Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft
File: s1IytLD6jIPU_4wSROhk67yt1os.mft (raw, json)
Hash identifier: /a2M41vSP2i8AqE/sHqe1OQldfVpvwe+8l/MmwW95SM=
Subject key identifier: EA:80:77:B0:1A:3C:05:AA:C0:3A:37:85:34:04:DF:B1:41:96:74:17
Authority key identifier: B3:52:32:B4:B0:FA:8C:83:D4:FF:8C:12:44:E8:64:EB:BC:AD:D6:8B
Certificate issuer: /CN=b35232b4b0fa8c83d4ff8c1244e864ebbcadd68b
Certificate serial: 019D9AE275202E80A54149B6D25B61A9EFE4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s1IytLD6jIPU_4wSROhk67yt1os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft
Manifest number: 1339
Signing time: Fri 17 Apr 2026 10:00:25 +0000
Manifest this update: Fri 17 Apr 2026 10:00:25 +0000
Manifest next update: Sat 18 Apr 2026 10:00:25 +0000
Files and hashes: 1: s1IytLD6jIPU_4wSROhk67yt1os.crl (hash: usUyHs0tVGx8fv4g0BVSsl8M/dXG68wLU6xWpLC9eAY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft
rsync://rpki.ripe.net/repository/DEFAULT/s1IytLD6jIPU_4wSROhk67yt1os.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:e2:75:20:2e:80:a5:41:49:b6:d2:5b:61:a9:ef:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b35232b4b0fa8c83d4ff8c1244e864ebbcadd68b
Validity
Not Before: Apr 17 10:00:25 2026 GMT
Not After : Apr 18 10:00:25 2026 GMT
Subject: CN=ea8077b01a3c05aac03a37853404dfb141967417
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:a1:1e:43:e3:2f:10:38:32:43:3c:a5:d9:2d:
ad:6f:c2:99:86:e7:34:bf:72:ca:cc:3b:9a:32:a8:
35:95:bc:63:44:d3:91:f2:ef:f1:0e:56:d9:0d:23:
f7:29:00:a5:35:c2:d1:f8:d2:76:93:b0:f4:21:98:
ec:12:36:6b:ef:c7:4c:67:5a:bf:1d:a2:d5:db:a6:
82:f6:78:62:00:6b:3a:60:38:75:de:a7:95:ff:15:
f9:0d:0e:51:95:fb:3f:55:25:e8:22:e4:cf:74:98:
13:51:30:53:c1:6e:86:55:33:33:49:7f:e6:6a:cd:
bd:b4:da:6d:a9:34:29:ff:cb:1d:81:03:a6:6e:de:
38:6e:d5:8c:53:56:df:10:b7:fd:72:9f:aa:52:cf:
f3:fb:42:48:ec:14:7f:3c:81:30:b7:72:e2:21:fd:
81:97:7e:98:d2:7b:c1:a1:6d:85:56:85:97:88:70:
59:58:2f:04:c4:23:31:93:73:80:c4:48:8b:c8:ec:
1b:27:db:8c:49:f4:75:83:5f:82:fa:e8:fa:0c:9a:
e7:f7:d3:a8:54:4d:5e:1e:f2:ed:ae:79:94:c1:a1:
7f:ce:b9:17:eb:11:c3:7e:39:f0:de:10:d9:f4:59:
4d:82:33:86:95:c9:0e:ea:56:c8:65:02:e0:90:12:
d7:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:80:77:B0:1A:3C:05:AA:C0:3A:37:85:34:04:DF:B1:41:96:74:17
X509v3 Authority Key Identifier:
keyid:B3:52:32:B4:B0:FA:8C:83:D4:FF:8C:12:44:E8:64:EB:BC:AD:D6:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s1IytLD6jIPU_4wSROhk67yt1os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
