:83:96:0c:c4:5b:ba:be:c4:0d:a4:33:4c:77:85:22:
2a:99:40:0f:e5:4c:2f:34:be:f8:e4:65:d1:93:aa:0d:be:83:
33:4f:66:df:5b:b1:4e:09:bc:eb:21:82:b1:c1:cd:36:c3:b3:
32:06:c2:fc:35:12:8b:c8:2b:1a:e3:31:89:ef:14:00:a9:42:
26:29:3d:88:b1:96:47:48:c2:48:80:6b:73:95:9c:da:cd:63:
5a:04:cd:cb:f8:ab:e2:10:82:ae:92:42:4b:0a:39:f7:e6:92:
89:aa:5c:c4:cc:e3:07:72:cf:b7:87:d4:6f:5a:a6:a9:58:06:
2a:fa:ec:a3:5a:fb:95:4c:25:6b:c2:ad:98:e8:73:a4:a4:29:
89:36:24:bf:97:db:72:5f:b7:4e:05:46:21:70:61:ee:14:e1:
e8:04:ef:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bUE722rNhDD8pwIjZseFJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YzJkOGE2MDE5N2ZjN2JkZTY0ZmMzZmFkMTBlYjJkYTRm
ZTg3NzkwHhcNMjYwNDE3MTIwMDI0WhcNMjYwNDE4MTIwMDI0WjAzMTEwLwYDVQQD
Eyg0MmExYjdlODI4MDgzYzk3ODQ0ZDNlM2UyYTJlMzgyMTc3MjQ4NGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn63bHYjxMKhVEtFDoyT9iZDCzuyN
+uMFVNK/Tax0fR0mqc6YVSBmQoS/ns0+a6DfTVku7OnMBep3wV743bHlse/dYCEE
DGBoWskRrsRhnEcJz4kF9jZMo3XyVyJ9LhBrWZIvD0bgPk/2Q69NTtJnW0imTsTk
/FtBBH5jWaKUUknmq0/zLYzCvmzeP5GmqeBPXbJEdTgeWiWmOryc6uqgYgQgCoSX
jYnRX5GsddbqMuzRGdRJlXubi+DjtdWXJ0e6SeSpp+ClRJUZKdkExMmOjcdw++38
B06SYPFcGQfU/x87wSkzmXvPwlu3SIXQVdGsK1uHY/46qxSwirR06bBtYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEKht+goCDyXhE0+PiouOCF3JIS+MB8GA1UdIwQY
MBaAFHfC2KYBl/x73mT8P60Q6y2k/od5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDhMWXBnR1hfSHZlWlB3X3JSRHJMYVQtaDNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni83ZmIyNTQtNDE3YS00MTgwLWE0ZjAt
OGYyYWY5YjUxYzViLzEvZDhMWXBnR1hfSHZlWlB3X3JSRHJMYVQtaDNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni83ZmIyNTQtNDE3YS00MTgwLWE0ZjAtOGYyYWY5YjUxYzVi
LzEvZDhMWXBnR1hfSHZlWlB3X3JSRHJMYVQtaDNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM6a8F/GD
59PiKEKgCE5aBKRSdVZlDgxQIStSZ2AsJAFxp+e1b3SFYWP7TiJi32XjgEydQVKA
hiJUE5/BH1bsbGENyjDCNPOBDSyJpdMyITXVNBkO1ftMsTFoPEtEg5YMxFu6vsQN
pDNMd4UiKplAD+VMLzS++ORl0ZOqDb6DM09m31uxTgm86yGCscHNNsOzMgbC/DUS
i8grGuMxie8UAKlCJik9iLGWR0jCSIBrc5Wc2s1jWgTNy/ir4hCCrpJCSwo59+aS
iapcxMzjB3LPt4fUb1qmqVgGKvrso1r7lUwla8KtmOhzpKQpiTYkv5fbcl+3TgVG
IXBh7hTh6ATvuQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:12:45 2026 by rpki-client