Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/544bea-f1ec-4666-81c0-78a4d65693fe/1/D97nlErE2jERKV2B4p3roAwWOpY.mft
File: D97nlErE2jERKV2B4p3roAwWOpY.mft (raw, json)
Hash identifier: 6bgoaajdizcCH3fEec/XbxkD5yNdRWv55gLq7V9THnM=
Subject key identifier: 38:47:BB:A3:87:4B:F1:99:E3:6F:10:BC:D0:04:1A:61:33:F1:52:DC
Authority key identifier: 0F:DE:E7:94:4A:C4:DA:31:11:29:5D:81:E2:9D:EB:A0:0C:16:3A:96
Certificate issuer: /CN=0fdee7944ac4da3111295d81e29deba00c163a96
Certificate serial: 019D9AE38FD4B04F4AD3035C10BADD5A9453
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D97nlErE2jERKV2B4p3roAwWOpY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/544bea-f1ec-4666-81c0-78a4d65693fe/1/D97nlErE2jERKV2B4p3roAwWOpY.mft
Manifest number: 12BD
Signing time: Fri 17 Apr 2026 10:01:37 +0000
Manifest this update: Fri 17 Apr 2026 10:01:37 +0000
Manifest next update: Sat 18 Apr 2026 10:01:37 +0000
Files and hashes: 1: D97nlErE2jERKV2B4p3roAwWOpY.crl (hash: 4C5tN6jxu6MgnttjJO3c2T2y/ALuYxP/IwvNq4UtI2A=)
2: WgNv7-eEqKwSW95Nva_O1MQX1iY.roa (hash: 9ipqetu8ePvj0pp7eCO9cwEQqK0gXGR/o2mUfaHu77U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/544bea-f1ec-4666-81c0-78a4d65693fe/1/D97nlErE2jERKV2B4p3roAwWOpY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/544bea-f1ec-4666-81c0-78a4d65693fe/1/D97nlErE2jERKV2B4p3roAwWOpY.mft
rsync://rpki.ripe.net/repository/DEFAULT/D97nlErE2jERKV2B4p3roAwWOpY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:e3:8f:d4:b0:4f:4a:d3:03:5c:10:ba:dd:5a:94:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0fdee7944ac4da3111295d81e29deba00c163a96
Validity
Not Before: Apr 17 10:01:37 2026 GMT
Not After : Apr 18 10:01:37 2026 GMT
Subject: CN=3847bba3874bf199e36f10bcd0041a6133f152dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:18:18:4e:54:1d:ac:c0:86:f9:8c:90:20:e4:
01:ee:ce:2d:77:da:56:82:ad:69:54:fc:68:b7:a5:
d2:63:fb:52:c6:ff:d2:24:aa:53:1f:7e:73:2c:f5:
10:2f:11:99:23:35:ae:ac:97:f2:55:88:cf:74:b6:
b4:fd:11:07:54:52:f1:e8:3e:ae:49:76:7f:d2:b2:
51:ba:b0:2c:95:18:70:f7:63:59:72:f2:29:b4:63:
38:bf:1e:f5:96:41:f5:88:34:23:60:aa:0e:17:b7:
f3:96:e4:0b:0a:2d:6f:92:47:3f:98:33:c9:56:bb:
ee:e9:4d:1e:11:64:b2:a2:f0:5e:c4:4b:28:d0:31:
b4:1c:f1:83:66:c5:7e:b7:a0:70:52:aa:09:bf:3c:
70:ee:dc:41:f7:fa:6b:cf:45:d3:5b:bc:55:ff:7e:
67:51:96:ce:a8:4a:d5:b1:6d:89:24:c6:81:1e:01:
54:25:c6:82:fc:0d:29:b5:1c:a1:b4:51:7b:e3:0c:
49:eb:02:a3:b8:98:c3:ce:61:fd:d7:ec:11:30:af:
1b:fe:1e:28:ed:1c:3d:b2:3b:80:d6:dd:8e:7b:34:
43:6c:fe:fd:7c:da:a6:79:d0:d2:1e:60:82:91:fa:
6e:81:b3:e7:6b:27:2a:5e:d6:d7:8e:53:ce:b7:b3:
30:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:47:BB:A3:87:4B:F1:99:E3:6F:10:BC:D0:04:1A:61:33:F1:52:DC
X509v3 Authority Key Identifier:
keyid:0F:DE:E7:94:4A:C4:DA:31:11:29:5D:81:E2:9D:EB:A0:0C:16:3A:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D97nlErE2jERKV2B4p3roAwWOpY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/544bea-f1ec-4666-81c0-78a4d65693fe/1/D97nlErE2jERKV2B4p3roAwWOpY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/544bea-f1ec-4666-81c0-78a4d65693fe/1/D97nlErE2jERKV2B4p3roAwWOpY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:0f:ba:b1:1c:79:fa:0d:59:33:fb:ee:5b:49:bc:f7:37:3c:
c8:88:17:8e:15:0c:b2:f2:1a:5f:9a:81:42:3b:cf:02:df:f9:
ab:64:44:0f:7f:66:03:4f:b3:2b:f2:5c:27:ff:03:24:ba:f8:
67:bd:fa:e7:06:cf:63:b6:44:45:77:56:2b:a4:48:a9:f0:63:
2a:15:20:9a:4c:56:4c:79:5b:09:b8:4a:68:e5:f8:1c:a9:d1:
e6:f8:e8:47:4a:12:92:bd:4f:2b:bc:99:7b:1f:a3:61:82:86:
69:1e:e0:8b:35:50:89:43:22:2b:a2:50:bb:87:f0:af:79:b7:
d6:0d:64:5b:22:78:d4:e6:e4:bf:a0:69:4b:1d:94:da:9d:84:
76:e8:e6:81:e4:2d:3e:4b:6d:85:b8:65:c4:8a:cd:eb:70:60:
9f:63:4f:f1:03:c3:8a:01:d8:ee:53:23:48:62:a2:95:d6:56:
5e:e9:23:bd:c7:5d:8c:0a:1e:ea:c3:6d:3b:36:25:d0:5a:a8:
46:a1:d4:ee:4a:04:21:1c:c9:c9:24:b5:fb:28:85:3a:80:1b:
22:be:71:ea:b0:9d:d1:f7:96:cd:52:bd:da:e6:d8:1a:16:4c:
8a:b9:87:b1:de:22:2a:15:7c:79:bd:d5:76:1b:01:34:5c:92:
71:f4:f1:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a44/UsE9K0wNcELrdWpRTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZGVlNzk0NGFjNGRhMzExMTI5NWQ4MWUyOWRlYmEwMGMx
NjNhOTYwHhcNMjYwNDE3MTAwMTM3WhcNMjYwNDE4MTAwMTM3WjAzMTEwLwYDVQQD
EygzODQ3YmJhMzg3NGJmMTk5ZTM2ZjEwYmNkMDA0MWE2MTMzZjE1MmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+BgYTlQdrMCG+YyQIOQB7s4td9pW
gq1pVPxot6XSY/tSxv/SJKpTH35zLPUQLxGZIzWurJfyVYjPdLa0/REHVFLx6D6u
SXZ/0rJRurAslRhw92NZcvIptGM4vx71lkH1iDQjYKoOF7fzluQLCi1vkkc/mDPJ
Vrvu6U0eEWSyovBexEso0DG0HPGDZsV+t6BwUqoJvzxw7txB9/prz0XTW7xV/35n
UZbOqErVsW2JJMaBHgFUJcaC/A0ptRyhtFF74wxJ6wKjuJjDzmH91+wRMK8b/h4o
7Rw9sjuA1t2OezRDbP79fNqmedDSHmCCkfpugbPnaycqXtbXjlPOt7Mw9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDhHu6OHS/GZ428QvNAEGmEz8VLcMB8GA1UdIwQY
MBaAFA/e55RKxNoxESldgeKd66AMFjqWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDk3bmxFckUyakVSS1YyQjRwM3JvQXdXT3BZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS81NDRiZWEtZjFlYy00NjY2LTgxYzAt
NzhhNGQ2NTY5M2ZlLzEvRDk3bmxFckUyakVSS1YyQjRwM3JvQXdXT3BZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS81NDRiZWEtZjFlYy00NjY2LTgxYzAtNzhhNGQ2NTY5M2Zl
LzEvRDk3bmxFckUyakVSS1YyQjRwM3JvQXdXT3BZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYA+6sRx5
+g1ZM/vuW0m89zc8yIgXjhUMsvIaX5qBQjvPAt/5q2RED39mA0+zK/JcJ/8DJLr4
Z7365wbPY7ZERXdWK6RIqfBjKhUgmkxWTHlbCbhKaOX4HKnR5vjoR0oSkr1PK7yZ
ex+jYYKGaR7gizVQiUMiK6JQu4fwr3m31g1kWyJ41Obkv6BpSx2U2p2EdujmgeQt
PktthbhlxIrN63Bgn2NP8QPDigHY7lMjSGKildZWXukjvcddjAoe6sNtOzYl0Fqo
RqHU7koEIRzJySS1+yiFOoAbIr5x6rCd0feWzVK92ubYGhZMirmHsd4iKhV8eb3V
dhsBNFyScfTx8g==
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:12:48 2026 by rpki-client