Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
File: a3tNxJzDUDQveq4ssyBbn3dfZh0.mft (raw, json)
Hash identifier: Bhf5k7acTL/aUt53hObDFh5pmO/hiS2qcjufi5ubgfM=
Subject key identifier: 0F:17:00:1E:58:E5:87:BE:D0:A6:1C:2F:99:03:91:F8:5C:69:6F:C6
Authority key identifier: 6B:7B:4D:C4:9C:C3:50:34:2F:7A:AE:2C:B3:20:5B:9F:77:5F:66:1D
Certificate issuer: /CN=6b7b4dc49cc350342f7aae2cb3205b9f775f661d
Certificate serial: 019D98F5370CE750D94793CB3DE411DE3D75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
Manifest number: 18BC
Signing time: Fri 17 Apr 2026 01:01:40 +0000
Manifest this update: Fri 17 Apr 2026 01:01:40 +0000
Manifest next update: Sat 18 Apr 2026 01:01:40 +0000
Files and hashes: 1: a3tNxJzDUDQveq4ssyBbn3dfZh0.crl (hash: kepAxCgqXpytRn568EkySKGWDlQoodjmAudCfQuvMiM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 01:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:98:f5:37:0c:e7:50:d9:47:93:cb:3d:e4:11:de:3d:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b7b4dc49cc350342f7aae2cb3205b9f775f661d
Validity
Not Before: Apr 17 01:01:40 2026 GMT
Not After : Apr 18 01:01:40 2026 GMT
Subject: CN=0f17001e58e587bed0a61c2f990391f85c696fc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:10:ff:41:cc:bc:7f:9a:98:85:7f:ed:5f:16:
93:22:4f:1a:48:2c:ed:4e:01:fe:e1:e2:79:0f:b2:
d6:f9:0b:67:27:30:cf:5f:61:4c:23:56:9c:c8:df:
4f:e5:eb:31:73:6c:e8:34:4b:c0:a4:63:a6:f1:bd:
45:b3:b7:3f:3b:6a:f8:e9:4c:4a:60:cc:76:af:f2:
ca:70:cb:b7:0c:c6:44:cd:6e:85:0e:46:23:13:be:
6a:04:88:b6:ae:c0:d0:18:56:0d:82:16:10:08:d4:
e1:b8:09:1f:48:6f:13:a0:e1:73:de:31:43:53:ce:
45:af:6c:61:9b:a8:cc:e1:cf:46:6b:42:0d:00:7e:
4b:1f:14:72:eb:68:e4:5b:44:b8:0e:3f:b7:26:1b:
5e:4f:0b:75:e7:ea:2f:a0:f0:ed:71:bd:3d:76:cf:
9f:8a:8e:91:03:a1:bf:de:2b:4a:9d:22:3d:21:f9:
ba:10:ec:36:83:d3:bf:b8:46:ae:86:78:d2:e9:e2:
d1:e5:7b:b8:4e:a0:71:70:3d:8d:67:50:2f:7d:bd:
87:8c:16:f0:65:82:9e:c3:62:b1:32:fb:fb:7b:ac:
21:1c:dc:0a:72:fb:8b:a5:f9:89:c2:1a:d3:54:89:
76:4a:c5:c6:a7:db:e2:9e:16:51:e9:32:de:f3:e3:
17:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:17:00:1E:58:E5:87:BE:D0:A6:1C:2F:99:03:91:F8:5C:69:6F:C6
X509v3 Authority Key Identifier:
keyid:6B:7B:4D:C4:9C:C3:50:34:2F:7A:AE:2C:B3:20:5B:9F:77:5F:66:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
