Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
File: o3U2my1LsuLe3maGRTE-NE5vHMA.mft (raw, json)
Hash identifier: VI5spN0x8e2Mxc09nj8koeHhEIkawX9xM22iE6Fy9Wk=
Subject key identifier: 8E:C1:BA:40:B8:C6:5D:33:23:AC:AD:12:17:36:DC:CF:A6:8C:1B:36
Authority key identifier: A3:75:36:9B:2D:4B:B2:E2:DE:DE:66:86:45:31:3E:34:4E:6F:1C:C0
Certificate issuer: /CN=a375369b2d4bb2e2dede668645313e344e6f1cc0
Certificate serial: 019DABA04CCCA6F8EBFDF33653E3C5A63C98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
Manifest number: 18CF
Signing time: Mon 20 Apr 2026 16:01:42 +0000
Manifest this update: Mon 20 Apr 2026 16:01:42 +0000
Manifest next update: Tue 21 Apr 2026 16:01:42 +0000
Files and hashes: 1: cqrDqsllU4angXR7ZhiixighcHI.roa (hash: fhOWug7UyzusWzCmpcbK8cX3/PPspaEdcPiG9KdZ6F4=)
2: o3U2my1LsuLe3maGRTE-NE5vHMA.crl (hash: mbgacmbJ/x0AF600fh/o+s7b+sY++Nj5fymn7Q1+dQ4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Apr 2026 16:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ab:a0:4c:cc:a6:f8:eb:fd:f3:36:53:e3:c5:a6:3c:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a375369b2d4bb2e2dede668645313e344e6f1cc0
Validity
Not Before: Apr 20 16:01:42 2026 GMT
Not After : Apr 21 16:01:42 2026 GMT
Subject: CN=8ec1ba40b8c65d3323acad121736dccfa68c1b36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e5:bd:0c:10:ac:e2:f1:12:f9:02:d1:05:f1:
d5:ba:32:b5:43:af:55:86:00:18:93:d1:ee:cf:bd:
8f:f0:85:fb:2c:fe:8d:62:ff:4d:06:66:95:9a:f5:
e3:3a:45:50:be:a9:2c:f9:3d:69:f5:57:b1:91:09:
2f:d0:ee:9e:d1:aa:72:01:5f:8b:71:74:61:27:89:
94:b4:59:4f:f4:bd:5d:f6:79:b7:69:11:0c:15:55:
4e:9d:90:12:c1:63:35:33:85:5e:4f:cf:08:be:17:
68:65:d1:fb:9b:3b:e8:68:b3:a2:e7:d7:9c:5b:3b:
c2:db:63:1a:e6:1f:a2:32:71:3c:15:92:28:2b:2b:
fd:28:09:18:3c:8f:31:c7:99:1b:10:c2:87:d9:f2:
34:bf:cc:28:86:b6:bd:0f:33:10:7e:f1:b5:bc:44:
31:ce:ce:4a:44:a3:e6:2e:ae:ff:e7:3b:fa:8c:84:
71:cc:81:7b:fd:3c:54:56:99:21:10:97:4c:fd:67:
2b:39:d8:f1:f4:24:d6:71:1f:fc:4e:0f:b2:a1:74:
37:f8:8a:40:37:c0:c7:ba:40:80:80:9f:b4:00:29:
2d:ac:88:a0:b2:d9:8b:ca:ff:99:01:2a:0b:1b:69:
27:fc:e0:aa:78:ff:5e:1d:86:75:92:06:e4:16:0f:
dd:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:C1:BA:40:B8:C6:5D:33:23:AC:AD:12:17:36:DC:CF:A6:8C:1B:36
X509v3 Authority Key Identifier:
