Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
File: bIlKsevTD7N84imjdNPjE52QUY8.mft (raw, json)
Hash identifier: yuZVT0fyKoxv2MjySKDPP4Y1nodlaXK4GxD0TVYtwTQ=
Subject key identifier: 10:20:24:9F:E1:7B:25:FE:DA:CE:CC:F1:ED:84:1A:D1:DA:A8:6E:A0
Authority key identifier: 6C:89:4A:B1:EB:D3:0F:B3:7C:E2:29:A3:74:D3:E3:13:9D:90:51:8F
Certificate issuer: /CN=6c894ab1ebd30fb37ce229a374d3e3139d90518f
Certificate serial: 019D98F493CA5F5D131C456E29DFBFAC877B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
Manifest number: 0901
Signing time: Fri 17 Apr 2026 01:00:58 +0000
Manifest this update: Fri 17 Apr 2026 01:00:58 +0000
Manifest next update: Sat 18 Apr 2026 01:00:58 +0000
Files and hashes: 1: HMK0XQoxdRxzLrSbOk3nRa3LDfU.roa (hash: ULrE37Ak3LEpHtIRIUxe40WhUc8sSXQeL2cSCTuAsyw=)
2: bIlKsevTD7N84imjdNPjE52QUY8.crl (hash: OGCysxboLXMu8qFXZNLrVxFOCQn5nCVZt5Bb9c7xJkU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 01:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:98:f4:93:ca:5f:5d:13:1c:45:6e:29:df:bf:ac:87:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c894ab1ebd30fb37ce229a374d3e3139d90518f
Validity
Not Before: Apr 17 01:00:58 2026 GMT
Not After : Apr 18 01:00:58 2026 GMT
Subject: CN=1020249fe17b25fedaceccf1ed841ad1daa86ea0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c2:dd:b6:32:57:f9:61:64:1e:3c:3e:14:c8:
92:12:8d:93:96:ba:19:8e:a6:7d:ea:f6:ae:28:d9:
19:f5:79:ba:63:00:8f:11:cc:27:49:62:7b:02:bf:
70:c0:f1:14:d2:78:0b:68:71:62:4e:e4:ee:51:cd:
ca:e4:24:b2:9d:f7:38:b2:e0:76:ac:74:1c:b6:c0:
e1:f9:89:58:64:b1:da:11:e4:8e:72:b9:c3:50:17:
cc:6e:2a:c9:7d:66:08:42:2f:7e:e5:77:e5:7d:9d:
f2:91:08:98:c1:9d:36:a2:38:fb:48:e9:21:96:10:
4c:74:a6:12:3c:77:57:bc:86:d9:21:b5:98:34:b1:
cc:ee:19:a4:8e:9e:6d:7a:02:68:b4:b8:8b:95:3c:
f2:d0:be:85:82:5a:43:4a:6f:c3:98:58:1a:74:6a:
f3:d9:c0:33:e3:d7:c8:41:45:73:d7:23:cd:99:d3:
68:c7:e8:5c:e1:5d:53:2c:6e:05:96:a8:ea:66:bc:
e2:4f:f0:dd:e5:bc:92:19:9f:b8:7a:a5:61:f9:81:
f8:e5:a5:34:08:5a:c3:88:ec:16:f1:fa:4d:74:d7:
31:f1:3c:16:01:11:54:19:5f:3c:e5:ef:be:b1:c6:
73:04:8e:be:2b:c4:ee:a0:b7:8e:9d:98:29:84:5a:
fa:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:20:24:9F:E1:7B:25:FE:DA:CE:CC:F1:ED:84:1A:D1:DA:A8:6E:A0
X509v3 Authority Key Identifier:
keyid:6C:89:4A:B1:EB:D3:0F:B3:7C:E2:29:A3:74:D3:E3:13:9D:90:51:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:96:ac:80:c2:74:1c:18:11:0c:ce:17:22:04:fe:0d:72:c1:
