Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/f89b2e-53a3-4157-a960-42dafb4b51d2/1/lI1Fz-NIK49h2uAAsAekZ-zdTuY.mft
File: lI1Fz-NIK49h2uAAsAekZ-zdTuY.mft (raw, json)
Hash identifier: 3slwMjds+NlHTkkdKLtgaqKmKqSF/eOh5c7oDh7oU4U=
Subject key identifier: 73:CF:42:DE:72:07:78:32:A9:67:2C:FF:AC:35:58:4B:BE:E2:41:E5
Authority key identifier: 94:8D:45:CF:E3:48:2B:8F:61:DA:E0:00:B0:07:A4:67:EC:DD:4E:E6
Certificate issuer: /CN=948d45cfe3482b8f61dae000b007a467ecdd4ee6
Certificate serial: 019D9A06D2CD85BBFB28C36B3E5CB33B217B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lI1Fz-NIK49h2uAAsAekZ-zdTuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/f89b2e-53a3-4157-a960-42dafb4b51d2/1/lI1Fz-NIK49h2uAAsAekZ-zdTuY.mft
Manifest number: 18C8
Signing time: Fri 17 Apr 2026 06:00:31 +0000
Manifest this update: Fri 17 Apr 2026 06:00:31 +0000
Manifest next update: Sat 18 Apr 2026 06:00:31 +0000
Files and hashes: 1: ecQlKj5CIp8VLDI4rKO0OH9DeqI.roa (hash: iQJDM30z8fYynMrfjXIbza+TCD7vD5Lcd4NjgJS6pYQ=)
2: lI1Fz-NIK49h2uAAsAekZ-zdTuY.crl (hash: mp53U2h4tKAdoJJK5DV/8Rqf525BpPRZkerxoJyAmc8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/f89b2e-53a3-4157-a960-42dafb4b51d2/1/lI1Fz-NIK49h2uAAsAekZ-zdTuY.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/f89b2e-53a3-4157-a960-42dafb4b51d2/1/lI1Fz-NIK49h2uAAsAekZ-zdTuY.mft
rsync://rpki.ripe.net/repository/DEFAULT/lI1Fz-NIK49h2uAAsAekZ-zdTuY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 06:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:06:d2:cd:85:bb:fb:28:c3:6b:3e:5c:b3:3b:21:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=948d45cfe3482b8f61dae000b007a467ecdd4ee6
Validity
Not Before: Apr 17 06:00:31 2026 GMT
Not After : Apr 18 06:00:31 2026 GMT
Subject: CN=73cf42de72077832a9672cffac35584bbee241e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1c:ab:77:4e:ac:c0:2e:71:68:c8:71:f2:ea:
b7:23:ea:d9:14:74:a5:a1:7d:ad:6f:e4:be:40:1c:
97:42:0c:4d:c6:04:aa:43:0e:76:ba:ba:cd:c4:cc:
eb:33:53:0b:f5:35:7f:9e:54:d2:11:c8:8e:d6:62:
b6:86:5d:f3:0b:fb:53:67:a1:e2:55:8f:88:40:2a:
e8:e4:81:db:df:27:6e:56:aa:a1:08:72:6a:50:2a:
89:a3:1c:75:75:b6:42:b2:40:8b:22:ef:36:51:3e:
aa:e5:b8:38:e5:e8:07:c8:33:d1:3d:04:52:d2:a4:
8b:48:85:8a:5d:c5:b1:48:91:5e:2b:bc:00:46:68:
41:ec:8f:f3:d9:94:17:92:63:c4:6b:f4:27:e8:ba:
9e:31:1a:89:6e:b6:52:25:43:5a:91:21:58:60:f8:
8c:2e:6b:69:b9:5c:3b:0e:9f:e6:aa:71:8a:e5:bd:
ad:20:6f:cd:90:e1:de:0b:bb:1c:71:c3:70:1f:c9:
ac:fe:dc:9c:fe:dc:e8:c5:fa:5c:f2:40:1e:c5:4b:
48:2a:08:d0:7c:4b:15:9d:2f:b8:b7:28:7c:f7:14:
32:82:3c:72:fc:99:b6:2c:ce:d8:58:1d:9c:9d:57:
cf:8d:43:4e:ab:d2:c4:40:b1:c2:fe:3f:b8:86:6d:
56:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:CF:42:DE:72:07:78:32:A9:67:2C:FF:AC:35:58:4B:BE:E2:41:E5
X509v3 Authority Key Identifier:
