Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
File: v99XKOyr1W70Y3NWlVhmylRoaRo.mft (raw, json)
Hash identifier: xgVl+DLSjEyFabbEXsdexZwjGsPb5vi6P2fcjwXZUxY=
Subject key identifier: 1B:33:96:A6:B4:C7:74:21:59:6E:D3:95:1F:DE:27:53:EE:F3:14:F4
Authority key identifier: BF:DF:57:28:EC:AB:D5:6E:F4:63:73:56:95:58:66:CA:54:68:69:1A
Certificate issuer: /CN=bfdf5728ecabd56ef4637356955866ca5468691a
Certificate serial: 019DCF077CC21F558E3A3149A81D2CCB1053
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
Manifest number: 0500
Signing time: Mon 27 Apr 2026 13:01:07 +0000
Manifest this update: Mon 27 Apr 2026 13:01:07 +0000
Manifest next update: Tue 28 Apr 2026 13:01:07 +0000
Files and hashes: 1: 3BcGBZCHDgJs9gSoEvIJqO6Wdng.roa (hash: QqrBTNsjue3924ijEFZUnNRSzA8ZRhSOavKbIrZOqys=)
2: v99XKOyr1W70Y3NWlVhmylRoaRo.crl (hash: 5KUdOX9tP9A+CMDn1dr84uhtrsQhkPPK1S66maOLiCU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 08:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cf:07:7c:c2:1f:55:8e:3a:31:49:a8:1d:2c:cb:10:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfdf5728ecabd56ef4637356955866ca5468691a
Validity
Not Before: Apr 27 13:01:07 2026 GMT
Not After : Apr 28 13:01:07 2026 GMT
Subject: CN=1b3396a6b4c77421596ed3951fde2753eef314f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:9b:4d:42:42:07:04:92:52:0e:80:0a:88:78:
85:cd:b9:b4:f6:32:dc:a2:06:67:21:35:a6:87:8c:
6c:4a:ec:c9:e5:d0:61:67:af:cb:4e:6b:57:39:2e:
68:8e:05:74:a1:c5:e0:e9:11:81:0c:9d:36:38:ea:
ee:c6:da:6f:df:b0:2f:cc:72:3b:0c:df:80:2d:08:
27:8c:46:9e:3d:3d:50:8c:58:7d:79:46:79:94:e8:
0a:88:ec:1e:e6:9e:a1:fa:6f:12:6c:a2:46:b9:5b:
92:39:38:ed:1e:e7:9c:2e:ef:12:7a:87:72:bb:15:
79:67:42:39:1c:7f:12:05:c6:03:14:c8:68:07:38:
b5:e4:42:7d:20:9d:d3:7f:d8:34:8c:9e:c7:90:ba:
b3:80:46:3c:31:c1:06:1a:ef:58:4a:f9:68:44:f4:
41:6b:93:bf:b6:aa:d9:49:6d:ef:ae:5b:91:3d:6d:
71:e5:68:c9:e0:3a:a7:ca:83:cd:32:3e:79:95:c0:
47:b2:6c:c5:36:2b:30:21:4a:18:b6:62:48:73:c7:
97:06:b0:7e:37:82:39:36:1c:02:db:fa:02:5f:5b:
22:b8:be:7e:63:5b:d5:13:e1:6b:59:8a:90:be:52:
0a:3d:bd:72:31:76:7d:10:83:20:62:04:bc:63:ef:
e8:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:33:96:A6:B4:C7:74:21:59:6E:D3:95:1F:DE:27:53:EE:F3:14:F4
X509v3 Authority Key Identifier:
keyid:BF:DF:57:28:EC:AB:D5:6E:F4:63:73:56:95:58:66:CA:54:68:69:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
