Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/2162d8-e9de-4981-b1ca-b8477f5073c1/1/86GuCwfNBe4khPTuvNRWhHNHNBQ.mft
File: 86GuCwfNBe4khPTuvNRWhHNHNBQ.mft (raw, json)
Hash identifier: ZPmQj+OjvFq5xmCLLmpmuZOz61P/IFJeguqcDF3hfI0=
Subject key identifier: F3:5E:02:4D:FF:04:53:B2:25:0C:6F:DB:9C:F9:3C:AF:C0:72:21:1F
Authority key identifier: F3:A1:AE:0B:07:CD:05:EE:24:84:F4:EE:BC:D4:56:84:73:47:34:14
Certificate issuer: /CN=f3a1ae0b07cd05ee2484f4eebcd4568473473414
Certificate serial: 019DD12C4A30BC1866F6953C849F5566D7B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/86GuCwfNBe4khPTuvNRWhHNHNBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/2162d8-e9de-4981-b1ca-b8477f5073c1/1/86GuCwfNBe4khPTuvNRWhHNHNBQ.mft
Manifest number: 18E2
Signing time: Mon 27 Apr 2026 23:00:33 +0000
Manifest this update: Mon 27 Apr 2026 23:00:33 +0000
Manifest next update: Tue 28 Apr 2026 23:00:33 +0000
Files and hashes: 1: 86GuCwfNBe4khPTuvNRWhHNHNBQ.crl (hash: Djh5AZ84M8GUEzJoN+zNcjnTqFByKqUZAYZ/XCP9yoo=)
2: WL12YdHQF4v--TkqLhD3Ng1t2wY.roa (hash: 2kBmQB016zd0/AsZ8Bq22A6ptaprPzQDHPqGp8rEVlA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/2162d8-e9de-4981-b1ca-b8477f5073c1/1/86GuCwfNBe4khPTuvNRWhHNHNBQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/2162d8-e9de-4981-b1ca-b8477f5073c1/1/86GuCwfNBe4khPTuvNRWhHNHNBQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/86GuCwfNBe4khPTuvNRWhHNHNBQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 23:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d1:2c:4a:30:bc:18:66:f6:95:3c:84:9f:55:66:d7:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3a1ae0b07cd05ee2484f4eebcd4568473473414
Validity
Not Before: Apr 27 23:00:33 2026 GMT
Not After : Apr 28 23:00:33 2026 GMT
Subject: CN=f35e024dff0453b2250c6fdb9cf93cafc072211f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c0:2f:e4:81:0e:2b:b7:72:f7:7b:ce:1f:02:
28:62:d0:1f:1c:b3:1e:68:83:fd:63:b3:69:f9:36:
fe:88:8d:d8:97:6b:c8:7e:89:9e:a5:69:20:09:b0:
3e:c3:22:a7:62:fc:00:45:13:e3:47:f0:44:6e:be:
ed:08:ec:b7:ef:0e:2c:db:a3:20:df:a7:24:a8:88:
9a:30:e0:06:76:fd:86:20:03:7e:9e:a8:29:3d:0c:
71:8f:c0:70:f0:ac:d4:16:59:07:35:a7:59:b5:38:
51:64:02:7c:9e:cf:58:48:2a:31:53:fd:24:c9:25:
26:f6:57:e3:c4:df:70:d5:ed:ae:a2:e2:12:e0:5f:
bc:8f:a1:79:d7:5b:58:43:e7:c0:df:e6:b6:de:0f:
18:e7:4e:45:ad:f5:00:9a:16:87:e0:fd:bb:4d:cc:
43:6e:5e:e4:ba:2f:3a:1b:93:79:f7:96:6d:19:6e:
81:1b:76:a3:07:59:9d:6a:da:c2:4d:e1:a5:b7:c5:
8a:09:5b:3c:fb:8b:d3:61:be:ea:fe:7d:4d:59:9c:
85:0e:47:9b:d8:ff:78:9a:39:b9:dd:96:5d:fe:19:
5f:9f:68:04:c8:19:f7:4d:92:64:bd:70:c3:bc:e8:
83:14:74:09:ee:d9:80:0a:85:88:61:b8:73:01:92:
77:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:5E:02:4D:FF:04:53:B2:25:0C:6F:DB:9C:F9:3C:AF:C0:72:21:1F
X509v3 Authority Key Identifier:
keyid:F3:A1:AE:0B:07:CD:05:EE:24:84:F4:EE:BC:D4:56:84:73:47:34:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/86GuCwfNBe4khPTuvNRWhHNHNBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/2162d8-e9de-4981-b1ca-b8477f5073c1/1/86GuCwfNBe4khPTuvNRWhHNHNBQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/2162d8-e9de-4981-b1ca-b8477f5073c1/1/86GuCwfNBe4khPTuvNRWhHNHNBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ae:3c:96:9a:2c:47:ae:04:f7:47:e8:e5:d7:8a:9e:19:73:8d:
4f:42:71:e4:8f:87:15:a5:0d:ce:3f:f3:ad:23:77:13:57:a5:
f1:29:64:31:f2:7c:29:c4:d9:b7:be:f1:79:a3:66:0c:de:9e:
b3:bf:cb:d8:fe:5a:85:a9:51:02:9b:60:c2:c9:50:03:40:b2:
18:50:66:3f:39:c2:76:2f:db:d5:94:85:e8:01:d5:aa:78:f2:
2b:ee:9d:3e:d6:36:0d:dd:f4:cb:61:5d:d1:82:c7:5a:d2:25:
db:48:ae:1b:0c:36:0f:e4:37:ef:7c:08:3e:f9:30:f7:ca:8e:
58:96:31:f3:ae:88:9d:52:ea:2d:e7:05:37:47:5e:25:da:dd:
73:bf:ce:af:78:46:d8:72:9c:77:8e:fe:5a:8e:b4:1a:42:57:
04:2d:be:e6:02:26:71:91:b4:27:a9:eb:2d:81:e8:37:4e:9f:
de:71:88:eb:e4:75:49:58:1a:1c:96:71:51:9f:91:2b:8c:9e:
7f:64:f7:67:7e:d2:71:56:a7:a2:58:3e:7b:69:0e:f8:5e:37:
58:03:78:ab:f1:c8:5f:c2:88:d3:80:43:dc:51:6d:64:ec:5e:
83:42:02:74:d6:cb:43:cd:80:7a:aa:a5:62:67:a5:c3:04:f6:
28:73:13:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3RLEowvBhm9pU8hJ9VZtexMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYTFhZTBiMDdjZDA1ZWUyNDg0ZjRlZWJjZDQ1Njg0NzM0
NzM0MTQwHhcNMjYwNDI3MjMwMDMzWhcNMjYwNDI4MjMwMDMzWjAzMTEwLwYDVQQD
EyhmMzVlMDI0ZGZmMDQ1M2IyMjUwYzZmZGI5Y2Y5M2NhZmMwNzIyMTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsAv5IEOK7dy93vOHwIoYtAfHLMe
aIP9Y7Np+Tb+iI3Yl2vIfomepWkgCbA+wyKnYvwARRPjR/BEbr7tCOy37w4s26Mg
36ckqIiaMOAGdv2GIAN+nqgpPQxxj8Bw8KzUFlkHNadZtThRZAJ8ns9YSCoxU/0k
ySUm9lfjxN9w1e2uouIS4F+8j6F511tYQ+fA3+a23g8Y505FrfUAmhaH4P27TcxD
bl7kui86G5N595ZtGW6BG3ajB1mdatrCTeGlt8WKCVs8+4vTYb7q/n1NWZyFDkeb
2P94mjm53ZZd/hlfn2gEyBn3TZJkvXDDvOiDFHQJ7tmACoWIYbhzAZJ3XQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPNeAk3/BFOyJQxv25z5PK/AciEfMB8GA1UdIwQY
MBaAFPOhrgsHzQXuJIT07rzUVoRzRzQUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODZHdUN3Zk5CZTRraFBUdXZOUldoSE5ITkJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8yMTYyZDgtZTlkZS00OTgxLWIxY2Et
Yjg0NzdmNTA3M2MxLzEvODZHdUN3Zk5CZTRraFBUdXZOUldoSE5ITkJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8yMTYyZDgtZTlkZS00OTgxLWIxY2EtYjg0NzdmNTA3M2Mx
LzEvODZHdUN3Zk5CZTRraFBUdXZOUldoSE5ITkJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArjyWmixH
rgT3R+jl14qeGXONT0Jx5I+HFaUNzj/zrSN3E1el8SlkMfJ8KcTZt77xeaNmDN6e
s7/L2P5ahalRAptgwslQA0CyGFBmPznCdi/b1ZSF6AHVqnjyK+6dPtY2Dd30y2Fd
0YLHWtIl20iuGww2D+Q373wIPvkw98qOWJYx866InVLqLecFN0deJdrdc7/Or3hG
2HKcd47+Wo60GkJXBC2+5gImcZG0J6nrLYHoN06f3nGI6+R1SVgaHJZxUZ+RK4ye
f2T3Z37ScVanolg+e2kO+F43WAN4q/HIX8KI04BD3FFtZOxeg0ICdNbLQ82Aeqql
YmelwwT2KHMTxA==
-----END CERTIFICATE-----
Generated at Tue Apr 28 04:30:59 2026 by rpki-client