36:d2:7c:e3:e3:e2:36:e2:f4:34:aa:2b:1d:44:7f:aa:c1:b1:
57:ae:53:e8:e0:91:3d:11:ee:6e:0d:8f:d5:b8:31:62:47:dc:
11:ab:fe:7a:fd:9b:10:a1:1b:cb:65:7b:7d:4c:eb:b0:f9:f1:
ce:74:8b:61:66:2f:8e:5c:66:d4:5b:39:0e:a4:f0:00:9f:b5:
68:42:cb:c6:74:6e:16:38:e6:82:34:03:1e:9a:7a:c9:f3:ea:
c1:e7:b0:b5:33:0f:e5:0e:7a:40:66:41:aa:db:15:7e:4d:10:
4a:90:fe:08:55:08:91:bf:ef:87:6b:12:35:34:9e:50:b3:32:
03:2a:3f:56:87:3a:64:e7:80:3c:72:d6:34:03:12:d9:a0:8d:
cb:5f:00:ac:14:5d:dd:eb:85:2b:e0:7a:e4:d2:56:00:a3:c9:
8b:65:b9:32:25:c5:59:9b:45:bc:fa:0c:5e:9e:b2:cd:73:50:
55:cf:52:72:cb:08:6b:5d:66:89:82:53:26:63:84:a5:95:0b:
23:53:cd:f8:21:28:98:75:19:f1:11:2a:43:38:43:64:9d:0a:
ca:7e:51:3e:42:43:42:b5:88:b6:e9:99:27:a9:76:7f:03:0b:
6d:b0:39:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9JPKX10THEVuKd+/rId7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjODk0YWIxZWJkMzBmYjM3Y2UyMjlhMzc0ZDNlMzEzOWQ5
MDUxOGYwHhcNMjYwNDE3MDEwMDU4WhcNMjYwNDE4MDEwMDU4WjAzMTEwLwYDVQQD
EygxMDIwMjQ5ZmUxN2IyNWZlZGFjZWNjZjFlZDg0MWFkMWRhYTg2ZWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMLdtjJX+WFkHjw+FMiSEo2TlroZ
jqZ96vauKNkZ9Xm6YwCPEcwnSWJ7Ar9wwPEU0ngLaHFiTuTuUc3K5CSynfc4suB2
rHQctsDh+YlYZLHaEeSOcrnDUBfMbirJfWYIQi9+5XflfZ3ykQiYwZ02ojj7SOkh
lhBMdKYSPHdXvIbZIbWYNLHM7hmkjp5tegJotLiLlTzy0L6FglpDSm/DmFgadGrz
2cAz49fIQUVz1yPNmdNox+hc4V1TLG4FlqjqZrziT/Dd5bySGZ+4eqVh+YH45aU0
CFrDiOwW8fpNdNcx8TwWARFUGV885e++scZzBI6+K8TuoLeOnZgphFr6VwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBAgJJ/heyX+2s7M8e2EGtHaqG6gMB8GA1UdIwQY
MBaAFGyJSrHr0w+zfOIpo3TT4xOdkFGPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklsS3NldlREN044NGltamROUGpFNTJRVVk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS81ZmFmNzYtMWJjMi00NzIxLTk0OTgt
YTFhZTU5ZTE2ODczLzEvYklsS3NldlREN044NGltamROUGpFNTJRVVk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS81ZmFmNzYtMWJjMi00NzIxLTk0OTgtYTFhZTU5ZTE2ODcz
LzEvYklsS3NldlREN044NGltamROUGpFNTJRVVk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGpasgMJ0
HBgRDM4XIgT+DXLBNtJ84+PiNuL0NKorHUR/qsGxV65T6OCRPRHubg2P1bgxYkfc
Eav+ev2bEKEby2V7fUzrsPnxznSLYWYvjlxm1Fs5DqTwAJ+1aELLxnRuFjjmgjQD
Hpp6yfPqweewtTMP5Q56QGZBqtsVfk0QSpD+CFUIkb/vh2sSNTSeULMyAyo/Voc6
ZOeAPHLWNAMS2aCNy18ArBRd3euFK+B65NJWAKPJi2W5MiXFWZtFvPoMXp6yzXNQ
Vc9ScssIa11miYJTJmOEpZULI1PN+CEomHUZ8REqQzhDZJ0Kyn5RPkJDQrWItumZ
J6l2fwMLbbA5IA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:58:19 2026 by rpki-client