Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/68b75c-83df-474e-a9fe-01bf1f145c26/1/0xryhyw_VQMHOGbf_vSItxeD2rY.mft
File: 0xryhyw_VQMHOGbf_vSItxeD2rY.mft (raw, json)
Hash identifier: QH5S/BtCxJ3IHBvfLEP7o5Wz2m+GmKWfuPMPUzsNYUI=
Subject key identifier: 2D:CD:BA:A9:CB:D5:93:86:D9:76:80:BB:7C:22:09:DC:15:97:6D:DD
Authority key identifier: D3:1A:F2:87:2C:3F:55:03:07:38:66:DF:FE:F4:88:B7:17:83:DA:B6
Certificate issuer: /CN=d31af2872c3f5503073866dffef488b71783dab6
Certificate serial: 019E1CEB82FC2BF231B8838BFEDA0BA589AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0xryhyw_VQMHOGbf_vSItxeD2rY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/68b75c-83df-474e-a9fe-01bf1f145c26/1/0xryhyw_VQMHOGbf_vSItxeD2rY.mft
Manifest number: 1605
Signing time: Tue 12 May 2026 16:00:56 +0000
Manifest this update: Tue 12 May 2026 16:00:56 +0000
Manifest next update: Wed 13 May 2026 16:00:56 +0000
Files and hashes: 1: 0xryhyw_VQMHOGbf_vSItxeD2rY.crl (hash: 9boDeRAJrFjtfLNJbGAEJrilx2sTILBOUEeK4CPKCqs=)
2: CrO8u8Oq5BkBEcatDjBKbWW3E7M.roa (hash: imrBuoJmOz69UhOC1sn6VQqSOK7SozDwdVoRAOrOv0g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/68b75c-83df-474e-a9fe-01bf1f145c26/1/0xryhyw_VQMHOGbf_vSItxeD2rY.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/68b75c-83df-474e-a9fe-01bf1f145c26/1/0xryhyw_VQMHOGbf_vSItxeD2rY.mft
rsync://rpki.ripe.net/repository/DEFAULT/0xryhyw_VQMHOGbf_vSItxeD2rY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1c:eb:82:fc:2b:f2:31:b8:83:8b:fe:da:0b:a5:89:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d31af2872c3f5503073866dffef488b71783dab6
Validity
Not Before: May 12 16:00:56 2026 GMT
Not After : May 13 16:00:56 2026 GMT
Subject: CN=2dcdbaa9cbd59386d97680bb7c2209dc15976ddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a3:ee:da:d5:bd:de:bf:40:39:93:6c:c1:d6:
57:1d:f6:80:c8:45:81:3a:f3:46:0f:d8:ed:d4:f1:
20:3d:fc:c4:be:7e:ba:5d:dc:67:e4:ad:c5:06:35:
9d:16:ef:06:d3:98:f1:d9:e2:92:1c:44:19:42:a7:
c6:09:e0:1a:63:04:c7:9b:0c:b2:1b:8a:db:5d:b4:
41:e6:7b:d6:1c:08:cb:2c:d1:74:eb:ef:bc:48:a4:
6b:b9:8b:78:e5:b6:ba:64:1e:7d:3a:69:6c:4f:aa:
80:ff:84:4d:58:31:0e:51:3b:44:47:e4:65:19:8c:
44:67:70:a6:d6:cf:f1:01:76:1f:9d:ce:09:e8:aa:
81:bd:0b:25:d8:9b:b9:e0:4f:e7:49:ae:8f:94:47:
10:ca:12:58:a3:27:d2:20:02:2b:b0:cc:0d:da:e1:
35:c7:a5:98:c8:5e:71:ee:f9:44:95:cd:2d:f6:ca:
f9:3e:12:7c:09:b5:42:e5:d8:92:92:34:54:9f:d8:
ee:33:16:82:95:3c:86:32:d0:68:a1:4f:ef:32:70:
13:37:7f:fa:dc:71:e3:75:16:a9:46:2e:7e:92:a0:
f1:bd:de:66:f7:a0:8d:b1:8b:b8:c0:10:89:92:17:
73:de:76:be:74:18:11:14:a2:5f:1b:a0:ba:4d:c6:
a8:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:CD:BA:A9:CB:D5:93:86:D9:76:80:BB:7C:22:09:DC:15:97:6D:DD
X509v3 Authority Key Identifier:
keyid:D3:1A:F2:87:2C:3F:55:03:07:38:66:DF:FE:F4:88:B7:17:83:DA:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0xryhyw_VQMHOGbf_vSItxeD2rY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/68b75c-83df-474e-a9fe-01bf1f145c26/1/0xryhyw_VQMHOGbf_vSItxeD2rY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/68b75c-83df-474e-a9fe-01bf1f145c26/1/0xryhyw_VQMHOGbf_vSItxeD2rY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
61:7e:75:1b:fb:ea:d1:47:04:14:ce:cb:26:5a:4f:a4:38:42:
7f:c7:85:80:99:b2:bb:b7:a4:df:91:27:12:c4:45:7d:82:48:
85:0d:5b:6e:e7:5a:5f:12:e2:2d:bc:53:d4:b8:fc:dd:0f:34:
b0:5a:36:ee:75:dc:36:2c:af:7a:5e:22:89:8e:c6:a0:9e:4f:
2c:12:54:d2:f3:9d:89:8b:d8:54:85:b7:af:25:9c:70:1e:27:
27:29:32:b0:a6:90:29:3a:b8:4b:99:84:26:fa:b5:23:f8:4c:
52:c0:20:a0:1d:6c:30:ee:e0:25:89:c1:9f:fa:de:4e:aa:df:
85:4d:1b:4b:ce:c9:37:68:ff:12:fc:35:56:a6:5e:2a:81:19:
d3:24:28:77:99:38:c8:52:f3:dd:e5:8a:90:cc:5d:34:07:ff:
63:ff:b8:79:04:89:6e:05:1d:23:0a:83:c4:01:d6:4d:9a:6e:
b7:ba:f6:2d:16:fe:56:83:f5:1e:13:f3:26:cb:7d:66:5d:42:
4a:30:1b:85:fc:21:44:cf:e5:a6:ab:03:b1:23:4b:df:95:a1:
49:b8:ef:9f:9e:1d:d3:ba:e8:d1:4d:33:1f:17:13:cf:a3:04:
2a:f5:f0:9b:99:88:ac:71:ab:8a:3f:fe:39:26:b2:d4:d0:fc:
bd:b8:f9:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4c64L8K/IxuIOL/toLpYmuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMWFmMjg3MmMzZjU1MDMwNzM4NjZkZmZlZjQ4OGI3MTc4
M2RhYjYwHhcNMjYwNTEyMTYwMDU2WhcNMjYwNTEzMTYwMDU2WjAzMTEwLwYDVQQD
EygyZGNkYmFhOWNiZDU5Mzg2ZDk3NjgwYmI3YzIyMDlkYzE1OTc2ZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKPu2tW93r9AOZNswdZXHfaAyEWB
OvNGD9jt1PEgPfzEvn66Xdxn5K3FBjWdFu8G05jx2eKSHEQZQqfGCeAaYwTHmwyy
G4rbXbRB5nvWHAjLLNF06++8SKRruYt45ba6ZB59OmlsT6qA/4RNWDEOUTtER+Rl
GYxEZ3Cm1s/xAXYfnc4J6KqBvQsl2Ju54E/nSa6PlEcQyhJYoyfSIAIrsMwN2uE1
x6WYyF5x7vlElc0t9sr5PhJ8CbVC5diSkjRUn9juMxaClTyGMtBooU/vMnATN3/6
3HHjdRapRi5+kqDxvd5m96CNsYu4wBCJkhdz3na+dBgRFKJfG6C6TcaoHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC3NuqnL1ZOG2XaAu3wiCdwVl23dMB8GA1UdIwQY
MBaAFNMa8ocsP1UDBzhm3/70iLcXg9q2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHhyeWh5d19WUU1IT0diZl92U0l0eGVEMnJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS82OGI3NWMtODNkZi00NzRlLWE5ZmUt
MDFiZjFmMTQ1YzI2LzEvMHhyeWh5d19WUU1IT0diZl92U0l0eGVEMnJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS82OGI3NWMtODNkZi00NzRlLWE5ZmUtMDFiZjFmMTQ1YzI2
LzEvMHhyeWh5d19WUU1IT0diZl92U0l0eGVEMnJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYX51G/vq
0UcEFM7LJlpPpDhCf8eFgJmyu7ek35EnEsRFfYJIhQ1bbudaXxLiLbxT1Lj83Q80
sFo27nXcNiyvel4iiY7GoJ5PLBJU0vOdiYvYVIW3ryWccB4nJykysKaQKTq4S5mE
Jvq1I/hMUsAgoB1sMO7gJYnBn/reTqrfhU0bS87JN2j/Evw1VqZeKoEZ0yQod5k4
yFLz3eWKkMxdNAf/Y/+4eQSJbgUdIwqDxAHWTZput7r2LRb+VoP1HhPzJst9Zl1C
SjAbhfwhRM/lpqsDsSNL35WhSbjvn54d07ro0U0zHxcTz6MEKvXwm5mIrHGrij/+
OSay1ND8vbj57A==
-----END CERTIFICATE-----
Generated at Tue May 12 21:44:07 2026 by rpki-client