keyid:94:8D:45:CF:E3:48:2B:8F:61:DA:E0:00:B0:07:A4:67:EC:DD:4E:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lI1Fz-NIK49h2uAAsAekZ-zdTuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f89b2e-53a3-4157-a960-42dafb4b51d2/1/lI1Fz-NIK49h2uAAsAekZ-zdTuY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f89b2e-53a3-4157-a960-42dafb4b51d2/1/lI1Fz-NIK49h2uAAsAekZ-zdTuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5e:ce:8d:a9:2d:ba:4e:cc:3d:8b:25:eb:68:7b:67:16:31:ab:
20:67:c3:d0:17:70:b9:e8:2c:1c:11:77:0f:6f:36:be:b0:7d:
fb:d0:ec:2d:fd:d2:91:31:2a:f6:88:bd:d5:c9:3a:87:d1:d2:
99:2d:34:7c:3e:20:7b:ba:9a:7a:a9:1b:e5:33:21:f2:19:be:
1e:90:33:23:03:b9:66:00:10:ed:6e:bd:19:82:7a:c0:26:9a:
31:b9:30:8a:0d:5f:db:46:16:ca:ea:d2:ed:4e:16:ac:ab:b1:
4e:9b:ad:78:11:88:7e:a3:67:03:5b:84:4f:57:b4:ad:f5:42:
40:0a:31:93:49:db:1e:d5:50:95:1d:c4:62:27:4f:df:e8:22:
74:95:80:51:9d:27:95:e9:99:72:56:0c:6b:30:19:aa:6a:58:
35:61:fd:c6:52:6d:93:4f:21:5f:69:07:17:3c:c6:ad:76:ce:
ac:9d:e7:dd:db:68:43:9e:65:64:9a:56:75:e5:fc:98:b2:86:
00:f9:04:b9:ea:27:1c:c1:0f:05:26:31:09:1a:d1:4d:8f:df:
99:8c:21:3d:ae:df:dd:2c:a3:e8:3a:b5:71:80:31:90:d1:bc:
02:9f:15:eb:e6:26:7c:fc:a4:15:fa:c7:32:23:4d:12:da:ec:
66:51:30:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aBtLNhbv7KMNrPlyzOyF7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0OGQ0NWNmZTM0ODJiOGY2MWRhZTAwMGIwMDdhNDY3ZWNk
ZDRlZTYwHhcNMjYwNDE3MDYwMDMxWhcNMjYwNDE4MDYwMDMxWjAzMTEwLwYDVQQD
Eyg3M2NmNDJkZTcyMDc3ODMyYTk2NzJjZmZhYzM1NTg0YmJlZTI0MWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshyrd06swC5xaMhx8uq3I+rZFHSl
oX2tb+S+QByXQgxNxgSqQw52urrNxMzrM1ML9TV/nlTSEciO1mK2hl3zC/tTZ6Hi
VY+IQCro5IHb3yduVqqhCHJqUCqJoxx1dbZCskCLIu82UT6q5bg45egHyDPRPQRS
0qSLSIWKXcWxSJFeK7wARmhB7I/z2ZQXkmPEa/Qn6LqeMRqJbrZSJUNakSFYYPiM
LmtpuVw7Dp/mqnGK5b2tIG/NkOHeC7scccNwH8ms/tyc/tzoxfpc8kAexUtIKgjQ
fEsVnS+4tyh89xQygjxy/Jm2LM7YWB2cnVfPjUNOq9LEQLHC/j+4hm1WQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHPPQt5yB3gyqWcs/6w1WEu+4kHlMB8GA1UdIwQY
MBaAFJSNRc/jSCuPYdrgALAHpGfs3U7mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEkxRnotTklLNDloMnVBQXNBZWtaLXpkVHVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9mODliMmUtNTNhMy00MTU3LWE5NjAt
NDJkYWZiNGI1MWQyLzEvbEkxRnotTklLNDloMnVBQXNBZWtaLXpkVHVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9mODliMmUtNTNhMy00MTU3LWE5NjAtNDJkYWZiNGI1MWQy
LzEvbEkxRnotTklLNDloMnVBQXNBZWtaLXpkVHVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXs6NqS26
Tsw9iyXraHtnFjGrIGfD0BdwuegsHBF3D282vrB9+9DsLf3SkTEq9oi91ck6h9HS
mS00fD4ge7qaeqkb5TMh8hm+HpAzIwO5ZgAQ7W69GYJ6wCaaMbkwig1f20YWyurS
7U4WrKuxTputeBGIfqNnA1uET1e0rfVCQAoxk0nbHtVQlR3EYidP3+gidJWAUZ0n
lemZclYMazAZqmpYNWH9xlJtk08hX2kHFzzGrXbOrJ3n3dtoQ55lZJpWdeX8mLKG
APkEueonHMEPBSYxCRrRTY/fmYwhPa7f3Syj6Dq1cYAxkNG8Ap8V6+YmfPykFfrH
MiNNEtrsZlEwEw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:40:07 2026 by rpki-client