98:66:cb:7f:82:4e:87:ba:92:b7:1d:e7:8d:3a:6b:95:a8:f0:
36:ec:e9:43:7b:61:89:23:f8:cb:f6:6f:34:91:2b:22:ad:bb:
0b:0a:b4:22:7c:d4:3a:76:ce:21:0f:58:c6:83:06:28:d5:22:
4e:37:56:50:32:af:25:a1:3c:c4:ba:04:56:4d:69:42:c6:06:
08:ba:71:af:ab:f7:25:44:67:8f:ec:af:61:27:f9:33:ab:a4:
ae:31:df:b7:84:62:a2:5d:56:1f:4e:a1:e9:2b:a7:b6:1d:ff:
a6:ae:3c:78:e1:4f:ee:e7:ee:cc:52:4c:6b:39:70:0d:51:b6:
08:8f:92:cc:35:c1:08:6f:2e:2b:21:7c:1a:c9:b0:d1:be:4d:
df:28:a3:46:48:87:b2:3e:c9:c6:21:95:72:65:cf:b5:d7:ed:
3e:85:e1:f9:ef:2f:dd:a6:ee:e2:e5:f9:d1:d2:16:22:03:18:
19:62:a2:07:82:61:1b:a5:07:a3:08:18:7a:d6:d2:6a:45:3c:
14:57:e1:17:aa:46:90:29:96:e6:b2:0f:31:cc:ee:99:34:16:
4f:3e:49:ae:98:04:1c:d8:8c:ba:02:aa:ed:79:33:f2:f5:72:
f1:d9:35:33:db:86:eb:67:c5:17:82:35:db:cf:0a:dc:c4:32:
3c:d0:be:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9TcM51DZR5PLPeQR3j11MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiN2I0ZGM0OWNjMzUwMzQyZjdhYWUyY2IzMjA1YjlmNzc1
ZjY2MWQwHhcNMjYwNDE3MDEwMTQwWhcNMjYwNDE4MDEwMTQwWjAzMTEwLwYDVQQD
EygwZjE3MDAxZTU4ZTU4N2JlZDBhNjFjMmY5OTAzOTFmODVjNjk2ZmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1BD/Qcy8f5qYhX/tXxaTIk8aSCzt
TgH+4eJ5D7LW+QtnJzDPX2FMI1acyN9P5esxc2zoNEvApGOm8b1Fs7c/O2r46UxK
YMx2r/LKcMu3DMZEzW6FDkYjE75qBIi2rsDQGFYNghYQCNThuAkfSG8ToOFz3jFD
U85Fr2xhm6jM4c9Ga0INAH5LHxRy62jkW0S4Dj+3JhteTwt15+ovoPDtcb09ds+f
io6RA6G/3itKnSI9Ifm6EOw2g9O/uEauhnjS6eLR5Xu4TqBxcD2NZ1Avfb2HjBbw
ZYKew2KxMvv7e6whHNwKcvuLpfmJwhrTVIl2SsXGp9vinhZR6TLe8+MXMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA8XAB5Y5Ye+0KYcL5kDkfhcaW/GMB8GA1UdIwQY
MBaAFGt7TcScw1A0L3quLLMgW593X2YdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNTI3MDktMzhhZi00NTQ1LWE4ZGIt
YzZkNGMxYTU0YTRiLzEvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iNTI3MDktMzhhZi00NTQ1LWE4ZGItYzZkNGMxYTU0YTRi
LzEvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmGbLf4JO
h7qStx3njTprlajwNuzpQ3thiSP4y/ZvNJErIq27Cwq0InzUOnbOIQ9YxoMGKNUi
TjdWUDKvJaE8xLoEVk1pQsYGCLpxr6v3JURnj+yvYSf5M6ukrjHft4Riol1WH06h
6Sunth3/pq48eOFP7ufuzFJMazlwDVG2CI+SzDXBCG8uKyF8Gsmw0b5N3yijRkiH
sj7JxiGVcmXPtdftPoXh+e8v3abu4uX50dIWIgMYGWKiB4JhG6UHowgYetbSakU8
FFfhF6pGkCmW5rIPMczumTQWTz5JrpgEHNiMugKq7Xkz8vVy8dk1M9uG62fFF4I1
288K3MQyPNC+Tg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 12:03:59 2026 by rpki-client