Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.mft
File: rysOIXo1FoOSIGvac85hlTWgLzU.mft (raw, json)
Hash identifier: c3wsoyzcAQrdBTYNuvJ73mmGMxuJ+gLzZQ3c+FYXWOo=
Subject key identifier: B7:D8:AA:6B:25:E3:6C:1B:E7:AB:E7:76:5B:8C:8A:17:F0:2F:DA:99
Authority key identifier: AF:2B:0E:21:7A:35:16:83:92:20:6B:DA:73:CE:61:95:35:A0:2F:35
Certificate issuer: /CN=af2b0e217a35168392206bda73ce619535a02f35
Certificate serial: 019D992B43AC66866E2204CB9837AF67BED3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.mft
Manifest number: 0D6A
Signing time: Fri 17 Apr 2026 02:00:42 +0000
Manifest this update: Fri 17 Apr 2026 02:00:42 +0000
Manifest next update: Sat 18 Apr 2026 02:00:42 +0000
Files and hashes: 1: QBW11jyT74R8oUHhAinuj7gPXSk.asa (hash: yZJV0811rYsc05YANwSpX99f0QsW0swdHpcFUdFqr0Y=)
2: rysOIXo1FoOSIGvac85hlTWgLzU.crl (hash: VMKvEwClGR4W4V0MzXzKZrWfZthNuRJ8EBYxRjXlAFU=)
3: zakSxSI_wYoHQeaPnt8X9AknTHE.roa (hash: DFDQf/fadQ5V13foLZM1hVw4SY7MFQSi7KXroTzcGGo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.mft
rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 02:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:2b:43:ac:66:86:6e:22:04:cb:98:37:af:67:be:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af2b0e217a35168392206bda73ce619535a02f35
Validity
Not Before: Apr 17 02:00:42 2026 GMT
Not After : Apr 18 02:00:42 2026 GMT
Subject: CN=b7d8aa6b25e36c1be7abe7765b8c8a17f02fda99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b9:10:b3:aa:5a:cd:9b:ed:3a:ef:1d:54:23:
ec:8d:9f:4e:4f:a9:3f:3d:5d:9a:44:b9:bf:43:4f:
5b:80:c1:4b:42:a1:50:74:d6:3d:86:af:9c:f0:d9:
b8:7a:6f:59:5e:29:f7:fd:78:82:04:ba:d3:13:d7:
80:2c:51:14:98:a1:14:e2:22:83:83:ac:22:49:2d:
f1:fe:9e:ae:67:b5:b4:14:e7:7e:75:31:ac:27:20:
4f:fd:d8:f2:53:15:2c:53:9a:93:26:99:2b:39:b1:
0d:97:d3:57:94:f9:52:e8:c3:04:38:81:15:11:b4:
a1:d3:fa:e7:82:96:e5:36:9c:4a:9b:98:bf:2f:34:
61:c1:53:c1:75:35:a9:4c:f1:4d:b0:21:ec:2f:c6:
dc:00:5a:34:21:f8:4c:2d:88:d2:e0:fb:ac:63:a9:
50:d3:b1:68:84:75:1d:42:79:5a:ab:cc:f8:a7:d6:
07:2f:f5:b4:8f:da:04:5a:6e:91:93:58:5d:5b:44:
c4:79:69:57:53:6b:c0:c6:eb:38:1c:6e:7b:95:80:
cc:b4:7a:63:a2:cb:26:c1:03:48:11:27:7e:8f:11:
f8:02:aa:4d:b7:9a:f0:31:5c:da:0f:9b:3f:e4:23:
f1:40:d3:62:09:04:fe:a2:98:23:d0:58:2e:25:9c:
d0:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:D8:AA:6B:25:E3:6C:1B:E7:AB:E7:76:5B:8C:8A:17:F0:2F:DA:99
X509v3 Authority Key Identifier:
