Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/s90R00a2O7HrIqB8JswSkaKgaJU.mft
File: s90R00a2O7HrIqB8JswSkaKgaJU.mft (raw, json)
Hash identifier: h3SePqP1wX+ebJygIiTZ/md/5/73agp1PAEhymLXWOw=
Subject key identifier: DF:EB:C9:A7:62:E3:8B:23:A9:64:A3:82:1B:D8:D0:2A:EE:A4:F2:0F
Authority key identifier: B3:DD:11:D3:46:B6:3B:B1:EB:22:A0:7C:26:CC:12:91:A2:A0:68:95
Certificate issuer: /CN=b3dd11d346b63bb1eb22a07c26cc1291a2a06895
Certificate serial: 019E295E47942130DD5D9A44A1FB05BA7568
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s90R00a2O7HrIqB8JswSkaKgaJU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/s90R00a2O7HrIqB8JswSkaKgaJU.mft
Manifest number: 111A
Signing time: Fri 15 May 2026 02:01:44 +0000
Manifest this update: Fri 15 May 2026 02:01:44 +0000
Manifest next update: Sat 16 May 2026 02:01:44 +0000
Files and hashes: 1: W1I4zwk5u62kEWKU3w3ttcGBy2k.roa (hash: m2lBjL0FDEr7OnguUKCR+j/T0K4u4HNIAXm6k1LnPZo=)
2: s90R00a2O7HrIqB8JswSkaKgaJU.crl (hash: h9KJBNOWPRhsdVSDVgvQxxcK3hKJ8LhyVBDfABZSE88=)
3: xJY_AM5c5mqbzDMlBNgNsWz_lug.roa (hash: B551H0yQy3AcP1JDauGu2ZmstUvG2dDmNnX6HF0awWo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/s90R00a2O7HrIqB8JswSkaKgaJU.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/s90R00a2O7HrIqB8JswSkaKgaJU.mft
rsync://rpki.ripe.net/repository/DEFAULT/s90R00a2O7HrIqB8JswSkaKgaJU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 16 May 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:29:5e:47:94:21:30:dd:5d:9a:44:a1:fb:05:ba:75:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3dd11d346b63bb1eb22a07c26cc1291a2a06895
Validity
Not Before: May 15 02:01:44 2026 GMT
Not After : May 16 02:01:44 2026 GMT
Subject: CN=dfebc9a762e38b23a964a3821bd8d02aeea4f20f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:01:f4:76:ac:97:59:38:60:64:8b:c1:eb:8a:
ab:b9:84:ae:39:65:03:fc:70:9e:03:f6:2e:7f:b3:
23:5d:a8:1e:a7:9e:19:92:d3:3a:5a:6f:2d:93:fd:
de:5c:71:f7:00:68:e8:8b:19:df:4c:f6:14:b5:98:
bf:73:fe:a4:be:a8:94:90:d8:1b:6c:2f:b4:54:c1:
a1:7f:5e:a4:fc:f3:53:b9:10:04:55:0e:97:56:38:
1a:dc:7e:b1:14:c6:a3:4a:64:62:ed:86:2a:f3:09:
ac:de:51:f2:86:60:19:c5:e7:4e:22:08:19:15:3a:
a1:08:7a:e6:f5:2c:2d:47:e9:79:61:10:da:46:95:
2f:2d:0a:3e:30:46:cb:15:0a:b0:ec:c7:9e:9a:2e:
e8:ec:a8:97:b3:67:97:eb:13:77:dd:f6:dd:fa:f0:
8e:c6:ab:22:dc:35:a0:76:01:08:cb:5a:6b:2e:27:
e1:bd:8d:b1:4b:28:0a:f6:a4:c6:c9:57:38:42:da:
4a:6f:9c:fb:58:d0:66:97:15:44:50:1d:ff:9d:13:
79:96:ee:9b:08:58:8e:a5:a8:5a:e6:7e:55:ea:1e:
00:2c:ba:58:21:ee:76:64:d4:73:94:f4:5f:55:db:
96:71:aa:c8:31:37:30:8f:13:9e:dc:46:30:42:5c:
0d:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:EB:C9:A7:62:E3:8B:23:A9:64:A3:82:1B:D8:D0:2A:EE:A4:F2:0F
X509v3 Authority Key Identifier:
keyid:B3:DD:11:D3:46:B6:3B:B1:EB:22:A0:7C:26:CC:12:91:A2:A0:68:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s90R00a2O7HrIqB8JswSkaKgaJU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/s90R00a2O7HrIqB8JswSkaKgaJU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/s90R00a2O7HrIqB8JswSkaKgaJU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
18:cf:bc:f6:ac:21:bb:6b:47:98:e8:eb:a7:81:5a:28:fa:e4:
ad:59:6c:e6:66:4e:88:ee:a3:fd:5b:97:f1:d9:85:30:c1:0e:
cb:df:25:eb:8e:4a:fc:5f:be:f9:22:83:67:79:13:fc:89:06:
ed:ce:75:71:39:7e:f9:c5:16:0b:28:dc:fb:69:9f:2c:6e:08:
63:90:20:5c:15:75:7a:72:b3:fc:67:a3:d3:f8:aa:f8:02:c2:
cf:bc:48:d4:c3:fa:65:f8:53:73:7a:6e:a3:2f:89:41:30:76:
fd:94:57:82:b6:f3:8d:44:f3:48:db:e3:24:09:29:16:c1:7a:
8e:e8:eb:e7:cb:e6:95:3f:3e:87:97:cc:bb:e6:66:9e:a8:0b:
4e:26:3f:0a:e9:2f:5a:ca:7f:1c:2e:7f:0b:e9:02:b9:e4:d1:
30:06:2f:4e:a6:57:09:91:29:b7:8a:11:22:b2:e9:63:b8:14:
f3:1b:6d:a3:3f:26:c5:68:ed:f9:b6:56:da:9d:f3:47:52:d0:
72:c1:c2:b6:68:61:34:92:81:cc:8a:41:eb:ff:16:05:cf:c0:
93:da:18:76:9c:4b:de:78:76:97:b4:7e:43:8d:cf:47:82:8c:
38:67:d4:2a:c5:45:ad:24:09:4e:35:0e:25:5e:13:6e:a6:ec:
c1:b5:7c:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4pXkeUITDdXZpEofsFunVoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZGQxMWQzNDZiNjNiYjFlYjIyYTA3YzI2Y2MxMjkxYTJh
MDY4OTUwHhcNMjYwNTE1MDIwMTQ0WhcNMjYwNTE2MDIwMTQ0WjAzMTEwLwYDVQQD
EyhkZmViYzlhNzYyZTM4YjIzYTk2NGEzODIxYmQ4ZDAyYWVlYTRmMjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgH0dqyXWThgZIvB64qruYSuOWUD
/HCeA/Yuf7MjXagep54ZktM6Wm8tk/3eXHH3AGjoixnfTPYUtZi/c/6kvqiUkNgb
bC+0VMGhf16k/PNTuRAEVQ6XVjga3H6xFMajSmRi7YYq8wms3lHyhmAZxedOIggZ
FTqhCHrm9SwtR+l5YRDaRpUvLQo+MEbLFQqw7Meemi7o7KiXs2eX6xN33fbd+vCO
xqsi3DWgdgEIy1prLifhvY2xSygK9qTGyVc4QtpKb5z7WNBmlxVEUB3/nRN5lu6b
CFiOpaha5n5V6h4ALLpYIe52ZNRzlPRfVduWcarIMTcwjxOe3EYwQlwNYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN/ryadi44sjqWSjghvY0CrupPIPMB8GA1UdIwQY
MBaAFLPdEdNGtjux6yKgfCbMEpGioGiVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczkwUjAwYTJPN0hySXFCOEpzd1NrYUtnYUpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hNDE4OTgtZGEwOC00NjlkLWJlMWEt
OGJiYzIyNmU2YzQ1LzEvczkwUjAwYTJPN0hySXFCOEpzd1NrYUtnYUpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hNDE4OTgtZGEwOC00NjlkLWJlMWEtOGJiYzIyNmU2YzQ1
LzEvczkwUjAwYTJPN0hySXFCOEpzd1NrYUtnYUpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGM+89qwh
u2tHmOjrp4FaKPrkrVls5mZOiO6j/VuX8dmFMMEOy98l645K/F+++SKDZ3kT/IkG
7c51cTl++cUWCyjc+2mfLG4IY5AgXBV1enKz/Gej0/iq+ALCz7xI1MP6ZfhTc3pu
oy+JQTB2/ZRXgrbzjUTzSNvjJAkpFsF6jujr58vmlT8+h5fMu+ZmnqgLTiY/Cukv
Wsp/HC5/C+kCueTRMAYvTqZXCZEpt4oRIrLpY7gU8xttoz8mxWjt+bZW2p3zR1LQ
csHCtmhhNJKBzIpB6/8WBc/Ak9oYdpxL3nh2l7R+Q43PR4KMOGfUKsVFrSQJTjUO
JV4TbqbswbV8iA==
-----END CERTIFICATE-----
Generated at Fri May 15 09:51:20 2026 by rpki-client