18:91:d8:70:37:63:aa:a7:0e:30:08:da:b7:6b:bf:36:2f:d7:
cd:c0:3f:f2:20:57:d4:d7:93:da:08:e5:ba:e4:65:ed:97:39:
e6:48:f9:6d:b3:5f:0e:7a:c3:05:7e:5f:75:ab:ac:23:25:52:
3a:e3:ed:6e:b0:dd:3d:93:4b:83:98:eb:de:70:42:55:57:95:
c5:18:77:20:7b:70:0d:2e:b5:74:28:0b:21:e8:fa:ca:64:27:
4a:35:82:af:7d:ef:32:68:2f:1a:d3:8f:d1:55:c3:43:47:99:
c4:5a:c3:fe:b7:4a:4e:8b:d6:df:5b:70:39:66:4e:9f:05:c6:
28:03:52:90:70:2b:3e:2a:08:a3:6b:09:6c:78:32:f5:df:0b:
b1:b7:88:c4:3e:b5:b9:ac:60:2c:b3:33:b5:99:a7:2c:99:7c:
b7:07:f5:5a:02:f4:a6:cb:53:b7:00:17:7c:61:61:48:ce:cd:
c7:a4:04:29:66:95:06:28:91:74:b3:6d:95:15:12:3d:d6:6a:
2b:dc:42:a0:d0:59:88:69:11:ef:c3:2a:2d:36:cd:a6:a5:2b:
fd:22:e6:b5:ca:c1:fb:b5:54:19:fe:a2:51:dc:6e:ac:44:a7:
39:1b:7e:7f:15:b3:b1:33:ef:b1:ca:12:99:c1:90:4c:ce:b9:
e1:67:f8:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3PB3zCH1WOOjFJqB0syxBTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZGY1NzI4ZWNhYmQ1NmVmNDYzNzM1Njk1NTg2NmNhNTQ2
ODY5MWEwHhcNMjYwNDI3MTMwMTA3WhcNMjYwNDI4MTMwMTA3WjAzMTEwLwYDVQQD
EygxYjMzOTZhNmI0Yzc3NDIxNTk2ZWQzOTUxZmRlMjc1M2VlZjMxNGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZtNQkIHBJJSDoAKiHiFzbm09jLc
ogZnITWmh4xsSuzJ5dBhZ6/LTmtXOS5ojgV0ocXg6RGBDJ02OOruxtpv37AvzHI7
DN+ALQgnjEaePT1QjFh9eUZ5lOgKiOwe5p6h+m8SbKJGuVuSOTjtHuecLu8Seody
uxV5Z0I5HH8SBcYDFMhoBzi15EJ9IJ3Tf9g0jJ7HkLqzgEY8McEGGu9YSvloRPRB
a5O/tqrZSW3vrluRPW1x5WjJ4DqnyoPNMj55lcBHsmzFNiswIUoYtmJIc8eXBrB+
N4I5NhwC2/oCX1siuL5+Y1vVE+FrWYqQvlIKPb1yMXZ9EIMgYgS8Y+/o6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBszlqa0x3QhWW7TlR/eJ1Pu8xT0MB8GA1UdIwQY
MBaAFL/fVyjsq9Vu9GNzVpVYZspUaGkaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9mY2YzMjItMTdjMS00ZjQwLWE2MTgt
YmQxNGQzNDRiYmYyLzEvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9mY2YzMjItMTdjMS00ZjQwLWE2MTgtYmQxNGQzNDRiYmYy
LzEvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGJHYcDdj
qqcOMAjat2u/Ni/XzcA/8iBX1NeT2gjluuRl7Zc55kj5bbNfDnrDBX5fdausIyVS
OuPtbrDdPZNLg5jr3nBCVVeVxRh3IHtwDS61dCgLIej6ymQnSjWCr33vMmgvGtOP
0VXDQ0eZxFrD/rdKTovW31twOWZOnwXGKANSkHArPioIo2sJbHgy9d8LsbeIxD61
uaxgLLMztZmnLJl8twf1WgL0pstTtwAXfGFhSM7Nx6QEKWaVBiiRdLNtlRUSPdZq
K9xCoNBZiGkR78MqLTbNpqUr/SLmtcrB+7VUGf6iUdxurESnORt+fxWzsTPvscoS
mcGQTM654Wf4BA==
-----END CERTIFICATE-----
Generated at Mon Apr 27 16:05:35 2026 by rpki-client