Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
File: 0sAfMj0dJYn5qbRi_nDzawn6xjI.mft (raw, json)
Hash identifier: 2pEcvurrkHDR2/5brE6ea298mph3l0VtiocvoM08JXo=
Subject key identifier: E2:EC:43:25:5A:D5:CB:ED:D8:4C:AD:F9:DE:A7:E0:71:27:18:8D:90
Authority key identifier: D2:C0:1F:32:3D:1D:25:89:F9:A9:B4:62:FE:70:F3:6B:09:FA:C6:32
Certificate issuer: /CN=d2c01f323d1d2589f9a9b462fe70f36b09fac632
Certificate serial: 019D9A06E12FCDC6A0F48EE4F3EE4BD5677A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
Manifest number: 08EE
Signing time: Fri 17 Apr 2026 06:00:35 +0000
Manifest this update: Fri 17 Apr 2026 06:00:35 +0000
Manifest next update: Sat 18 Apr 2026 06:00:35 +0000
Files and hashes: 1: 0sAfMj0dJYn5qbRi_nDzawn6xjI.crl (hash: z1ugwodAZ7y1s4j4mj4RI7BH29BGBNe4zaB3cRoqgnQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 06:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:06:e1:2f:cd:c6:a0:f4:8e:e4:f3:ee:4b:d5:67:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2c01f323d1d2589f9a9b462fe70f36b09fac632
Validity
Not Before: Apr 17 06:00:35 2026 GMT
Not After : Apr 18 06:00:35 2026 GMT
Subject: CN=e2ec43255ad5cbedd84cadf9dea7e07127188d90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:75:30:18:3c:f7:35:5e:e0:45:83:48:3d:21:
f6:83:89:f0:74:1a:86:d0:df:d9:41:be:b3:cc:3c:
84:84:32:50:6f:d2:c9:7f:c0:d3:51:9f:d7:3d:ab:
3f:00:b5:a7:b0:90:d5:30:1b:cc:62:27:9a:d5:e0:
59:33:86:9e:3b:e1:dc:bb:59:aa:3d:15:8d:7e:9b:
80:93:51:5d:70:f8:f1:3b:e0:a0:20:ab:b8:02:83:
d0:34:85:17:d0:d0:bb:42:2d:56:de:85:f9:a2:cf:
7c:0b:f9:d9:15:10:96:8f:4e:55:a9:73:ca:93:56:
43:4b:7f:9f:84:67:db:5a:5c:30:c3:a3:34:32:f2:
cf:46:cc:47:66:c3:ff:15:e4:81:16:0e:7b:55:35:
51:b3:2a:76:1a:3d:65:c8:c1:09:e2:c5:26:cc:c9:
8c:5e:be:a8:58:6a:fc:39:65:64:33:78:bd:f6:f2:
da:a2:2b:4b:0c:94:86:ca:fb:05:c6:d8:b8:1e:2e:
d3:0c:28:d8:65:ae:d8:ea:32:3d:c5:e5:15:1e:82:
a4:70:5b:e3:8b:ac:6c:e9:85:db:e8:51:f0:6a:34:
73:78:e1:91:ce:a4:aa:c2:a1:e9:4a:6b:d5:48:4d:
9d:88:9e:77:ba:2f:3d:6e:72:4c:b5:bb:ca:a3:43:
ff:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:EC:43:25:5A:D5:CB:ED:D8:4C:AD:F9:DE:A7:E0:71:27:18:8D:90
X509v3 Authority Key Identifier:
keyid:D2:C0:1F:32:3D:1D:25:89:F9:A9:B4:62:FE:70:F3:6B:09:FA:C6:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
