Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft
File: ALlD7lfDXyx_T-wGhel9YDsHytI.mft (raw, json)
Hash identifier: tpDy9kT4feY8S0qx1h4DeGOzImq4MLMd6i9MmyBcubg=
Subject key identifier: 99:5E:DD:8E:D3:69:55:1C:3B:21:47:9A:75:7B:AD:06:7E:0E:90:FC
Authority key identifier: 00:B9:43:EE:57:C3:5F:2C:7F:4F:EC:06:85:E9:7D:60:3B:07:CA:D2
Certificate issuer: /CN=00b943ee57c35f2c7f4fec0685e97d603b07cad2
Certificate serial: 019E30E05DE0FDDDE1B5434615E0D5D4426B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ALlD7lfDXyx_T-wGhel9YDsHytI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft
Manifest number: 0CD2
Signing time: Sat 16 May 2026 13:01:10 +0000
Manifest this update: Sat 16 May 2026 13:01:10 +0000
Manifest next update: Sun 17 May 2026 13:01:10 +0000
Files and hashes: 1: ALlD7lfDXyx_T-wGhel9YDsHytI.crl (hash: vGwVZt6rZu0+vCbbX7d8i/cabuDJpA9w0f0RxUTyLUw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ALlD7lfDXyx_T-wGhel9YDsHytI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 17 May 2026 12:40:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:30:e0:5d:e0:fd:dd:e1:b5:43:46:15:e0:d5:d4:42:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00b943ee57c35f2c7f4fec0685e97d603b07cad2
Validity
Not Before: May 16 13:01:10 2026 GMT
Not After : May 17 13:01:10 2026 GMT
Subject: CN=995edd8ed369551c3b21479a757bad067e0e90fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:55:17:85:46:76:05:49:8d:f5:6b:71:4f:79:
d7:d2:e9:a9:c8:82:bf:3f:68:09:92:fc:80:1f:4f:
e1:5f:1a:d2:ad:bf:dc:62:3b:36:94:b9:53:ea:77:
f6:c1:64:e8:ef:64:43:a7:95:8a:cb:3b:f3:2c:5a:
06:76:b8:6f:98:fe:db:09:4a:15:f6:e0:66:35:f8:
6d:76:95:68:a3:e8:c7:6b:dc:11:f7:00:2d:3e:55:
0e:cb:54:52:39:e8:cf:72:83:13:38:d2:d8:05:28:
3b:30:4b:fb:17:19:5e:89:a3:8e:36:13:cb:65:cf:
1d:a0:63:93:a6:15:d4:68:80:08:6c:e6:2a:1b:0f:
dd:4f:57:09:e3:77:47:20:1f:39:ec:95:08:6c:d6:
91:71:b1:af:f0:18:a7:61:5a:83:e8:d9:5b:c7:58:
2d:9f:45:99:d5:31:eb:da:e1:3b:fc:c8:6b:3f:54:
8c:29:8c:3e:83:98:75:c8:2e:c2:d7:21:46:5c:7b:
c2:5f:25:60:04:20:08:43:d7:32:98:f7:a1:f9:9f:
0f:59:38:e4:38:5d:4f:ef:cc:9c:27:df:58:7a:2f:
e0:20:55:9e:74:7f:a6:35:a5:28:41:74:73:88:47:
87:01:3b:d1:17:76:1f:36:a9:22:94:d3:fe:6a:63:
73:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:5E:DD:8E:D3:69:55:1C:3B:21:47:9A:75:7B:AD:06:7E:0E:90:FC
X509v3 Authority Key Identifier:
keyid:00:B9:43:EE:57:C3:5F:2C:7F:4F:EC:06:85:E9:7D:60:3B:07:CA:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ALlD7lfDXyx_T-wGhel9YDsHytI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:8f:08:e3:97:f0:65:6b:13:16:28:e1:f6:ef:bd:4d:4b:8a:
