Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft
File: D2HrqF8lrXvk2foP9UUoqUorNjc.mft (raw, json)
Hash identifier: oXaqGGC4Q346fv63Z2eby4lM+CnPfnI9+J57QD+n+jc=
Subject key identifier: 31:6E:CA:41:F3:39:0F:89:D6:82:91:DB:2E:DA:0A:4C:09:2E:EF:7C
Authority key identifier: 0F:61:EB:A8:5F:25:AD:7B:E4:D9:FA:0F:F5:45:28:A9:4A:2B:36:37
Certificate issuer: /CN=0f61eba85f25ad7be4d9fa0ff54528a94a2b3637
Certificate serial: 019E1CB5224A4F304CEE6F0F20724B69FA88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2HrqF8lrXvk2foP9UUoqUorNjc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft
Manifest number: 0474
Signing time: Tue 12 May 2026 15:01:33 +0000
Manifest this update: Tue 12 May 2026 15:01:33 +0000
Manifest next update: Wed 13 May 2026 15:01:33 +0000
Files and hashes: 1: D2HrqF8lrXvk2foP9UUoqUorNjc.crl (hash: rxv4N2ur/uAjwzNQliKFChHoaqXg7f14oWo+adk+Pc8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft
rsync://rpki.ripe.net/repository/DEFAULT/D2HrqF8lrXvk2foP9UUoqUorNjc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1c:b5:22:4a:4f:30:4c:ee:6f:0f:20:72:4b:69:fa:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f61eba85f25ad7be4d9fa0ff54528a94a2b3637
Validity
Not Before: May 12 15:01:33 2026 GMT
Not After : May 13 15:01:33 2026 GMT
Subject: CN=316eca41f3390f89d68291db2eda0a4c092eef7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f2:90:ac:73:52:8e:f5:65:b5:4e:84:ae:02:
89:79:9a:06:e9:b7:7c:85:f5:f2:8a:88:41:96:dd:
98:05:c3:67:97:7a:35:86:a9:b1:34:bb:e8:21:7c:
c5:7e:3d:0d:0d:73:31:89:3d:4e:3e:99:26:2c:26:
8a:d0:08:e4:20:f9:14:47:df:32:05:80:69:60:f4:
c6:e5:37:06:07:ba:63:45:d2:e8:19:cf:5c:d7:33:
20:ee:10:8c:e1:c8:d4:8c:38:96:5d:0f:73:ff:ba:
ba:0f:a8:96:d2:23:db:17:1e:be:e5:15:0b:45:a2:
47:18:a4:28:fe:00:f5:38:fa:8f:a1:6b:1f:6b:2c:
a1:e7:3c:7a:1f:ea:40:95:b3:f4:96:3c:9c:d8:e2:
05:a1:6e:23:d1:81:85:58:69:f1:08:98:a9:b8:3d:
94:97:1e:ba:d0:b9:eb:15:b3:c8:19:89:89:2a:0b:
a1:ca:73:2a:b3:b9:84:a3:b3:6c:78:05:7a:70:90:
74:43:f0:ed:61:42:d1:03:5a:08:e7:79:a6:d4:fe:
8c:b1:72:cb:19:5e:5c:06:8f:b0:26:13:e4:1b:27:
71:1e:41:36:ec:e4:bb:8a:0c:6f:1a:c0:c8:c2:dc:
51:89:ef:30:da:48:dd:6b:7e:e8:e6:72:6e:aa:a8:
e0:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:6E:CA:41:F3:39:0F:89:D6:82:91:DB:2E:DA:0A:4C:09:2E:EF:7C
X509v3 Authority Key Identifier:
keyid:0F:61:EB:A8:5F:25:AD:7B:E4:D9:FA:0F:F5:45:28:A9:4A:2B:36:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2HrqF8lrXvk2foP9UUoqUorNjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9a:21:51:6a:a7:eb:eb:65:7d:10:b6:12:9e:8e:f2:87:1a:7c:
3a:5b:dc:ab:af:19:3d:75:ff:45:45:ff:e0:05:02:ba:ff:b4:
44:60:47:5c:34:57:b2:99:11:4c:07:13:16:58:59:42:61:80:
7a:e0:5a:24:8f:d1:2f:30:ab:63:b6:7a:c9:62:f7:e6:4f:5d:
bb:da:c9:b5:3e:42:f0:79:79:81:4d:fb:ed:d1:02:8b:3b:c3:
3d:8a:c4:11:86:6f:55:0f:e3:2f:66:58:0a:c0:3d:f1:5b:7a:
04:37:bf:44:ce:ef:95:07:e8:aa:91:3d:5a:32:68:62:7c:4e:
4a:f0:8f:01:64:56:24:26:6b:e2:15:67:9d:4a:a8:e0:8e:35:
6f:e0:63:bd:b6:86:2a:e3:40:cb:03:f1:fd:69:36:31:7b:81:
f8:45:02:b8:b6:df:26:b4:47:c2:4e:eb:80:95:24:9f:e4:aa:
03:1a:cf:0e:38:c2:f2:a5:62:9a:6b:44:9d:08:2a:1e:4b:28:
fb:34:6d:53:c7:55:25:c0:f7:95:d7:1c:01:6b:3e:80:69:5b:
24:01:66:58:71:8a:f5:b0:a7:84:4b:63:cb:84:28:f2:3e:a5:
dc:ba:68:be:c8:63:1c:24:a3:96:c7:7d:48:ac:42:44:0b:28:
43:74:44:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4ctSJKTzBM7m8PIHJLafqIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjFlYmE4NWYyNWFkN2JlNGQ5ZmEwZmY1NDUyOGE5NGEy
YjM2MzcwHhcNMjYwNTEyMTUwMTMzWhcNMjYwNTEzMTUwMTMzWjAzMTEwLwYDVQQD
EygzMTZlY2E0MWYzMzkwZjg5ZDY4MjkxZGIyZWRhMGE0YzA5MmVlZjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfKQrHNSjvVltU6ErgKJeZoG6bd8
hfXyiohBlt2YBcNnl3o1hqmxNLvoIXzFfj0NDXMxiT1OPpkmLCaK0AjkIPkUR98y
BYBpYPTG5TcGB7pjRdLoGc9c1zMg7hCM4cjUjDiWXQ9z/7q6D6iW0iPbFx6+5RUL
RaJHGKQo/gD1OPqPoWsfayyh5zx6H+pAlbP0ljyc2OIFoW4j0YGFWGnxCJipuD2U
lx660LnrFbPIGYmJKguhynMqs7mEo7NseAV6cJB0Q/DtYULRA1oI53mm1P6MsXLL
GV5cBo+wJhPkGydxHkE27OS7igxvGsDIwtxRie8w2kjda37o5nJuqqjgrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDFuykHzOQ+J1oKR2y7aCkwJLu98MB8GA1UdIwQY
MBaAFA9h66hfJa175Nn6D/VFKKlKKzY3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJIcnFGOGxyWHZrMmZvUDlVVW9xVW9yTmpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi82NzFiYWMtOWY5OC00NDBlLTg3Yjct
ZjA5NDA2OTY3NWUzLzEvRDJIcnFGOGxyWHZrMmZvUDlVVW9xVW9yTmpjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi82NzFiYWMtOWY5OC00NDBlLTg3YjctZjA5NDA2OTY3NWUz
LzEvRDJIcnFGOGxyWHZrMmZvUDlVVW9xVW9yTmpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmiFRaqfr
62V9ELYSno7yhxp8Olvcq68ZPXX/RUX/4AUCuv+0RGBHXDRXspkRTAcTFlhZQmGA
euBaJI/RLzCrY7Z6yWL35k9du9rJtT5C8Hl5gU377dECizvDPYrEEYZvVQ/jL2ZY
CsA98Vt6BDe/RM7vlQfoqpE9WjJoYnxOSvCPAWRWJCZr4hVnnUqo4I41b+BjvbaG
KuNAywPx/Wk2MXuB+EUCuLbfJrRHwk7rgJUkn+SqAxrPDjjC8qVimmtEnQgqHkso
+zRtU8dVJcD3ldccAWs+gGlbJAFmWHGK9bCnhEtjy4Qo8j6l3LpovshjHCSjlsd9
SKxCRAsoQ3REIQ==
-----END CERTIFICATE-----
Generated at Tue May 12 21:30:16 2026 by rpki-client