Manifest
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/0/CE964F98379F0320A7191E6D6788800535885928.mft
File: CE964F98379F0320A7191E6D6788800535885928.mft (raw, json)
Hash identifier: 8mP8w1m6jQr7zEg3VQwY81lTE8usTgZ3Nr/RBXaEBDc=
Subject key identifier: 51:01:B5:16:BB:10:78:6F:7D:0E:01:D5:35:2E:71:7A:47:30:F0:F8
Authority key identifier: CE:96:4F:98:37:9F:03:20:A7:19:1E:6D:67:88:80:05:35:88:59:28
Certificate issuer: /CN=ce964f98379f0320a7191e6d6788800535885928
Certificate serial: 652986AA6132F5F1D3F52290C16801B113C8D26F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zpZPmDefAyCnGR5tZ4iABTWIWSg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/0/CE964F98379F0320A7191E6D6788800535885928.mft
Manifest number: 0153
Signing time: Fri 17 Apr 2026 10:15:50 +0000
Manifest this update: Fri 17 Apr 2026 10:10:50 +0000
Manifest next update: Sat 18 Apr 2026 11:47:50 +0000
Files and hashes: 1: AS214955.asa (hash: Q8xewUCi/NeJj+8SeKwplh2UruSS6EWahrF4De9gRYA=)
2: CE964F98379F0320A7191E6D6788800535885928.crl (hash: AGX5YANOM+gwT8HNoZnggjmnQVdxHbcotz51ISkbI+4=)
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/0/CE964F98379F0320A7191E6D6788800535885928.crl
rsync://rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/0/CE964F98379F0320A7191E6D6788800535885928.mft
rsync://rpki.ripe.net/repository/DEFAULT/zpZPmDefAyCnGR5tZ4iABTWIWSg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:29:86:aa:61:32:f5:f1:d3:f5:22:90:c1:68:01:b1:13:c8:d2:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce964f98379f0320a7191e6d6788800535885928
Validity
Not Before: Apr 17 10:10:50 2026 GMT
Not After : Apr 18 11:47:50 2026 GMT
Subject: CN=5101B516BB10786F7D0E01D5352E717A4730F0F8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:83:ad:80:7c:36:33:d3:86:06:e0:32:ac:7d:
ab:09:5f:bd:95:d9:ba:f0:9c:73:cb:9b:f7:d4:52:
ea:40:43:fc:8e:01:d7:45:bf:0f:2c:11:b8:84:ce:
dd:29:94:f6:51:1f:e7:fb:f0:ed:97:5c:7c:c5:bd:
d4:ad:a6:d3:94:45:0e:0d:ad:71:8c:2f:25:32:ad:
c3:5c:f5:a8:d5:88:20:1c:ea:83:62:fc:cb:7d:35:
ab:21:f8:d9:a6:ab:23:91:b4:27:69:10:6c:0a:d3:
0b:94:d7:0f:24:c2:d2:e5:d7:2b:44:9b:a4:ce:fd:
2a:33:25:9b:eb:08:75:b0:2c:e2:e0:40:33:af:c8:
d3:6f:d7:71:e4:bd:23:d8:26:74:a4:d2:60:a2:70:
15:d0:9a:d6:f6:ef:26:8a:6e:84:93:a9:bd:a2:ea:
c2:2d:c7:4f:9e:6f:5c:e7:d8:90:63:24:ae:39:ed:
17:f7:54:39:38:7b:c8:d6:5d:52:66:ad:b9:13:c3:
c7:a2:4f:8e:44:44:dd:36:d8:65:cc:10:8e:9d:b2:
26:12:fa:c0:41:f6:e2:0e:c0:7a:dd:c1:ae:7b:22:
22:08:19:df:ec:a7:94:0e:d0:a2:d4:2a:5c:78:27:
9d:73:b8:9b:de:72:6e:0b:6c:3f:87:32:52:8a:9e:
3d:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:01:B5:16:BB:10:78:6F:7D:0E:01:D5:35:2E:71:7A:47:30:F0:F8
X509v3 Authority Key Identifier:
keyid:CE:96:4F:98:37:9F:03:20:A7:19:1E:6D:67:88:80:05:35:88:59:28
