Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/424947-1c6a-48e9-b289-f23c5a531823/1/ylIg5T5PgcoljM_qGHKAKA9fYho.mft
File: ylIg5T5PgcoljM_qGHKAKA9fYho.mft (raw, json)
Hash identifier: DF71xWFDMS0HeNgYoU5cnvvzwhl+WQ/yoFN1eMAoXTo=
Subject key identifier: B8:4E:67:5F:BA:95:B8:37:74:5F:3F:5C:2A:0C:6D:F6:D2:38:FA:85
Authority key identifier: CA:52:20:E5:3E:4F:81:CA:25:8C:CF:EA:18:72:80:28:0F:5F:62:1A
Certificate issuer: /CN=ca5220e53e4f81ca258ccfea187280280f5f621a
Certificate serial: 019D9B19E0EB9B7A71938F354BE20FDCCBAF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ylIg5T5PgcoljM_qGHKAKA9fYho.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/424947-1c6a-48e9-b289-f23c5a531823/1/ylIg5T5PgcoljM_qGHKAKA9fYho.mft
Manifest number: 18C0
Signing time: Fri 17 Apr 2026 11:00:57 +0000
Manifest this update: Fri 17 Apr 2026 11:00:57 +0000
Manifest next update: Sat 18 Apr 2026 11:00:57 +0000
Files and hashes: 1: DTnex-UlwV0zKy6UASXDNP6H64M.roa (hash: OS8JKI81uoNsyPVMBJm7f0QmGbnDk6BbHN/7FVmcoHg=)
2: q0Xg32RLpaZ2ftlLqcFE1HiFMHM.roa (hash: veVsiD7OXuZtD0ZpV5SiKVt3Azw07hmLxG5Vpo3m3dM=)
3: ylIg5T5PgcoljM_qGHKAKA9fYho.crl (hash: r0kNP/VbPSJ2cUOUXTq708wbP9KKtme4rUX6j9wYEuc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/424947-1c6a-48e9-b289-f23c5a531823/1/ylIg5T5PgcoljM_qGHKAKA9fYho.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/424947-1c6a-48e9-b289-f23c5a531823/1/ylIg5T5PgcoljM_qGHKAKA9fYho.mft
rsync://rpki.ripe.net/repository/DEFAULT/ylIg5T5PgcoljM_qGHKAKA9fYho.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 11:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:19:e0:eb:9b:7a:71:93:8f:35:4b:e2:0f:dc:cb:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca5220e53e4f81ca258ccfea187280280f5f621a
Validity
Not Before: Apr 17 11:00:57 2026 GMT
Not After : Apr 18 11:00:57 2026 GMT
Subject: CN=b84e675fba95b837745f3f5c2a0c6df6d238fa85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d9:6d:03:d7:e8:c3:52:c9:a3:80:ea:f6:25:
49:88:2c:f1:5a:f1:39:88:c9:c3:b9:c6:61:c3:88:
46:a8:dc:ab:77:e7:34:7b:39:7d:1a:bc:dc:ae:78:
1a:dd:8b:9a:1f:bc:97:12:bb:75:64:50:f3:f1:83:
5b:c1:4a:23:1b:d3:42:18:f8:35:1c:f2:42:e3:7a:
dc:3f:1e:b8:5d:21:86:4e:57:09:36:4e:ca:4b:17:
7c:b0:f0:2c:6b:f8:b1:1b:c0:b2:ed:22:7a:cb:3c:
27:ae:fd:a5:61:de:3f:5f:9e:49:8d:1a:9f:80:21:
8d:5a:db:00:a4:3f:b3:c5:15:0f:c4:58:3b:7b:52:
5d:ca:4e:a0:29:32:c1:8f:87:69:a9:ec:f4:00:e8:
5a:dc:42:0b:5e:af:92:d4:79:ea:24:ad:0e:b1:b6:
fc:d9:33:e2:a9:54:48:56:79:f8:3b:4f:5c:fc:7d:
a0:89:c4:b9:5a:8c:f7:e1:fc:90:3d:5c:79:0a:44:
c7:b5:af:f2:2e:e3:fa:cc:1c:fd:3c:34:49:e4:67:
64:1b:4e:cc:04:a1:0d:b4:9a:07:d9:4c:b3:08:6b:
aa:88:b9:f9:0c:f8:fe:63:d3:23:10:2a:bf:20:b8:
c9:d5:2c:8e:ff:d3:bd:f0:ef:67:b6:8d:a7:c1:7f:
d1:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:4E:67:5F:BA:95:B8:37:74:5F:3F:5C:2A:0C:6D:F6:D2:38:FA:85
X509v3 Authority Key Identifier:
