Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/82098b-0c53-4df2-8a32-fbc1e3f7e92b/1/tSU8JVLUQD9DuDwl52IjjfEtroE.mft
File: tSU8JVLUQD9DuDwl52IjjfEtroE.mft (raw, json)
Hash identifier: L1xtuHeQLEHRZhuCjh6N+hN7cPTIDs0Jvknc8OODyXg=
Subject key identifier: 85:06:5D:7A:E6:99:C0:3B:6E:A3:A1:44:92:DA:E8:0D:DC:7A:55:09
Authority key identifier: B5:25:3C:25:52:D4:40:3F:43:B8:3C:25:E7:62:23:8D:F1:2D:AE:81
Certificate issuer: /CN=b5253c2552d4403f43b83c25e762238df12dae81
Certificate serial: 019DA30A47F4736C85F8BCBC71A79E9A7951
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tSU8JVLUQD9DuDwl52IjjfEtroE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/82098b-0c53-4df2-8a32-fbc1e3f7e92b/1/tSU8JVLUQD9DuDwl52IjjfEtroE.mft
Manifest number: 09AA
Signing time: Sun 19 Apr 2026 00:00:53 +0000
Manifest this update: Sun 19 Apr 2026 00:00:53 +0000
Manifest next update: Mon 20 Apr 2026 00:00:53 +0000
Files and hashes: 1: A7blUAR8M2twO1WZriuysPCl_Ns.roa (hash: LBRnuKsEeUakJqD77ZNf+zyWsZ1gWUpfDWeWrVr+1Oc=)
2: tSU8JVLUQD9DuDwl52IjjfEtroE.crl (hash: b62scM6ag5jN0Tb0WMbp3Nq7V/l/ooJYS7bkqFN9nCE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/82098b-0c53-4df2-8a32-fbc1e3f7e92b/1/tSU8JVLUQD9DuDwl52IjjfEtroE.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/82098b-0c53-4df2-8a32-fbc1e3f7e92b/1/tSU8JVLUQD9DuDwl52IjjfEtroE.mft
rsync://rpki.ripe.net/repository/DEFAULT/tSU8JVLUQD9DuDwl52IjjfEtroE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 00:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a3:0a:47:f4:73:6c:85:f8:bc:bc:71:a7:9e:9a:79:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5253c2552d4403f43b83c25e762238df12dae81
Validity
Not Before: Apr 19 00:00:53 2026 GMT
Not After : Apr 20 00:00:53 2026 GMT
Subject: CN=85065d7ae699c03b6ea3a14492dae80ddc7a5509
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:6a:dd:1f:c6:48:ff:d5:6a:b0:6b:9f:ae:f9:
ab:ac:97:55:8b:e7:fd:62:a2:4c:be:bf:c6:86:f4:
8a:3b:88:e4:7e:94:2e:76:f4:bb:6a:7d:81:9b:be:
07:fd:69:09:ef:f0:8b:7e:9b:81:f4:a7:c5:b0:72:
ee:65:6f:09:09:e9:a9:f6:7a:cc:67:8e:88:d7:92:
1b:f9:ed:a9:28:2e:21:0d:fd:24:a0:3a:6c:6e:04:
84:37:b2:ce:50:cd:61:69:12:f7:41:ce:df:40:5f:
08:c2:b8:92:92:46:8c:7c:a3:6b:bc:ba:e5:58:50:
0f:d4:13:ef:3e:06:21:19:58:89:a3:8a:32:d7:07:
24:69:4a:b0:77:93:3c:c7:ae:c9:da:36:6f:a2:32:
67:7e:50:03:5a:7a:e6:9b:6f:e2:d0:b3:8e:60:f6:
30:77:28:26:dc:b8:0a:3e:c0:05:03:36:d0:14:07:
e7:b1:f0:f2:85:a4:19:de:a4:2e:1c:6b:de:45:44:
4f:8b:0c:28:a9:a1:75:37:b3:4d:55:28:8d:36:54:
d1:a5:29:cd:d2:f5:7b:dc:a9:65:8f:06:8d:94:dc:
19:f8:29:b9:11:94:9c:e5:48:59:6c:b4:27:44:7a:
14:ba:03:b3:86:e7:f4:0c:e3:55:ca:06:96:73:5a:
aa:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:06:5D:7A:E6:99:C0:3B:6E:A3:A1:44:92:DA:E8:0D:DC:7A:55:09
X509v3 Authority Key Identifier:
keyid:B5:25:3C:25:52:D4:40:3F:43:B8:3C:25:E7:62:23:8D:F1:2D:AE:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tSU8JVLUQD9DuDwl52IjjfEtroE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/82098b-0c53-4df2-8a32-fbc1e3f7e92b/1/tSU8JVLUQD9DuDwl52IjjfEtroE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/82098b-0c53-4df2-8a32-fbc1e3f7e92b/1/tSU8JVLUQD9DuDwl52IjjfEtroE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
29:b5:cb:8b:a8:60:43:9b:76:9e:02:73:57:cd:ac:1d:72:66:
c9:f4:84:c7:d7:0a:c2:68:f2:38:92:30:6b:03:87:6c:60:53:
d0:2b:6e:a0:24:76:6a:27:7d:f3:a6:95:d0:ea:e4:89:76:72:
e7:d8:8a:95:04:93:f2:e6:ea:1a:99:3d:72:41:17:74:b7:01:
3c:6e:3f:84:ef:bd:9e:7e:58:31:0b:0d:44:e5:cf:de:01:cc:
8a:02:55:01:39:4a:a7:03:19:30:9d:2e:d0:75:95:ae:de:f2:
f9:c4:ae:04:22:6e:6b:df:3b:b5:cd:79:a9:2c:72:a6:f9:67:
0b:2f:fc:f8:84:88:d3:8c:b5:ff:f9:56:e2:99:07:7a:36:6a:
ba:38:ad:ab:19:37:be:0c:bc:29:76:cd:91:f9:89:00:e7:be:
ff:43:b9:75:08:44:ff:3c:85:06:2d:d5:e0:3b:e7:cd:04:56:
47:49:d1:20:d7:e9:4a:c9:8d:a8:54:f7:88:9b:e4:42:02:dd:
37:63:89:9d:04:ed:19:69:ba:18:f0:a1:d9:1f:37:31:9e:b1:
a8:3c:0c:e8:66:31:8c:31:2e:a0:3d:6c:11:fa:bd:84:56:9f:
3e:d9:b3:92:de:73:2f:63:b0:68:ad:ad:b1:71:3f:cd:9b:65:
1d:85:e8:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2jCkf0c2yF+Ly8caeemnlRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MjUzYzI1NTJkNDQwM2Y0M2I4M2MyNWU3NjIyMzhkZjEy
ZGFlODEwHhcNMjYwNDE5MDAwMDUzWhcNMjYwNDIwMDAwMDUzWjAzMTEwLwYDVQQD
Eyg4NTA2NWQ3YWU2OTljMDNiNmVhM2ExNDQ5MmRhZTgwZGRjN2E1NTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmrdH8ZI/9VqsGufrvmrrJdVi+f9
YqJMvr/GhvSKO4jkfpQudvS7an2Bm74H/WkJ7/CLfpuB9KfFsHLuZW8JCemp9nrM
Z46I15Ib+e2pKC4hDf0koDpsbgSEN7LOUM1haRL3Qc7fQF8IwriSkkaMfKNrvLrl
WFAP1BPvPgYhGViJo4oy1wckaUqwd5M8x67J2jZvojJnflADWnrmm2/i0LOOYPYw
dygm3LgKPsAFAzbQFAfnsfDyhaQZ3qQuHGveRURPiwwoqaF1N7NNVSiNNlTRpSnN
0vV73KlljwaNlNwZ+Cm5EZSc5UhZbLQnRHoUugOzhuf0DONVygaWc1qqDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIUGXXrmmcA7bqOhRJLa6A3celUJMB8GA1UdIwQY
MBaAFLUlPCVS1EA/Q7g8JediI43xLa6BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFNVOEpWTFVRRDlEdUR3bDUySWpqZkV0cm9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS84MjA5OGItMGM1My00ZGYyLThhMzIt
ZmJjMWUzZjdlOTJiLzEvdFNVOEpWTFVRRDlEdUR3bDUySWpqZkV0cm9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS84MjA5OGItMGM1My00ZGYyLThhMzItZmJjMWUzZjdlOTJi
LzEvdFNVOEpWTFVRRDlEdUR3bDUySWpqZkV0cm9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKbXLi6hg
Q5t2ngJzV82sHXJmyfSEx9cKwmjyOJIwawOHbGBT0CtuoCR2aid986aV0OrkiXZy
59iKlQST8ubqGpk9ckEXdLcBPG4/hO+9nn5YMQsNROXP3gHMigJVATlKpwMZMJ0u
0HWVrt7y+cSuBCJua987tc15qSxypvlnCy/8+ISI04y1//lW4pkHejZqujitqxk3
vgy8KXbNkfmJAOe+/0O5dQhE/zyFBi3V4DvnzQRWR0nRINfpSsmNqFT3iJvkQgLd
N2OJnQTtGWm6GPCh2R83MZ6xqDwM6GYxjDEuoD1sEfq9hFafPtmzkt5zL2OwaK2t
sXE/zZtlHYXoxA==
-----END CERTIFICATE-----
Generated at Sun Apr 19 08:57:31 2026 by rpki-client