Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.mft
File: otP5vJZWutwm594auw-nLD1yjdg.mft (raw, json)
Hash identifier: PBr7th57Hn/uNWKVmgP+8VwpVBEed6HYqHPOFGWOEnE=
Subject key identifier: F5:BD:F0:AB:31:48:DB:53:2D:90:44:A3:87:8E:BD:A1:61:E2:58:02
Authority key identifier: A2:D3:F9:BC:96:56:BA:DC:26:E7:DE:1A:BB:0F:A7:2C:3D:72:8D:D8
Certificate issuer: /CN=a2d3f9bc9656badc26e7de1abb0fa72c3d728dd8
Certificate serial: 019D9B515DC19DC35C872FE5C44890D22E42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/otP5vJZWutwm594auw-nLD1yjdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.mft
Manifest number: 0528
Signing time: Fri 17 Apr 2026 12:01:34 +0000
Manifest this update: Fri 17 Apr 2026 12:01:34 +0000
Manifest next update: Sat 18 Apr 2026 12:01:34 +0000
Files and hashes: 1: otP5vJZWutwm594auw-nLD1yjdg.crl (hash: 1sEH1h6e8SlcSs0bkQYfM5JKM1Mfu8ngF3n0GypvzSs=)
2: wq9tYLfVQC77CHQnEGOwVihriSc.roa (hash: tQsNymN61pdlaZw2p685YQ4hLAz1lZz1V7NLew6Ch8g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.mft
rsync://rpki.ripe.net/repository/DEFAULT/otP5vJZWutwm594auw-nLD1yjdg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:51:5d:c1:9d:c3:5c:87:2f:e5:c4:48:90:d2:2e:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2d3f9bc9656badc26e7de1abb0fa72c3d728dd8
Validity
Not Before: Apr 17 12:01:34 2026 GMT
Not After : Apr 18 12:01:34 2026 GMT
Subject: CN=f5bdf0ab3148db532d9044a3878ebda161e25802
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:64:3b:c6:d7:93:47:52:56:6e:b7:d0:96:a2:
f5:cb:f2:12:91:e7:2d:bf:41:e3:57:5f:22:11:a6:
28:92:61:bf:c7:13:c4:d8:b3:2b:fb:03:04:43:15:
9c:b4:0f:37:81:1b:e8:8d:b7:f3:2f:bf:57:4d:70:
1a:3a:24:2f:f2:15:0e:05:9a:b4:4e:50:d8:81:46:
95:93:8e:bf:08:ef:40:d0:c3:14:ba:2d:72:ca:f7:
5b:2f:7e:89:6e:bc:0b:2a:8a:07:1a:b2:38:9d:1b:
31:e2:cf:23:87:d1:cb:a5:b8:0d:f3:61:72:54:31:
34:11:cd:25:92:b9:14:33:a4:24:fc:4c:36:fe:70:
e3:eb:49:9d:46:97:6e:31:21:e8:3c:d0:ab:58:d9:
6e:5b:08:dc:b6:2f:2f:42:d1:0d:9a:0b:53:43:1b:
73:96:c7:33:8f:87:1a:bb:31:d9:f3:73:10:e0:dc:
d7:af:54:87:ee:2d:77:fc:3a:ea:1c:42:80:61:65:
65:e9:1c:e2:ab:c4:e7:d8:60:96:1f:ae:e0:56:eb:
79:1d:15:44:cb:76:2d:88:e4:7f:d2:00:5d:2d:11:
1b:83:a6:1b:95:48:75:02:a1:c3:99:94:49:d9:a9:
1b:f2:02:0b:18:06:e7:dd:f3:ea:52:dd:c2:1f:41:
7d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:BD:F0:AB:31:48:DB:53:2D:90:44:A3:87:8E:BD:A1:61:E2:58:02
X509v3 Authority Key Identifier:
keyid:A2:D3:F9:BC:96:56:BA:DC:26:E7:DE:1A:BB:0F:A7:2C:3D:72:8D:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/otP5vJZWutwm594auw-nLD1yjdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
