Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/858910-c501-459c-a313-7ac680ed5dd7/1/1IW26difsBA2mXHtiIVyBZhdSRg.mft
File: 1IW26difsBA2mXHtiIVyBZhdSRg.mft (raw, json)
Hash identifier: Pt8dWp5DAi1I65evtVfOgfuYfvUbvo1xcCeoEJHhEJ4=
Subject key identifier: 89:71:CF:B0:56:43:FF:B7:68:7A:FD:FD:1A:10:13:4B:B4:94:56:31
Authority key identifier: D4:85:B6:E9:D8:9F:B0:10:36:99:71:ED:88:85:72:05:98:5D:49:18
Certificate issuer: /CN=d485b6e9d89fb010369971ed88857205985d4918
Certificate serial: 019D9B5156C053265E96B368F0B3270B9D20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1IW26difsBA2mXHtiIVyBZhdSRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/858910-c501-459c-a313-7ac680ed5dd7/1/1IW26difsBA2mXHtiIVyBZhdSRg.mft
Manifest number: 18C3
Signing time: Fri 17 Apr 2026 12:01:32 +0000
Manifest this update: Fri 17 Apr 2026 12:01:32 +0000
Manifest next update: Sat 18 Apr 2026 12:01:32 +0000
Files and hashes: 1: 1IW26difsBA2mXHtiIVyBZhdSRg.crl (hash: 5BRpcC1GoiAZcioTcS2NDs9Rg0XdppMY1pGepgYFKg8=)
2: tcauu97gqx_3OsWJEyJLtylmmP8.roa (hash: g4WoFZgT3MzcoVX/LXrLBBnWdsRJpBrZA+GD6BcfKaw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/858910-c501-459c-a313-7ac680ed5dd7/1/1IW26difsBA2mXHtiIVyBZhdSRg.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/858910-c501-459c-a313-7ac680ed5dd7/1/1IW26difsBA2mXHtiIVyBZhdSRg.mft
rsync://rpki.ripe.net/repository/DEFAULT/1IW26difsBA2mXHtiIVyBZhdSRg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:51:56:c0:53:26:5e:96:b3:68:f0:b3:27:0b:9d:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d485b6e9d89fb010369971ed88857205985d4918
Validity
Not Before: Apr 17 12:01:32 2026 GMT
Not After : Apr 18 12:01:32 2026 GMT
Subject: CN=8971cfb05643ffb7687afdfd1a10134bb4945631
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:02:86:c1:af:37:e3:4c:1f:cb:a8:e0:ce:09:
72:0e:b5:b2:af:0c:d1:43:e1:ed:82:32:ea:27:16:
e3:bc:2b:cb:59:02:36:aa:68:0f:4f:8f:af:ed:d5:
a3:e9:06:65:e7:57:56:d2:ed:8b:a4:f9:9a:46:5e:
d2:ea:d8:78:d7:28:5d:b8:6f:be:c5:34:ed:d3:25:
d4:2f:e2:b0:2c:7f:34:e9:99:45:1d:78:f1:fa:6a:
65:1e:ea:e8:51:27:15:27:7b:02:97:f8:1b:ab:9e:
92:87:ef:cf:7c:b5:e3:7d:84:dd:b7:d2:a7:49:b6:
69:6b:35:f3:a8:3b:19:5a:b2:cb:b7:03:12:5c:aa:
76:73:14:69:46:c2:f4:4d:a9:be:c3:10:dc:ad:c4:
14:0e:8a:ac:33:5d:59:7e:88:a5:25:ef:f3:0a:59:
9f:a5:04:93:30:e7:1d:58:a4:25:ac:28:b2:84:a9:
e3:d1:16:5e:a8:58:b9:3c:c6:81:3d:ae:e4:1f:c9:
6b:e4:11:c6:55:d7:63:96:9a:35:91:66:c3:74:df:
d2:f0:d8:05:f5:a1:38:35:ac:95:19:f3:dc:78:ff:
9f:04:fe:17:7a:b0:ed:8e:95:a5:4a:b9:ff:c1:ad:
f0:5c:0e:46:ea:64:45:9d:9e:8d:e9:29:20:b3:77:
d5:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:71:CF:B0:56:43:FF:B7:68:7A:FD:FD:1A:10:13:4B:B4:94:56:31
X509v3 Authority Key Identifier:
