Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/0ffNDsTDvFTFlDEwfuw27wOCdzM.mft
File: 0ffNDsTDvFTFlDEwfuw27wOCdzM.mft (raw, json)
Hash identifier: Br5BGBHqyD2kjUkeNFdHTHdyoOr1P2OaXgElbSI0+9k=
Subject key identifier: C2:6A:98:EA:38:47:65:00:95:9F:FF:3D:E7:39:51:72:BA:11:40:2C
Authority key identifier: D1:F7:CD:0E:C4:C3:BC:54:C5:94:31:30:7E:EC:36:EF:03:82:77:33
Certificate issuer: /CN=d1f7cd0ec4c3bc54c59431307eec36ef03827733
Certificate serial: 019D98F4A2CBCBB4AA3898B5A82BB2205FE9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0ffNDsTDvFTFlDEwfuw27wOCdzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/0ffNDsTDvFTFlDEwfuw27wOCdzM.mft
Manifest number: 18C0
Signing time: Fri 17 Apr 2026 01:01:02 +0000
Manifest this update: Fri 17 Apr 2026 01:01:02 +0000
Manifest next update: Sat 18 Apr 2026 01:01:02 +0000
Files and hashes: 1: 0ffNDsTDvFTFlDEwfuw27wOCdzM.crl (hash: a05H0Q69WLwrhVEsWaQIJGPm04MgxT1WDMbnlE7NBlA=)
2: gZRVVjbr0VF9kLZepM4sAakfV64.roa (hash: OS+DVlQyVLtcNxKCYd+cy14Vh3Z+rz6mTy8GBtTKd0Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/0ffNDsTDvFTFlDEwfuw27wOCdzM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/0ffNDsTDvFTFlDEwfuw27wOCdzM.mft
rsync://rpki.ripe.net/repository/DEFAULT/0ffNDsTDvFTFlDEwfuw27wOCdzM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:98:f4:a2:cb:cb:b4:aa:38:98:b5:a8:2b:b2:20:5f:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1f7cd0ec4c3bc54c59431307eec36ef03827733
Validity
Not Before: Apr 17 01:01:02 2026 GMT
Not After : Apr 18 01:01:02 2026 GMT
Subject: CN=c26a98ea38476500959fff3de7395172ba11402c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:11:b8:7f:e6:8d:c6:45:a8:e8:0d:6e:31:9a:
26:d1:7f:20:19:36:06:5a:5b:40:6a:b4:1b:96:a4:
52:b1:fa:57:31:35:98:42:8c:c2:09:7b:52:c2:0e:
52:c0:b9:a5:f5:4a:ee:5d:20:7d:cc:25:88:75:6b:
bc:ae:43:1d:14:ee:70:3f:e9:1b:4d:7d:ad:56:d9:
bc:08:09:70:20:08:6e:c9:da:fa:64:bb:71:a6:fe:
a7:8f:f9:3d:be:5e:d3:9f:ee:10:53:b2:9b:0b:a7:
63:8d:3b:ec:55:ff:fe:1a:e9:53:0d:a4:d2:5f:b9:
aa:31:61:a0:23:45:8e:c6:16:a5:e2:14:a0:b3:8c:
63:5d:d5:ff:88:b7:06:a9:b4:e1:f2:b5:0b:fe:0c:
53:a5:bf:ab:0c:8c:af:f6:68:55:fa:26:36:b7:cb:
3d:6d:f3:5c:aa:77:59:c3:c3:4c:97:66:54:da:99:
66:36:b5:59:a0:84:b5:e8:82:7d:06:a6:54:d6:ae:
62:74:82:bc:d3:09:ed:57:6a:46:17:97:12:92:2c:
c1:87:26:fe:03:ba:82:1f:2e:47:4a:ac:6f:44:e4:
37:bc:7c:f8:f9:e7:b6:eb:94:90:d1:a5:11:e6:ec:
7c:18:e9:7c:8e:41:cf:c2:23:54:c8:04:a4:cf:6c:
ab:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:6A:98:EA:38:47:65:00:95:9F:FF:3D:E7:39:51:72:BA:11:40:2C
X509v3 Authority Key Identifier:
keyid:D1:F7:CD:0E:C4:C3:BC:54:C5:94:31:30:7E:EC:36:EF:03:82:77:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0ffNDsTDvFTFlDEwfuw27wOCdzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/0ffNDsTDvFTFlDEwfuw27wOCdzM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/0ffNDsTDvFTFlDEwfuw27wOCdzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:a5:94:10:af:e0:d8:03:4b:93:fb:1c:65:4b:d7:b8:a5:8b:
95:c1:97:ee:5b:94:8d:b2:4f:ce:84:1e:be:e1:7e:1f:2c:ea:
0a:91:dd:95:e5:ff:aa:b5:de:b8:47:40:23:dd:ab:2b:4e:da:
a7:08:af:62:87:7e:65:c3:30:15:1a:17:9f:90:71:41:ad:ae:
4b:a8:d6:d4:e2:f5:23:9a:89:c3:06:00:81:61:b7:a8:11:87:
08:1c:d0:8e:3e:33:e7:d0:43:e9:10:6e:a8:7d:d3:2e:4d:bc:
75:79:83:8d:06:7e:ba:79:f2:16:c0:45:d4:1b:c1:cd:bc:71:
2d:e3:55:5a:c9:08:2b:68:8e:f9:12:d4:c2:4d:b1:7b:7f:56:
bd:b7:53:07:77:61:75:cd:6c:bf:c2:1b:21:e6:77:95:50:93:
a3:05:c9:98:7d:13:8a:f9:16:19:de:90:57:71:13:1f:c7:73:
55:c3:77:7a:f4:0f:02:cd:6c:6c:a3:05:89:92:a7:6a:06:7d:
69:bb:7b:ee:41:43:cd:b7:c6:43:b0:ea:9b:61:94:9a:6c:40:
81:43:e9:b5:21:4a:55:33:e4:25:dc:4e:93:a6:83:43:49:30:
a3:4a:23:5f:52:ec:7c:f2:18:44:85:94:d5:63:bb:3c:7d:db:
6f:29:5a:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9KLLy7SqOJi1qCuyIF/pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZjdjZDBlYzRjM2JjNTRjNTk0MzEzMDdlZWMzNmVmMDM4
Mjc3MzMwHhcNMjYwNDE3MDEwMTAyWhcNMjYwNDE4MDEwMTAyWjAzMTEwLwYDVQQD
EyhjMjZhOThlYTM4NDc2NTAwOTU5ZmZmM2RlNzM5NTE3MmJhMTE0MDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5BG4f+aNxkWo6A1uMZom0X8gGTYG
WltAarQblqRSsfpXMTWYQozCCXtSwg5SwLml9UruXSB9zCWIdWu8rkMdFO5wP+kb
TX2tVtm8CAlwIAhuydr6ZLtxpv6nj/k9vl7Tn+4QU7KbC6djjTvsVf/+GulTDaTS
X7mqMWGgI0WOxhal4hSgs4xjXdX/iLcGqbTh8rUL/gxTpb+rDIyv9mhV+iY2t8s9
bfNcqndZw8NMl2ZU2plmNrVZoIS16IJ9BqZU1q5idIK80wntV2pGF5cSkizBhyb+
A7qCHy5HSqxvROQ3vHz4+ee265SQ0aUR5ux8GOl8jkHPwiNUyASkz2yrIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMJqmOo4R2UAlZ//Pec5UXK6EUAsMB8GA1UdIwQY
MBaAFNH3zQ7Ew7xUxZQxMH7sNu8DgnczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGZmTkRzVER2RlRGbERFd2Z1dzI3d09DZHpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8wMjRkNDctNDdiMi00MGI1LWEyYjgt
OWNiNWQ4OGZkZDM5LzEvMGZmTkRzVER2RlRGbERFd2Z1dzI3d09DZHpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8wMjRkNDctNDdiMi00MGI1LWEyYjgtOWNiNWQ4OGZkZDM5
LzEvMGZmTkRzVER2RlRGbERFd2Z1dzI3d09DZHpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIaWUEK/g
2ANLk/scZUvXuKWLlcGX7luUjbJPzoQevuF+HyzqCpHdleX/qrXeuEdAI92rK07a
pwivYod+ZcMwFRoXn5BxQa2uS6jW1OL1I5qJwwYAgWG3qBGHCBzQjj4z59BD6RBu
qH3TLk28dXmDjQZ+unnyFsBF1BvBzbxxLeNVWskIK2iO+RLUwk2xe39WvbdTB3dh
dc1sv8IbIeZ3lVCTowXJmH0TivkWGd6QV3ETH8dzVcN3evQPAs1sbKMFiZKnagZ9
abt77kFDzbfGQ7Dqm2GUmmxAgUPptSFKVTPkJdxOk6aDQ0kwo0ojX1LsfPIYRIWU
1WO7PH3bbyla3g==
-----END CERTIFICATE-----
Generated at Fri Apr 17 07:59:01 2026 by rpki-client