keyid:AF:2B:0E:21:7A:35:16:83:92:20:6B:DA:73:CE:61:95:35:A0:2F:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7d:73:a1:43:2f:51:5a:f5:10:58:ff:c4:29:52:79:41:01:a0:
a6:09:3b:12:1c:76:ff:29:35:78:9a:e1:00:c8:fa:a4:19:ed:
1d:f2:21:c1:b6:6f:2e:80:d2:a3:fc:b0:9e:2b:aa:9b:dc:30:
3e:31:f4:12:9f:1d:88:d0:78:0e:86:4c:ac:51:8c:72:28:b7:
15:b3:af:3f:4b:72:49:de:68:83:b4:13:71:ce:59:66:d5:c7:
ee:6a:2a:5d:b0:62:0e:0f:e6:49:66:ac:e3:9c:24:d3:5e:d3:
a3:08:4a:db:5f:48:cf:15:35:b5:be:f6:bb:e4:01:ba:d2:58:
1f:4e:90:54:46:66:85:b5:17:e8:fb:f3:80:f5:34:99:d2:fe:
fa:07:4d:d8:28:78:b2:f5:6d:22:cf:4f:28:97:3e:ab:d1:40:
34:04:b6:f2:71:f5:db:bf:b2:df:dd:07:2d:d7:c3:60:b3:6b:
c0:1f:6a:ef:46:2b:fe:de:3a:4b:c6:da:f2:29:21:e4:ae:7d:
d5:93:f8:45:10:c7:29:87:1b:ed:e3:eb:21:05:55:71:21:c8:
4e:8e:16:5d:71:5d:81:6f:51:3f:f9:82:99:7f:fb:fe:91:a5:
7e:76:45:21:22:82:aa:13:76:f8:af:ff:2b:9d:ac:70:aa:f2:
ef:4a:c2:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZK0OsZoZuIgTLmDevZ77TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmIwZTIxN2EzNTE2ODM5MjIwNmJkYTczY2U2MTk1MzVh
MDJmMzUwHhcNMjYwNDE3MDIwMDQyWhcNMjYwNDE4MDIwMDQyWjAzMTEwLwYDVQQD
EyhiN2Q4YWE2YjI1ZTM2YzFiZTdhYmU3NzY1YjhjOGExN2YwMmZkYTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbkQs6pazZvtOu8dVCPsjZ9OT6k/
PV2aRLm/Q09bgMFLQqFQdNY9hq+c8Nm4em9ZXin3/XiCBLrTE9eALFEUmKEU4iKD
g6wiSS3x/p6uZ7W0FOd+dTGsJyBP/djyUxUsU5qTJpkrObENl9NXlPlS6MMEOIEV
EbSh0/rngpblNpxKm5i/LzRhwVPBdTWpTPFNsCHsL8bcAFo0IfhMLYjS4PusY6lQ
07FohHUdQnlaq8z4p9YHL/W0j9oEWm6Rk1hdW0TEeWlXU2vAxus4HG57lYDMtHpj
ossmwQNIESd+jxH4AqpNt5rwMVzaD5s/5CPxQNNiCQT+opgj0FguJZzQfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLfYqmsl42wb56vndluMihfwL9qZMB8GA1UdIwQY
MBaAFK8rDiF6NRaDkiBr2nPOYZU1oC81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9kMjU0MWUtNzU5Ny00ODIwLWJlZDct
ZjBkMTk4MDk4NzRhLzEvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9kMjU0MWUtNzU5Ny00ODIwLWJlZDctZjBkMTk4MDk4NzRh
LzEvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfXOhQy9R
WvUQWP/EKVJ5QQGgpgk7Ehx2/yk1eJrhAMj6pBntHfIhwbZvLoDSo/ywniuqm9ww
PjH0Ep8diNB4DoZMrFGMcii3FbOvP0tySd5og7QTcc5ZZtXH7moqXbBiDg/mSWas
45wk017TowhK219IzxU1tb72u+QButJYH06QVEZmhbUX6PvzgPU0mdL++gdN2Ch4
svVtIs9PKJc+q9FANAS28nH127+y390HLdfDYLNrwB9q70Yr/t46S8ba8ikh5K59
1ZP4RRDHKYcb7ePrIQVVcSHITo4WXXFdgW9RP/mCmX/7/pGlfnZFISKCqhN2+K//
K52scKry70rCvQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 10:08:59 2026 by rpki-client