Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/K5didVR7dd8rBMT5spHAcQxQd0A.mft
File: K5didVR7dd8rBMT5spHAcQxQd0A.mft (raw, json)
Hash identifier: AY+B+LLsqKQlDm4Le0+afiwPgP8VC4lQzRuOcY6RIn8=
Subject key identifier: 97:84:0C:0F:2E:10:1D:32:5F:16:47:E2:DD:4E:E0:AA:72:DC:8F:5F
Authority key identifier: 2B:97:62:75:54:7B:75:DF:2B:04:C4:F9:B2:91:C0:71:0C:50:77:40
Certificate issuer: /CN=2b976275547b75df2b04c4f9b291c0710c507740
Certificate serial: 019DCF3E8F7F1F8BFAF2DAE6659C376CE238
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K5didVR7dd8rBMT5spHAcQxQd0A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/K5didVR7dd8rBMT5spHAcQxQd0A.mft
Manifest number: 18E1
Signing time: Mon 27 Apr 2026 14:01:16 +0000
Manifest this update: Mon 27 Apr 2026 14:01:16 +0000
Manifest next update: Tue 28 Apr 2026 14:01:16 +0000
Files and hashes: 1: 267NH16MzH47Zyj0K4t3Pr0uSro.roa (hash: mBBDPMXvF9insE4ynTzv2acZX93bp3bRK4WTLefzCSs=)
2: K5didVR7dd8rBMT5spHAcQxQd0A.crl (hash: nDJnV1h83ezMvYEhNEA6V0I5W086BCWzsRM685Xh//4=)
3: Z6WV7_CviDtB4kK9RFUQZEfsld8.roa (hash: uV2rBVJavJc5cr+4rj8cgx9FhZFkKhWrOhtApw2SKC8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/K5didVR7dd8rBMT5spHAcQxQd0A.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/K5didVR7dd8rBMT5spHAcQxQd0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/K5didVR7dd8rBMT5spHAcQxQd0A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 14:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cf:3e:8f:7f:1f:8b:fa:f2:da:e6:65:9c:37:6c:e2:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b976275547b75df2b04c4f9b291c0710c507740
Validity
Not Before: Apr 27 14:01:16 2026 GMT
Not After : Apr 28 14:01:16 2026 GMT
Subject: CN=97840c0f2e101d325f1647e2dd4ee0aa72dc8f5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d3:bc:61:5f:4b:37:8f:e5:2a:f1:fb:18:37:
02:8e:c1:dc:0b:d9:ba:ec:99:aa:07:de:01:ed:e4:
4e:a3:56:e1:11:fb:4f:cf:12:61:09:d2:fa:e7:c5:
fd:73:03:00:41:63:0e:dc:dd:43:1d:bb:5e:7d:33:
b9:1c:94:b0:3f:a1:82:74:80:20:9e:5c:85:63:be:
9a:65:04:83:3d:b9:c3:9e:6b:28:1b:39:9e:a5:77:
13:c8:b9:8d:99:17:ba:5f:0b:9f:d7:d0:24:70:3c:
5d:57:58:93:17:b7:e0:3a:3b:f8:30:b0:05:ee:b2:
0f:e1:97:81:bb:0a:a2:e0:dc:e4:c5:69:ff:e2:02:
0c:21:32:bb:0a:28:7a:e5:80:f5:00:70:6c:cc:c9:
50:3c:da:87:90:af:bc:69:be:72:6e:c6:36:c7:a1:
89:2c:76:7b:10:72:12:a8:29:44:3c:ce:c3:ab:5b:
0d:a5:b4:54:5c:46:07:45:45:26:4c:ee:53:ef:5e:
f5:6c:fd:3b:24:45:9d:93:36:f9:c6:4d:77:59:46:
b6:88:d9:ff:1d:dd:7e:0c:d9:34:70:12:a8:4d:56:
0b:4d:b6:87:17:4d:d9:ce:aa:2f:db:54:dc:04:25:
71:e1:c4:ee:48:58:d6:6b:9c:82:02:c4:28:9e:83:
27:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:84:0C:0F:2E:10:1D:32:5F:16:47:E2:DD:4E:E0:AA:72:DC:8F:5F
X509v3 Authority Key Identifier:
