Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/76759e-3964-4c4f-876b-bc475d008869/1/ym3NrZkpBFbG18GOscBY2UEIiAE.mft
File: ym3NrZkpBFbG18GOscBY2UEIiAE.mft (raw, json)
Hash identifier: PO+HMvDys2orXzAo6g793tkSX3VtrEz3+qsBv/Uhhv0=
Subject key identifier: 71:E1:C8:CD:B0:C3:DC:43:17:41:AA:58:1A:7A:CF:A4:70:05:60:02
Authority key identifier: CA:6D:CD:AD:99:29:04:56:C6:D7:C1:8E:B1:C0:58:D9:41:08:88:01
Certificate issuer: /CN=ca6dcdad99290456c6d7c18eb1c058d941088801
Certificate serial: 019D9B5049BCA79E71BCB4C5EB3F546D6D86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ym3NrZkpBFbG18GOscBY2UEIiAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/76759e-3964-4c4f-876b-bc475d008869/1/ym3NrZkpBFbG18GOscBY2UEIiAE.mft
Manifest number: 1866
Signing time: Fri 17 Apr 2026 12:00:23 +0000
Manifest this update: Fri 17 Apr 2026 12:00:23 +0000
Manifest next update: Sat 18 Apr 2026 12:00:23 +0000
Files and hashes: 1: FoH9ps9NIlN7HCCsr_L_q5RnpT8.roa (hash: V8yDvWYjZgT2Vk6m8UQDxVTsGXUYqta3GtOUd408vp8=)
2: ym3NrZkpBFbG18GOscBY2UEIiAE.crl (hash: ojd7OWflKCo+J0vZOCihVKad4Wc4w4mYmidFw6aav+0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/76759e-3964-4c4f-876b-bc475d008869/1/ym3NrZkpBFbG18GOscBY2UEIiAE.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/76759e-3964-4c4f-876b-bc475d008869/1/ym3NrZkpBFbG18GOscBY2UEIiAE.mft
rsync://rpki.ripe.net/repository/DEFAULT/ym3NrZkpBFbG18GOscBY2UEIiAE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:50:49:bc:a7:9e:71:bc:b4:c5:eb:3f:54:6d:6d:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca6dcdad99290456c6d7c18eb1c058d941088801
Validity
Not Before: Apr 17 12:00:23 2026 GMT
Not After : Apr 18 12:00:23 2026 GMT
Subject: CN=71e1c8cdb0c3dc431741aa581a7acfa470056002
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:4f:84:d7:40:f1:66:74:e2:19:ac:27:02:36:
2e:83:ab:d8:35:be:32:a9:3a:8d:19:b5:71:3b:8e:
79:77:d7:78:4f:55:44:93:ef:4a:70:9a:be:f5:7e:
81:a2:7e:a0:ff:94:8e:07:1f:a1:cd:bb:3b:33:70:
f7:d6:ba:ec:98:34:46:ce:02:aa:8d:9a:4c:ac:45:
cf:05:5a:8f:87:3b:f2:00:68:de:93:ff:e1:8e:71:
2a:3a:b8:29:34:26:d5:57:4b:40:e6:8a:64:2a:9b:
fa:19:be:62:ef:3e:a4:7d:3b:36:e2:b2:7a:db:a9:
3a:3c:c4:e7:f2:70:f3:3b:2f:56:6b:7e:5d:ad:ab:
74:a1:3b:16:fe:1e:70:c8:c0:26:be:ca:3a:8b:ff:
a3:bc:34:7c:4a:f5:e0:91:de:a8:93:08:62:ea:8d:
3a:18:04:53:90:ac:49:0b:d5:73:34:5f:30:c2:78:
04:d0:e3:f7:91:fb:40:09:f6:ee:c2:eb:76:a7:c6:
c4:08:22:1c:41:05:a0:e3:88:23:87:e7:e2:24:a7:
08:82:69:91:31:af:94:65:ff:e1:e8:e3:5c:d9:c3:
da:ea:45:f1:2d:cb:43:cf:34:84:1b:e3:79:5c:25:
5c:73:40:8f:d4:90:59:44:db:6e:38:88:43:64:79:
da:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:E1:C8:CD:B0:C3:DC:43:17:41:AA:58:1A:7A:CF:A4:70:05:60:02
X509v3 Authority Key Identifier:
keyid:CA:6D:CD:AD:99:29:04:56:C6:D7:C1:8E:B1:C0:58:D9:41:08:88:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ym3NrZkpBFbG18GOscBY2UEIiAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/76759e-3964-4c4f-876b-bc475d008869/1/ym3NrZkpBFbG18GOscBY2UEIiAE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/76759e-3964-4c4f-876b-bc475d008869/1/ym3NrZkpBFbG18GOscBY2UEIiAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
29:5c:57:90:b8:6d:f8:b2:1b:e7:b8:f8:39:77:ca:91:0d:cb:
28:95:5b:5e:33:cc:58:13:57:ff:2b:0b:6b:8f:f9:b0:f9:31:
e3:d8:1d:44:8b:a0:20:0f:7b:70:5a:57:f6:ac:a3:4d:99:b3:
85:05:3d:53:c0:d9:45:23:4c:a2:b6:2e:33:30:50:91:2b:fa:
d5:97:0e:85:c7:ff:f0:08:a1:7e:6b:18:58:cc:0e:47:51:ea:
e3:7d:04:b6:07:92:82:b2:ca:d9:af:27:68:a8:0e:08:1e:2a:
a7:0d:62:d4:04:cf:0a:4e:9e:a1:b5:27:8f:41:a1:7a:ad:97:
22:2a:d2:ca:c2:ba:16:c9:38:e1:e3:f3:41:1f:27:e7:d2:c4:
48:c4:ab:b8:4f:91:62:cb:5a:ae:af:3b:d3:37:80:1c:8c:11:
07:46:d5:40:ad:bb:6d:2e:bd:09:18:d7:62:90:06:55:cb:b1:
87:aa:8c:03:e5:76:18:42:08:40:2a:da:71:58:43:5e:5d:13:
17:8e:a5:35:da:79:f8:b5:57:e3:96:ea:bf:1f:7c:30:20:5a:
67:b1:8b:87:00:7b:64:c7:6f:24:1a:0d:df:7b:56:c0:94:e8:
5c:3c:d8:c7:2e:2f:a2:cb:e8:1d:71:cb:72:b1:6c:19:36:2e:
b2:14:36:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bUEm8p55xvLTF6z9UbW2GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNmRjZGFkOTkyOTA0NTZjNmQ3YzE4ZWIxYzA1OGQ5NDEw
ODg4MDEwHhcNMjYwNDE3MTIwMDIzWhcNMjYwNDE4MTIwMDIzWjAzMTEwLwYDVQQD
Eyg3MWUxYzhjZGIwYzNkYzQzMTc0MWFhNTgxYTdhY2ZhNDcwMDU2MDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuU+E10DxZnTiGawnAjYug6vYNb4y
qTqNGbVxO455d9d4T1VEk+9KcJq+9X6Bon6g/5SOBx+hzbs7M3D31rrsmDRGzgKq
jZpMrEXPBVqPhzvyAGjek//hjnEqOrgpNCbVV0tA5opkKpv6Gb5i7z6kfTs24rJ6
26k6PMTn8nDzOy9Wa35drat0oTsW/h5wyMAmvso6i/+jvDR8SvXgkd6okwhi6o06
GARTkKxJC9VzNF8wwngE0OP3kftACfbuwut2p8bECCIcQQWg44gjh+fiJKcIgmmR
Ma+UZf/h6ONc2cPa6kXxLctDzzSEG+N5XCVcc0CP1JBZRNtuOIhDZHnaYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHHhyM2ww9xDF0GqWBp6z6RwBWACMB8GA1UdIwQY
MBaAFMptza2ZKQRWxtfBjrHAWNlBCIgBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveW0zTnJaa3BCRmJHMThHT3NjQlkyVUVJaUFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi83Njc1OWUtMzk2NC00YzRmLTg3NmIt
YmM0NzVkMDA4ODY5LzEveW0zTnJaa3BCRmJHMThHT3NjQlkyVUVJaUFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi83Njc1OWUtMzk2NC00YzRmLTg3NmItYmM0NzVkMDA4ODY5
LzEveW0zTnJaa3BCRmJHMThHT3NjQlkyVUVJaUFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKVxXkLht
+LIb57j4OXfKkQ3LKJVbXjPMWBNX/ysLa4/5sPkx49gdRIugIA97cFpX9qyjTZmz
hQU9U8DZRSNMorYuMzBQkSv61ZcOhcf/8AihfmsYWMwOR1Hq430EtgeSgrLK2a8n
aKgOCB4qpw1i1ATPCk6eobUnj0Gheq2XIirSysK6Fsk44ePzQR8n59LESMSruE+R
Ystarq870zeAHIwRB0bVQK27bS69CRjXYpAGVcuxh6qMA+V2GEIIQCracVhDXl0T
F46lNdp5+LVX45bqvx98MCBaZ7GLhwB7ZMdvJBoN33tWwJToXDzYxy4vosvoHXHL
crFsGTYushQ2cg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:13:35 2026 by rpki-client