Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/038f7d-59bb-4825-b6bf-78851932b27f/1/ErmEbY911kX_YwjOAwCHopfms1k.mft
File: ErmEbY911kX_YwjOAwCHopfms1k.mft (raw, json)
Hash identifier: Os9zTgD59MqWctnaYUaRYOYjqT3uetJAH4BWmXl6r60=
Subject key identifier: 02:56:45:25:95:79:A9:D0:3C:0E:10:FA:D8:CC:DB:68:CC:1F:04:1E
Authority key identifier: 12:B9:84:6D:8F:75:D6:45:FF:63:08:CE:03:00:87:A2:97:E6:B3:59
Certificate issuer: /CN=12b9846d8f75d645ff6308ce030087a297e6b359
Certificate serial: 019D99994E9F9BB3521C0C1731F3016C3D6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ErmEbY911kX_YwjOAwCHopfms1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/038f7d-59bb-4825-b6bf-78851932b27f/1/ErmEbY911kX_YwjOAwCHopfms1k.mft
Manifest number: 16E3
Signing time: Fri 17 Apr 2026 04:00:54 +0000
Manifest this update: Fri 17 Apr 2026 04:00:54 +0000
Manifest next update: Sat 18 Apr 2026 04:00:54 +0000
Files and hashes: 1: 0bgPaSS9Ae0rB9f1u5QtAJZ7vjQ.roa (hash: IFhoLkFpjChfV3wyKbItrjVFxiC4Oyb3ylSVZABFfD0=)
2: ErmEbY911kX_YwjOAwCHopfms1k.crl (hash: ZOoRH3BaMeX/iOM4W2VDYJ63q9HSK0rwsWNuWgnhWAI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/038f7d-59bb-4825-b6bf-78851932b27f/1/ErmEbY911kX_YwjOAwCHopfms1k.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/038f7d-59bb-4825-b6bf-78851932b27f/1/ErmEbY911kX_YwjOAwCHopfms1k.mft
rsync://rpki.ripe.net/repository/DEFAULT/ErmEbY911kX_YwjOAwCHopfms1k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:99:4e:9f:9b:b3:52:1c:0c:17:31:f3:01:6c:3d:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12b9846d8f75d645ff6308ce030087a297e6b359
Validity
Not Before: Apr 17 04:00:54 2026 GMT
Not After : Apr 18 04:00:54 2026 GMT
Subject: CN=025645259579a9d03c0e10fad8ccdb68cc1f041e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f2:6f:3a:b0:e5:00:2c:3d:d7:7f:fa:e2:4e:
3b:18:54:d7:cf:d5:2f:d3:c1:a8:ca:a2:81:01:18:
e1:f8:10:b6:55:ac:65:d6:8c:b4:f5:63:ac:11:ce:
32:08:a0:36:4f:69:56:aa:b5:48:60:7a:49:12:e9:
b4:74:82:bc:be:d7:45:02:d1:2e:95:19:bd:7a:ea:
fa:b2:cc:00:37:7a:2e:3d:c2:98:de:b9:7f:05:17:
28:28:ab:95:e2:37:fd:55:5e:c4:90:b2:44:1e:8a:
d4:d1:6d:19:e3:13:f7:5d:b9:75:17:fa:4f:7e:6e:
af:7e:9d:af:db:c6:69:cc:cd:aa:1c:58:16:fc:8a:
72:72:d8:49:66:3d:c9:3c:03:94:21:32:88:30:b9:
e5:d1:4c:07:17:ac:06:a8:88:65:40:5c:88:1d:73:
0c:59:9e:fb:be:dc:8e:c3:4f:a4:c1:32:ad:6a:3a:
b6:a4:19:26:3e:49:08:43:28:b3:6d:6e:88:38:ba:
25:96:36:01:51:25:86:7a:d1:20:25:74:88:2c:bb:
40:fc:99:9c:33:4b:8f:85:02:c8:1f:c0:05:7b:1d:
35:d6:62:54:f6:a3:c4:1e:b4:4c:a1:30:de:ea:5b:
1e:7b:76:45:84:0a:88:3f:da:31:b4:c5:6d:72:c1:
c1:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:56:45:25:95:79:A9:D0:3C:0E:10:FA:D8:CC:DB:68:CC:1F:04:1E
X509v3 Authority Key Identifier:
