Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/5de6df-ce4f-4b09-82d2-377d25be594d/1/8zk0PMbVHduONjgpmhu0lfRYCSE.mft
File: 8zk0PMbVHduONjgpmhu0lfRYCSE.mft (raw, json)
Hash identifier: nCxlSaiNyijwd95u5Z/9XejiI2b6PzDb5mBL2TbYj94=
Subject key identifier: 4A:3F:0E:C9:4C:96:8B:6A:85:53:80:ED:B5:36:66:23:57:E6:3A:E2
Authority key identifier: F3:39:34:3C:C6:D5:1D:DB:8E:36:38:29:9A:1B:B4:95:F4:58:09:21
Certificate issuer: /CN=f339343cc6d51ddb8e3638299a1bb495f4580921
Certificate serial: 019DD019B09E961D268C078F1C69441C5079
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8zk0PMbVHduONjgpmhu0lfRYCSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/5de6df-ce4f-4b09-82d2-377d25be594d/1/8zk0PMbVHduONjgpmhu0lfRYCSE.mft
Manifest number: 18DD
Signing time: Mon 27 Apr 2026 18:00:37 +0000
Manifest this update: Mon 27 Apr 2026 18:00:37 +0000
Manifest next update: Tue 28 Apr 2026 18:00:37 +0000
Files and hashes: 1: 3ZbP8D4oyhCe4u5mlugxkhUP_G4.roa (hash: mYQ4ggMgVLrFbz01ZBuOhgHTwYfwTmz0/Kv0k+37TBo=)
2: 8zk0PMbVHduONjgpmhu0lfRYCSE.crl (hash: rqqjXv+gZdtxTG6RFeFNPoRbdOLUKHb1PRyjmzWxRvs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/5de6df-ce4f-4b09-82d2-377d25be594d/1/8zk0PMbVHduONjgpmhu0lfRYCSE.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/5de6df-ce4f-4b09-82d2-377d25be594d/1/8zk0PMbVHduONjgpmhu0lfRYCSE.mft
rsync://rpki.ripe.net/repository/DEFAULT/8zk0PMbVHduONjgpmhu0lfRYCSE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 17:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d0:19:b0:9e:96:1d:26:8c:07:8f:1c:69:44:1c:50:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f339343cc6d51ddb8e3638299a1bb495f4580921
Validity
Not Before: Apr 27 18:00:37 2026 GMT
Not After : Apr 28 18:00:37 2026 GMT
Subject: CN=4a3f0ec94c968b6a855380edb536662357e63ae2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:c7:c4:cc:47:e1:2f:4b:ea:c3:57:14:67:c0:
a6:21:bc:13:1e:f2:4a:04:39:f3:7d:95:77:77:3c:
76:52:f5:f7:60:84:36:b2:97:62:b7:e3:e4:68:f5:
8b:a4:ea:8e:e2:ac:d1:a2:f1:ce:8a:3d:c9:d5:fd:
fc:87:9d:f0:13:a6:d2:dc:28:4e:9b:2a:df:f2:64:
81:1d:22:e2:7c:34:de:50:6b:8e:ed:09:6f:65:56:
b2:96:a8:00:f9:6f:39:8a:13:b6:1b:ef:ef:f9:15:
1b:10:6b:95:15:e3:47:51:e7:6d:73:c1:78:eb:ae:
a1:e2:81:30:54:9b:fd:03:4a:1e:26:d8:8d:29:5c:
1b:db:ad:06:05:6e:1a:3a:ea:31:91:db:a3:01:5c:
c0:c9:c0:2d:b4:82:b9:5a:86:02:3b:ea:c5:64:a4:
aa:4b:c8:55:4e:14:17:56:4e:98:62:fb:ad:98:41:
fd:e4:b6:fe:18:22:24:53:01:b3:2a:95:60:02:f4:
f3:3d:2e:4b:b7:03:cf:cf:55:0a:a9:75:90:6d:d9:
84:3a:10:43:59:55:be:bc:69:cb:8e:d6:06:d6:b6:
fa:32:e4:ea:7b:9d:e7:f6:f3:d8:7c:cc:85:bd:a3:
dc:b6:98:23:30:df:d1:fb:a3:d4:c7:29:84:ba:13:
fc:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:3F:0E:C9:4C:96:8B:6A:85:53:80:ED:B5:36:66:23:57:E6:3A:E2
