Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/1e7c48-f8c2-4679-b771-46ca26aff545/1/sFcIRcI56ZkcibxcUEMekIeGDE0.mft
File: sFcIRcI56ZkcibxcUEMekIeGDE0.mft (raw, json)
Hash identifier: 9KLkjWRhcYOuH4xS85r3KHLVmPs+DodniRH+m8yzETU=
Subject key identifier: CA:FF:89:A8:CB:30:CF:09:06:BE:3B:03:A2:16:71:59:20:79:0A:2B
Authority key identifier: B0:57:08:45:C2:39:E9:99:1C:89:BC:5C:50:43:1E:90:87:86:0C:4D
Certificate issuer: /CN=b0570845c239e9991c89bc5c50431e9087860c4d
Certificate serial: 019E1DC78F1011F14DADB9AF441B896CE4CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sFcIRcI56ZkcibxcUEMekIeGDE0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/1e7c48-f8c2-4679-b771-46ca26aff545/1/sFcIRcI56ZkcibxcUEMekIeGDE0.mft
Manifest number: 038B
Signing time: Tue 12 May 2026 20:01:17 +0000
Manifest this update: Tue 12 May 2026 20:01:17 +0000
Manifest next update: Wed 13 May 2026 20:01:17 +0000
Files and hashes: 1: 4aIPGA9JRPxEK7I9L95ryY2K9TY.asa (hash: 9bKlD90E7ui2k15WwWPJTwc0RviRRCniPkaRGNo+4k8=)
2: bj-eKZEWwgbFrSRYLRr_CuFuTtU.roa (hash: h33I7T9Mz8kSS3GjVd4AzAlJFMkoqssxIF1o4jIxuts=)
3: sFcIRcI56ZkcibxcUEMekIeGDE0.crl (hash: +difoeGduNGPOZc8jIJ+HcXo8tyHCKeH6tl7GUAtmA4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/1e7c48-f8c2-4679-b771-46ca26aff545/1/sFcIRcI56ZkcibxcUEMekIeGDE0.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/1e7c48-f8c2-4679-b771-46ca26aff545/1/sFcIRcI56ZkcibxcUEMekIeGDE0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sFcIRcI56ZkcibxcUEMekIeGDE0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1d:c7:8f:10:11:f1:4d:ad:b9:af:44:1b:89:6c:e4:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0570845c239e9991c89bc5c50431e9087860c4d
Validity
Not Before: May 12 20:01:17 2026 GMT
Not After : May 13 20:01:17 2026 GMT
Subject: CN=caff89a8cb30cf0906be3b03a216715920790a2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:77:9a:3c:33:42:21:0a:ed:48:62:6e:30:72:
9b:bb:ed:2c:76:a6:73:79:73:94:53:d7:ed:d8:2f:
58:16:55:c3:c4:0e:5f:e1:64:e6:7f:21:08:35:ab:
e8:66:07:81:fc:18:e1:65:e2:b7:3f:bb:4f:a4:10:
1e:36:5d:83:00:24:30:ef:76:77:61:f2:61:56:56:
d3:dd:92:c0:28:b5:92:ea:5e:f4:de:a4:01:9a:d6:
5b:10:8e:16:79:5b:5e:fe:47:47:a7:a9:dd:b9:62:
01:d4:4a:47:37:3f:0d:a9:b4:cb:9f:82:53:12:58:
7f:7b:05:68:4a:55:70:80:0e:bf:c2:7c:4c:67:db:
8f:7f:25:1d:3b:e2:a0:02:5a:1a:85:a6:17:62:7d:
fb:67:af:3c:8c:4a:9b:35:12:e0:d3:cc:1d:5d:9d:
0b:b5:7c:b7:e5:14:d8:86:70:68:51:af:ce:65:7b:
1c:e0:8e:08:3a:f6:2d:8c:2a:46:1a:dc:83:5d:5e:
de:3c:ca:24:bf:28:7a:36:d0:2f:f0:a8:db:ce:8f:
26:ad:61:89:2b:27:e4:e5:90:d9:9d:b3:79:8a:a6:
97:5b:cf:2e:c7:ae:63:7e:83:e0:c4:0e:7a:20:47:
40:6f:21:a2:ba:2a:40:95:50:4b:56:6d:7e:ed:c0:
7b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:FF:89:A8:CB:30:CF:09:06:BE:3B:03:A2:16:71:59:20:79:0A:2B
X509v3 Authority Key Identifier:
keyid:B0:57:08:45:C2:39:E9:99:1C:89:BC:5C:50:43:1E:90:87:86:0C:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sFcIRcI56ZkcibxcUEMekIeGDE0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/1e7c48-f8c2-4679-b771-46ca26aff545/1/sFcIRcI56ZkcibxcUEMekIeGDE0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/1e7c48-f8c2-4679-b771-46ca26aff545/1/sFcIRcI56ZkcibxcUEMekIeGDE0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4d:d2:44:c2:da:83:49:f6:37:f1:51:c7:a8:36:93:78:35:c4:
1b:76:f3:57:b2:7a:aa:b3:b4:c2:bc:44:d7:75:da:8f:39:42:
e4:99:0b:7c:55:4d:55:88:4d:4a:c4:1f:f2:95:d2:e5:8c:b5:
86:39:e2:d8:78:69:ba:12:81:97:7f:cb:da:80:a6:d2:b1:62:
22:0c:10:76:da:e4:30:7f:cb:2b:62:43:1a:00:5d:d5:57:00:
41:96:3c:98:b2:96:2c:8f:9e:e1:a7:7e:69:cf:92:e5:28:bb:
45:5e:8f:f4:9f:c3:de:df:62:ea:35:18:b9:22:ac:5f:94:0d:
df:57:5d:24:87:7d:9b:2a:c1:45:f2:5e:0d:64:ef:a9:26:41:
cf:eb:e6:4c:37:b8:72:50:bd:98:cd:87:6a:d2:ea:c8:1b:5c:
5b:99:3b:b7:4b:d3:ff:d3:d8:66:d9:fc:67:dd:f9:77:0c:5c:
bc:d8:32:b7:c5:31:f9:7e:ba:3a:01:f3:6d:fd:0a:9c:b8:7b:
54:a1:a7:95:af:e5:c0:8e:6b:74:a1:6f:ab:3f:92:39:a6:6e:
ec:3d:e1:d1:16:7a:1d:85:a5:ca:db:df:2d:e9:49:69:5f:0a:
bd:f3:d4:cb:72:d6:82:61:de:2f:71:03:dd:89:05:43:94:7a:
4f:91:5b:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4dx48QEfFNrbmvRBuJbOTOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNTcwODQ1YzIzOWU5OTkxYzg5YmM1YzUwNDMxZTkwODc4
NjBjNGQwHhcNMjYwNTEyMjAwMTE3WhcNMjYwNTEzMjAwMTE3WjAzMTEwLwYDVQQD
EyhjYWZmODlhOGNiMzBjZjA5MDZiZTNiMDNhMjE2NzE1OTIwNzkwYTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5XeaPDNCIQrtSGJuMHKbu+0sdqZz
eXOUU9ft2C9YFlXDxA5f4WTmfyEINavoZgeB/BjhZeK3P7tPpBAeNl2DACQw73Z3
YfJhVlbT3ZLAKLWS6l703qQBmtZbEI4WeVte/kdHp6nduWIB1EpHNz8NqbTLn4JT
Elh/ewVoSlVwgA6/wnxMZ9uPfyUdO+KgAloahaYXYn37Z688jEqbNRLg08wdXZ0L
tXy35RTYhnBoUa/OZXsc4I4IOvYtjCpGGtyDXV7ePMokvyh6NtAv8Kjbzo8mrWGJ
Kyfk5ZDZnbN5iqaXW88ux65jfoPgxA56IEdAbyGiuipAlVBLVm1+7cB7MwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMr/iajLMM8JBr47A6IWcVkgeQorMB8GA1UdIwQY
MBaAFLBXCEXCOemZHIm8XFBDHpCHhgxNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0ZjSVJjSTU2WmtjaWJ4Y1VFTWVrSWVHREUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8xZTdjNDgtZjhjMi00Njc5LWI3NzEt
NDZjYTI2YWZmNTQ1LzEvc0ZjSVJjSTU2WmtjaWJ4Y1VFTWVrSWVHREUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8xZTdjNDgtZjhjMi00Njc5LWI3NzEtNDZjYTI2YWZmNTQ1
LzEvc0ZjSVJjSTU2WmtjaWJ4Y1VFTWVrSWVHREUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATdJEwtqD
SfY38VHHqDaTeDXEG3bzV7J6qrO0wrxE13XajzlC5JkLfFVNVYhNSsQf8pXS5Yy1
hjni2HhpuhKBl3/L2oCm0rFiIgwQdtrkMH/LK2JDGgBd1VcAQZY8mLKWLI+e4ad+
ac+S5Si7RV6P9J/D3t9i6jUYuSKsX5QN31ddJId9myrBRfJeDWTvqSZBz+vmTDe4
clC9mM2HatLqyBtcW5k7t0vT/9PYZtn8Z935dwxcvNgyt8Ux+X66OgHzbf0KnLh7
VKGnla/lwI5rdKFvqz+SOaZu7D3h0RZ6HYWlytvfLelJaV8KvfPUy3LWgmHeL3ED
3YkFQ5R6T5FbzQ==
-----END CERTIFICATE-----
Generated at Wed May 13 04:56:38 2026 by rpki-client