Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/15c47c-2c7c-481c-bf89-807246ca7a24/1/RdGncWAlFxEzoyAslGKg6r1mBoI.mft
File: RdGncWAlFxEzoyAslGKg6r1mBoI.mft (raw, json)
Hash identifier: 0SmEA25VImDiHBSFW+dTAptnzL3MFeomB+GsQSGXGZM=
Subject key identifier: 59:3C:FF:A5:EA:22:20:FC:FB:B1:70:74:8E:38:B3:B7:E9:E7:3D:BC
Authority key identifier: 45:D1:A7:71:60:25:17:11:33:A3:20:2C:94:62:A0:EA:BD:66:06:82
Certificate issuer: /CN=45d1a7716025171133a3202c9462a0eabd660682
Certificate serial: 019D9B19662750D3AEAB37E8CA2AD47CE33A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RdGncWAlFxEzoyAslGKg6r1mBoI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/15c47c-2c7c-481c-bf89-807246ca7a24/1/RdGncWAlFxEzoyAslGKg6r1mBoI.mft
Manifest number: 0857
Signing time: Fri 17 Apr 2026 11:00:26 +0000
Manifest this update: Fri 17 Apr 2026 11:00:26 +0000
Manifest next update: Sat 18 Apr 2026 11:00:26 +0000
Files and hashes: 1: RdGncWAlFxEzoyAslGKg6r1mBoI.crl (hash: q4PyOU88DITT0iy2RM3nxTex+Gu9IGp16sVwaxHGDdY=)
2: yS7JOrLZP4AOFmgm3gsxJRJWJXE.roa (hash: IrIgEVW7MNtRvbALuTRFogWK6/R+xoKvrCBDKRLo8XA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/15c47c-2c7c-481c-bf89-807246ca7a24/1/RdGncWAlFxEzoyAslGKg6r1mBoI.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/15c47c-2c7c-481c-bf89-807246ca7a24/1/RdGncWAlFxEzoyAslGKg6r1mBoI.mft
rsync://rpki.ripe.net/repository/DEFAULT/RdGncWAlFxEzoyAslGKg6r1mBoI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:19:66:27:50:d3:ae:ab:37:e8:ca:2a:d4:7c:e3:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45d1a7716025171133a3202c9462a0eabd660682
Validity
Not Before: Apr 17 11:00:26 2026 GMT
Not After : Apr 18 11:00:26 2026 GMT
Subject: CN=593cffa5ea2220fcfbb170748e38b3b7e9e73dbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:a6:be:de:8d:2c:e4:d9:1f:0d:6e:63:40:d8:
68:2b:5d:44:de:ff:c7:67:d3:e9:08:75:b2:d4:7e:
34:f3:65:de:31:6e:b1:bb:fb:b9:a4:8c:a4:11:a8:
5c:5c:d8:9e:8c:46:c8:a6:17:af:bc:56:e6:b0:4c:
98:c9:6e:a7:f0:22:50:18:f5:2c:bc:04:20:05:71:
6d:4c:48:66:92:ae:7d:32:5b:69:32:e4:f9:b8:8c:
99:74:1e:9b:ad:90:a7:bd:09:a2:5e:b2:82:48:70:
cb:79:e9:fb:6f:b4:9f:35:66:a1:0d:80:f2:77:d0:
e5:17:7d:b8:c7:f7:20:35:e6:f0:b3:5c:aa:eb:41:
c7:3c:23:ea:c1:3a:27:68:99:11:11:2a:8e:0e:90:
0d:3c:f6:42:c7:99:9c:34:33:d6:81:03:3a:37:19:
5c:62:5a:f2:c8:5c:2a:37:11:0b:fc:c5:29:47:ab:
0f:1c:69:de:b2:b7:04:27:0f:af:b2:69:f3:d5:bc:
42:5d:71:f9:4f:a5:cc:7d:6c:97:19:76:f6:d5:b6:
7e:c2:5f:9e:3b:a2:e0:0d:e9:58:5a:d8:b5:9e:85:
9b:59:42:30:84:3d:0c:21:fc:63:5f:21:00:29:79:
3f:b3:61:5d:2a:90:42:fe:17:3c:29:2e:0f:3c:8e:
b5:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:3C:FF:A5:EA:22:20:FC:FB:B1:70:74:8E:38:B3:B7:E9:E7:3D:BC
X509v3 Authority Key Identifier:
