Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft
File: ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft (raw, json)
Hash identifier: JdXsoqLuEvXDX531731EcY9dgdfvk1Ob+4fhDuesZsQ=
Subject key identifier: 23:EA:2F:9C:67:96:0F:60:D6:49:FF:B7:C7:0A:58:BC:84:31:C5:29
Authority key identifier: B9:F1:D5:B0:6F:57:01:55:5F:F5:88:81:54:DD:14:1B:48:89:61:17
Certificate issuer: /CN=b9f1d5b06f5701555ff5888154dd141b48896117
Certificate serial: 019D98F46E7A880AECC5A2FF6A3A444831B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft
Manifest number: 18D8
Signing time: Fri 17 Apr 2026 01:00:48 +0000
Manifest this update: Fri 17 Apr 2026 01:00:48 +0000
Manifest next update: Sat 18 Apr 2026 01:00:48 +0000
Files and hashes: 1: ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl (hash: z9jA0v6oVFpsyVgn6e2piWY2YKokE2rKWI1OxWzx5Q8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 01:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:98:f4:6e:7a:88:0a:ec:c5:a2:ff:6a:3a:44:48:31:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9f1d5b06f5701555ff5888154dd141b48896117
Validity
Not Before: Apr 17 01:00:48 2026 GMT
Not After : Apr 18 01:00:48 2026 GMT
Subject: CN=23ea2f9c67960f60d649ffb7c70a58bc8431c529
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:5f:34:65:70:34:a1:48:e5:c9:48:cf:f9:81:
1b:87:e0:68:a1:38:3d:e1:5e:c1:0f:fe:f8:ac:03:
7d:23:7c:7d:f7:1e:df:89:4d:14:6c:18:93:45:36:
f6:41:d3:aa:c9:5e:b5:27:e5:27:1b:11:bc:e2:11:
58:79:ea:28:9d:5c:87:c7:be:31:91:07:11:4b:f6:
f1:c8:c4:07:5c:14:03:90:11:e0:7e:84:e0:0e:a0:
60:84:06:9d:59:cb:85:66:0f:1f:76:71:7e:19:82:
9d:d3:c0:a2:4c:eb:9f:69:ea:c2:f7:ef:78:aa:4a:
97:a4:72:8c:7d:4c:99:4a:d8:6a:b9:1f:75:78:0f:
9a:70:a6:12:2c:bc:ee:a9:b6:60:bc:e8:b8:c1:ae:
e2:ee:60:a4:f3:57:9e:7c:db:53:00:4f:5b:58:85:
2a:fa:39:28:b2:b3:24:a5:06:f9:1c:e4:de:0d:9c:
0a:88:56:8e:46:3d:fa:cb:38:84:d0:fa:cd:e4:1e:
99:a1:e3:74:7e:c0:5b:a4:e5:b3:f5:61:1a:a3:d6:
17:b2:62:cb:cb:f8:2d:68:9f:c0:fc:5a:6a:c4:97:
0d:31:0a:58:7d:0b:04:bd:93:d3:e5:2c:1f:7f:46:
be:7f:f8:d0:c3:77:4e:32:b6:f9:9f:10:53:f5:00:
3e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:EA:2F:9C:67:96:0F:60:D6:49:FF:B7:C7:0A:58:BC:84:31:C5:29
X509v3 Authority Key Identifier:
keyid:B9:F1:D5:B0:6F:57:01:55:5F:F5:88:81:54:DD:14:1B:48:89:61:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
