Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.mft
File: 0krezYS7F0i9NbmezqRncuAeyTU.mft (raw, json)
Hash identifier: gcvdChErEn2UT9xheew5bou/JGySHK9DjOFHErbfJ2E=
Subject key identifier: AA:8C:D3:53:96:B2:3B:42:1C:8E:52:91:BD:D7:98:C4:F9:37:B8:AB
Authority key identifier: D2:4A:DE:CD:84:BB:17:48:BD:35:B9:9E:CE:A4:67:72:E0:1E:C9:35
Certificate issuer: /CN=d24adecd84bb1748bd35b99ecea46772e01ec935
Certificate serial: 019D9A3F2D3CE49637BFB80BB05A596B73D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0krezYS7F0i9NbmezqRncuAeyTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.mft
Manifest number: 18C5
Signing time: Fri 17 Apr 2026 07:02:04 +0000
Manifest this update: Fri 17 Apr 2026 07:02:04 +0000
Manifest next update: Sat 18 Apr 2026 07:02:04 +0000
Files and hashes: 1: 0krezYS7F0i9NbmezqRncuAeyTU.crl (hash: Wa3MGw1GYKYe1iFWqA/P6uA0QecyGnCrphWAwZEPjlQ=)
2: THoFRGj7we5B4orPSAEMrZc2v9I.roa (hash: nx8ZhN2tRi/Vu5vUK7/jsnnIAjWNN0LM5ZVA5cvmy60=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.mft
rsync://rpki.ripe.net/repository/DEFAULT/0krezYS7F0i9NbmezqRncuAeyTU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:3f:2d:3c:e4:96:37:bf:b8:0b:b0:5a:59:6b:73:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d24adecd84bb1748bd35b99ecea46772e01ec935
Validity
Not Before: Apr 17 07:02:04 2026 GMT
Not After : Apr 18 07:02:04 2026 GMT
Subject: CN=aa8cd35396b23b421c8e5291bdd798c4f937b8ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:6f:65:87:a7:44:d3:cf:d6:52:11:cd:29:89:
f5:7d:44:54:2d:4e:58:d8:42:38:22:ec:3d:cf:5c:
8f:ff:8e:1f:28:6e:92:e5:8d:66:03:b2:98:e1:2a:
cc:4b:d7:a6:2f:90:34:98:27:cd:2c:4a:82:a4:7e:
73:72:0c:45:70:79:b0:7a:ea:f2:f1:34:04:14:d3:
7a:91:85:59:8b:d8:76:20:2b:0f:10:0a:c9:dd:fd:
12:be:4f:e5:9b:2f:da:32:04:d2:fd:27:a7:cf:3e:
17:e4:96:a4:58:ca:a8:86:67:ea:eb:d4:39:58:cb:
5c:0a:15:8f:c5:37:39:17:49:3b:9d:c2:ef:95:0e:
a8:d2:9b:2b:b2:1e:8e:02:83:d3:24:d7:9e:00:97:
61:92:52:11:f7:9c:23:ad:e1:5c:51:62:ed:7f:d5:
40:1e:90:4b:b6:f1:96:e1:6f:cc:de:e0:25:06:62:
3a:75:bf:0b:71:9c:73:60:64:c3:f0:ee:ea:02:09:
a9:f4:f5:ae:de:b1:dc:eb:1b:b0:cb:f5:ac:ea:00:
46:32:74:91:9f:e0:ac:4b:85:aa:66:35:d5:06:b9:
34:e3:82:02:f5:11:6e:33:fc:62:c1:e5:45:e7:fc:
b3:55:18:58:3d:8d:18:de:04:32:a7:c2:3f:5c:0a:
75:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:8C:D3:53:96:B2:3B:42:1C:8E:52:91:BD:D7:98:C4:F9:37:B8:AB
X509v3 Authority Key Identifier:
keyid:D2:4A:DE:CD:84:BB:17:48:BD:35:B9:9E:CE:A4:67:72:E0:1E:C9:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0krezYS7F0i9NbmezqRncuAeyTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4e:47:15:e7:30:3a:dd:d7:79:28:2e:81:e3:71:82:2e:ff:fe:
08:f9:23:be:79:3b:93:d7:bc:4a:5d:1a:03:86:d2:86:ee:fc:
11:c0:06:1b:55:f6:c9:bb:d6:ba:ab:61:bc:34:c5:e7:d4:0a:
c9:60:20:ba:09:4b:2d:c1:dd:bd:f5:bf:08:7d:53:11:25:b5:
ce:11:e0:2a:d1:dc:0a:27:de:af:45:6e:d0:56:c8:b4:3d:ff:
0d:b1:cf:4f:e9:a2:c9:f5:fc:d4:a3:c7:90:29:ee:fe:ab:17:
3f:33:e4:a9:8d:59:de:ee:bc:dc:97:3b:40:5a:64:0a:96:f1:
11:a9:62:c2:b8:b3:f9:07:05:93:a1:ff:c4:4e:81:4a:20:53:
04:21:29:97:a3:21:1e:7f:32:84:36:20:3a:68:b1:4c:58:14:
68:0d:50:39:54:d7:26:21:39:f5:64:34:d5:88:8d:35:45:03:
46:f6:6f:c1:71:48:6f:cc:18:48:fa:e9:d4:24:cd:89:8d:41:
56:a6:2a:6b:27:b4:23:cb:46:67:e0:6c:44:73:eb:be:14:e1:
6d:da:47:a0:49:83:c4:31:b8:e7:fc:03:7c:0b:08:85:a3:c3:
ce:91:b2:c9:6d:77:8a:02:ce:50:e0:be:fd:3a:48:1f:44:e7:
fe:1d:ff:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aPy085JY3v7gLsFpZa3PWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNGFkZWNkODRiYjE3NDhiZDM1Yjk5ZWNlYTQ2NzcyZTAx
ZWM5MzUwHhcNMjYwNDE3MDcwMjA0WhcNMjYwNDE4MDcwMjA0WjAzMTEwLwYDVQQD
EyhhYThjZDM1Mzk2YjIzYjQyMWM4ZTUyOTFiZGQ3OThjNGY5MzdiOGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxG9lh6dE08/WUhHNKYn1fURULU5Y
2EI4Iuw9z1yP/44fKG6S5Y1mA7KY4SrMS9emL5A0mCfNLEqCpH5zcgxFcHmweury
8TQEFNN6kYVZi9h2ICsPEArJ3f0Svk/lmy/aMgTS/Senzz4X5JakWMqohmfq69Q5
WMtcChWPxTc5F0k7ncLvlQ6o0psrsh6OAoPTJNeeAJdhklIR95wjreFcUWLtf9VA
HpBLtvGW4W/M3uAlBmI6db8LcZxzYGTD8O7qAgmp9PWu3rHc6xuwy/Ws6gBGMnSR
n+CsS4WqZjXVBrk044IC9RFuM/xiweVF5/yzVRhYPY0Y3gQyp8I/XAp1CwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKqM01OWsjtCHI5Skb3XmMT5N7irMB8GA1UdIwQY
MBaAFNJK3s2EuxdIvTW5ns6kZ3LgHsk1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGtyZXpZUzdGMGk5TmJtZXpxUm5jdUFleVRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS82M2E4NDUtOGMwOS00ZDY5LWE3NzEt
NDhhNjA3YmJlMjVlLzEvMGtyZXpZUzdGMGk5TmJtZXpxUm5jdUFleVRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS82M2E4NDUtOGMwOS00ZDY5LWE3NzEtNDhhNjA3YmJlMjVl
LzEvMGtyZXpZUzdGMGk5TmJtZXpxUm5jdUFleVRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATkcV5zA6
3dd5KC6B43GCLv/+CPkjvnk7k9e8Sl0aA4bShu78EcAGG1X2ybvWuqthvDTF59QK
yWAguglLLcHdvfW/CH1TESW1zhHgKtHcCifer0Vu0FbItD3/DbHPT+miyfX81KPH
kCnu/qsXPzPkqY1Z3u683Jc7QFpkCpbxEaliwriz+QcFk6H/xE6BSiBTBCEpl6Mh
Hn8yhDYgOmixTFgUaA1QOVTXJiE59WQ01YiNNUUDRvZvwXFIb8wYSPrp1CTNiY1B
VqYqaye0I8tGZ+BsRHPrvhThbdpHoEmDxDG45/wDfAsIhaPDzpGyyW13igLOUOC+
/TpIH0Tn/h3/+g==
-----END CERTIFICATE-----
Generated at Fri Apr 17 10:58:11 2026 by rpki-client