Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft
File: _D39VAG24EhxYrQuBDdnosKTGnc.mft (raw, json)
Hash identifier: zA17kvHhxmwoGUtq3+5+Ls73K71AOQhL4DImrU6kaAM=
Subject key identifier: 07:ED:A2:D8:E9:95:3F:BC:0B:9C:2D:4E:1A:98:CD:39:C1:B0:46:91
Authority key identifier: FC:3D:FD:54:01:B6:E0:48:71:62:B4:2E:04:37:67:A2:C2:93:1A:77
Certificate issuer: /CN=fc3dfd5401b6e0487162b42e043767a2c2931a77
Certificate serial: 019DA48A6E9F86F287504D13E26ED3FE11CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_D39VAG24EhxYrQuBDdnosKTGnc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft
Manifest number: 0C49
Signing time: Sun 19 Apr 2026 07:00:28 +0000
Manifest this update: Sun 19 Apr 2026 07:00:28 +0000
Manifest next update: Mon 20 Apr 2026 07:00:28 +0000
Files and hashes: 1: _D39VAG24EhxYrQuBDdnosKTGnc.crl (hash: Lv+soYLDw1a9D5jffmAPwwXJp9EttmbJZc8w2/Kud80=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.crl
rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft
rsync://rpki.ripe.net/repository/DEFAULT/_D39VAG24EhxYrQuBDdnosKTGnc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a4:8a:6e:9f:86:f2:87:50:4d:13:e2:6e:d3:fe:11:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc3dfd5401b6e0487162b42e043767a2c2931a77
Validity
Not Before: Apr 19 07:00:28 2026 GMT
Not After : Apr 20 07:00:28 2026 GMT
Subject: CN=07eda2d8e9953fbc0b9c2d4e1a98cd39c1b04691
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a9:a7:a8:51:23:e6:55:22:5c:d0:8d:d1:7f:
bf:d8:bd:bc:38:8e:2c:6f:0c:98:eb:fc:a9:33:b5:
eb:df:f0:8b:20:ab:35:30:e5:00:6f:83:b9:0e:01:
d5:09:e4:ed:bc:c8:c5:2c:76:12:f9:92:05:82:b9:
f8:d9:4e:ff:05:fc:8c:9f:46:30:3b:04:63:3b:43:
39:88:c1:0c:8b:0c:ea:6e:34:b9:16:34:19:33:3b:
58:e6:3c:b8:d0:c6:97:cc:4a:25:78:a2:45:83:cb:
27:1c:6e:df:57:e2:a0:4b:f8:18:fe:62:7a:80:6b:
8a:78:1e:58:6b:0b:92:d8:24:6b:88:3b:79:b6:3a:
37:d5:bf:57:0a:71:25:14:d3:66:26:de:7a:16:f0:
06:15:21:4f:50:5a:d3:97:a3:89:eb:33:61:72:8e:
ea:f8:fa:b3:d8:7f:67:a1:f0:e3:f5:22:a8:1f:77:
53:0a:6a:74:0f:fe:ea:a5:c0:ad:47:cb:d8:94:f8:
2f:71:b8:e0:7a:95:6f:a2:ca:8b:e6:70:df:a8:26:
f2:87:93:17:25:f9:ec:87:a6:24:d8:06:fd:07:15:
fc:00:7c:fa:9c:e3:ab:ec:2a:d7:1c:f9:3f:6d:1d:
43:7f:04:c7:b1:96:a3:2c:d7:6a:a4:95:77:31:e1:
bc:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:ED:A2:D8:E9:95:3F:BC:0B:9C:2D:4E:1A:98:CD:39:C1:B0:46:91
X509v3 Authority Key Identifier:
keyid:FC:3D:FD:54:01:B6:E0:48:71:62:B4:2E:04:37:67:A2:C2:93:1A:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_D39VAG24EhxYrQuBDdnosKTGnc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