keyid:12:B9:84:6D:8F:75:D6:45:FF:63:08:CE:03:00:87:A2:97:E6:B3:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ErmEbY911kX_YwjOAwCHopfms1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/038f7d-59bb-4825-b6bf-78851932b27f/1/ErmEbY911kX_YwjOAwCHopfms1k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/038f7d-59bb-4825-b6bf-78851932b27f/1/ErmEbY911kX_YwjOAwCHopfms1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1c:82:3f:81:7a:40:ac:f2:84:8d:05:68:82:e4:a9:10:37:99:
f9:be:9e:62:fd:bc:18:83:5a:9e:86:3b:d1:77:82:e6:55:d5:
de:98:ea:e8:dc:8e:c9:65:0f:44:f1:0c:ed:5f:33:be:86:eb:
58:48:fe:c2:6f:88:a8:d7:e0:23:dd:8c:5e:25:0a:ad:71:28:
60:ce:4d:b8:51:b8:99:3b:39:9d:20:46:f9:ea:0a:4c:15:0c:
27:44:5c:b0:72:ef:1f:5e:cf:0d:ed:01:f1:f1:d3:7e:22:00:
9c:a3:93:e4:16:52:20:69:cc:f4:7f:53:b5:d8:64:fc:bb:c4:
fa:fa:27:1a:bd:6a:64:81:20:10:3e:17:ff:58:53:4e:e8:d6:
c5:54:ec:1f:98:22:97:49:c6:53:57:5b:72:ca:68:2a:1f:11:
8b:59:05:98:46:a2:ac:e3:08:31:6c:9e:e7:14:b4:69:6d:51:
a5:28:43:a5:53:dd:35:b0:f3:7f:53:e4:c9:be:ec:5a:8d:0c:
38:80:d3:b6:52:b5:f3:31:c1:12:bd:b0:ef:60:45:9b:f6:b6:
4a:79:38:0b:f4:81:1b:53:82:25:0a:47:ac:ee:a1:6f:c2:ba:
2a:88:9f:58:d4:86:75:93:40:30:18:5a:08:71:38:c0:ee:7e:
ef:1f:9e:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZmU6fm7NSHAwXMfMBbD1vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYjk4NDZkOGY3NWQ2NDVmZjYzMDhjZTAzMDA4N2EyOTdl
NmIzNTkwHhcNMjYwNDE3MDQwMDU0WhcNMjYwNDE4MDQwMDU0WjAzMTEwLwYDVQQD
EygwMjU2NDUyNTk1NzlhOWQwM2MwZTEwZmFkOGNjZGI2OGNjMWYwNDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPJvOrDlACw913/64k47GFTXz9Uv
08GoyqKBARjh+BC2Vaxl1oy09WOsEc4yCKA2T2lWqrVIYHpJEum0dIK8vtdFAtEu
lRm9eur6sswAN3ouPcKY3rl/BRcoKKuV4jf9VV7EkLJEHorU0W0Z4xP3Xbl1F/pP
fm6vfp2v28ZpzM2qHFgW/IpycthJZj3JPAOUITKIMLnl0UwHF6wGqIhlQFyIHXMM
WZ77vtyOw0+kwTKtajq2pBkmPkkIQyizbW6IOLolljYBUSWGetEgJXSILLtA/Jmc
M0uPhQLIH8AFex011mJU9qPEHrRMoTDe6lsee3ZFhAqIP9oxtMVtcsHB5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAJWRSWVeanQPA4Q+tjM22jMHwQeMB8GA1UdIwQY
MBaAFBK5hG2PddZF/2MIzgMAh6KX5rNZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXJtRWJZOTExa1hfWXdqT0F3Q0hvcGZtczFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wMzhmN2QtNTliYi00ODI1LWI2YmYt
Nzg4NTE5MzJiMjdmLzEvRXJtRWJZOTExa1hfWXdqT0F3Q0hvcGZtczFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wMzhmN2QtNTliYi00ODI1LWI2YmYtNzg4NTE5MzJiMjdm
LzEvRXJtRWJZOTExa1hfWXdqT0F3Q0hvcGZtczFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHII/gXpA
rPKEjQVoguSpEDeZ+b6eYv28GINanoY70XeC5lXV3pjq6NyOyWUPRPEM7V8zvobr
WEj+wm+IqNfgI92MXiUKrXEoYM5NuFG4mTs5nSBG+eoKTBUMJ0RcsHLvH17PDe0B
8fHTfiIAnKOT5BZSIGnM9H9Ttdhk/LvE+vonGr1qZIEgED4X/1hTTujWxVTsH5gi
l0nGU1dbcspoKh8Ri1kFmEairOMIMWye5xS0aW1RpShDpVPdNbDzf1Pkyb7sWo0M
OIDTtlK18zHBEr2w72BFm/a2Snk4C/SBG1OCJQpHrO6hb8K6KoifWNSGdZNAMBha
CHE4wO5+7x+etA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 07:07:35 2026 by rpki-client