Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft
File: bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft (raw, json)
Hash identifier: uRLs1iWGdQOOYLENQOSEJWfD1X7GDg9uwGC85Db9zts=
Subject key identifier: 23:D5:E7:49:08:2A:93:A6:A9:DC:69:2F:89:7B:87:4A:5B:0C:3D:33
Authority key identifier: 6D:DA:05:6C:3B:54:E5:00:CA:19:C8:F5:C4:77:0A:C3:F4:50:E4:BD
Certificate issuer: /CN=6dda056c3b54e500ca19c8f5c4770ac3f450e4bd
Certificate serial: 019D9962E8B5EDF1308AAFA7E01E9EA0759D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft
Manifest number: 18BD
Signing time: Fri 17 Apr 2026 03:01:29 +0000
Manifest this update: Fri 17 Apr 2026 03:01:29 +0000
Manifest next update: Sat 18 Apr 2026 03:01:29 +0000
Files and hashes: 1: bdoFbDtU5QDKGcj1xHcKw_RQ5L0.crl (hash: SXXx1nSyscUZXBjkxvMQ2ei+4m+HIVXJXwXu2b16w9k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft
rsync://rpki.ripe.net/repository/DEFAULT/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:62:e8:b5:ed:f1:30:8a:af:a7:e0:1e:9e:a0:75:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6dda056c3b54e500ca19c8f5c4770ac3f450e4bd
Validity
Not Before: Apr 17 03:01:29 2026 GMT
Not After : Apr 18 03:01:29 2026 GMT
Subject: CN=23d5e749082a93a6a9dc692f897b874a5b0c3d33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:be:80:ac:33:e4:0a:bf:57:05:14:92:43:75:
4e:dc:de:3e:cb:05:8d:ea:d7:18:1b:d6:ab:5b:c3:
8b:f0:22:97:0f:75:ba:8b:dc:c8:d6:40:ed:d1:60:
9f:80:37:d0:12:ad:8e:2e:39:45:c4:1c:c2:95:5c:
63:c0:ba:00:4a:ff:be:c3:f6:97:90:da:66:ca:c6:
b9:14:ce:62:9b:2e:ad:0f:b3:02:0f:f8:46:66:75:
98:d4:46:e3:34:b6:10:a6:f5:4d:14:6e:bf:93:17:
53:be:46:89:eb:6d:d3:40:5f:57:45:3f:85:e4:bb:
83:10:10:aa:0f:72:00:4e:b1:70:7f:01:72:e7:24:
02:91:f8:8c:22:be:22:13:5a:d3:52:6b:c9:42:67:
54:4d:4a:94:c7:69:88:b3:4b:48:00:3c:ae:91:96:
01:e4:38:17:a7:43:a1:e8:e5:da:28:07:66:bd:57:
44:e3:ce:13:29:0c:39:db:fa:d2:c2:56:2d:b1:aa:
c0:24:6a:78:3c:23:63:bb:1c:72:63:a5:bd:45:f0:
93:0d:67:c8:9f:07:9b:e6:03:7a:f3:e8:5f:c5:d1:
75:b8:54:d1:b3:73:f1:f3:63:f4:8e:b1:b9:3c:20:
b1:a6:d2:c8:ad:7e:72:3f:ff:0a:49:02:90:fa:eb:
d0:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:D5:E7:49:08:2A:93:A6:A9:DC:69:2F:89:7B:87:4A:5B:0C:3D:33
X509v3 Authority Key Identifier:
keyid:6D:DA:05:6C:3B:54:E5:00:CA:19:C8:F5:C4:77:0A:C3:F4:50:E4:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3a:98:25:8b:45:b4:c2:3f:2b:4b:d9:ad:f3:66:97:d5:99:4c:
a5:1f:55:49:c4:4a:3a:a7:bf:69:ef:bb:89:99:c7:89:6c:26:
8a:52:03:f5:8d:2e:f7:c3:2e:13:98:c9:56:2e:11:24:9c:fa:
95:cf:08:7e:29:2d:0b:46:d7:71:cb:12:6f:4f:46:99:29:b4:
06:79:c6:52:8d:02:b9:74:c6:5d:53:f0:b5:51:30:33:44:ed:
bd:3d:c4:cb:6e:40:93:04:4d:94:5c:03:d7:bf:f2:0f:15:9f:
c0:fd:11:c5:e1:bd:3d:44:92:a4:1b:1a:a0:83:d8:4e:38:b5:
98:13:7d:7f:b7:3b:6e:29:4c:6e:99:59:2d:a3:d2:ab:9a:c0:
81:bd:3f:f5:74:6c:ea:6f:82:9c:37:8a:e8:85:29:38:65:48:
bd:d2:bd:35:19:fe:5a:d6:a1:16:e0:db:3b:f1:bf:bc:17:df:
b3:b0:ec:32:eb:d3:33:c9:7b:0a:bb:bc:52:82:63:f2:96:fc:
c0:08:51:a4:ad:e8:a1:71:f5:61:a5:54:51:5f:0f:c9:5d:3e:
b5:eb:29:d4:54:81:3b:d4:35:3a:d6:dd:3f:8a:92:69:bc:1e:
80:3b:35:ca:a7:0a:cd:42:06:c8:2c:0b:08:ec:b5:bb:d9:6e:
b2:9c:6b:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYui17fEwiq+n4B6eoHWdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGEwNTZjM2I1NGU1MDBjYTE5YzhmNWM0NzcwYWMzZjQ1
MGU0YmQwHhcNMjYwNDE3MDMwMTI5WhcNMjYwNDE4MDMwMTI5WjAzMTEwLwYDVQQD
EygyM2Q1ZTc0OTA4MmE5M2E2YTlkYzY5MmY4OTdiODc0YTViMGMzZDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwL6ArDPkCr9XBRSSQ3VO3N4+ywWN
6tcYG9arW8OL8CKXD3W6i9zI1kDt0WCfgDfQEq2OLjlFxBzClVxjwLoASv++w/aX
kNpmysa5FM5imy6tD7MCD/hGZnWY1EbjNLYQpvVNFG6/kxdTvkaJ623TQF9XRT+F
5LuDEBCqD3IATrFwfwFy5yQCkfiMIr4iE1rTUmvJQmdUTUqUx2mIs0tIADyukZYB
5DgXp0Oh6OXaKAdmvVdE484TKQw52/rSwlYtsarAJGp4PCNjuxxyY6W9RfCTDWfI
nweb5gN68+hfxdF1uFTRs3Px82P0jrG5PCCxptLIrX5yP/8KSQKQ+uvQSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCPV50kIKpOmqdxpL4l7h0pbDD0zMB8GA1UdIwQY
MBaAFG3aBWw7VOUAyhnI9cR3CsP0UOS9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRvRmJEdFU1UURLR2NqMXhIY0t3X1JRNUwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9kYjhlZDUtMzdkYi00MTdlLTkxNTct
YTNjM2Y5YWE4NjA4LzEvYmRvRmJEdFU1UURLR2NqMXhIY0t3X1JRNUwwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9kYjhlZDUtMzdkYi00MTdlLTkxNTctYTNjM2Y5YWE4NjA4
LzEvYmRvRmJEdFU1UURLR2NqMXhIY0t3X1JRNUwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOpgli0W0
wj8rS9mt82aX1ZlMpR9VScRKOqe/ae+7iZnHiWwmilID9Y0u98MuE5jJVi4RJJz6
lc8IfiktC0bXccsSb09GmSm0BnnGUo0CuXTGXVPwtVEwM0TtvT3Ey25AkwRNlFwD
17/yDxWfwP0RxeG9PUSSpBsaoIPYTji1mBN9f7c7bilMbplZLaPSq5rAgb0/9XRs
6m+CnDeK6IUpOGVIvdK9NRn+WtahFuDbO/G/vBffs7DsMuvTM8l7Cru8UoJj8pb8
wAhRpK3ooXH1YaVUUV8PyV0+tesp1FSBO9Q1OtbdP4qSabwegDs1yqcKzUIGyCwL
COy1u9luspxrLg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 08:09:13 2026 by rpki-client