Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.mft
File: rysOIXo1FoOSIGvac85hlTWgLzU.mft (raw, json)
Hash identifier: Aci5pEA1t6O3PtBbr0FSDzshzHIxdu2OoAOZbTuNa8M=
Subject key identifier: 47:5D:CE:17:7E:6F:BC:F9:EB:B4:E9:F8:58:42:E4:AE:14:7A:E8:AF
Authority key identifier: AF:2B:0E:21:7A:35:16:83:92:20:6B:DA:73:CE:61:95:35:A0:2F:35
Certificate issuer: /CN=af2b0e217a35168392206bda73ce619535a02f35
Certificate serial: 019E1E6CA3CA8267BEDE9A65B648988C0FAE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.mft
Manifest number: 0DAF
Signing time: Tue 12 May 2026 23:01:36 +0000
Manifest this update: Tue 12 May 2026 23:01:36 +0000
Manifest next update: Wed 13 May 2026 23:01:36 +0000
Files and hashes: 1: QBW11jyT74R8oUHhAinuj7gPXSk.asa (hash: yZJV0811rYsc05YANwSpX99f0QsW0swdHpcFUdFqr0Y=)
2: rysOIXo1FoOSIGvac85hlTWgLzU.crl (hash: WnDw9Rgh9JLCEQF3RIB2ZL77fmsPqGfLaXRpoYWLgpY=)
3: zakSxSI_wYoHQeaPnt8X9AknTHE.roa (hash: DFDQf/fadQ5V13foLZM1hVw4SY7MFQSi7KXroTzcGGo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.mft
rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1e:6c:a3:ca:82:67:be:de:9a:65:b6:48:98:8c:0f:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af2b0e217a35168392206bda73ce619535a02f35
Validity
Not Before: May 12 23:01:36 2026 GMT
Not After : May 13 23:01:36 2026 GMT
Subject: CN=475dce177e6fbcf9ebb4e9f85842e4ae147ae8af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d4:87:2a:37:ae:73:fa:b6:80:35:60:9a:eb:
68:0e:be:3f:f1:cf:48:3c:62:e9:18:14:45:9c:f6:
ed:97:a5:46:2a:28:f7:56:d8:a6:94:bd:74:7d:20:
89:c7:b4:3a:43:47:01:75:30:0e:4a:6c:6b:a4:82:
7a:d9:db:04:23:d4:4a:c0:31:cb:52:d5:45:98:f3:
80:a3:c5:00:87:5e:be:a6:30:05:ed:86:58:b7:b9:
fb:0c:15:fa:03:c2:af:db:b8:67:ba:78:67:27:d2:
d3:1c:7f:76:62:e9:23:9c:8a:d1:ee:fc:3e:a9:7c:
10:2a:01:3d:45:92:38:7d:45:56:49:e1:0c:a5:0e:
40:e5:c9:c8:47:9d:55:56:c1:5a:35:be:a5:ec:25:
b8:a2:5a:76:fb:5f:fe:5b:33:11:71:22:f7:a7:33:
80:d5:00:14:0d:04:ee:16:95:cd:f7:45:f1:73:af:
3f:76:9c:8a:5e:14:78:47:c0:df:7b:29:c2:cb:4e:
a1:3c:c5:8a:24:20:55:20:3e:ea:de:b7:15:d7:64:
0c:bd:97:d7:f5:26:38:1a:01:e6:be:8b:8e:78:b3:
fd:6c:03:48:a5:33:c2:b0:e9:53:65:6f:ac:a0:b2:
07:77:b2:c0:73:21:68:00:f1:bc:d3:e1:51:9c:ea:
b4:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:5D:CE:17:7E:6F:BC:F9:EB:B4:E9:F8:58:42:E4:AE:14:7A:E8:AF
X509v3 Authority Key Identifier:
keyid:AF:2B:0E:21:7A:35:16:83:92:20:6B:DA:73:CE:61:95:35:A0:2F:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
86:e4:f1:2f:02:5e:59:88:82:1d:ce:8a:9c:11:f8:2e:19:93:
d5:92:93:b2:ad:34:24:eb:b4:da:ed:5e:0d:c0:37:8a:1b:87:
e8:3b:f5:fd:cb:0e:55:69:18:f6:1e:36:cb:af:5b:32:ca:9a:
29:f0:9e:6f:99:1b:b3:de:52:f3:ee:ee:f4:a0:49:64:ce:c2:
2a:58:90:71:a7:b0:c9:ba:2d:81:1e:b4:9b:1a:d2:5b:87:22:
42:b3:51:65:51:58:63:b2:80:5f:1e:26:64:2a:40:37:65:1c:
0b:df:e3:20:35:b6:d8:5d:ca:05:4a:63:db:85:a8:cb:44:75:
1b:d8:e7:7f:20:48:f7:0f:49:f5:22:70:d6:bb:f9:d2:eb:ce:
b3:ec:6f:0d:c8:8c:c9:be:43:c8:5a:ab:52:9f:d3:59:83:ac:
fe:9c:8a:c9:a6:71:3f:54:e2:38:e6:d5:f8:64:7f:d8:e0:b4:
59:e6:43:bf:d5:bb:63:46:c9:57:d3:92:56:ba:1c:21:cf:89:
e5:41:a4:2c:68:54:e9:c0:9a:fb:d8:02:9d:2b:20:be:b1:9e:
36:72:8f:f0:0d:09:d1:2f:c5:19:85:13:fe:c2:f8:8a:ca:1c:
f1:78:d3:8e:1d:5f:a9:88:00:89:89:3f:57:46:b4:33:09:e9:
b1:db:54:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4ebKPKgme+3ppltkiYjA+uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmIwZTIxN2EzNTE2ODM5MjIwNmJkYTczY2U2MTk1MzVh
MDJmMzUwHhcNMjYwNTEyMjMwMTM2WhcNMjYwNTEzMjMwMTM2WjAzMTEwLwYDVQQD
Eyg0NzVkY2UxNzdlNmZiY2Y5ZWJiNGU5Zjg1ODQyZTRhZTE0N2FlOGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdSHKjeuc/q2gDVgmutoDr4/8c9I
PGLpGBRFnPbtl6VGKij3VtimlL10fSCJx7Q6Q0cBdTAOSmxrpIJ62dsEI9RKwDHL
UtVFmPOAo8UAh16+pjAF7YZYt7n7DBX6A8Kv27hnunhnJ9LTHH92YukjnIrR7vw+
qXwQKgE9RZI4fUVWSeEMpQ5A5cnIR51VVsFaNb6l7CW4olp2+1/+WzMRcSL3pzOA
1QAUDQTuFpXN90Xxc68/dpyKXhR4R8DfeynCy06hPMWKJCBVID7q3rcV12QMvZfX
9SY4GgHmvouOeLP9bANIpTPCsOlTZW+soLIHd7LAcyFoAPG80+FRnOq0pQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEddzhd+b7z567Tp+FhC5K4UeuivMB8GA1UdIwQY
MBaAFK8rDiF6NRaDkiBr2nPOYZU1oC81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9kMjU0MWUtNzU5Ny00ODIwLWJlZDct
ZjBkMTk4MDk4NzRhLzEvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9kMjU0MWUtNzU5Ny00ODIwLWJlZDctZjBkMTk4MDk4NzRh
LzEvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhuTxLwJe
WYiCHc6KnBH4LhmT1ZKTsq00JOu02u1eDcA3ihuH6Dv1/csOVWkY9h42y69bMsqa
KfCeb5kbs95S8+7u9KBJZM7CKliQcaewybotgR60mxrSW4ciQrNRZVFYY7KAXx4m
ZCpAN2UcC9/jIDW22F3KBUpj24Woy0R1G9jnfyBI9w9J9SJw1rv50uvOs+xvDciM
yb5DyFqrUp/TWYOs/pyKyaZxP1TiOObV+GR/2OC0WeZDv9W7Y0bJV9OSVrocIc+J
5UGkLGhU6cCa+9gCnSsgvrGeNnKP8A0J0S/FGYUT/sL4isoc8XjTjh1fqYgAiYk/
V0a0MwnpsdtUpQ==
-----END CERTIFICATE-----
Generated at Wed May 13 04:12:01 2026 by rpki-client