Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.mft
File: DkOg3wWaUlGkALWh8TIboA0xINI.mft (raw, json)
Hash identifier: EFMsshCk/5fVmD5gQrCnCSmSQDJmoBh9+MZ7ZliYJew=
Subject key identifier: 53:E5:15:CB:0F:2B:FA:27:F1:61:D7:AD:73:BE:9A:CB:11:97:73:0D
Authority key identifier: 0E:43:A0:DF:05:9A:52:51:A4:00:B5:A1:F1:32:1B:A0:0D:31:20:D2
Certificate issuer: /CN=0e43a0df059a5251a400b5a1f1321ba00d3120d2
Certificate serial: 019D9AABE2BCDDC6F7C45C3DF15FFD3E1441
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DkOg3wWaUlGkALWh8TIboA0xINI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.mft
Manifest number: 18C4
Signing time: Fri 17 Apr 2026 09:00:49 +0000
Manifest this update: Fri 17 Apr 2026 09:00:49 +0000
Manifest next update: Sat 18 Apr 2026 09:00:49 +0000
Files and hashes: 1: 4dMXi4_OZ1hIYb5lfSEix8dXAV4.roa (hash: pso0l4AjjbTbnTQh+xQFS2oQ9IVZGMVy1LttU/eMjhU=)
2: DkOg3wWaUlGkALWh8TIboA0xINI.crl (hash: +AtITcdTKlrySoYPQm3fa7V7UwTgAbK7Y67F4G2Sdzc=)
3: X5rHphgjA2Ovs-Yct52WJKfW_k8.roa (hash: fS9NXooFPX4VLQ4SoiMsokXMu0rmiVlmUkYsHNO+cLI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.mft
rsync://rpki.ripe.net/repository/DEFAULT/DkOg3wWaUlGkALWh8TIboA0xINI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:ab:e2:bc:dd:c6:f7:c4:5c:3d:f1:5f:fd:3e:14:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e43a0df059a5251a400b5a1f1321ba00d3120d2
Validity
Not Before: Apr 17 09:00:49 2026 GMT
Not After : Apr 18 09:00:49 2026 GMT
Subject: CN=53e515cb0f2bfa27f161d7ad73be9acb1197730d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:9d:5b:71:9c:2f:b2:8d:1c:af:a7:9b:7c:94:
df:c5:9f:91:c6:ee:45:7e:ac:65:7d:83:8c:b8:72:
ca:e5:5c:c7:31:e7:fc:65:35:31:43:5a:48:5e:67:
81:d0:0c:69:34:da:7c:c2:29:20:bd:0b:59:2f:05:
77:0f:18:51:94:b2:31:f8:04:f4:54:1e:17:0f:6d:
9d:f8:e9:7f:d0:de:40:9d:eb:9c:82:09:0b:7e:c7:
b4:f7:1a:33:99:9d:e9:36:2a:df:51:4e:05:17:e5:
22:56:2b:2b:f9:3b:8d:6e:14:fc:19:ab:3c:f3:ee:
ae:cf:81:65:78:9b:9d:f8:fc:77:bf:45:f7:87:41:
b9:1c:1a:88:e8:8f:6b:d2:79:66:7d:99:63:a7:fa:
87:3e:84:a7:da:86:7f:f2:b7:f2:3c:bd:cf:1c:92:
7e:f2:85:ec:88:7d:6a:84:dd:5d:4f:f3:55:4d:56:
72:10:e6:c3:82:e9:48:ac:e8:e6:b8:9b:0a:25:e8:
21:80:8f:68:85:a8:c3:47:56:e8:bd:00:d2:77:18:
df:26:8a:b4:ff:f6:d8:43:d9:67:a5:0b:b8:99:5c:
02:56:4a:31:4a:9b:90:24:67:cc:08:cb:a6:44:aa:
d1:21:a5:2f:25:09:db:f7:12:3d:c1:55:ef:44:98:
32:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:E5:15:CB:0F:2B:FA:27:F1:61:D7:AD:73:BE:9A:CB:11:97:73:0D
X509v3 Authority Key Identifier:
