Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/425c24-bfe0-4790-b250-d4c66f4f3b6e/1/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.mft
File: DXhL2WpEvDYdEzRNVMi8Uf9nqAI.mft (raw, json)
Hash identifier: Ja1Ep55JntcsmcZMF36kiXEe3X0rJD/kOV8lNEtzsyI=
Subject key identifier: 2B:49:BC:70:FA:EC:57:39:A1:5F:2F:21:BC:3A:70:0B:13:7D:72:05
Authority key identifier: 0D:78:4B:D9:6A:44:BC:36:1D:13:34:4D:54:C8:BC:51:FF:67:A8:02
Certificate issuer: /CN=0d784bd96a44bc361d13344d54c8bc51ff67a802
Certificate serial: 019D992AF01FD58BA8A3C960FD51B7692D5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/425c24-bfe0-4790-b250-d4c66f4f3b6e/1/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.mft
Manifest number: 1025
Signing time: Fri 17 Apr 2026 02:00:21 +0000
Manifest this update: Fri 17 Apr 2026 02:00:21 +0000
Manifest next update: Sat 18 Apr 2026 02:00:21 +0000
Files and hashes: 1: DXhL2WpEvDYdEzRNVMi8Uf9nqAI.crl (hash: MrOaqmNy6M4GwjBOT5DqKYdK35v05XABThwoCJBQLWo=)
2: x5ebKc9_3qA7pEOC0_BnOS1B8oI.roa (hash: AqP1AEgenjD2KrPY+QLH5krFzTJA90JozOTpwzG6a5A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/425c24-bfe0-4790-b250-d4c66f4f3b6e/1/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/425c24-bfe0-4790-b250-d4c66f4f3b6e/1/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.mft
rsync://rpki.ripe.net/repository/DEFAULT/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 02:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:2a:f0:1f:d5:8b:a8:a3:c9:60:fd:51:b7:69:2d:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d784bd96a44bc361d13344d54c8bc51ff67a802
Validity
Not Before: Apr 17 02:00:21 2026 GMT
Not After : Apr 18 02:00:21 2026 GMT
Subject: CN=2b49bc70faec5739a15f2f21bc3a700b137d7205
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:78:e8:b4:93:da:33:fa:5e:39:e3:0e:60:16:
69:14:df:03:3e:a3:9a:1b:65:91:6e:2c:53:a3:cd:
9d:37:12:69:51:c3:b7:c8:29:6f:ce:30:53:d2:c5:
6c:29:93:07:3c:bf:ab:81:00:6c:ae:82:be:86:08:
6e:ce:4a:3a:14:bb:e7:bd:6a:0b:62:59:96:d9:ef:
33:69:38:16:29:1b:13:12:ac:51:f9:f0:1a:dd:87:
04:61:e2:c8:f9:b4:51:c0:63:be:15:be:bf:d8:c7:
05:49:ee:ad:e4:ed:83:e0:16:eb:bf:b5:2d:21:7f:
48:96:06:f8:47:3c:3a:bb:1f:da:4e:d7:b1:d6:1d:
69:e4:d3:ae:76:d4:23:28:1f:3e:6d:35:f6:2a:b2:
0d:12:9e:1d:54:3a:99:83:3e:3c:8e:85:35:e2:1e:
48:fd:fd:2b:dc:e3:fc:cf:d3:85:e2:7b:9d:d5:30:
57:36:99:f1:30:b1:42:ee:d7:2a:f3:57:3d:54:73:
71:a4:80:f9:5a:66:e0:96:93:95:13:67:c6:7b:41:
4c:37:f7:e1:31:ad:57:b5:1d:30:c2:65:17:41:09:
ea:fa:be:27:f4:c6:fe:e4:17:ae:93:4d:e6:97:2c:
c6:d3:2b:d9:f7:3d:7a:c9:7b:51:1d:a3:81:18:a9:
38:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:49:BC:70:FA:EC:57:39:A1:5F:2F:21:BC:3A:70:0B:13:7D:72:05
X509v3 Authority Key Identifier:
keyid:0D:78:4B:D9:6A:44:BC:36:1D:13:34:4D:54:C8:BC:51:FF:67:A8:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/425c24-bfe0-4790-b250-d4c66f4f3b6e/1/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/425c24-bfe0-4790-b250-d4c66f4f3b6e/1/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
30:29:2a:68:1f:68:cf:79:49:d3:89:19:fd:a5:fa:80:f0:ae:
5f:4f:a3:d8:fa:4f:dd:d3:99:88:71:b6:75:8f:d9:32:34:f1:
82:b0:c9:31:1d:51:16:2a:e6:b7:19:57:33:f1:c6:7d:ad:b5:
82:51:03:bc:16:33:b8:9e:54:2b:da:ab:d7:fb:be:73:88:ba:
d6:a6:ce:d4:b7:fe:3e:e0:23:02:1c:43:bb:4f:17:1b:b9:e9:
8e:3b:81:0f:82:67:77:1f:1c:4d:f4:7c:85:43:25:c0:e5:2a:
2d:3a:a3:1f:42:ca:b8:79:75:48:6a:03:2f:18:57:2e:50:8d:
d8:f4:91:d0:81:8f:47:74:d9:06:e4:e1:8d:d4:58:b5:cd:3e:
72:55:47:e5:90:c7:52:e8:f8:f6:1d:9e:80:a2:b6:4f:25:55:
db:eb:49:b7:00:e0:5d:2f:3d:96:5c:0b:ac:f7:30:f1:3a:c8:
3c:f3:2e:37:29:5f:44:41:e5:fe:b8:fe:53:6d:43:31:db:98:
8c:65:cf:cc:c4:40:66:78:7e:0f:7c:7f:73:ae:aa:9e:10:a3:
5f:c7:81:f7:8a:b3:eb:2f:08:79:8c:44:38:5a:aa:31:2f:81:
47:bf:7c:df:38:72:09:04:42:77:59:82:98:fc:25:85:60:b5:
65:d1:b6:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZKvAf1Yuoo8lg/VG3aS1fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzg0YmQ5NmE0NGJjMzYxZDEzMzQ0ZDU0YzhiYzUxZmY2
N2E4MDIwHhcNMjYwNDE3MDIwMDIxWhcNMjYwNDE4MDIwMDIxWjAzMTEwLwYDVQQD
EygyYjQ5YmM3MGZhZWM1NzM5YTE1ZjJmMjFiYzNhNzAwYjEzN2Q3MjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3njotJPaM/peOeMOYBZpFN8DPqOa
G2WRbixTo82dNxJpUcO3yClvzjBT0sVsKZMHPL+rgQBsroK+hghuzko6FLvnvWoL
YlmW2e8zaTgWKRsTEqxR+fAa3YcEYeLI+bRRwGO+Fb6/2McFSe6t5O2D4Bbrv7Ut
IX9Ilgb4Rzw6ux/aTtex1h1p5NOudtQjKB8+bTX2KrINEp4dVDqZgz48joU14h5I
/f0r3OP8z9OF4nud1TBXNpnxMLFC7tcq81c9VHNxpID5WmbglpOVE2fGe0FMN/fh
Ma1XtR0wwmUXQQnq+r4n9Mb+5Beuk03mlyzG0yvZ9z16yXtRHaOBGKk4LwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCtJvHD67Fc5oV8vIbw6cAsTfXIFMB8GA1UdIwQY
MBaAFA14S9lqRLw2HRM0TVTIvFH/Z6gCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhoTDJXcEV2RFlkRXpSTlZNaThVZjlucUFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80MjVjMjQtYmZlMC00NzkwLWIyNTAt
ZDRjNjZmNGYzYjZlLzEvRFhoTDJXcEV2RFlkRXpSTlZNaThVZjlucUFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80MjVjMjQtYmZlMC00NzkwLWIyNTAtZDRjNjZmNGYzYjZl
LzEvRFhoTDJXcEV2RFlkRXpSTlZNaThVZjlucUFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMCkqaB9o
z3lJ04kZ/aX6gPCuX0+j2PpP3dOZiHG2dY/ZMjTxgrDJMR1RFirmtxlXM/HGfa21
glEDvBYzuJ5UK9qr1/u+c4i61qbO1Lf+PuAjAhxDu08XG7npjjuBD4Jndx8cTfR8
hUMlwOUqLTqjH0LKuHl1SGoDLxhXLlCN2PSR0IGPR3TZBuThjdRYtc0+clVH5ZDH
Uuj49h2egKK2TyVV2+tJtwDgXS89llwLrPcw8TrIPPMuNylfREHl/rj+U21DMduY
jGXPzMRAZnh+D3x/c66qnhCjX8eB94qz6y8IeYxEOFqqMS+BR7983zhyCQRCd1mC
mPwlhWC1ZdG2fA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 10:02:35 2026 by rpki-client