26:7b:75:42:18:40:fd:12:04:c4:48:b9:fc:14:ea:69:da:41:
e2:bc:43:61:16:c4:fc:9e:22:6a:58:4e:50:38:b9:ca:4c:4f:
86:d7:4a:92:04:56:2f:b1:ed:02:dd:2c:3d:69:60:95:7a:a2:
c0:12:28:5d:7c:76:61:f5:af:cc:ed:23:79:4e:58:f4:1b:f2:
ff:33:48:31:94:13:13:96:d2:0c:e4:ef:fe:8a:b6:e0:ba:ae:
32:71:a3:1c:57:7f:dc:10:b6:d7:35:4e:8c:7d:2a:4f:43:62:
48:92:a4:e8:f6:fa:35:86:d2:23:34:08:ae:db:f1:be:24:26:
ee:58:cc:2d:f8:01:0a:2d:b0:3d:f2:bd:b1:1e:0e:4c:a8:df:
49:fe:92:ab:0c:6b:71:ce:4c:8b:db:01:18:37:91:91:6e:fd:
62:9f:f8:17:16:f2:07:5a:71:c7:db:c8:43:79:07:21:0a:bc:
10:2e:db:f8:af:ad:94:b5:cc:fc:13:f9:57:92:9e:aa:d6:27:
13:d5:18:ce:c8:8f:a6:26:54:5f:c0:f5:02:d2:31:0c:d0:45:
3c:de:cd:8f:e0:e4:fa:bc:5a:76:a1:55:05:01:93:6a:20:c9:
21:b1:41:30:aa:a3:b7:75:cd:8d:16:c3:84:3b:56:10:db:58:
e3:fd:e4:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2kim6fhvKHUE0T4m7T/hHOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjM2RmZDU0MDFiNmUwNDg3MTYyYjQyZTA0Mzc2N2EyYzI5
MzFhNzcwHhcNMjYwNDE5MDcwMDI4WhcNMjYwNDIwMDcwMDI4WjAzMTEwLwYDVQQD
EygwN2VkYTJkOGU5OTUzZmJjMGI5YzJkNGUxYTk4Y2QzOWMxYjA0NjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6mnqFEj5lUiXNCN0X+/2L28OI4s
bwyY6/ypM7Xr3/CLIKs1MOUAb4O5DgHVCeTtvMjFLHYS+ZIFgrn42U7/BfyMn0Yw
OwRjO0M5iMEMiwzqbjS5FjQZMztY5jy40MaXzEoleKJFg8snHG7fV+KgS/gY/mJ6
gGuKeB5YawuS2CRriDt5tjo31b9XCnElFNNmJt56FvAGFSFPUFrTl6OJ6zNhco7q
+Pqz2H9nofDj9SKoH3dTCmp0D/7qpcCtR8vYlPgvcbjgepVvosqL5nDfqCbyh5MX
Jfnsh6Yk2Ab9BxX8AHz6nOOr7CrXHPk/bR1DfwTHsZajLNdqpJV3MeG8tQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAftotjplT+8C5wtThqYzTnBsEaRMB8GA1UdIwQY
MBaAFPw9/VQBtuBIcWK0LgQ3Z6LCkxp3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0QzOVZBRzI0RWh4WXJRdUJEZG5vc0tUR25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8zMzVlOTgtOGIzNi00MDE3LTkyOGEt
ZGRhZGUzZDM0MWM3LzEvX0QzOVZBRzI0RWh4WXJRdUJEZG5vc0tUR25jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi8zMzVlOTgtOGIzNi00MDE3LTkyOGEtZGRhZGUzZDM0MWM3
LzEvX0QzOVZBRzI0RWh4WXJRdUJEZG5vc0tUR25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJnt1QhhA
/RIExEi5/BTqadpB4rxDYRbE/J4ialhOUDi5ykxPhtdKkgRWL7HtAt0sPWlglXqi
wBIoXXx2YfWvzO0jeU5Y9Bvy/zNIMZQTE5bSDOTv/oq24LquMnGjHFd/3BC21zVO
jH0qT0NiSJKk6Pb6NYbSIzQIrtvxviQm7ljMLfgBCi2wPfK9sR4OTKjfSf6Sqwxr
cc5Mi9sBGDeRkW79Yp/4FxbyB1pxx9vIQ3kHIQq8EC7b+K+tlLXM/BP5V5KeqtYn
E9UYzsiPpiZUX8D1AtIxDNBFPN7Nj+Dk+rxadqFVBQGTaiDJIbFBMKqjt3XNjRbD
hDtWENtY4/3kqA==
-----END CERTIFICATE-----
Generated at Sun Apr 19 09:44:29 2026 by rpki-client