
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
File: 20IFnOKR1Jpmkgcxx2faVj7yESQ.mft (raw, json)
Hash identifier: RiqBM5q7Z+t2c7iC9teL4vwfXAUfFV8F0AMnCKNqz58=
Subject key identifier: 83:5B:17:89:06:08:E2:FE:85:85:71:6A:5D:2B:28:7F:31:38:2D:9F
Authority key identifier: DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24
Certificate issuer: /CN=db42059ce291d49a66920731c767da563ef21124
Certificate serial: 019D99622608A866040E3C9DA8924AD8FE5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
Manifest number: 0BBE
Signing time: Fri 17 Apr 2026 03:00:39 +0000
Manifest this update: Fri 17 Apr 2026 03:00:39 +0000
Manifest next update: Sat 18 Apr 2026 03:00:39 +0000
Files and hashes: 1: 20IFnOKR1Jpmkgcxx2faVj7yESQ.crl (hash: vCKboXEH1Rr4jUxAERc5EuJ6OU216eEc0f+BdEV4Y/I=)
2: K_G3q1oHoFkLaOnMyEVLIcn7Qmw.roa (hash: /NaxyStNTlcpIpTarZjjR+9kQ6m4FlTTRFr5N6+rcrM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 03:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:62:26:08:a8:66:04:0e:3c:9d:a8:92:4a:d8:fe:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db42059ce291d49a66920731c767da563ef21124
Validity
Not Before: Apr 17 03:00:39 2026 GMT
Not After : Apr 18 03:00:39 2026 GMT
Subject: CN=835b17890608e2fe8585716a5d2b287f31382d9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:1f:e7:23:08:26:1c:73:4d:a9:28:a1:89:01:
c8:91:70:11:9d:23:15:e6:4a:07:70:ef:59:25:6d:
88:d0:3f:eb:c9:c0:4e:ac:08:7d:6b:e1:5e:27:4b:
3e:55:6f:90:cd:5c:b4:29:6a:b5:11:32:e8:c4:57:
61:b8:10:15:75:75:cb:5a:ba:f9:a5:36:33:7f:96:
09:26:f1:d0:93:35:30:13:05:e2:39:a2:02:a1:1a:
30:fc:e1:8d:26:98:97:e5:18:1e:93:86:be:bd:30:
2b:cb:fc:2d:a0:54:33:cb:3e:37:73:e1:c8:86:7e:
af:36:8f:12:87:9f:06:29:ca:69:74:61:40:d7:cc:
2c:33:5b:7e:02:26:33:d7:43:91:80:d7:c1:8e:b7:
76:a0:68:78:45:d3:c1:5d:80:ac:b7:a4:e0:50:ea:
37:b0:2d:8d:2e:30:32:91:df:69:0b:f4:32:41:1e:
10:96:bf:7e:34:d0:08:11:3f:46:12:f8:0d:52:3b:
79:85:f8:68:95:6c:e9:13:31:20:b3:35:18:21:1a:
e0:5b:bf:58:11:a3:fe:1d:1a:79:2f:98:2e:16:13:
09:82:1c:27:79:d1:09:6b:1a:37:1d:e5:87:32:92:
7f:42:26:d2:b2:dd:85:81:ed:bc:93:6c:29:4d:c6:
0e:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:5B:17:89:06:08:E2:FE:85:85:71:6A:5D:2B:28:7F:31:38:2D:9F
X509v3 Authority Key Identifier:
keyid:DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
66:73:b8:18:63:16:4a:8b:a0:d3:66:10:7a:c1:ea:37:43:8f:
db:a8:61:71:1f:62:90:14:e7:cb:db:63:6c:ab:67:2c:c1:77:
c9:b5:f0:a3:97:cd:df:32:5d:1f:56:c2:2f:59:f8:8e:93:6a:
f0:91:21:5b:28:36:4f:62:b4:ae:95:aa:dd:93:f7:05:53:d1:
3c:96:92:5d:3a:7c:0f:a4:e2:8c:21:92:0c:06:23:f7:1d:b5:
15:6a:fe:ad:35:b9:42:92:8f:de:5f:82:1b:b7:ec:1b:0a:9f:
fb:be:6a:d1:bd:c8:1d:76:f5:86:cc:6d:a4:c5:a5:7b:41:df:
9c:1f:30:67:20:5c:2d:5d:b2:35:fc:b2:1b:f6:01:4b:ba:20:
bb:a3:aa:63:bd:4f:a2:32:13:5c:cc:ce:3e:04:f3:c9:1c:ed:
99:37:e7:3a:9f:cd:73:ce:16:8f:bd:81:96:31:ca:fc:3d:09:
fc:3e:84:21:42:b9:a9:d9:b4:a4:12:6d:43:6e:42:05:c9:b1:
ff:09:0d:8a:0a:bb:e1:7e:0c:72:6f:e6:bb:ed:70:0b:d9:f4:
5c:52:f3:d3:d7:b6:2e:3f:01:1a:ca:3b:ac:da:d8:37:65:d4:
af:ff:8c:56:87:da:e3:46:f0:99:8b:13:6f:9a:36:4b:65:8d:
d0:25:a2:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYiYIqGYEDjydqJJK2P5fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNDIwNTljZTI5MWQ0OWE2NjkyMDczMWM3NjdkYTU2M2Vm
MjExMjQwHhcNMjYwNDE3MDMwMDM5WhcNMjYwNDE4MDMwMDM5WjAzMTEwLwYDVQQD
Eyg4MzViMTc4OTA2MDhlMmZlODU4NTcxNmE1ZDJiMjg3ZjMxMzgyZDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0h/nIwgmHHNNqSihiQHIkXARnSMV
5koHcO9ZJW2I0D/rycBOrAh9a+FeJ0s+VW+QzVy0KWq1ETLoxFdhuBAVdXXLWrr5
pTYzf5YJJvHQkzUwEwXiOaICoRow/OGNJpiX5Rgek4a+vTAry/wtoFQzyz43c+HI
hn6vNo8Sh58GKcppdGFA18wsM1t+AiYz10ORgNfBjrd2oGh4RdPBXYCst6TgUOo3
sC2NLjAykd9pC/QyQR4Qlr9+NNAIET9GEvgNUjt5hfholWzpEzEgszUYIRrgW79Y
EaP+HRp5L5guFhMJghwnedEJaxo3HeWHMpJ/QibSst2Fge28k2wpTcYOlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFINbF4kGCOL+hYVxal0rKH8xOC2fMB8GA1UdIwQY
MBaAFNtCBZzikdSaZpIHMcdn2lY+8hEkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzIt
OTMxMmQwODdkZmNhLzEvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzItOTMxMmQwODdkZmNh
LzEvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZnO4GGMW
Soug02YQesHqN0OP26hhcR9ikBTny9tjbKtnLMF3ybXwo5fN3zJdH1bCL1n4jpNq
8JEhWyg2T2K0rpWq3ZP3BVPRPJaSXTp8D6TijCGSDAYj9x21FWr+rTW5QpKP3l+C
G7fsGwqf+75q0b3IHXb1hsxtpMWle0HfnB8wZyBcLV2yNfyyG/YBS7ogu6OqY71P
ojITXMzOPgTzyRztmTfnOp/Nc84Wj72BljHK/D0J/D6EIUK5qdm0pBJtQ25CBcmx
/wkNigq74X4Mcm/mu+1wC9n0XFLz09e2Lj8BGso7rNrYN2XUr/+MVofa40bwmYsT
b5o2S2WN0CWiKw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 10:08:39 2026 by rpki-client