48:d7:e4:14:35:02:3f:a7:83:04:95:d6:2d:97:93:74:cf:55:
a3:af:02:43:dd:ab:5f:a5:42:b6:5b:ad:fa:cc:ca:d1:93:a2:
b8:52:79:1d:0b:4c:a0:02:5b:60:ec:6c:0a:9c:0a:1d:35:aa:
a8:3e:0e:41:94:ea:4b:0f:34:32:2c:ff:33:9e:b3:9e:ff:13:
1a:ea:5a:43:19:de:37:94:7a:8c:eb:44:8c:22:d4:d4:1b:bc:
1b:2e:cb:5c:c9:56:49:63:74:7c:98:5f:54:7b:7f:83:db:50:
2a:f9:50:e8:27:fc:bc:ab:b8:2b:2f:f9:8a:1b:36:c4:d0:13:
ed:aa:c8:70:b3:54:90:d6:d7:bd:e7:28:ad:95:87:19:ce:57:
fc:b2:15:96:9e:19:c4:9b:5a:99:6a:a2:91:79:7e:48:9e:fc:
0b:1f:42:33:a6:06:9a:e4:3b:2c:59:ee:3a:8a:e6:c7:9f:90:
2a:be:3f:87:6c:00:09:d1:0c:28:70:ed:90:04:23:19:38:3b:
3b:b1:40:e8:cd:c8:54:88:27:74:75:9b:00:55:da:a8:08:9c:
32:63:86:19:bb:32:e6:23:17:f0:c2:7a:7b:3c:7e:be:47:4c:
c6:2a:5b:cd:b6:ed:15:9c:e5:d4:43:9e:45:29:56:c5:41:28:
e6:5b:cf:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aBuEvzcag9I7k8+5L1Wd6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYzAxZjMyM2QxZDI1ODlmOWE5YjQ2MmZlNzBmMzZiMDlm
YWM2MzIwHhcNMjYwNDE3MDYwMDM1WhcNMjYwNDE4MDYwMDM1WjAzMTEwLwYDVQQD
EyhlMmVjNDMyNTVhZDVjYmVkZDg0Y2FkZjlkZWE3ZTA3MTI3MTg4ZDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHUwGDz3NV7gRYNIPSH2g4nwdBqG
0N/ZQb6zzDyEhDJQb9LJf8DTUZ/XPas/ALWnsJDVMBvMYiea1eBZM4aeO+Hcu1mq
PRWNfpuAk1FdcPjxO+CgIKu4AoPQNIUX0NC7Qi1W3oX5os98C/nZFRCWj05VqXPK
k1ZDS3+fhGfbWlwww6M0MvLPRsxHZsP/FeSBFg57VTVRsyp2Gj1lyMEJ4sUmzMmM
Xr6oWGr8OWVkM3i99vLaoitLDJSGyvsFxti4Hi7TDCjYZa7Y6jI9xeUVHoKkcFvj
i6xs6YXb6FHwajRzeOGRzqSqwqHpSmvVSE2diJ53ui89bnJMtbvKo0P/2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOLsQyVa1cvt2Eyt+d6n4HEnGI2QMB8GA1UdIwQY
MBaAFNLAHzI9HSWJ+am0Yv5w82sJ+sYyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS80Yzg0Y2QtMGJmMS00M2EzLWI0NDIt
NjViZDQyMjRjZGI5LzEvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS80Yzg0Y2QtMGJmMS00M2EzLWI0NDItNjViZDQyMjRjZGI5
LzEvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASNfkFDUC
P6eDBJXWLZeTdM9Vo68CQ92rX6VCtlut+szK0ZOiuFJ5HQtMoAJbYOxsCpwKHTWq
qD4OQZTqSw80Miz/M56znv8TGupaQxneN5R6jOtEjCLU1Bu8Gy7LXMlWSWN0fJhf
VHt/g9tQKvlQ6Cf8vKu4Ky/5ihs2xNAT7arIcLNUkNbXvecorZWHGc5X/LIVlp4Z
xJtamWqikXl+SJ78Cx9CM6YGmuQ7LFnuOormx5+QKr4/h2wACdEMKHDtkAQjGTg7
O7FA6M3IVIgndHWbAFXaqAicMmOGGbsy5iMX8MJ6ezx+vkdMxipbzbbtFZzl1EOe
RSlWxUEo5lvPzA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:23:17 2026 by rpki-client