keyid:2B:97:62:75:54:7B:75:DF:2B:04:C4:F9:B2:91:C0:71:0C:50:77:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5didVR7dd8rBMT5spHAcQxQd0A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/K5didVR7dd8rBMT5spHAcQxQd0A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/K5didVR7dd8rBMT5spHAcQxQd0A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:f8:a8:51:97:16:6a:93:1e:09:2f:5d:02:48:62:ed:09:14:
f8:80:60:29:c3:7e:aa:b7:66:12:fe:b3:7d:77:e7:11:b6:09:
dc:72:ec:2f:ea:e1:c3:e5:e6:df:48:f1:9c:8a:15:2f:67:49:
f3:81:9c:ba:f0:e5:eb:c9:23:f5:ed:84:11:a0:15:d2:7d:7a:
ee:3a:89:1e:e0:85:f7:0e:56:a1:b4:64:ce:a0:ec:16:bb:84:
68:48:8d:d2:30:12:ba:0b:ed:9e:21:42:80:b9:36:b4:16:93:
3d:d7:94:80:6e:bc:7f:b3:cd:6a:b7:50:fc:cb:cd:0c:b6:9f:
e1:af:72:6e:a8:27:d1:55:78:53:3e:9c:ed:f1:ad:90:cd:c9:
1f:85:d6:de:65:2b:87:d4:e3:8f:91:46:16:e4:78:eb:5d:de:
c5:9a:76:88:36:ae:16:be:64:71:94:83:fb:06:6d:35:85:01:
6b:82:a5:9f:a2:81:c4:92:0d:e7:b4:0a:3b:a1:3a:f4:69:6d:
10:5e:d3:92:1b:81:50:fb:67:df:2a:d0:42:b1:75:4d:80:cf:
08:0f:e4:ed:eb:46:b7:56:e9:ca:61:87:9b:ee:46:33:ab:61:
87:83:02:95:45:04:c4:ce:6e:bd:d6:f8:93:6c:48:3b:3f:e1:
38:28:cd:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3PPo9/H4v68trmZZw3bOI4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTc2Mjc1NTQ3Yjc1ZGYyYjA0YzRmOWIyOTFjMDcxMGM1
MDc3NDAwHhcNMjYwNDI3MTQwMTE2WhcNMjYwNDI4MTQwMTE2WjAzMTEwLwYDVQQD
Eyg5Nzg0MGMwZjJlMTAxZDMyNWYxNjQ3ZTJkZDRlZTBhYTcyZGM4ZjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtO8YV9LN4/lKvH7GDcCjsHcC9m6
7JmqB94B7eROo1bhEftPzxJhCdL658X9cwMAQWMO3N1DHbtefTO5HJSwP6GCdIAg
nlyFY76aZQSDPbnDnmsoGzmepXcTyLmNmRe6Xwuf19AkcDxdV1iTF7fgOjv4MLAF
7rIP4ZeBuwqi4NzkxWn/4gIMITK7Cih65YD1AHBszMlQPNqHkK+8ab5ybsY2x6GJ
LHZ7EHISqClEPM7Dq1sNpbRUXEYHRUUmTO5T7171bP07JEWdkzb5xk13WUa2iNn/
Hd1+DNk0cBKoTVYLTbaHF03Zzqov21TcBCVx4cTuSFjWa5yCAsQonoMngQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJeEDA8uEB0yXxZH4t1O4Kpy3I9fMB8GA1UdIwQY
MBaAFCuXYnVUe3XfKwTE+bKRwHEMUHdAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVkaWRWUjdkZDhyQk1UNXNwSEFjUXhRZDBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81OGY0NWYtOGIwNy00ZTZhLTk1NDgt
ZDViMGY5MWQ5N2MyLzEvSzVkaWRWUjdkZDhyQk1UNXNwSEFjUXhRZDBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81OGY0NWYtOGIwNy00ZTZhLTk1NDgtZDViMGY5MWQ5N2My
LzEvSzVkaWRWUjdkZDhyQk1UNXNwSEFjUXhRZDBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIfioUZcW
apMeCS9dAkhi7QkU+IBgKcN+qrdmEv6zfXfnEbYJ3HLsL+rhw+Xm30jxnIoVL2dJ
84GcuvDl68kj9e2EEaAV0n167jqJHuCF9w5WobRkzqDsFruEaEiN0jASugvtniFC
gLk2tBaTPdeUgG68f7PNardQ/MvNDLaf4a9ybqgn0VV4Uz6c7fGtkM3JH4XW3mUr
h9Tjj5FGFuR4613exZp2iDauFr5kcZSD+wZtNYUBa4Kln6KBxJIN57QKO6E69Glt
EF7TkhuBUPtn3yrQQrF1TYDPCA/k7etGt1bpymGHm+5GM6thh4MClUUExM5uvdb4
k2xIOz/hOCjNhQ==
-----END CERTIFICATE-----
Generated at Mon Apr 27 19:47:33 2026 by rpki-client