keyid:0E:43:A0:DF:05:9A:52:51:A4:00:B5:A1:F1:32:1B:A0:0D:31:20:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DkOg3wWaUlGkALWh8TIboA0xINI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:25:74:95:d0:01:27:95:fc:46:a1:14:2c:94:34:b9:5f:7d:
9e:e8:4d:5b:e3:8a:e9:39:22:d0:73:a2:55:f7:a7:57:1b:53:
d2:ee:34:26:ed:fe:8e:6d:48:e9:4f:c6:c8:12:e0:38:fc:0c:
2b:ae:91:a6:21:b3:c7:30:0e:25:f9:b7:fc:29:4b:c2:98:9f:
1d:98:e5:62:82:c1:8e:e8:15:0c:e5:9c:78:ff:84:85:f0:e5:
cf:77:53:33:36:13:4d:64:2c:fe:8b:aa:4a:10:2f:28:b8:6e:
96:d7:40:32:5a:ba:7a:93:2d:17:8f:81:de:78:12:a3:f1:d1:
4d:d1:49:86:e5:be:04:7d:30:86:4e:eb:97:38:cd:c0:3e:3d:
51:99:15:bd:1f:79:47:ad:99:76:bd:a7:41:8a:e7:d5:d4:07:
7d:61:f2:d2:27:a8:98:07:37:b9:29:c1:4a:e4:6f:6c:82:95:
99:41:54:24:39:92:85:bc:0e:4c:af:15:c3:dc:51:6b:69:46:
0e:8d:9c:5c:66:c1:3e:ec:2c:80:bc:5a:ac:4b:7a:4a:68:de:
0e:3c:a9:86:4f:cf:42:e7:8e:7b:33:56:3d:b5:f8:e2:01:77:
60:d9:3d:1d:c0:73:15:31:70:9f:c5:57:6e:d7:13:05:ab:8f:
db:c1:ce:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aq+K83cb3xFw98V/9PhRBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNDNhMGRmMDU5YTUyNTFhNDAwYjVhMWYxMzIxYmEwMGQz
MTIwZDIwHhcNMjYwNDE3MDkwMDQ5WhcNMjYwNDE4MDkwMDQ5WjAzMTEwLwYDVQQD
Eyg1M2U1MTVjYjBmMmJmYTI3ZjE2MWQ3YWQ3M2JlOWFjYjExOTc3MzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJ1bcZwvso0cr6ebfJTfxZ+Rxu5F
fqxlfYOMuHLK5VzHMef8ZTUxQ1pIXmeB0AxpNNp8wikgvQtZLwV3DxhRlLIx+AT0
VB4XD22d+Ol/0N5AneucggkLfse09xozmZ3pNirfUU4FF+UiVisr+TuNbhT8Gas8
8+6uz4FleJud+Px3v0X3h0G5HBqI6I9r0nlmfZljp/qHPoSn2oZ/8rfyPL3PHJJ+
8oXsiH1qhN1dT/NVTVZyEObDgulIrOjmuJsKJeghgI9ohajDR1bovQDSdxjfJoq0
//bYQ9lnpQu4mVwCVkoxSpuQJGfMCMumRKrRIaUvJQnb9xI9wVXvRJgygQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFPlFcsPK/on8WHXrXO+mssRl3MNMB8GA1UdIwQY
MBaAFA5DoN8FmlJRpAC1ofEyG6ANMSDSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGtPZzN3V2FVbEdrQUxXaDhUSWJvQTB4SU5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wYmIzM2ItNjhmNy00NzQ4LTg0YWMt
MDA0ZmU0MzNjN2M4LzEvRGtPZzN3V2FVbEdrQUxXaDhUSWJvQTB4SU5JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wYmIzM2ItNjhmNy00NzQ4LTg0YWMtMDA0ZmU0MzNjN2M4
LzEvRGtPZzN3V2FVbEdrQUxXaDhUSWJvQTB4SU5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhyV0ldAB
J5X8RqEULJQ0uV99nuhNW+OK6Tki0HOiVfenVxtT0u40Ju3+jm1I6U/GyBLgOPwM
K66RpiGzxzAOJfm3/ClLwpifHZjlYoLBjugVDOWceP+EhfDlz3dTMzYTTWQs/ouq
ShAvKLhultdAMlq6epMtF4+B3ngSo/HRTdFJhuW+BH0whk7rlzjNwD49UZkVvR95
R62Zdr2nQYrn1dQHfWHy0ieomAc3uSnBSuRvbIKVmUFUJDmShbwOTK8Vw9xRa2lG
Do2cXGbBPuwsgLxarEt6SmjeDjyphk/PQueOezNWPbX44gF3YNk9HcBzFTFwn8VX
btcTBauP28HOwg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:20:53 2026 by rpki-client