Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/9700c8-f9ab-42a7-b1fa-e68a08d9e54f/1/SFk-QNpaUvMi21oEwg-0htThVQI.mft
File: SFk-QNpaUvMi21oEwg-0htThVQI.mft (raw, json)
Hash identifier: 62Lz8S/JULS4gPlIHgJCRPgaVKnEQu+jXiUHcFGHyxc=
Subject key identifier: D4:8E:B2:55:C8:F2:08:FC:71:AB:A7:B4:E6:C8:65:E9:DF:D4:D1:4D
Authority key identifier: 48:59:3E:40:DA:5A:52:F3:22:DB:5A:04:C2:0F:B4:86:D4:E1:55:02
Certificate issuer: /CN=48593e40da5a52f322db5a04c20fb486d4e15502
Certificate serial: 019D99D003DDCCB92E58355A338DE2770B65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SFk-QNpaUvMi21oEwg-0htThVQI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/9700c8-f9ab-42a7-b1fa-e68a08d9e54f/1/SFk-QNpaUvMi21oEwg-0htThVQI.mft
Manifest number: 157D
Signing time: Fri 17 Apr 2026 05:00:39 +0000
Manifest this update: Fri 17 Apr 2026 05:00:39 +0000
Manifest next update: Sat 18 Apr 2026 05:00:39 +0000
Files and hashes: 1: SFk-QNpaUvMi21oEwg-0htThVQI.crl (hash: 8Rnepb6TQBLRLwbCMQKYGwcNHkfs5PTAJqejjxBmoKw=)
2: VFzP0FGh0SQzSyAC9MEO9bnaqZU.roa (hash: DwjrXgZVVBQjvwjFMKe9t4mZj6kib5GRnctDIksFE5w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/9700c8-f9ab-42a7-b1fa-e68a08d9e54f/1/SFk-QNpaUvMi21oEwg-0htThVQI.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/9700c8-f9ab-42a7-b1fa-e68a08d9e54f/1/SFk-QNpaUvMi21oEwg-0htThVQI.mft
rsync://rpki.ripe.net/repository/DEFAULT/SFk-QNpaUvMi21oEwg-0htThVQI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 05:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:d0:03:dd:cc:b9:2e:58:35:5a:33:8d:e2:77:0b:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48593e40da5a52f322db5a04c20fb486d4e15502
Validity
Not Before: Apr 17 05:00:39 2026 GMT
Not After : Apr 18 05:00:39 2026 GMT
Subject: CN=d48eb255c8f208fc71aba7b4e6c865e9dfd4d14d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:b4:9e:15:39:18:69:6d:df:96:c3:6a:03:a0:
14:ec:d5:7e:43:e7:e4:a6:b2:4d:e2:82:23:59:24:
42:8b:d7:43:c0:f7:d2:b5:b8:1a:70:27:76:53:ef:
93:2d:88:ad:5c:b0:a9:3f:da:f8:ef:57:b1:03:b7:
74:d3:7f:29:be:bd:b6:30:8d:d4:a7:62:74:aa:b9:
a7:5b:3f:3f:5f:cb:b1:8f:ae:c2:23:bd:36:3f:f9:
3f:e6:5f:65:9e:6d:51:2d:91:42:3e:2d:1a:57:0a:
3e:c6:f9:8c:04:e8:83:2e:15:38:94:38:70:e3:97:
bb:7a:74:57:27:cc:49:9a:d1:71:39:9d:b5:93:74:
cf:a7:17:71:a0:74:1c:e1:9a:28:af:62:00:92:5c:
62:db:49:9c:8e:52:16:57:87:87:71:43:b2:e7:e6:
d5:a3:28:06:c2:7f:8e:9c:b2:df:07:dc:ed:19:c4:
d0:55:e0:38:c9:b1:3c:ae:23:f3:86:87:e4:4e:49:
a1:a7:5f:58:54:b0:67:64:ba:15:f2:ee:b9:97:13:
94:90:77:e1:a9:5a:cb:e6:ea:18:59:e8:65:27:ec:
35:da:7a:11:ca:79:9c:1e:9a:c8:92:f8:8f:56:a5:
52:c9:1e:1c:96:30:bd:17:e2:24:e1:3e:f3:6c:0d:
45:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:8E:B2:55:C8:F2:08:FC:71:AB:A7:B4:E6:C8:65:E9:DF:D4:D1:4D
X509v3 Authority Key Identifier:
keyid:48:59:3E:40:DA:5A:52:F3:22:DB:5A:04:C2:0F:B4:86:D4:E1:55:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SFk-QNpaUvMi21oEwg-0htThVQI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/9700c8-f9ab-42a7-b1fa-e68a08d9e54f/1/SFk-QNpaUvMi21oEwg-0htThVQI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/9700c8-f9ab-42a7-b1fa-e68a08d9e54f/1/SFk-QNpaUvMi21oEwg-0htThVQI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
44:0a:ea:03:38:2c:da:01:98:e7:d8:9f:b7:da:86:e1:78:64:
a6:dd:2a:7b:25:9c:ea:fe:59:43:bf:d3:4d:31:87:aa:7f:98:
0c:2f:3c:ab:fa:06:d4:f3:91:bb:d3:cc:e9:aa:05:1f:c4:99:
4a:fa:08:39:b4:af:02:a7:1c:45:f1:ff:a3:38:96:54:5b:a1:
e0:fa:e5:b5:ef:db:c4:94:e1:5e:e9:bc:cc:91:ca:69:74:e1:
31:0b:ae:10:c2:ec:7b:3c:f8:a0:6f:47:96:81:7c:a4:b9:90:
b5:43:63:90:9b:97:04:09:98:7d:84:49:6b:a6:3c:98:1b:50:
3a:f4:13:a6:7f:58:02:5c:73:3f:e2:cb:ba:54:2d:3e:9a:45:
13:eb:cd:9b:0e:ab:05:85:d5:52:e0:07:25:11:4e:aa:b0:39:
e1:24:1e:78:7b:00:3a:70:8b:f2:0b:c5:13:d1:76:1f:69:cb:
4f:42:8f:2b:29:72:cd:af:19:f7:74:02:2c:00:45:25:ab:6e:
fa:e0:41:04:d9:bc:b2:25:29:c4:43:0e:e3:6c:f4:54:4a:16:
b7:2d:56:3e:28:d6:f0:5d:3c:8e:f3:18:b5:cb:85:55:7d:27:
14:4d:85:19:18:98:74:e3:e7:d6:fa:f5:5e:5f:2e:3e:54:13:
8e:cc:02:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Z0APdzLkuWDVaM43idwtlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NTkzZTQwZGE1YTUyZjMyMmRiNWEwNGMyMGZiNDg2ZDRl
MTU1MDIwHhcNMjYwNDE3MDUwMDM5WhcNMjYwNDE4MDUwMDM5WjAzMTEwLwYDVQQD
EyhkNDhlYjI1NWM4ZjIwOGZjNzFhYmE3YjRlNmM4NjVlOWRmZDRkMTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1bSeFTkYaW3flsNqA6AU7NV+Q+fk
prJN4oIjWSRCi9dDwPfStbgacCd2U++TLYitXLCpP9r471exA7d0038pvr22MI3U
p2J0qrmnWz8/X8uxj67CI702P/k/5l9lnm1RLZFCPi0aVwo+xvmMBOiDLhU4lDhw
45e7enRXJ8xJmtFxOZ21k3TPpxdxoHQc4Zoor2IAklxi20mcjlIWV4eHcUOy5+bV
oygGwn+OnLLfB9ztGcTQVeA4ybE8riPzhofkTkmhp19YVLBnZLoV8u65lxOUkHfh
qVrL5uoYWehlJ+w12noRynmcHprIkviPVqVSyR4cljC9F+Ik4T7zbA1FAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNSOslXI8gj8cauntObIZenf1NFNMB8GA1UdIwQY
MBaAFEhZPkDaWlLzIttaBMIPtIbU4VUCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0ZrLVFOcGFVdk1pMjFvRXdnLTBodFRoVlFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi85NzAwYzgtZjlhYi00MmE3LWIxZmEt
ZTY4YTA4ZDllNTRmLzEvU0ZrLVFOcGFVdk1pMjFvRXdnLTBodFRoVlFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi85NzAwYzgtZjlhYi00MmE3LWIxZmEtZTY4YTA4ZDllNTRm
LzEvU0ZrLVFOcGFVdk1pMjFvRXdnLTBodFRoVlFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARArqAzgs
2gGY59ift9qG4Xhkpt0qeyWc6v5ZQ7/TTTGHqn+YDC88q/oG1PORu9PM6aoFH8SZ
SvoIObSvAqccRfH/oziWVFuh4Prlte/bxJThXum8zJHKaXThMQuuEMLsezz4oG9H
loF8pLmQtUNjkJuXBAmYfYRJa6Y8mBtQOvQTpn9YAlxzP+LLulQtPppFE+vNmw6r
BYXVUuAHJRFOqrA54SQeeHsAOnCL8gvFE9F2H2nLT0KPKylyza8Z93QCLABFJatu
+uBBBNm8siUpxEMO42z0VEoWty1WPijW8F08jvMYtcuFVX0nFE2FGRiYdOPn1vr1
Xl8uPlQTjswC8g==
-----END CERTIFICATE-----
Generated at Fri Apr 17 12:17:17 2026 by rpki-client