Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
File: v99XKOyr1W70Y3NWlVhmylRoaRo.mft (raw, json)
Hash identifier: PgoceOcpYazSU/CZDohUXNRDxdRqjAdS5yOcvSI0Pxc=
Subject key identifier: 1C:5F:3E:F5:9D:7C:34:C0:36:4E:65:2B:6C:3B:6A:D3:50:71:86:02
Authority key identifier: BF:DF:57:28:EC:AB:D5:6E:F4:63:73:56:95:58:66:CA:54:68:69:1A
Certificate issuer: /CN=bfdf5728ecabd56ef4637356955866ca5468691a
Certificate serial: 019E1E34FAA7C2035A97A2ED9A73E16D2EBB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
Manifest number: 0529
Signing time: Tue 12 May 2026 22:00:48 +0000
Manifest this update: Tue 12 May 2026 22:00:48 +0000
Manifest next update: Wed 13 May 2026 22:00:48 +0000
Files and hashes: 1: 3BcGBZCHDgJs9gSoEvIJqO6Wdng.roa (hash: QqrBTNsjue3924ijEFZUnNRSzA8ZRhSOavKbIrZOqys=)
2: v99XKOyr1W70Y3NWlVhmylRoaRo.crl (hash: 3iabNSnviMVFA2lKDeOeKwTuqFcnHF+yBXtz5A3eGzA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 22:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1e:34:fa:a7:c2:03:5a:97:a2:ed:9a:73:e1:6d:2e:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfdf5728ecabd56ef4637356955866ca5468691a
Validity
Not Before: May 12 22:00:48 2026 GMT
Not After : May 13 22:00:48 2026 GMT
Subject: CN=1c5f3ef59d7c34c0364e652b6c3b6ad350718602
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2d:8f:98:3a:cb:42:39:6f:4f:92:cc:c4:a9:
ef:d0:16:8c:bc:e2:41:6d:fb:33:2e:85:f9:ba:2f:
97:87:ef:1c:40:47:ae:04:17:5e:0c:21:97:4b:f0:
b9:f1:97:d5:66:07:7a:28:96:83:96:8b:03:ed:8a:
7f:09:d6:0f:b9:46:38:b8:63:37:8f:74:cb:b3:13:
2c:22:0d:2c:b4:ed:64:c1:de:e2:fe:4f:af:33:ab:
1d:0a:98:07:7c:76:d7:77:e9:ca:28:ad:0f:7f:0f:
f0:75:85:88:fe:ba:1c:ad:fa:a1:46:ba:75:c6:32:
7b:00:72:e3:6f:86:86:f6:12:1f:00:e4:db:63:8e:
96:c2:f5:4b:18:7c:1d:aa:28:bf:57:ff:52:c4:fd:
70:cd:19:cb:af:0c:ae:9c:da:b0:8e:8b:fb:16:e0:
8f:10:f3:11:5b:ee:13:9a:e3:d0:95:24:c6:da:85:
c5:9b:c4:8d:69:9e:00:6a:48:3f:a1:a4:d9:ef:c7:
c2:fa:8b:96:5c:4c:07:4e:31:f3:5c:5e:f6:43:69:
2c:84:63:b4:af:8e:7f:e3:95:4e:c0:9e:50:e2:69:
e3:0b:44:ae:f7:38:8e:6f:9c:5e:13:ea:92:98:16:
ed:17:20:d8:cf:1b:91:27:fb:5b:40:92:f8:45:43:
e7:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:5F:3E:F5:9D:7C:34:C0:36:4E:65:2B:6C:3B:6A:D3:50:71:86:02
X509v3 Authority Key Identifier:
keyid:BF:DF:57:28:EC:AB:D5:6E:F4:63:73:56:95:58:66:CA:54:68:69:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0c:0f:01:ee:a8:d3:c2:1a:7b:9b:8c:9d:99:8e:bb:d7:07:b6:
60:b7:26:92:9f:2c:dc:55:66:f1:d6:12:b8:c3:8f:b0:82:42:
e5:81:e0:33:8f:c3:fe:52:d3:ae:0a:75:74:15:81:0c:e8:4f:
60:f9:fa:39:92:a1:53:28:5f:fe:69:7f:36:35:be:e5:53:4c:
94:cd:12:76:e3:74:f9:74:41:d0:5e:76:ac:a0:84:b6:28:59:
cc:54:5f:49:4c:a9:58:aa:42:66:9d:76:06:da:82:3c:08:94:
d3:b4:b3:c8:2f:74:9e:ee:e8:98:39:58:ad:d7:d3:c2:cb:09:
15:8d:34:5b:62:71:47:73:41:a9:a8:67:01:a4:e2:e4:b1:46:
cf:22:73:4f:11:8d:e7:61:43:9c:3a:d4:4e:e9:79:10:c2:f7:
da:bc:ba:e2:a4:6a:63:28:75:eb:2d:d5:22:2e:c4:70:4b:42:
8e:66:2a:a9:90:18:47:55:85:ff:21:a8:b3:b1:bc:e5:9b:b3:
96:87:b8:6a:ab:a6:32:5d:8b:30:9a:a4:3b:33:18:2e:e4:ab:
4f:c6:41:b7:09:de:0f:ca:b2:d1:d0:83:b6:2e:6f:56:20:c5:
50:a1:72:0a:8c:f8:9c:88:95:a9:1f:7a:44:bc:78:41:43:9a:
eb:b4:5b:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eNPqnwgNal6LtmnPhbS67MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZGY1NzI4ZWNhYmQ1NmVmNDYzNzM1Njk1NTg2NmNhNTQ2
ODY5MWEwHhcNMjYwNTEyMjIwMDQ4WhcNMjYwNTEzMjIwMDQ4WjAzMTEwLwYDVQQD
EygxYzVmM2VmNTlkN2MzNGMwMzY0ZTY1MmI2YzNiNmFkMzUwNzE4NjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqi2PmDrLQjlvT5LMxKnv0BaMvOJB
bfszLoX5ui+Xh+8cQEeuBBdeDCGXS/C58ZfVZgd6KJaDlosD7Yp/CdYPuUY4uGM3
j3TLsxMsIg0stO1kwd7i/k+vM6sdCpgHfHbXd+nKKK0Pfw/wdYWI/rocrfqhRrp1
xjJ7AHLjb4aG9hIfAOTbY46WwvVLGHwdqii/V/9SxP1wzRnLrwyunNqwjov7FuCP
EPMRW+4TmuPQlSTG2oXFm8SNaZ4Aakg/oaTZ78fC+ouWXEwHTjHzXF72Q2kshGO0
r45/45VOwJ5Q4mnjC0Su9ziOb5xeE+qSmBbtFyDYzxuRJ/tbQJL4RUPnDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBxfPvWdfDTANk5lK2w7atNQcYYCMB8GA1UdIwQY
MBaAFL/fVyjsq9Vu9GNzVpVYZspUaGkaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9mY2YzMjItMTdjMS00ZjQwLWE2MTgt
YmQxNGQzNDRiYmYyLzEvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9mY2YzMjItMTdjMS00ZjQwLWE2MTgtYmQxNGQzNDRiYmYy
LzEvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADA8B7qjT
whp7m4ydmY671we2YLcmkp8s3FVm8dYSuMOPsIJC5YHgM4/D/lLTrgp1dBWBDOhP
YPn6OZKhUyhf/ml/NjW+5VNMlM0SduN0+XRB0F52rKCEtihZzFRfSUypWKpCZp12
BtqCPAiU07SzyC90nu7omDlYrdfTwssJFY00W2JxR3NBqahnAaTi5LFGzyJzTxGN
52FDnDrUTul5EML32ry64qRqYyh16y3VIi7EcEtCjmYqqZAYR1WF/yGos7G85Zuz
loe4aqumMl2LMJqkOzMYLuSrT8ZBtwneD8qy0dCDti5vViDFUKFyCoz4nIiVqR96
RLx4QUOa67Rbdw==
-----END CERTIFICATE-----
Generated at Wed May 13 04:34:52 2026 by rpki-client