10:ab:bc:ba:d8:7b:94:c4:68:8b:9c:e6:fe:e6:56:cd:bc:06:
c8:9b:d7:b7:7a:4f:8f:61:d4:59:d5:83:bb:21:f5:a2:3b:36:
41:c5:8c:0e:4d:1e:d3:ba:40:35:5c:27:20:a0:85:0b:9d:60:
4b:55:44:a6:c6:03:3a:79:40:1b:76:9f:44:e2:07:d3:cc:33:
6e:49:a8:22:d9:f1:b3:4a:00:2f:3e:c3:65:cb:61:83:08:84:
76:06:5a:8e:dc:8e:66:72:5b:94:e5:42:77:5c:ed:4f:e0:d4:
fd:58:d5:90:ae:8a:d9:51:fc:8b:8b:ba:d3:a0:a4:53:8c:2b:
91:f5:f2:7d:11:0a:1e:91:f6:2b:1c:f1:9c:50:c8:e6:b9:5b:
0a:89:05:22:75:fc:74:0a:b7:32:4d:63:4a:40:c8:84:ee:99:
ac:fe:ad:35:16:0c:67:3e:b7:ed:33:8a:bf:d5:20:96:10:db:
81:53:4c:ff:3f:8e:24:e6:bc:c0:6d:0e:3f:46:65:a8:d8:b2:
ca:76:36:04:e9:eb:9c:e3:83:91:2f:7f:6f:6b:5c:be:cc:02:
7c:0a:a8:91:1b:9d:02:dd:53:82:3f:1d:78:9f:90:d6:e6:3f:
8d:54:54:48:eb:fa:95:32:6e:ee:01:ec:9b:d2:73:01:86:80:
b0:7a:e8:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4nUgLoClQUm20lthqe/kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNTIzMmI0YjBmYThjODNkNGZmOGMxMjQ0ZTg2NGViYmNh
ZGQ2OGIwHhcNMjYwNDE3MTAwMDI1WhcNMjYwNDE4MTAwMDI1WjAzMTEwLwYDVQQD
EyhlYTgwNzdiMDFhM2MwNWFhYzAzYTM3ODUzNDA0ZGZiMTQxOTY3NDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3qEeQ+MvEDgyQzyl2S2tb8KZhuc0
v3LKzDuaMqg1lbxjRNOR8u/xDlbZDSP3KQClNcLR+NJ2k7D0IZjsEjZr78dMZ1q/
HaLV26aC9nhiAGs6YDh13qeV/xX5DQ5Rlfs/VSXoIuTPdJgTUTBTwW6GVTMzSX/m
as29tNptqTQp/8sdgQOmbt44btWMU1bfELf9cp+qUs/z+0JI7BR/PIEwt3LiIf2B
l36Y0nvBoW2FVoWXiHBZWC8ExCMxk3OAxEiLyOwbJ9uMSfR1g1+C+uj6DJrn99Oo
VE1eHvLtrnmUwaF/zrkX6xHDfjnw3hDZ9FlNgjOGlckO6lbIZQLgkBLXdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOqAd7AaPAWqwDo3hTQE37FBlnQXMB8GA1UdIwQY
MBaAFLNSMrSw+oyD1P+MEkToZOu8rdaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczFJeXRMRDZqSVBVXzR3U1JPaGs2N3l0MW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iZDlmZDgtYTM0Ni00NTllLTgzOGEt
YjkxMjJlNTIxMDU4LzEvczFJeXRMRDZqSVBVXzR3U1JPaGs2N3l0MW9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iZDlmZDgtYTM0Ni00NTllLTgzOGEtYjkxMjJlNTIxMDU4
LzEvczFJeXRMRDZqSVBVXzR3U1JPaGs2N3l0MW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEKu8uth7
lMRoi5zm/uZWzbwGyJvXt3pPj2HUWdWDuyH1ojs2QcWMDk0e07pANVwnIKCFC51g
S1VEpsYDOnlAG3afROIH08wzbkmoItnxs0oALz7DZcthgwiEdgZajtyOZnJblOVC
d1ztT+DU/VjVkK6K2VH8i4u606CkU4wrkfXyfREKHpH2KxzxnFDI5rlbCokFInX8
dAq3Mk1jSkDIhO6ZrP6tNRYMZz637TOKv9UglhDbgVNM/z+OJOa8wG0OP0ZlqNiy
ynY2BOnrnOODkS9/b2tcvswCfAqokRudAt1Tgj8deJ+Q1uY/jVRUSOv6lTJu7gHs
m9JzAYaAsHroOw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:52:42 2026 by rpki-client