keyid:CA:52:20:E5:3E:4F:81:CA:25:8C:CF:EA:18:72:80:28:0F:5F:62:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ylIg5T5PgcoljM_qGHKAKA9fYho.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/424947-1c6a-48e9-b289-f23c5a531823/1/ylIg5T5PgcoljM_qGHKAKA9fYho.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/424947-1c6a-48e9-b289-f23c5a531823/1/ylIg5T5PgcoljM_qGHKAKA9fYho.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a7:48:63:f5:a2:d2:a7:df:95:51:20:42:39:de:83:47:38:d2:
a4:6e:aa:39:88:06:aa:6c:14:80:2e:0d:9b:fc:16:ec:db:8a:
9b:4a:46:b6:99:a2:6a:9f:a6:d9:fa:32:f8:fb:10:fa:e8:1d:
e7:2b:e5:ce:f6:95:10:7a:6d:cc:4a:0d:95:71:09:7e:bf:59:
aa:c6:71:0e:25:39:08:5a:af:7a:30:cf:b4:41:0c:94:77:08:
c5:1f:24:1b:ca:bb:d3:67:43:ac:e9:11:11:83:c2:27:25:2f:
66:70:df:42:f7:49:47:05:1b:fd:2c:1d:b0:b1:10:d4:ab:df:
50:24:cf:31:f0:cd:ef:9c:50:01:14:39:59:67:aa:30:65:8c:
00:88:bb:73:72:7f:9f:44:b1:a6:6b:38:35:54:79:e3:22:33:
29:68:5e:30:21:b4:3d:cf:c5:bc:74:56:f8:48:79:17:29:02:
de:4e:f6:77:99:8c:bc:f6:c3:05:f3:f7:82:23:c8:c0:fa:f8:
a4:1b:36:69:a1:da:8f:ac:72:8b:14:16:6a:19:79:db:c7:db:
87:a2:bf:d7:23:46:35:8a:6d:5b:69:8f:ac:13:1a:66:a8:42:
3e:00:80:40:22:16:c1:13:cc:d2:7c:0e:a6:84:b3:ad:61:f6:
a8:98:92:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bGeDrm3pxk481S+IP3MuvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNTIyMGU1M2U0ZjgxY2EyNThjY2ZlYTE4NzI4MDI4MGY1
ZjYyMWEwHhcNMjYwNDE3MTEwMDU3WhcNMjYwNDE4MTEwMDU3WjAzMTEwLwYDVQQD
EyhiODRlNjc1ZmJhOTViODM3NzQ1ZjNmNWMyYTBjNmRmNmQyMzhmYTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNltA9fow1LJo4Dq9iVJiCzxWvE5
iMnDucZhw4hGqNyrd+c0ezl9Grzcrnga3YuaH7yXErt1ZFDz8YNbwUojG9NCGPg1
HPJC43rcPx64XSGGTlcJNk7KSxd8sPAsa/ixG8Cy7SJ6yzwnrv2lYd4/X55JjRqf
gCGNWtsApD+zxRUPxFg7e1Jdyk6gKTLBj4dpqez0AOha3EILXq+S1HnqJK0Osbb8
2TPiqVRIVnn4O09c/H2gicS5Woz34fyQPVx5CkTHta/yLuP6zBz9PDRJ5GdkG07M
BKENtJoH2UyzCGuqiLn5DPj+Y9MjECq/ILjJ1SyO/9O98O9nto2nwX/RyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLhOZ1+6lbg3dF8/XCoMbfbSOPqFMB8GA1UdIwQY
MBaAFMpSIOU+T4HKJYzP6hhygCgPX2IaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWxJZzVUNVBnY29sak1fcUdIS0FLQTlmWWhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny80MjQ5NDctMWM2YS00OGU5LWIyODkt
ZjIzYzVhNTMxODIzLzEveWxJZzVUNVBnY29sak1fcUdIS0FLQTlmWWhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny80MjQ5NDctMWM2YS00OGU5LWIyODktZjIzYzVhNTMxODIz
LzEveWxJZzVUNVBnY29sak1fcUdIS0FLQTlmWWhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp0hj9aLS
p9+VUSBCOd6DRzjSpG6qOYgGqmwUgC4Nm/wW7NuKm0pGtpmiap+m2foy+PsQ+ugd
5yvlzvaVEHptzEoNlXEJfr9ZqsZxDiU5CFqvejDPtEEMlHcIxR8kG8q702dDrOkR
EYPCJyUvZnDfQvdJRwUb/SwdsLEQ1KvfUCTPMfDN75xQARQ5WWeqMGWMAIi7c3J/
n0Sxpms4NVR54yIzKWheMCG0Pc/FvHRW+Eh5FykC3k72d5mMvPbDBfP3giPIwPr4
pBs2aaHaj6xyixQWahl528fbh6K/1yNGNYptW2mPrBMaZqhCPgCAQCIWwRPM0nwO
poSzrWH2qJiS1A==
-----END CERTIFICATE-----
Generated at Fri Apr 17 20:45:55 2026 by rpki-client