d1:9f:13:e7:65:6a:d2:9a:7f:1c:e1:38:fb:8c:1b:da:13:0a:
a1:fa:69:e6:48:8f:00:2e:fb:67:7c:25:3b:a0:55:df:20:52:
eb:e4:a9:9e:63:69:2b:a2:4a:9c:32:b7:8c:de:d1:bc:23:af:
c4:23:a4:5f:7d:0a:af:b4:92:2c:4e:7e:f4:58:2d:5f:a1:bc:
10:93:8b:16:f7:c2:ac:1f:af:5f:41:3f:ba:e2:01:bb:69:07:
b2:3f:3c:b9:00:ff:dd:2e:be:fb:13:4c:f7:05:f6:c0:d3:68:
0e:a0:2c:3e:6c:8a:b2:d7:6e:07:89:77:5e:bb:28:27:e6:21:
82:ab:3f:fa:7c:f9:f3:5a:98:a6:04:2f:c8:cc:b2:b2:56:1c:
ef:48:95:d3:56:9d:e5:8e:e5:de:cc:2d:e7:61:24:80:ed:ed:
47:eb:2b:8c:df:ee:ae:23:42:47:a0:41:3e:8c:06:9e:1b:63:
b9:25:e4:07:16:45:fe:9a:70:c6:a3:c1:3b:47:4b:f2:af:80:
4f:89:47:f3:e2:62:f9:f6:66:af:3e:ad:f5:df:a0:7c:76:23:
86:d3:a9:28:fb:9b:c0:15:e8:6a:84:21:f7:d0:e9:3d:26:02:
6d:a7:82:f9:24:14:63:d8:03:f5:74:75:fb:2a:46:6a:06:f2:
b4:9c:1a:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9G56iArsxaL/ajpESDG4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZjFkNWIwNmY1NzAxNTU1ZmY1ODg4MTU0ZGQxNDFiNDg4
OTYxMTcwHhcNMjYwNDE3MDEwMDQ4WhcNMjYwNDE4MDEwMDQ4WjAzMTEwLwYDVQQD
EygyM2VhMmY5YzY3OTYwZjYwZDY0OWZmYjdjNzBhNThiYzg0MzFjNTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnF80ZXA0oUjlyUjP+YEbh+BooTg9
4V7BD/74rAN9I3x99x7fiU0UbBiTRTb2QdOqyV61J+UnGxG84hFYeeoonVyHx74x
kQcRS/bxyMQHXBQDkBHgfoTgDqBghAadWcuFZg8fdnF+GYKd08CiTOufaerC9+94
qkqXpHKMfUyZSthquR91eA+acKYSLLzuqbZgvOi4wa7i7mCk81eefNtTAE9bWIUq
+jkosrMkpQb5HOTeDZwKiFaORj36yziE0PrN5B6ZoeN0fsBbpOWz9WEao9YXsmLL
y/gtaJ/A/FpqxJcNMQpYfQsEvZPT5Swff0a+f/jQw3dOMrb5nxBT9QA+XwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCPqL5xnlg9g1kn/t8cKWLyEMcUpMB8GA1UdIwQY
MBaAFLnx1bBvVwFVX/WIgVTdFBtIiWEXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9jYWY1ZWEtNjI2ZS00NTVhLTg3MDgt
ZjVjYThmYTcyNzBkLzEvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9jYWY1ZWEtNjI2ZS00NTVhLTg3MDgtZjVjYThmYTcyNzBk
LzEvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0Z8T52Vq
0pp/HOE4+4wb2hMKofpp5kiPAC77Z3wlO6BV3yBS6+SpnmNpK6JKnDK3jN7RvCOv
xCOkX30Kr7SSLE5+9FgtX6G8EJOLFvfCrB+vX0E/uuIBu2kHsj88uQD/3S6++xNM
9wX2wNNoDqAsPmyKstduB4l3XrsoJ+Yhgqs/+nz581qYpgQvyMyyslYc70iV01ad
5Y7l3swt52EkgO3tR+srjN/uriNCR6BBPowGnhtjuSXkBxZF/ppwxqPBO0dL8q+A
T4lH8+Ji+fZmrz6t9d+gfHYjhtOpKPubwBXoaoQh99DpPSYCbaeC+SQUY9gD9XR1
+ypGagbytJwayA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:38:54 2026 by rpki-client