Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/DQh0szPjXfFP2XDhiVgdoJO8gJM.mft
File: DQh0szPjXfFP2XDhiVgdoJO8gJM.mft (raw, json)
Hash identifier: sbyWbg1v2SgQ/emdqtMNc4IquDjYbyErJSeZ1ecsbnQ=
Subject key identifier: 38:B0:EB:8F:1E:53:72:0A:31:50:3A:AF:C1:6A:E5:BC:40:F6:15:E2
Authority key identifier: 0D:08:74:B3:33:E3:5D:F1:4F:D9:70:E1:89:58:1D:A0:93:BC:80:93
Certificate issuer: /CN=0d0874b333e35df14fd970e189581da093bc8093
Certificate serial: 019D9A74C62094D61A0D4D909EA12EA9906E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQh0szPjXfFP2XDhiVgdoJO8gJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/DQh0szPjXfFP2XDhiVgdoJO8gJM.mft
Manifest number: 18C8
Signing time: Fri 17 Apr 2026 08:00:37 +0000
Manifest this update: Fri 17 Apr 2026 08:00:37 +0000
Manifest next update: Sat 18 Apr 2026 08:00:37 +0000
Files and hashes: 1: DQh0szPjXfFP2XDhiVgdoJO8gJM.crl (hash: y6tZEu1ltDdV7KimKyg9U5UYejNn8TA+6LOj4w3rUZ4=)
2: X45FUcZNo-YtDvtPWevU4wJ2FEY.roa (hash: rSd13zzClfxZXjpfUKzjtwc06S4fldzcQ0W8TuRXJxI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/DQh0szPjXfFP2XDhiVgdoJO8gJM.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/DQh0szPjXfFP2XDhiVgdoJO8gJM.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQh0szPjXfFP2XDhiVgdoJO8gJM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:74:c6:20:94:d6:1a:0d:4d:90:9e:a1:2e:a9:90:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d0874b333e35df14fd970e189581da093bc8093
Validity
Not Before: Apr 17 08:00:37 2026 GMT
Not After : Apr 18 08:00:37 2026 GMT
Subject: CN=38b0eb8f1e53720a31503aafc16ae5bc40f615e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:2a:71:02:76:a4:7b:f8:b7:96:e1:59:66:1b:
99:bd:44:38:da:8a:fa:b1:ef:1e:26:3f:92:b5:01:
10:7e:db:f5:5e:4a:aa:a2:01:c6:4c:1e:df:93:2d:
30:9c:b3:03:ca:33:42:74:ac:a3:97:bc:b2:b8:72:
3c:e1:de:c2:54:4f:b8:3b:18:20:d6:19:ad:75:1a:
5d:1f:e7:bb:0c:4d:9e:7b:88:75:c0:07:c4:2a:55:
d4:79:b5:59:b9:70:6c:f6:6c:64:a2:57:b7:c1:04:
54:b8:9d:b8:0f:8e:ce:95:95:12:7a:6a:58:f4:c8:
bf:39:f6:29:a4:d1:7e:45:cc:15:c5:2a:83:ca:a6:
b1:9e:2b:ea:0e:3f:5e:ff:9b:3d:85:48:2a:d6:ac:
35:62:82:86:de:f4:12:f7:38:76:7d:8e:3a:ee:b6:
ee:6a:56:67:69:98:2a:e4:ff:15:23:2d:27:bb:56:
ea:0c:02:d7:9e:7d:7b:db:b7:25:d1:85:d8:75:cc:
9b:e2:f4:b4:02:a2:af:47:c0:6f:eb:c6:50:c6:42:
29:52:bf:ae:77:e4:e8:22:ee:68:29:5b:d8:1a:c7:
51:bf:7f:18:bb:ac:41:1f:01:aa:fe:c6:0d:77:48:
68:f7:51:c5:62:05:9d:37:7d:54:0d:f3:1c:4b:aa:
53:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:B0:EB:8F:1E:53:72:0A:31:50:3A:AF:C1:6A:E5:BC:40:F6:15:E2
X509v3 Authority Key Identifier:
keyid:0D:08:74:B3:33:E3:5D:F1:4F:D9:70:E1:89:58:1D:A0:93:BC:80:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQh0szPjXfFP2XDhiVgdoJO8gJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/DQh0szPjXfFP2XDhiVgdoJO8gJM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/DQh0szPjXfFP2XDhiVgdoJO8gJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
13:a9:0e:1a:35:11:b8:00:f4:1e:dc:75:a7:bb:c6:fa:f6:f7:
67:22:21:f8:81:ee:66:d1:4e:97:4b:44:59:11:69:ce:51:8d:
af:2c:47:a0:4d:11:9c:d0:09:34:49:87:2d:ac:63:50:3d:31:
93:e9:e1:75:b9:41:e4:24:66:26:28:55:3c:c8:51:4d:bb:bc:
57:0b:47:6e:1f:64:ed:5c:2e:1b:7f:d0:5c:78:16:5e:28:d2:
ff:03:63:04:39:04:f3:be:20:b5:1f:1d:10:8c:ee:dc:7f:2a:
04:59:b1:0e:ff:5f:f2:12:60:b9:10:1c:28:a5:5c:b6:e3:1d:
73:76:d2:68:10:b8:e5:b8:59:15:ba:fb:29:a4:83:89:dc:04:
18:27:3c:f6:9f:70:ba:11:ae:9c:bf:63:1a:d0:35:d5:37:7d:
37:69:b0:29:64:a2:f6:a1:0d:e9:ff:ff:0f:61:83:8e:2b:59:
61:a1:fc:7d:0d:1d:f1:fe:16:4a:9c:78:49:8c:e2:dc:33:b8:
bf:cb:16:1a:51:62:d1:c0:ee:c7:29:0d:7a:96:b8:35:ff:28:
4e:8b:a5:31:a6:a8:06:65:b2:e0:b0:ed:ec:a8:40:bd:68:31:
c4:b8:f7:1e:ae:da:06:b2:3a:97:11:7f:23:d2:34:d7:92:69:
1f:5e:a4:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2adMYglNYaDU2QnqEuqZBuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMDg3NGIzMzNlMzVkZjE0ZmQ5NzBlMTg5NTgxZGEwOTNi
YzgwOTMwHhcNMjYwNDE3MDgwMDM3WhcNMjYwNDE4MDgwMDM3WjAzMTEwLwYDVQQD
EygzOGIwZWI4ZjFlNTM3MjBhMzE1MDNhYWZjMTZhZTViYzQwZjYxNWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4CpxAnake/i3luFZZhuZvUQ42or6
se8eJj+StQEQftv1XkqqogHGTB7fky0wnLMDyjNCdKyjl7yyuHI84d7CVE+4Oxgg
1hmtdRpdH+e7DE2ee4h1wAfEKlXUebVZuXBs9mxkole3wQRUuJ24D47OlZUSempY
9Mi/OfYppNF+RcwVxSqDyqaxnivqDj9e/5s9hUgq1qw1YoKG3vQS9zh2fY467rbu
alZnaZgq5P8VIy0nu1bqDALXnn1727cl0YXYdcyb4vS0AqKvR8Bv68ZQxkIpUr+u
d+ToIu5oKVvYGsdRv38Yu6xBHwGq/sYNd0ho91HFYgWdN31UDfMcS6pTwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDiw648eU3IKMVA6r8Fq5bxA9hXiMB8GA1UdIwQY
MBaAFA0IdLMz413xT9lw4YlYHaCTvICTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFFoMHN6UGpYZkZQMlhEaGlWZ2RvSk84Z0pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9iMDM5YmMtMjEzYi00NTdjLTk2YWUt
MzE4MWRiOTExYTEzLzEvRFFoMHN6UGpYZkZQMlhEaGlWZ2RvSk84Z0pNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9iMDM5YmMtMjEzYi00NTdjLTk2YWUtMzE4MWRiOTExYTEz
LzEvRFFoMHN6UGpYZkZQMlhEaGlWZ2RvSk84Z0pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE6kOGjUR
uAD0Htx1p7vG+vb3ZyIh+IHuZtFOl0tEWRFpzlGNryxHoE0RnNAJNEmHLaxjUD0x
k+nhdblB5CRmJihVPMhRTbu8VwtHbh9k7VwuG3/QXHgWXijS/wNjBDkE874gtR8d
EIzu3H8qBFmxDv9f8hJguRAcKKVctuMdc3bSaBC45bhZFbr7KaSDidwEGCc89p9w
uhGunL9jGtA11Td9N2mwKWSi9qEN6f//D2GDjitZYaH8fQ0d8f4WSpx4SYzi3DO4
v8sWGlFi0cDuxykNepa4Nf8oToulMaaoBmWy4LDt7KhAvWgxxLj3Hq7aBrI6lxF/
I9I015JpH16k4A==
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:17:24 2026 by rpki-client