keyid:45:D1:A7:71:60:25:17:11:33:A3:20:2C:94:62:A0:EA:BD:66:06:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RdGncWAlFxEzoyAslGKg6r1mBoI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/15c47c-2c7c-481c-bf89-807246ca7a24/1/RdGncWAlFxEzoyAslGKg6r1mBoI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/15c47c-2c7c-481c-bf89-807246ca7a24/1/RdGncWAlFxEzoyAslGKg6r1mBoI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
17:f6:0a:b3:04:83:29:7b:b3:df:43:1c:fd:54:09:12:40:60:
52:be:61:1d:48:66:88:1a:93:de:66:74:98:45:3e:6a:83:b7:
c4:f8:1c:50:61:08:3d:a7:de:b2:c3:d5:3f:25:e1:ee:14:4f:
94:49:6d:05:46:80:b3:df:ae:64:ce:55:22:76:a4:cb:60:db:
41:e8:fb:99:16:8a:cb:37:63:9e:6a:cc:f3:8a:8f:ed:c9:24:
76:ba:03:e3:5e:6d:d8:29:8b:d9:0b:ba:79:3c:73:26:37:ca:
3d:42:11:de:b1:79:46:c1:7a:d9:96:a2:f3:44:f5:b5:a7:b6:
6d:f0:1d:66:6e:60:f4:db:2a:fd:2c:67:f7:25:8e:e9:c9:f6:
a6:16:63:8b:ce:df:e5:69:09:2e:c5:d1:69:02:8d:c9:d3:b8:
b5:ad:9c:42:2a:c9:42:89:62:38:5b:c1:c2:a1:6d:36:bb:a2:
11:69:b1:27:94:1d:93:3e:a9:07:56:67:9a:19:d5:9d:9d:ac:
2a:11:9d:33:1f:31:fa:a0:40:38:c1:9d:44:8d:d2:71:0b:ac:
b2:57:8f:ec:6d:92:32:66:df:6e:c6:00:e0:44:ee:ad:9e:24:
77:74:cf:f3:bd:97:2d:12:cf:b3:7b:2b:94:18:ca:95:c7:b8:
2c:0f:d6:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bGWYnUNOuqzfoyirUfOM6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1ZDFhNzcxNjAyNTE3MTEzM2EzMjAyYzk0NjJhMGVhYmQ2
NjA2ODIwHhcNMjYwNDE3MTEwMDI2WhcNMjYwNDE4MTEwMDI2WjAzMTEwLwYDVQQD
Eyg1OTNjZmZhNWVhMjIyMGZjZmJiMTcwNzQ4ZTM4YjNiN2U5ZTczZGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0qa+3o0s5NkfDW5jQNhoK11E3v/H
Z9PpCHWy1H4082XeMW6xu/u5pIykEahcXNiejEbIphevvFbmsEyYyW6n8CJQGPUs
vAQgBXFtTEhmkq59MltpMuT5uIyZdB6brZCnvQmiXrKCSHDLeen7b7SfNWahDYDy
d9DlF324x/cgNebws1yq60HHPCPqwTonaJkRESqODpANPPZCx5mcNDPWgQM6Nxlc
YlryyFwqNxEL/MUpR6sPHGnesrcEJw+vsmnz1bxCXXH5T6XMfWyXGXb21bZ+wl+e
O6LgDelYWti1noWbWUIwhD0MIfxjXyEAKXk/s2FdKpBC/hc8KS4PPI61YwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFk8/6XqIiD8+7FwdI44s7fp5z28MB8GA1UdIwQY
MBaAFEXRp3FgJRcRM6MgLJRioOq9ZgaCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmRHbmNXQWxGeEV6b3lBc2xHS2c2cjFtQm9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8xNWM0N2MtMmM3Yy00ODFjLWJmODkt
ODA3MjQ2Y2E3YTI0LzEvUmRHbmNXQWxGeEV6b3lBc2xHS2c2cjFtQm9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8xNWM0N2MtMmM3Yy00ODFjLWJmODktODA3MjQ2Y2E3YTI0
LzEvUmRHbmNXQWxGeEV6b3lBc2xHS2c2cjFtQm9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF/YKswSD
KXuz30Mc/VQJEkBgUr5hHUhmiBqT3mZ0mEU+aoO3xPgcUGEIPafessPVPyXh7hRP
lEltBUaAs9+uZM5VInaky2DbQej7mRaKyzdjnmrM84qP7ckkdroD415t2CmL2Qu6
eTxzJjfKPUIR3rF5RsF62Zai80T1tae2bfAdZm5g9Nsq/Sxn9yWO6cn2phZji87f
5WkJLsXRaQKNydO4ta2cQirJQoliOFvBwqFtNruiEWmxJ5Qdkz6pB1ZnmhnVnZ2s
KhGdMx8x+qBAOMGdRI3ScQussleP7G2SMmbfbsYA4ETurZ4kd3TP872XLRLPs3sr
lBjKlce4LA/WtA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:47:26 2026 by rpki-client