Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
File: a0P3ovQ2ixel4DXOS9km-KFC1os.mft (raw, json)
Hash identifier: zEDBAPqfP/DX/Sc2QwySA2VvRctl1HbYmi+DMI4Cs/o=
Subject key identifier: 7D:10:29:F1:71:CB:97:E4:DA:3D:67:F2:1D:54:9C:A5:3A:C3:47:71
Authority key identifier: 6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B
Certificate issuer: /CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b
Certificate serial: 019DA454114D52EDF5C201051E96575D1A17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
Manifest number: 18C6
Signing time: Sun 19 Apr 2026 06:01:06 +0000
Manifest this update: Sun 19 Apr 2026 06:01:06 +0000
Manifest next update: Mon 20 Apr 2026 06:01:06 +0000
Files and hashes: 1: MuWBM4y_8sU7g6FEyEJdZpch7MA.roa (hash: polciHBhuEIudcpVsohkilsNPMnWK3IMSBDrJXYyToE=)
2: a0P3ovQ2ixel4DXOS9km-KFC1os.crl (hash: q3UQmWf4P0drK3CMKE6VDlGFrliTTBOirQfjc/vb4Bc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a4:54:11:4d:52:ed:f5:c2:01:05:1e:96:57:5d:1a:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b
Validity
Not Before: Apr 19 06:01:06 2026 GMT
Not After : Apr 20 06:01:06 2026 GMT
Subject: CN=7d1029f171cb97e4da3d67f21d549ca53ac34771
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:3a:48:69:67:1f:8d:13:72:d5:a1:5a:e7:ea:
6d:79:ab:7c:4f:50:40:ad:c1:97:db:37:cf:9c:d9:
e3:68:99:dc:7c:5f:bc:c2:c4:b6:de:bd:e4:d8:4c:
71:56:3c:ea:17:7d:ad:11:4d:8f:ba:24:dd:c9:61:
30:8a:85:95:62:25:60:9e:03:9c:b3:3b:3a:2d:fb:
12:4b:65:d5:21:9a:d8:90:9c:36:b1:ed:fe:56:37:
18:1a:c3:21:2a:e6:f3:1b:92:77:36:27:13:c7:fb:
f0:db:b5:f9:87:88:3d:70:94:b9:3a:d0:d6:ad:47:
90:3b:18:e7:7a:45:cd:8c:47:07:ba:a5:b9:9d:d0:
b6:55:4a:34:6d:9a:2f:62:7a:7b:12:e7:9d:5b:5c:
6d:72:52:4c:16:ba:3b:e8:b5:1b:45:37:71:d6:80:
08:f4:48:b3:f9:c2:16:7a:31:a5:4b:0c:d7:91:57:
6a:c8:6f:8e:f2:d8:aa:b0:42:61:89:41:50:44:63:
2b:ef:81:1d:1b:ca:6a:48:3d:17:7d:a6:bd:8a:a3:
1b:99:e1:47:d8:de:2e:05:57:ca:e0:93:95:71:ca:
f1:8a:e0:ce:e3:b9:c0:99:43:74:4c:cb:f9:54:b6:
66:87:6c:13:58:da:a9:fb:f2:81:1b:2c:c3:08:17:
62:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:10:29:F1:71:CB:97:E4:DA:3D:67:F2:1D:54:9C:A5:3A:C3:47:71
X509v3 Authority Key Identifier:
keyid:6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7c:e0:45:6f:32:b3:1f:cf:da:f3:cc:2d:30:af:d8:9a:95:b9:
81:fc:e8:0d:2e:fc:17:82:e1:06:85:b9:88:89:d2:e2:78:4d:
d5:62:d4:22:0f:d9:af:bc:8a:55:40:2b:e2:90:30:5e:a3:3f:
f7:69:4b:ef:50:63:ec:1d:7c:b3:15:31:b2:94:37:c1:cc:52:
50:d5:9b:e2:4c:e0:c3:4f:2d:ea:b8:b3:2b:67:3c:d6:44:d7:
14:4a:5d:91:a3:af:b9:40:22:0c:25:7c:34:13:af:e1:33:4c:
ed:87:f0:0a:42:89:5c:16:42:f1:e2:49:75:e0:06:a7:0c:ae:
e8:bb:3c:f0:00:dc:e5:5d:ee:fe:56:ec:b9:73:7a:48:76:b3:
5d:48:c2:de:a1:53:0c:5e:f0:13:75:3e:fd:e5:62:25:b1:4b:
70:9d:b7:22:4e:45:70:d5:e5:73:a2:39:d6:5a:e9:e6:e1:e2:
f8:c1:10:70:4e:67:18:03:47:26:be:ef:11:a9:cb:85:02:d9:
28:68:e3:4d:ef:cb:2f:07:dd:ed:c1:6d:ad:3d:c4:33:04:28:
49:13:0e:45:c9:06:e6:ea:27:02:55:bb:b0:fc:3c:8a:3d:91:
3d:20:28:de:08:dc:72:13:fd:36:ba:d3:20:e6:c5:af:33:91:
f0:e9:03:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2kVBFNUu31wgEFHpZXXRoXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNDNmN2EyZjQzNjhiMTdhNWUwMzVjZTRiZDkyNmY4YTE0
MmQ2OGIwHhcNMjYwNDE5MDYwMTA2WhcNMjYwNDIwMDYwMTA2WjAzMTEwLwYDVQQD
Eyg3ZDEwMjlmMTcxY2I5N2U0ZGEzZDY3ZjIxZDU0OWNhNTNhYzM0NzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTpIaWcfjRNy1aFa5+pteat8T1BA
rcGX2zfPnNnjaJncfF+8wsS23r3k2ExxVjzqF32tEU2PuiTdyWEwioWVYiVgngOc
szs6LfsSS2XVIZrYkJw2se3+VjcYGsMhKubzG5J3NicTx/vw27X5h4g9cJS5OtDW
rUeQOxjnekXNjEcHuqW5ndC2VUo0bZovYnp7EuedW1xtclJMFro76LUbRTdx1oAI
9Eiz+cIWejGlSwzXkVdqyG+O8tiqsEJhiUFQRGMr74EdG8pqSD0Xfaa9iqMbmeFH
2N4uBVfK4JOVccrxiuDO47nAmUN0TMv5VLZmh2wTWNqp+/KBGyzDCBdiwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH0QKfFxy5fk2j1n8h1UnKU6w0dxMB8GA1UdIwQY
MBaAFGtD96L0NosXpeA1zkvZJvihQtaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMt
MzViMDMxMzZkZDAzLzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMtMzViMDMxMzZkZDAz
LzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfOBFbzKz
H8/a88wtMK/YmpW5gfzoDS78F4LhBoW5iInS4nhN1WLUIg/Zr7yKVUAr4pAwXqM/
92lL71Bj7B18sxUxspQ3wcxSUNWb4kzgw08t6rizK2c81kTXFEpdkaOvuUAiDCV8
NBOv4TNM7YfwCkKJXBZC8eJJdeAGpwyu6Ls88ADc5V3u/lbsuXN6SHazXUjC3qFT
DF7wE3U+/eViJbFLcJ23Ik5FcNXlc6I51lrp5uHi+MEQcE5nGANHJr7vEanLhQLZ
KGjjTe/LLwfd7cFtrT3EMwQoSRMORckG5uonAlW7sPw8ij2RPSAo3gjcchP9NrrT
IObFrzOR8OkDew==
-----END CERTIFICATE-----
Generated at Sun Apr 19 08:42:42 2026 by rpki-client