Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/53b489-ab48-49fe-9d01-a0e37f25a515/1/DIdKX1JzTiYOe_pNRRFK3ZJ341M.mft
File: DIdKX1JzTiYOe_pNRRFK3ZJ341M.mft (raw, json)
Hash identifier: lflJfjiHfkvQR0cD+mu/5e1vWnjZJLqyYjWQdtdigXs=
Subject key identifier: 40:71:58:BF:B1:12:EF:AA:E4:91:A1:A0:B9:75:6E:8D:D3:E3:BC:0D
Authority key identifier: 0C:87:4A:5F:52:73:4E:26:0E:7B:FA:4D:45:11:4A:DD:92:77:E3:53
Certificate issuer: /CN=0c874a5f52734e260e7bfa4d45114add9277e353
Certificate serial: 019E1D597892AFD12C77C105EB8412ADE21B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DIdKX1JzTiYOe_pNRRFK3ZJ341M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/53b489-ab48-49fe-9d01-a0e37f25a515/1/DIdKX1JzTiYOe_pNRRFK3ZJ341M.mft
Manifest number: 0AF3
Signing time: Tue 12 May 2026 18:01:03 +0000
Manifest this update: Tue 12 May 2026 18:01:03 +0000
Manifest next update: Wed 13 May 2026 18:01:03 +0000
Files and hashes: 1: 96SX2S5aBWouZ5qx7BRgteL4iq8.roa (hash: M3a2yFufjkSiLfAokMv1+05AOpH8jhB4+9skztdJecg=)
2: DIdKX1JzTiYOe_pNRRFK3ZJ341M.crl (hash: EadtOlPXjA+/iTqkHqQ7Lv5ChUIbuG4xf6frR++30YM=)
3: L6SdCLp_FHvz3o3tKNX0l8WA490.roa (hash: 9JHTUcRidI2GiaDB1BZb9pHbOm8ZJYd9k9gXu4meKKU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/53b489-ab48-49fe-9d01-a0e37f25a515/1/DIdKX1JzTiYOe_pNRRFK3ZJ341M.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/53b489-ab48-49fe-9d01-a0e37f25a515/1/DIdKX1JzTiYOe_pNRRFK3ZJ341M.mft
rsync://rpki.ripe.net/repository/DEFAULT/DIdKX1JzTiYOe_pNRRFK3ZJ341M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1d:59:78:92:af:d1:2c:77:c1:05:eb:84:12:ad:e2:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c874a5f52734e260e7bfa4d45114add9277e353
Validity
Not Before: May 12 18:01:03 2026 GMT
Not After : May 13 18:01:03 2026 GMT
Subject: CN=407158bfb112efaae491a1a0b9756e8dd3e3bc0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:4b:2a:2a:d7:a7:b9:92:2c:c2:2a:40:79:e9:
8d:f1:08:59:22:1d:d7:54:aa:5e:d0:2b:54:eb:c0:
54:f6:d9:ec:20:fe:f2:a3:80:06:c8:5a:68:0a:6f:
5a:5c:07:44:4a:1b:b1:df:65:21:97:d7:45:86:f3:
eb:47:76:9f:04:91:c3:03:ab:03:74:aa:db:db:23:
95:c3:ac:d3:9b:37:3d:0c:bc:42:39:78:5e:4d:6e:
bd:9d:ca:8f:d0:62:f9:83:36:3e:39:88:1b:12:6c:
44:8d:dd:a6:e6:9f:a3:92:d0:d2:38:b6:9b:12:b7:
26:d5:4d:64:2e:ef:9d:a3:6d:87:71:0e:da:19:47:
07:c4:d1:e0:c3:fd:db:42:97:e7:f1:49:6a:5a:5a:
69:88:5d:84:07:fa:a8:ae:5f:1d:82:f1:06:a1:45:
4c:d3:54:b9:33:90:1b:01:62:26:2b:2f:d6:c4:e1:
41:09:06:d9:34:64:c5:83:ae:4c:09:29:23:f7:55:
5a:a7:7f:2a:47:d5:2f:83:b2:97:1d:cc:ff:6a:9e:
78:a0:be:68:37:a5:7a:59:e5:42:51:c9:8d:9a:f8:
02:c8:13:fa:91:97:aa:31:5c:16:5f:61:5d:6c:35:
64:6e:02:92:89:d1:53:5a:16:af:c8:4c:cf:d8:a1:
a1:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:71:58:BF:B1:12:EF:AA:E4:91:A1:A0:B9:75:6E:8D:D3:E3:BC:0D
X509v3 Authority Key Identifier:
keyid:0C:87:4A:5F:52:73:4E:26:0E:7B:FA:4D:45:11:4A:DD:92:77:E3:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DIdKX1JzTiYOe_pNRRFK3ZJ341M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/53b489-ab48-49fe-9d01-a0e37f25a515/1/DIdKX1JzTiYOe_pNRRFK3ZJ341M.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/53b489-ab48-49fe-9d01-a0e37f25a515/1/DIdKX1JzTiYOe_pNRRFK3ZJ341M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8f:90:5a:21:74:14:65:41:3e:4c:da:52:1c:5e:6b:51:dc:e5:
3b:50:ad:2a:72:4b:6e:7f:56:da:d9:64:a9:24:cc:63:7c:5e:
a2:48:d4:ff:69:af:f5:db:68:90:dd:e0:a5:1c:3e:d9:79:9a:
da:42:f0:8c:58:2e:76:44:e1:b7:82:85:39:52:3b:45:6b:7a:
1d:30:d8:4d:7c:bd:ce:2a:0e:e3:c0:61:f3:c6:b1:d6:7d:69:
1a:7a:00:4a:ce:ef:f7:69:a7:57:74:1a:c2:9f:54:d4:83:5a:
e4:29:7e:cf:40:e9:f1:79:29:f5:25:e5:6c:67:de:9d:08:d7:
30:2c:12:93:77:72:79:89:7f:91:fb:f1:0b:ed:d4:29:42:35:
2c:f1:69:11:59:ed:7b:34:d2:b9:38:f7:1d:07:90:83:57:1c:
b8:dd:67:af:c8:7f:cb:e9:69:df:c0:cf:ce:cb:fc:37:32:da:
64:c1:2e:76:13:6e:0a:33:73:ff:f8:8c:7b:69:e9:0c:90:75:
3a:e3:e6:48:d4:be:17:61:d2:26:f0:21:98:bb:c5:e4:f9:38:
eb:5e:70:e3:5c:f3:08:4b:8a:d8:fa:a9:30:e6:e8:c0:a0:a0:
98:12:44:a8:3f:a9:75:80:37:ca:a2:c7:2a:68:51:a7:89:06:
f2:70:12:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4dWXiSr9Esd8EF64QSreIbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjODc0YTVmNTI3MzRlMjYwZTdiZmE0ZDQ1MTE0YWRkOTI3
N2UzNTMwHhcNMjYwNTEyMTgwMTAzWhcNMjYwNTEzMTgwMTAzWjAzMTEwLwYDVQQD
Eyg0MDcxNThiZmIxMTJlZmFhZTQ5MWExYTBiOTc1NmU4ZGQzZTNiYzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzEsqKtenuZIswipAeemN8QhZIh3X
VKpe0CtU68BU9tnsIP7yo4AGyFpoCm9aXAdEShux32Uhl9dFhvPrR3afBJHDA6sD
dKrb2yOVw6zTmzc9DLxCOXheTW69ncqP0GL5gzY+OYgbEmxEjd2m5p+jktDSOLab
Ercm1U1kLu+do22HcQ7aGUcHxNHgw/3bQpfn8UlqWlppiF2EB/qorl8dgvEGoUVM
01S5M5AbAWImKy/WxOFBCQbZNGTFg65MCSkj91Vap38qR9Uvg7KXHcz/ap54oL5o
N6V6WeVCUcmNmvgCyBP6kZeqMVwWX2FdbDVkbgKSidFTWhavyEzP2KGhdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEBxWL+xEu+q5JGhoLl1bo3T47wNMB8GA1UdIwQY
MBaAFAyHSl9Sc04mDnv6TUURSt2Sd+NTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRElkS1gxSnpUaVlPZV9wTlJSRkszWkozNDFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC81M2I0ODktYWI0OC00OWZlLTlkMDEt
YTBlMzdmMjVhNTE1LzEvRElkS1gxSnpUaVlPZV9wTlJSRkszWkozNDFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC81M2I0ODktYWI0OC00OWZlLTlkMDEtYTBlMzdmMjVhNTE1
LzEvRElkS1gxSnpUaVlPZV9wTlJSRkszWkozNDFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj5BaIXQU
ZUE+TNpSHF5rUdzlO1CtKnJLbn9W2tlkqSTMY3xeokjU/2mv9dtokN3gpRw+2Xma
2kLwjFgudkTht4KFOVI7RWt6HTDYTXy9zioO48Bh88ax1n1pGnoASs7v92mnV3Qa
wp9U1INa5Cl+z0Dp8Xkp9SXlbGfenQjXMCwSk3dyeYl/kfvxC+3UKUI1LPFpEVnt
ezTSuTj3HQeQg1ccuN1nr8h/y+lp38DPzsv8NzLaZMEudhNuCjNz//iMe2npDJB1
OuPmSNS+F2HSJvAhmLvF5Pk4615w41zzCEuK2PqpMObowKCgmBJEqD+pdYA3yqLH
KmhRp4kG8nASjw==
-----END CERTIFICATE-----
Generated at Tue May 12 21:15:36 2026 by rpki-client