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/0/CE964F98379F0320A7191E6D6788800535885928.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zpZPmDefAyCnGR5tZ4iABTWIWSg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/0/CE964F98379F0320A7191E6D6788800535885928.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
63:0b:ed:89:8b:83:1b:6b:52:58:8e:bf:e0:aa:07:0d:20:27:
71:d8:78:c8:9e:d9:cc:62:89:9d:70:4e:c1:41:37:ee:c2:19:
56:77:e0:e5:27:03:b0:7a:bb:f2:ae:ab:8a:18:5e:e6:cc:46:
d0:24:76:8e:e5:7e:fa:4d:c2:88:13:17:96:06:fa:59:72:29:
b5:9f:c0:1f:90:25:0c:79:c0:a8:b4:ed:b6:75:a3:e0:45:2f:
60:42:bd:bb:fb:c7:04:08:eb:3d:3b:4e:f0:84:d1:92:89:7c:
eb:24:1d:b2:28:c6:11:45:98:fc:f9:d0:7c:32:07:9b:f8:43:
e0:be:29:2e:00:9b:65:be:f9:38:40:4a:59:f5:b5:c8:af:90:
6d:c7:ab:fb:f0:21:00:f5:ce:96:56:d1:d5:a8:8e:a3:e3:2a:
81:95:ba:fa:11:fb:9a:e5:45:4a:77:57:2a:0e:36:16:45:21:
0b:45:a9:98:14:0d:b0:84:85:52:f7:0c:26:bb:b1:f9:b4:b2:
11:15:0a:33:c2:96:1d:ca:a2:cd:79:c8:31:3d:b3:1a:1d:36:
dc:ec:15:2f:2c:8e:67:92:e6:f8:09:17:51:e6:4c:3b:24:f1:
26:17:ba:8d:bb:08:bb:2a:00:4d:96:4e:29:17:bd:42:22:e7:
13:7c:40:01
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUZSmGqmEy9fHT9SKQwWgBsRPI0m8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2U5NjRmOTgzNzlmMDMyMGE3MTkxZTZkNjc4ODgwMDUz
NTg4NTkyODAeFw0yNjA0MTcxMDEwNTBaFw0yNjA0MTgxMTQ3NTBaMDMxMTAvBgNV
BAMTKDUxMDFCNTE2QkIxMDc4NkY3RDBFMDFENTM1MkU3MTdBNDczMEYwRjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7g62AfDYz04YG4DKsfasJX72V
2brwnHPLm/fUUupAQ/yOAddFvw8sEbiEzt0plPZRH+f78O2XXHzFvdStptOURQ4N
rXGMLyUyrcNc9ajViCAc6oNi/Mt9Nash+NmmqyORtCdpEGwK0wuU1w8kwtLl1ytE
m6TO/SozJZvrCHWwLOLgQDOvyNNv13HkvSPYJnSk0mCicBXQmtb27yaKboSTqb2i
6sItx0+eb1zn2JBjJK457Rf3VDk4e8jWXVJmrbkTw8eiT45ERN022GXMEI6dsiYS
+sBB9uIOwHrdwa57IiIIGd/sp5QO0KLUKlx4J51zuJvecm4LbD+HMlKKnj2LAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUUQG1FrsQeG99DgHVNS5xekcw8PgwHwYDVR0j
BBgwFoAUzpZPmDefAyCnGR5tZ4iABTWIWSgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvM2Y5OWU2NmQtNGM3Yi00MTMwLTkxZDUtNGZiZDg0MzU3
NzkyLzAvQ0U5NjRGOTgzNzlGMDMyMEE3MTkxRTZENjc4ODgwMDUzNTg4NTkyOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3pwWlBtRGVmQXlDbkdSNXRaNGlBQlRX
SVdTZy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zZjk5ZTY2ZC00
YzdiLTQxMzAtOTFkNS00ZmJkODQzNTc3OTIvMC9DRTk2NEY5ODM3OUYwMzIwQTcx
OTFFNkQ2Nzg4ODAwNTM1ODg1OTI4Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYwvtiYuDG2tSWI6/4KoH
DSAncdh4yJ7ZzGKJnXBOwUE37sIZVnfg5ScDsHq78q6rihhe5sxG0CR2juV++k3C
iBMXlgb6WXIptZ/AH5AlDHnAqLTttnWj4EUvYEK9u/vHBAjrPTtO8ITRkol86yQd
sijGEUWY/PnQfDIHm/hD4L4pLgCbZb75OEBKWfW1yK+Qbcer+/AhAPXOllbR1aiO
o+MqgZW6+hH7muVFSndXKg42FkUhC0WpmBQNsISFUvcMJrux+bSyERUKM8KWHcqi
zXnIMT2zGh023OwVLyyOZ5Lm+AkXUeZMOyTxJhe6jbsIuyoATZZOKRe9QiLnE3xA
AQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:27:27 2026 by rpki-client