keyid:A3:75:36:9B:2D:4B:B2:E2:DE:DE:66:86:45:31:3E:34:4E:6F:1C:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3a:d6:8e:34:57:a5:bc:12:8b:a6:2c:e1:6f:85:a5:b2:e8:d4:
48:64:77:66:66:b6:28:93:f9:32:9b:b0:62:0a:c8:f1:9b:42:
c5:dd:32:69:63:2f:99:73:52:4c:74:e3:44:d3:ce:e6:af:b7:
3e:5e:b0:ac:59:61:41:f2:49:76:da:82:6e:33:da:94:a1:6b:
77:46:59:0d:53:a2:f7:78:14:c2:fa:83:a1:ad:8a:25:89:03:
91:d4:77:46:2f:43:49:20:f8:35:69:c0:90:a9:5d:49:0d:e9:
d0:5b:fa:25:56:55:2b:c8:a9:f8:ba:93:80:7a:c7:1f:93:29:
97:b8:3e:57:e5:00:7e:c6:8c:cf:d1:05:83:30:dd:94:58:35:
60:98:44:7a:0e:4d:52:9f:7f:30:4f:11:e4:52:44:67:14:8e:
d9:d9:c7:89:df:24:be:f9:b7:25:98:ec:df:e8:65:71:88:30:
c8:45:e6:6d:86:03:95:98:bf:e4:cd:38:cb:54:9c:80:80:e7:
d8:c3:bf:e6:4d:e3:c6:9b:5b:5f:1e:68:04:66:f9:88:1f:3f:
76:49:75:d4:f8:4b:87:0c:36:49:fa:f6:97:8b:68:b7:7d:26:
9f:bc:c3:c9:ab:33:1b:68:df:22:4d:f2:fb:48:a7:e0:ae:f5:
ab:02:42:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2roEzMpvjr/fM2U+PFpjyYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNzUzNjliMmQ0YmIyZTJkZWRlNjY4NjQ1MzEzZTM0NGU2
ZjFjYzAwHhcNMjYwNDIwMTYwMTQyWhcNMjYwNDIxMTYwMTQyWjAzMTEwLwYDVQQD
Eyg4ZWMxYmE0MGI4YzY1ZDMzMjNhY2FkMTIxNzM2ZGNjZmE2OGMxYjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+W9DBCs4vES+QLRBfHVujK1Q69V
hgAYk9Huz72P8IX7LP6NYv9NBmaVmvXjOkVQvqks+T1p9VexkQkv0O6e0apyAV+L
cXRhJ4mUtFlP9L1d9nm3aREMFVVOnZASwWM1M4VeT88IvhdoZdH7mzvoaLOi59ec
WzvC22Ma5h+iMnE8FZIoKyv9KAkYPI8xx5kbEMKH2fI0v8wohra9DzMQfvG1vEQx
zs5KRKPmLq7/5zv6jIRxzIF7/TxUVpkhEJdM/WcrOdjx9CTWcR/8Tg+yoXQ3+IpA
N8DHukCAgJ+0ACktrIigstmLyv+ZASoLG2kn/OCqeP9eHYZ1kgbkFg/dwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI7BukC4xl0zI6ytEhc23M+mjBs2MB8GA1UdIwQY
MBaAFKN1NpstS7Li3t5mhkUxPjRObxzAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lYzY5MDUtYjBmNy00MjRmLThhODQt
MjhiZWM3Yjk5OTI5LzEvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lYzY5MDUtYjBmNy00MjRmLThhODQtMjhiZWM3Yjk5OTI5
LzEvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOtaONFel
vBKLpizhb4WlsujUSGR3Zma2KJP5MpuwYgrI8ZtCxd0yaWMvmXNSTHTjRNPO5q+3
Pl6wrFlhQfJJdtqCbjPalKFrd0ZZDVOi93gUwvqDoa2KJYkDkdR3Ri9DSSD4NWnA
kKldSQ3p0Fv6JVZVK8ip+LqTgHrHH5Mpl7g+V+UAfsaMz9EFgzDdlFg1YJhEeg5N
Up9/ME8R5FJEZxSO2dnHid8kvvm3JZjs3+hlcYgwyEXmbYYDlZi/5M04y1ScgIDn
2MO/5k3jxptbXx5oBGb5iB8/dkl11PhLhww2Sfr2l4tot30mn7zDyaszG2jfIk3y
+0in4K71qwJCGA==
-----END CERTIFICATE-----
Generated at Tue Apr 21 02:12:02 2026 by rpki-client