Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/44478f-e980-4e60-9d6e-386617a664fe/1/fexyg377vE6m3dS-lDYZFrTDYto.mft
File: fexyg377vE6m3dS-lDYZFrTDYto.mft (raw, json)
Hash identifier: NHRcbwFunO986vjXiEK97bsCeBLUgfPNd5KwnSqNR+s=
Subject key identifier: 53:2A:B2:59:71:5C:28:7A:23:90:8D:4B:FB:95:D4:9C:FE:7F:BC:98
Authority key identifier: 7D:EC:72:83:7E:FB:BC:4E:A6:DD:D4:BE:94:36:19:16:B4:C3:62:DA
Certificate issuer: /CN=7dec72837efbbc4ea6ddd4be94361916b4c362da
Certificate serial: 019DA41CDE22FA60190A3BC79965A2B17306
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fexyg377vE6m3dS-lDYZFrTDYto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/44478f-e980-4e60-9d6e-386617a664fe/1/fexyg377vE6m3dS-lDYZFrTDYto.mft
Manifest number: 0FAF
Signing time: Sun 19 Apr 2026 05:00:48 +0000
Manifest this update: Sun 19 Apr 2026 05:00:48 +0000
Manifest next update: Mon 20 Apr 2026 05:00:48 +0000
Files and hashes: 1: 3g6ILoE9ejngNxt1ax6rYM1LQ60.roa (hash: LEUisAJ5IBxkUseMOfjHAnJQfW3VdAcMs8IPdC6dNso=)
2: fexyg377vE6m3dS-lDYZFrTDYto.crl (hash: sqbdVWK59+fP2sd/oUfthH16NY/uaIEdC4OKGPy8ak0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/44478f-e980-4e60-9d6e-386617a664fe/1/fexyg377vE6m3dS-lDYZFrTDYto.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/44478f-e980-4e60-9d6e-386617a664fe/1/fexyg377vE6m3dS-lDYZFrTDYto.mft
rsync://rpki.ripe.net/repository/DEFAULT/fexyg377vE6m3dS-lDYZFrTDYto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a4:1c:de:22:fa:60:19:0a:3b:c7:99:65:a2:b1:73:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7dec72837efbbc4ea6ddd4be94361916b4c362da
Validity
Not Before: Apr 19 05:00:48 2026 GMT
Not After : Apr 20 05:00:48 2026 GMT
Subject: CN=532ab259715c287a23908d4bfb95d49cfe7fbc98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:2f:0b:79:64:b0:06:e8:95:a1:e5:90:20:52:
01:13:90:79:37:4e:7a:dd:a7:16:b4:2f:85:84:bc:
0b:b5:40:b1:a1:fd:b1:f5:7e:73:68:c3:53:58:d8:
5b:98:5c:2d:90:ab:5e:30:31:42:1a:a7:22:e1:76:
b3:30:f6:12:99:a9:15:9c:f1:33:2e:26:c1:6b:7e:
71:7b:89:c5:28:49:84:40:0d:10:0b:5f:1e:4c:2e:
84:d7:5a:a5:d5:c1:72:f5:d8:32:cc:00:b5:90:a2:
00:d5:8b:29:6f:c0:ab:9c:f2:71:28:13:3f:d2:91:
60:87:6a:7c:1d:b6:95:66:de:6b:4a:04:59:3a:30:
71:1b:f5:5e:c8:6b:fe:8a:81:a8:11:7f:2a:2e:b4:
b9:51:38:93:0d:21:51:27:02:51:a8:ad:4d:b1:d2:
2f:f6:6b:c6:fe:96:6d:69:17:f9:59:e0:bc:89:50:
d3:0c:48:d0:8e:0d:32:3b:19:d5:89:e7:6a:73:13:
a7:a0:22:5b:75:7e:b5:16:95:e9:d1:12:74:d8:0b:
66:97:6f:83:f8:78:ae:e6:1f:35:ef:63:d9:c8:d7:
d9:01:3e:d6:b2:b4:34:e6:05:e9:89:db:cd:b2:42:
25:9e:05:a5:89:49:19:6d:77:14:ce:5e:12:08:a6:
2c:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:2A:B2:59:71:5C:28:7A:23:90:8D:4B:FB:95:D4:9C:FE:7F:BC:98
X509v3 Authority Key Identifier:
keyid:7D:EC:72:83:7E:FB:BC:4E:A6:DD:D4:BE:94:36:19:16:B4:C3:62:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fexyg377vE6m3dS-lDYZFrTDYto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/44478f-e980-4e60-9d6e-386617a664fe/1/fexyg377vE6m3dS-lDYZFrTDYto.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/44478f-e980-4e60-9d6e-386617a664fe/1/fexyg377vE6m3dS-lDYZFrTDYto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
84:57:14:77:c1:5d:88:5f:9e:28:b6:de:2e:c5:ba:cb:fb:ed:
79:42:74:fb:df:64:65:1c:93:91:40:3c:59:54:b5:38:c0:cf:
94:c5:47:3e:ff:97:01:da:42:d7:1e:cb:aa:ad:ca:cd:bf:ee:
09:15:f0:23:cc:03:01:aa:f3:b9:c6:5b:3c:7a:e4:26:c9:f3:
8a:0f:0e:7c:04:c7:2b:5f:ba:a3:cc:e7:28:ef:f0:72:b8:7b:
98:7f:af:50:d7:e0:62:1e:b6:b3:97:e5:75:cb:7c:2d:fe:52:
c9:95:8f:fa:2d:25:c7:80:c8:38:59:7c:46:10:27:da:5f:b9:
88:88:80:3c:cb:fa:b3:65:98:ed:1f:95:5c:8c:b0:a0:91:f0:
28:7a:5d:e2:41:73:88:20:46:21:23:30:51:45:06:43:67:68:
c6:b0:8b:39:4f:46:2b:d6:70:91:1f:f8:c8:52:e6:d4:71:4b:
3a:19:01:0f:fe:d9:e2:b4:3e:e7:42:ea:4d:41:8f:bf:56:c3:
cb:25:cc:86:f0:98:88:0f:25:19:ae:4f:f5:04:8a:b4:c1:91:
dc:4f:4b:89:50:4e:1d:9b:46:e5:d0:a5:0e:ab:d3:5b:24:85:
9e:8e:14:28:2a:03:6f:fb:d9:14:7f:cd:e5:22:de:6b:db:d6:
d0:ca:b4:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2kHN4i+mAZCjvHmWWisXMGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZWM3MjgzN2VmYmJjNGVhNmRkZDRiZTk0MzYxOTE2YjRj
MzYyZGEwHhcNMjYwNDE5MDUwMDQ4WhcNMjYwNDIwMDUwMDQ4WjAzMTEwLwYDVQQD
Eyg1MzJhYjI1OTcxNWMyODdhMjM5MDhkNGJmYjk1ZDQ5Y2ZlN2ZiYzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsS8LeWSwBuiVoeWQIFIBE5B5N056
3acWtC+FhLwLtUCxof2x9X5zaMNTWNhbmFwtkKteMDFCGqci4XazMPYSmakVnPEz
LibBa35xe4nFKEmEQA0QC18eTC6E11ql1cFy9dgyzAC1kKIA1Yspb8CrnPJxKBM/
0pFgh2p8HbaVZt5rSgRZOjBxG/VeyGv+ioGoEX8qLrS5UTiTDSFRJwJRqK1NsdIv
9mvG/pZtaRf5WeC8iVDTDEjQjg0yOxnViedqcxOnoCJbdX61FpXp0RJ02Atml2+D
+Hiu5h8172PZyNfZAT7WsrQ05gXpidvNskIlngWliUkZbXcUzl4SCKYsBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFMqsllxXCh6I5CNS/uV1Jz+f7yYMB8GA1UdIwQY
MBaAFH3scoN++7xOpt3UvpQ2GRa0w2LaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmV4eWczNzd2RTZtM2RTLWxEWVpGclREWXRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy80NDQ3OGYtZTk4MC00ZTYwLTlkNmUt
Mzg2NjE3YTY2NGZlLzEvZmV4eWczNzd2RTZtM2RTLWxEWVpGclREWXRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy80NDQ3OGYtZTk4MC00ZTYwLTlkNmUtMzg2NjE3YTY2NGZl
LzEvZmV4eWczNzd2RTZtM2RTLWxEWVpGclREWXRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhFcUd8Fd
iF+eKLbeLsW6y/vteUJ0+99kZRyTkUA8WVS1OMDPlMVHPv+XAdpC1x7Lqq3Kzb/u
CRXwI8wDAarzucZbPHrkJsnzig8OfATHK1+6o8znKO/wcrh7mH+vUNfgYh62s5fl
dct8Lf5SyZWP+i0lx4DIOFl8RhAn2l+5iIiAPMv6s2WY7R+VXIywoJHwKHpd4kFz
iCBGISMwUUUGQ2doxrCLOU9GK9ZwkR/4yFLm1HFLOhkBD/7Z4rQ+50LqTUGPv1bD
yyXMhvCYiA8lGa5P9QSKtMGR3E9LiVBOHZtG5dClDqvTWySFno4UKCoDb/vZFH/N
5SLea9vW0Mq0MA==
-----END CERTIFICATE-----
Generated at Sun Apr 19 08:27:30 2026 by rpki-client