keyid:D4:85:B6:E9:D8:9F:B0:10:36:99:71:ED:88:85:72:05:98:5D:49:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1IW26difsBA2mXHtiIVyBZhdSRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/858910-c501-459c-a313-7ac680ed5dd7/1/1IW26difsBA2mXHtiIVyBZhdSRg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/858910-c501-459c-a313-7ac680ed5dd7/1/1IW26difsBA2mXHtiIVyBZhdSRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
22:de:43:99:a2:06:90:4b:7a:65:41:4c:b3:74:6b:a8:10:5d:
8c:c7:f3:ad:cc:ef:32:0e:4b:d1:a1:59:60:30:4f:36:b0:c6:
39:c4:4e:de:61:54:66:13:e4:f6:69:9b:ab:7c:1f:d6:9b:b1:
1d:d8:af:c6:7f:98:c8:08:c3:96:c7:74:0d:b0:e0:5f:f2:d7:
d7:45:d9:61:63:d4:12:23:3c:d4:ce:af:51:bd:1d:ce:bf:db:
4c:59:7d:cd:d6:05:6b:bc:09:66:67:b4:cd:b9:03:e5:d2:e0:
b3:57:e2:92:83:e8:9a:a1:53:58:66:38:0c:0a:c5:77:85:94:
a3:3b:30:33:51:60:05:1d:9c:e7:06:a3:88:13:84:8e:b6:52:
16:49:64:37:62:f6:2b:01:52:7f:2f:11:9c:59:fc:f3:6e:c1:
78:6b:4f:a5:3c:6a:43:01:c6:96:6a:00:a4:d5:6e:ca:00:e6:
c4:29:4f:cf:e6:98:3c:16:04:d5:e2:cd:ce:5c:5c:35:4b:41:
a7:76:d9:65:7b:0e:e6:f4:6e:45:0e:da:17:6b:5f:cf:9e:65:
62:56:c9:bc:5f:37:2f:93:4f:04:e3:f6:b4:1a:58:6c:e4:91:
31:de:21:aa:38:c7:a2:44:0e:b8:ea:1a:fb:72:ce:55:bb:6e:
c3:d3:46:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bUVbAUyZelrNo8LMnC50gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ODViNmU5ZDg5ZmIwMTAzNjk5NzFlZDg4ODU3MjA1OTg1
ZDQ5MTgwHhcNMjYwNDE3MTIwMTMyWhcNMjYwNDE4MTIwMTMyWjAzMTEwLwYDVQQD
Eyg4OTcxY2ZiMDU2NDNmZmI3Njg3YWZkZmQxYTEwMTM0YmI0OTQ1NjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwKGwa8340wfy6jgzglyDrWyrwzR
Q+HtgjLqJxbjvCvLWQI2qmgPT4+v7dWj6QZl51dW0u2LpPmaRl7S6th41yhduG++
xTTt0yXUL+KwLH806ZlFHXjx+mplHuroUScVJ3sCl/gbq56Sh+/PfLXjfYTdt9Kn
SbZpazXzqDsZWrLLtwMSXKp2cxRpRsL0Tam+wxDcrcQUDoqsM11ZfoilJe/zClmf
pQSTMOcdWKQlrCiyhKnj0RZeqFi5PMaBPa7kH8lr5BHGVddjlpo1kWbDdN/S8NgF
9aE4NayVGfPceP+fBP4XerDtjpWlSrn/wa3wXA5G6mRFnZ6N6Skgs3fVkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIlxz7BWQ/+3aHr9/RoQE0u0lFYxMB8GA1UdIwQY
MBaAFNSFtunYn7AQNplx7YiFcgWYXUkYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlXMjZkaWZzQkEybVhIdGlJVnlCWmhkU1JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy84NTg5MTAtYzUwMS00NTljLWEzMTMt
N2FjNjgwZWQ1ZGQ3LzEvMUlXMjZkaWZzQkEybVhIdGlJVnlCWmhkU1JnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy84NTg5MTAtYzUwMS00NTljLWEzMTMtN2FjNjgwZWQ1ZGQ3
LzEvMUlXMjZkaWZzQkEybVhIdGlJVnlCWmhkU1JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIt5DmaIG
kEt6ZUFMs3RrqBBdjMfzrczvMg5L0aFZYDBPNrDGOcRO3mFUZhPk9mmbq3wf1pux
Hdivxn+YyAjDlsd0DbDgX/LX10XZYWPUEiM81M6vUb0dzr/bTFl9zdYFa7wJZme0
zbkD5dLgs1fikoPomqFTWGY4DArFd4WUozswM1FgBR2c5wajiBOEjrZSFklkN2L2
KwFSfy8RnFn8827BeGtPpTxqQwHGlmoApNVuygDmxClPz+aYPBYE1eLNzlxcNUtB
p3bZZXsO5vRuRQ7aF2tfz55lYlbJvF83L5NPBOP2tBpYbOSRMd4hqjjHokQOuOoa
+3LOVbtuw9NGAQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:52:53 2026 by rpki-client