Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.mft
File: PYpVPgXwMZv0UvogbBTM2ocwRlQ.mft (raw, json)
Hash identifier: zhVL+8LS1h4B4IEKFd7v1hYEKMGuV5MxiIyqOkP7peQ=
Subject key identifier: 7C:18:08:03:F3:E5:29:FD:64:2C:DD:04:67:D8:20:98:1E:48:ED:CA
Authority key identifier: 3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54
Certificate issuer: /CN=3d8a553e05f0319bf452fa206c14ccda87304654
Certificate serial: 019DA3E64198E609A9813F19260A72DB157C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.mft
Manifest number: 12D4
Signing time: Sun 19 Apr 2026 04:01:09 +0000
Manifest this update: Sun 19 Apr 2026 04:01:09 +0000
Manifest next update: Mon 20 Apr 2026 04:01:09 +0000
Files and hashes: 1: 7XPR057HTONIllGtY9NijiuY-tk.roa (hash: rKfjiDRkcr3HFT8PmmA3P0sCBQ3drFmQ5QDnLKCb/BE=)
2: PYpVPgXwMZv0UvogbBTM2ocwRlQ.crl (hash: TKn2SqZzJOf/JaneY/2Uir+MFZ/BWZgi4N39iyMPE48=)
3: T4FApCxhFe83q9A7YZlC1nZYzIE.roa (hash: LjUt5usAgPWHNriSJWMg7OS8Oagi6w46/dUqLi/UEzA=)
4: Wn-ZLE8xGx2iUZq_8EgFIe3BY1M.roa (hash: SwGxPAdfidv7O5nNS+nKj4I72Qs5sJPeTh9qbwfsZWo=)
5: YuGYvjrFzLezHsgzIUZ0asWCqVk.roa (hash: aZLneGXD5YvsOe9tvMiGcrBxDYxxGmpY4vDCZwd72Z8=)
6: fLae4aR9HsO6ApeohQnbJHEsvgg.roa (hash: /b3Xi59hV2RbWadggK4I0wXvCWO8lTHkzV3V9hJ6K0Y=)
7: jccKxXf-KlBy0OODUdeGAP1Pln4.roa (hash: kXcgJH+D8EkeDblDPw+VtydCo7evj5I/OxvPnwmyUe8=)
8: r2cUyHBMaewNpNV3po9MOZwNcyU.roa (hash: SVkhtUySEPUVdVwXoSgDIclbqsQ0muf2pONZTDoO/YE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a3:e6:41:98:e6:09:a9:81:3f:19:26:0a:72:db:15:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8a553e05f0319bf452fa206c14ccda87304654
Validity
Not Before: Apr 19 04:01:09 2026 GMT
Not After : Apr 20 04:01:09 2026 GMT
Subject: CN=7c180803f3e529fd642cdd0467d820981e48edca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ba:1b:f4:8a:55:32:45:dd:79:f0:6b:33:e3:
5b:3c:ca:06:f8:6e:b2:61:a5:38:c0:0d:85:e0:ea:
6a:56:42:28:95:43:be:a2:87:af:b5:6b:ec:01:82:
e5:ea:27:68:1b:69:b5:71:a2:b8:5f:f0:90:ff:c3:
ac:57:18:40:82:4b:96:b4:d3:0a:30:8c:a6:c4:af:
7c:00:83:0a:e1:42:d3:ed:3c:14:37:89:68:43:5d:
56:2a:6a:72:f7:68:ea:b1:ce:c9:49:5a:ec:90:0b:
dc:6b:e5:4e:6a:e4:e5:c6:25:69:8f:9d:c1:ed:83:
90:b3:05:1b:19:be:ab:d4:3b:30:42:57:2f:72:3f:
0d:a3:dd:11:f7:92:1f:b1:cd:65:f6:8c:66:fd:08:
f7:c7:71:59:4c:af:9c:10:b7:b2:70:2a:ce:91:be:
74:79:4c:6f:11:77:27:27:84:31:9e:67:6c:67:8a:
84:3a:f1:5a:dc:ad:97:43:d1:07:5d:dd:a6:90:b2:
78:d7:3a:9c:9e:24:52:e4:71:04:87:b6:17:fa:4a:
d3:de:5a:42:16:c7:65:f7:e6:e1:0c:ac:30:eb:1f:
fd:d2:8f:20:60:56:95:f4:40:b8:da:67:16:70:40:
5b:e7:19:b3:14:28:9f:8a:27:d0:3e:d5:41:de:41:
09:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:18:08:03:F3:E5:29:FD:64:2C:DD:04:67:D8:20:98:1E:48:ED:CA
X509v3 Authority Key Identifier:
keyid:3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8c:b7:85:e7:11:01:00:6e:93:d2:76:0e:ae:e1:cb:b3:f9:17:
63:ca:eb:b7:1a:1c:70:98:3b:33:dd:50:35:0d:48:5f:70:1c:
a9:26:e6:86:91:9e:5a:5b:3c:99:99:b7:9e:de:25:b4:04:26:
78:9e:e2:d4:44:55:42:35:a1:a5:b4:39:96:a4:2e:4f:e3:5c:
87:a3:b3:25:47:e4:18:78:4e:91:74:a8:94:81:c7:08:53:e7:
56:ef:8a:37:67:30:36:0c:76:ce:bb:67:d9:29:e9:a8:a5:3d:
20:af:2e:fb:e8:73:82:ac:94:d7:33:da:d8:b6:62:06:b3:fa:
e9:c1:67:2d:a8:7d:b9:c7:0b:55:28:63:38:21:e4:21:2e:63:
ab:99:2a:6f:ef:56:8c:c4:0a:ec:5b:03:4c:65:fa:4c:9a:80:
7f:a9:50:19:0e:f5:53:d5:40:01:96:e0:41:09:25:9c:73:1e:
80:b6:e4:bb:21:81:ad:70:4f:37:53:7e:de:7d:3d:6a:d7:1b:
00:8d:27:c1:b1:77:da:b0:f1:3a:a0:02:7d:65:19:58:8e:28:
60:46:37:42:70:0f:5a:97:23:7c:eb:72:74:3a:4c:62:e9:b4:
16:37:79:80:6f:cb:30:4c:e6:e9:0e:80:8c:66:ae:31:5c:f2:
07:0f:ed:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2j5kGY5gmpgT8ZJgpy2xV8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGE1NTNlMDVmMDMxOWJmNDUyZmEyMDZjMTRjY2RhODcz
MDQ2NTQwHhcNMjYwNDE5MDQwMTA5WhcNMjYwNDIwMDQwMTA5WjAzMTEwLwYDVQQD
Eyg3YzE4MDgwM2YzZTUyOWZkNjQyY2RkMDQ2N2Q4MjA5ODFlNDhlZGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbob9IpVMkXdefBrM+NbPMoG+G6y
YaU4wA2F4OpqVkIolUO+ooevtWvsAYLl6idoG2m1caK4X/CQ/8OsVxhAgkuWtNMK
MIymxK98AIMK4ULT7TwUN4loQ11WKmpy92jqsc7JSVrskAvca+VOauTlxiVpj53B
7YOQswUbGb6r1DswQlcvcj8No90R95Ifsc1l9oxm/Qj3x3FZTK+cELeycCrOkb50
eUxvEXcnJ4QxnmdsZ4qEOvFa3K2XQ9EHXd2mkLJ41zqcniRS5HEEh7YX+krT3lpC
Fsdl9+bhDKww6x/90o8gYFaV9EC42mcWcEBb5xmzFCifiifQPtVB3kEJjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHwYCAPz5Sn9ZCzdBGfYIJgeSO3KMB8GA1UdIwQY
MBaAFD2KVT4F8DGb9FL6IGwUzNqHMEZUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81MmNlNTQtZTQ5Yy00MTFjLTg1Mjct
MGZiNDgyM2Y1Yjg3LzEvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81MmNlNTQtZTQ5Yy00MTFjLTg1MjctMGZiNDgyM2Y1Yjg3
LzEvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjLeF5xEB
AG6T0nYOruHLs/kXY8rrtxoccJg7M91QNQ1IX3AcqSbmhpGeWls8mZm3nt4ltAQm
eJ7i1ERVQjWhpbQ5lqQuT+Nch6OzJUfkGHhOkXSolIHHCFPnVu+KN2cwNgx2zrtn
2SnpqKU9IK8u++hzgqyU1zPa2LZiBrP66cFnLah9uccLVShjOCHkIS5jq5kqb+9W
jMQK7FsDTGX6TJqAf6lQGQ71U9VAAZbgQQklnHMegLbkuyGBrXBPN1N+3n09atcb
AI0nwbF32rDxOqACfWUZWI4oYEY3QnAPWpcjfOtydDpMYum0Fjd5gG/LMEzm6Q6A
jGauMVzyBw/tAQ==
-----END CERTIFICATE-----
Generated at Sun Apr 19 08:16:07 2026 by rpki-client