Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
File: yQDj7qi7474R-IxoK9E4wmUH99w.mft (raw, json)
Hash identifier: r+D+nh9GAIZbEaikwXYUs/pgwfdPnXcfYZbN7VQVx9s=
Subject key identifier: 0E:12:70:9B:8B:8C:32:F5:85:74:E2:89:FF:F8:F0:3F:89:73:4C:36
Authority key identifier: C9:00:E3:EE:A8:BB:E3:BE:11:F8:8C:68:2B:D1:38:C2:65:07:F7:DC
Certificate issuer: /CN=c900e3eea8bbe3be11f88c682bd138c26507f7dc
Certificate serial: 019D9AE38FBDE6056CFB04CD25DF36011A8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
Manifest number: 0FA7
Signing time: Fri 17 Apr 2026 10:01:37 +0000
Manifest this update: Fri 17 Apr 2026 10:01:37 +0000
Manifest next update: Sat 18 Apr 2026 10:01:37 +0000
Files and hashes: 1: yQDj7qi7474R-IxoK9E4wmUH99w.crl (hash: abXmPhdguv8PuBE7T2WLxZuIaBBfkBrglWkQCEJS0LU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:e3:8f:bd:e6:05:6c:fb:04:cd:25:df:36:01:1a:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c900e3eea8bbe3be11f88c682bd138c26507f7dc
Validity
Not Before: Apr 17 10:01:37 2026 GMT
Not After : Apr 18 10:01:37 2026 GMT
Subject: CN=0e12709b8b8c32f58574e289fff8f03f89734c36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:19:b5:9d:57:81:0d:09:80:e5:c6:3a:ac:b8:
5a:16:41:01:5f:66:2f:77:63:60:c5:4e:d9:f1:04:
95:e5:91:98:5f:b1:67:8c:c3:8f:dd:82:ef:f8:a8:
89:4a:d9:c5:c4:d4:72:15:df:1d:60:17:76:32:58:
c2:0f:b7:c6:f8:91:32:0b:64:1e:c1:19:3c:00:bb:
ee:a9:4f:c9:c2:98:7a:ae:5b:09:6a:e0:b1:69:30:
15:76:65:31:a1:1b:ae:ac:0c:0a:3c:c0:6e:19:2d:
8e:1b:aa:2f:62:13:00:60:89:9d:ed:54:78:20:e3:
f4:b7:f0:3d:2a:36:81:78:3b:1f:3f:4f:5d:1e:f2:
34:42:f8:49:09:3a:20:90:81:a2:98:d8:ac:90:47:
fc:34:e9:c1:6f:58:6d:e3:ec:3c:8e:4a:97:92:cc:
9c:c9:a7:65:3a:7d:ad:2c:44:17:b9:2c:b2:40:c4:
d9:ba:8e:6f:8f:6a:f0:a6:5f:6d:f7:df:3d:43:fc:
4b:30:b2:08:d4:5c:24:81:01:f7:b8:e4:18:cd:e9:
c6:d3:87:1a:43:b4:a5:70:53:5b:e5:0d:87:08:82:
08:5c:8b:0b:ac:5c:d7:95:3c:e3:ce:e7:1a:79:18:
6f:0f:61:22:8d:39:8a:67:f6:b0:44:fc:3a:01:eb:
13:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:12:70:9B:8B:8C:32:F5:85:74:E2:89:FF:F8:F0:3F:89:73:4C:36
X509v3 Authority Key Identifier:
keyid:C9:00:E3:EE:A8:BB:E3:BE:11:F8:8C:68:2B:D1:38:C2:65:07:F7:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7d:ae:19:7b:54:a1:4c:e4:56:69:b1:a2:87:fe:f5:d0:8f:9c:
fc:3a:ce:17:d7:90:8c:e5:7a:90:30:b9:b1:19:9b:7a:71:10:
f4:a0:63:c5:59:01:f5:63:60:3a:79:13:65:08:9c:df:32:d5:
81:0f:3d:f4:6e:7c:08:10:14:45:8b:fe:68:1c:10:25:24:f5:
4c:e2:ee:2c:c2:13:60:03:b8:11:19:23:bf:da:51:c7:c7:4d:
cc:17:0c:66:5c:04:52:04:61:1a:63:38:8c:99:ca:4d:ae:2f:
16:15:81:b0:1a:59:95:1b:2b:74:2a:34:19:6c:fe:99:d4:48:
ce:59:9d:4a:af:aa:6a:d3:b7:fe:6c:da:f2:87:53:91:77:f8:
29:1a:15:e2:23:3c:72:30:3f:29:11:fe:34:c4:c0:4a:15:fa:
cf:8f:42:0b:cb:6a:c8:42:9b:11:8c:a6:c3:11:51:11:11:b2:
50:7c:46:e3:3d:46:55:21:49:57:5b:5b:fe:08:73:39:49:73:
70:0f:20:c8:50:03:88:01:f0:06:f9:4b:13:85:79:f6:9c:13:
c2:a1:e6:43:dd:97:df:54:89:9a:13:9c:1d:dc:ea:a1:b6:41:
2a:b1:a8:26:b9:bd:a8:66:45:51:12:2a:62:95:87:14:5f:5e:
8c:84:4d:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a44+95gVs+wTNJd82ARqOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5MDBlM2VlYThiYmUzYmUxMWY4OGM2ODJiZDEzOGMyNjUw
N2Y3ZGMwHhcNMjYwNDE3MTAwMTM3WhcNMjYwNDE4MTAwMTM3WjAzMTEwLwYDVQQD
EygwZTEyNzA5YjhiOGMzMmY1ODU3NGUyODlmZmY4ZjAzZjg5NzM0YzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2xm1nVeBDQmA5cY6rLhaFkEBX2Yv
d2NgxU7Z8QSV5ZGYX7FnjMOP3YLv+KiJStnFxNRyFd8dYBd2MljCD7fG+JEyC2Qe
wRk8ALvuqU/Jwph6rlsJauCxaTAVdmUxoRuurAwKPMBuGS2OG6ovYhMAYImd7VR4
IOP0t/A9KjaBeDsfP09dHvI0QvhJCTogkIGimNiskEf8NOnBb1ht4+w8jkqXksyc
yadlOn2tLEQXuSyyQMTZuo5vj2rwpl9t9989Q/xLMLII1FwkgQH3uOQYzenG04ca
Q7SlcFNb5Q2HCIIIXIsLrFzXlTzjzucaeRhvD2EijTmKZ/awRPw6AesTVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA4ScJuLjDL1hXTiif/48D+Jc0w2MB8GA1UdIwQY
MBaAFMkA4+6ou+O+EfiMaCvROMJlB/fcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8xZjQzMWUtMzdjOC00MDgwLTliYjMt
NDE2MjA0YTAyNzM3LzEveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8xZjQzMWUtMzdjOC00MDgwLTliYjMtNDE2MjA0YTAyNzM3
LzEveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfa4Ze1Sh
TORWabGih/710I+c/DrOF9eQjOV6kDC5sRmbenEQ9KBjxVkB9WNgOnkTZQic3zLV
gQ899G58CBAURYv+aBwQJST1TOLuLMITYAO4ERkjv9pRx8dNzBcMZlwEUgRhGmM4
jJnKTa4vFhWBsBpZlRsrdCo0GWz+mdRIzlmdSq+qatO3/mza8odTkXf4KRoV4iM8
cjA/KRH+NMTAShX6z49CC8tqyEKbEYymwxFRERGyUHxG4z1GVSFJV1tb/ghzOUlz
cA8gyFADiAHwBvlLE4V59pwTwqHmQ92X31SJmhOcHdzqobZBKrGoJrm9qGZFURIq
YpWHFF9ejIRNaQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:53:52 2026 by rpki-client