bc:8f:f4:91:fa:60:de:69:43:7d:37:25:28:d3:eb:fa:e0:38:
90:5d:e7:a9:c2:0a:ae:92:55:e6:5d:c7:2a:a0:e4:28:df:98:
99:f4:8c:a1:f3:91:9b:ea:a5:f8:09:76:58:ff:a5:97:d2:c7:
64:19:db:b0:71:b5:d6:26:fd:cc:45:4e:d5:3f:b8:2f:7c:4f:
18:7c:b8:9a:51:ea:c2:82:7e:aa:89:49:e2:b2:e5:8e:b2:b9:
e5:32:86:e2:17:f6:1c:d5:dc:cc:e0:d1:c4:6d:88:b8:d7:c8:
76:ea:5e:c4:7d:7d:21:af:e6:f4:20:b1:d5:2c:72:54:ff:10:
36:2e:a1:03:fa:99:e3:27:b4:7d:61:ac:bd:71:4c:3b:cf:b2:
d7:a5:b6:23:5f:71:c7:db:a4:80:93:9f:d6:8b:c5:15:4a:26:
f5:0c:f3:33:27:9a:61:05:b7:31:73:a5:e1:e9:0d:cd:b9:8d:
9a:f5:0f:ae:c3:fd:9c:14:ee:63:0e:3b:b1:4c:ce:84:0b:3b:
ea:df:ab:7f:4f:f0:9f:2d:e6:b4:40:57:0a:a6:c7:3b:d8:7b:
9d:31:3a:d4:8a:b8:55:34:b5:6b:56:3b:d7:21:4a:ff:64:0e:
f6:3a:fb:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4w4F3g/d3htUNGFeDV1EJrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYjk0M2VlNTdjMzVmMmM3ZjRmZWMwNjg1ZTk3ZDYwM2Iw
N2NhZDIwHhcNMjYwNTE2MTMwMTEwWhcNMjYwNTE3MTMwMTEwWjAzMTEwLwYDVQQD
Eyg5OTVlZGQ4ZWQzNjk1NTFjM2IyMTQ3OWE3NTdiYWQwNjdlMGU5MGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslUXhUZ2BUmN9WtxT3nX0umpyIK/
P2gJkvyAH0/hXxrSrb/cYjs2lLlT6nf2wWTo72RDp5WKyzvzLFoGdrhvmP7bCUoV
9uBmNfhtdpVoo+jHa9wR9wAtPlUOy1RSOejPcoMTONLYBSg7MEv7FxleiaOONhPL
Zc8doGOTphXUaIAIbOYqGw/dT1cJ43dHIB857JUIbNaRcbGv8BinYVqD6Nlbx1gt
n0WZ1THr2uE7/MhrP1SMKYw+g5h1yC7C1yFGXHvCXyVgBCAIQ9cymPeh+Z8PWTjk
OF1P78ycJ99Yei/gIFWedH+mNaUoQXRziEeHATvRF3YfNqkilNP+amNzwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJle3Y7TaVUcOyFHmnV7rQZ+DpD8MB8GA1UdIwQY
MBaAFAC5Q+5Xw18sf0/sBoXpfWA7B8rSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUxsRDdsZkRYeXhfVC13R2hlbDlZRHNIeXRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS80OGYwOWUtNzM4Ni00MTM5LTkxYzgt
M2M4OGU0MGU3MTFjLzEvQUxsRDdsZkRYeXhfVC13R2hlbDlZRHNIeXRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS80OGYwOWUtNzM4Ni00MTM5LTkxYzgtM2M4OGU0MGU3MTFj
LzEvQUxsRDdsZkRYeXhfVC13R2hlbDlZRHNIeXRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC48I45fw
ZWsTFijh9u+9TUuKvI/0kfpg3mlDfTclKNPr+uA4kF3nqcIKrpJV5l3HKqDkKN+Y
mfSMofORm+ql+Al2WP+ll9LHZBnbsHG11ib9zEVO1T+4L3xPGHy4mlHqwoJ+qolJ
4rLljrK55TKG4hf2HNXczODRxG2IuNfIdupexH19Ia/m9CCx1SxyVP8QNi6hA/qZ
4ye0fWGsvXFMO8+y16W2I19xx9ukgJOf1ovFFUom9QzzMyeaYQW3MXOl4ekNzbmN
mvUPrsP9nBTuYw47sUzOhAs76t+rf0/wny3mtEBXCqbHO9h7nTE61Iq4VTS1a1Y7
1yFK/2QO9jr7Dg==
-----END CERTIFICATE-----
Generated at Sat May 16 18:39:26 2026 by rpki-client