45:61:04:e1:4d:6f:ef:b9:9d:a6:69:be:91:14:35:72:b1:e2:
e6:03:33:f0:c3:97:17:f4:0e:8e:46:90:6b:96:23:d2:e5:51:
a3:c5:6f:7c:51:1b:b7:5e:da:1d:74:bd:97:41:d5:64:44:db:
42:10:3b:63:f5:5f:b6:2c:54:c2:7c:b7:1c:62:59:95:4d:da:
eb:69:d6:0e:8a:19:d7:f3:0c:e8:8f:21:53:4c:05:ee:65:b2:
f3:6f:b8:01:65:73:05:73:70:12:3e:e6:06:9c:b8:c5:15:c4:
05:a9:8a:3e:8c:21:ab:2d:ef:1e:09:bb:73:76:b8:9e:60:7a:
4e:bd:65:77:43:9e:f1:98:1b:51:ce:1a:2c:15:d7:dd:f5:70:
ec:15:83:ed:9d:19:ce:7a:03:7d:85:92:e9:7c:ec:73:ef:d9:
b8:73:28:0e:06:c2:57:fd:77:a3:12:ac:b2:22:af:71:e0:e9:
82:10:73:7c:6e:9b:47:c3:df:bb:16:ff:35:52:c5:f6:7b:2c:
03:4c:27:83:83:36:d2:2d:66:b0:60:a2:35:0b:3b:1f:44:b7:
e3:1a:96:71:31:c4:b5:61:99:b0:03:2b:07:e3:bb:35:07:96:
38:92:19:d6:89:95:4c:ec:be:c0:fb:5b:00:d1:81:48:84:8b:
ab:3a:b7:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bUV3BncNchy/lxEiQ0i5CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZDNmOWJjOTY1NmJhZGMyNmU3ZGUxYWJiMGZhNzJjM2Q3
MjhkZDgwHhcNMjYwNDE3MTIwMTM0WhcNMjYwNDE4MTIwMTM0WjAzMTEwLwYDVQQD
EyhmNWJkZjBhYjMxNDhkYjUzMmQ5MDQ0YTM4NzhlYmRhMTYxZTI1ODAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmQ7xteTR1JWbrfQlqL1y/ISkect
v0HjV18iEaYokmG/xxPE2LMr+wMEQxWctA83gRvojbfzL79XTXAaOiQv8hUOBZq0
TlDYgUaVk46/CO9A0MMUui1yyvdbL36JbrwLKooHGrI4nRsx4s8jh9HLpbgN82Fy
VDE0Ec0lkrkUM6Qk/Ew2/nDj60mdRpduMSHoPNCrWNluWwjcti8vQtENmgtTQxtz
lsczj4cauzHZ83MQ4NzXr1SH7i13/DrqHEKAYWVl6Rziq8Tn2GCWH67gVut5HRVE
y3YtiOR/0gBdLREbg6YblUh1AqHDmZRJ2akb8gILGAbn3fPqUt3CH0F9fwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPW98KsxSNtTLZBEo4eOvaFh4lgCMB8GA1UdIwQY
MBaAFKLT+byWVrrcJufeGrsPpyw9co3YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3RQNXZKWld1dHdtNTk0YXV3LW5MRDF5amRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82OGZkMGYtMmI4Ny00NzA0LWEzMmYt
ZDcxMWU4NGMyOWExLzEvb3RQNXZKWld1dHdtNTk0YXV3LW5MRDF5amRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82OGZkMGYtMmI4Ny00NzA0LWEzMmYtZDcxMWU4NGMyOWEx
LzEvb3RQNXZKWld1dHdtNTk0YXV3LW5MRDF5amRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARWEE4U1v
77mdpmm+kRQ1crHi5gMz8MOXF/QOjkaQa5Yj0uVRo8VvfFEbt17aHXS9l0HVZETb
QhA7Y/VftixUwny3HGJZlU3a62nWDooZ1/MM6I8hU0wF7mWy82+4AWVzBXNwEj7m
Bpy4xRXEBamKPowhqy3vHgm7c3a4nmB6Tr1ld0Oe8ZgbUc4aLBXX3fVw7BWD7Z0Z
znoDfYWS6Xzsc+/ZuHMoDgbCV/13oxKssiKvceDpghBzfG6bR8Pfuxb/NVLF9nss
A0wng4M20i1msGCiNQs7H0S34xqWcTHEtWGZsAMrB+O7NQeWOJIZ1omVTOy+wPtb
ANGBSISLqzq35A==
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:31:09 2026 by rpki-client