X509v3 Authority Key Identifier:
keyid:F3:39:34:3C:C6:D5:1D:DB:8E:36:38:29:9A:1B:B4:95:F4:58:09:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8zk0PMbVHduONjgpmhu0lfRYCSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/5de6df-ce4f-4b09-82d2-377d25be594d/1/8zk0PMbVHduONjgpmhu0lfRYCSE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/5de6df-ce4f-4b09-82d2-377d25be594d/1/8zk0PMbVHduONjgpmhu0lfRYCSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6a:76:53:f0:4f:7e:19:51:fd:49:53:ea:53:c1:09:48:10:2f:
58:44:4c:d8:a6:0a:86:10:36:59:e1:18:5f:4b:87:16:2c:3a:
21:f4:f1:ec:9c:27:e8:51:b2:0d:0f:1c:2a:e5:95:c4:7d:9b:
5e:69:8d:fc:1a:c2:9a:36:b6:c4:af:e0:d4:b7:0f:0c:5d:69:
03:86:3c:03:42:fa:a2:94:7d:ac:76:c5:fd:29:50:a0:e1:de:
fa:53:3a:99:f3:64:cd:89:2a:9a:a4:2d:74:c2:9f:f8:ec:5a:
93:18:b1:fa:60:42:8a:c3:6c:e3:9d:7e:bd:49:f1:3b:09:63:
0c:78:ea:c1:97:91:97:be:3f:23:00:ce:92:81:69:f2:b4:85:
69:b7:e8:5a:38:bb:32:b2:5e:2f:dd:1f:5a:8b:20:8e:2b:9f:
e2:1d:30:ab:64:72:d7:67:4c:89:4e:32:f2:aa:7c:7f:c3:6d:
37:d8:f7:3d:75:51:91:ea:40:46:d7:0d:8f:47:b7:3c:49:52:
f2:e8:26:fd:56:19:a7:b7:4e:d1:cc:81:9e:52:d4:1e:cb:75:
67:56:61:51:9b:11:9d:33:99:8e:82:d6:54:dc:c2:bf:65:ef:
82:5f:fd:c5:72:29:e8:07:58:0f:b4:c7:46:ed:58:6f:3b:95:
b1:57:ef:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3QGbCelh0mjAePHGlEHFB5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMzkzNDNjYzZkNTFkZGI4ZTM2MzgyOTlhMWJiNDk1ZjQ1
ODA5MjEwHhcNMjYwNDI3MTgwMDM3WhcNMjYwNDI4MTgwMDM3WjAzMTEwLwYDVQQD
Eyg0YTNmMGVjOTRjOTY4YjZhODU1MzgwZWRiNTM2NjYyMzU3ZTYzYWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0cfEzEfhL0vqw1cUZ8CmIbwTHvJK
BDnzfZV3dzx2UvX3YIQ2spdit+PkaPWLpOqO4qzRovHOij3J1f38h53wE6bS3ChO
myrf8mSBHSLifDTeUGuO7QlvZVaylqgA+W85ihO2G+/v+RUbEGuVFeNHUedtc8F4
666h4oEwVJv9A0oeJtiNKVwb260GBW4aOuoxkdujAVzAycAttIK5WoYCO+rFZKSq
S8hVThQXVk6YYvutmEH95Lb+GCIkUwGzKpVgAvTzPS5LtwPPz1UKqXWQbdmEOhBD
WVW+vGnLjtYG1rb6MuTqe53n9vPYfMyFvaPctpgjMN/R+6PUxymEuhP8VQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEo/DslMlotqhVOA7bU2ZiNX5jriMB8GA1UdIwQY
MBaAFPM5NDzG1R3bjjY4KZobtJX0WAkhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHprMFBNYlZIZHVPTmpncG1odTBsZlJZQ1NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81ZGU2ZGYtY2U0Zi00YjA5LTgyZDIt
Mzc3ZDI1YmU1OTRkLzEvOHprMFBNYlZIZHVPTmpncG1odTBsZlJZQ1NFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81ZGU2ZGYtY2U0Zi00YjA5LTgyZDItMzc3ZDI1YmU1OTRk
LzEvOHprMFBNYlZIZHVPTmpncG1odTBsZlJZQ1NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAanZT8E9+
GVH9SVPqU8EJSBAvWERM2KYKhhA2WeEYX0uHFiw6IfTx7Jwn6FGyDQ8cKuWVxH2b
XmmN/BrCmja2xK/g1LcPDF1pA4Y8A0L6opR9rHbF/SlQoOHe+lM6mfNkzYkqmqQt
dMKf+Oxakxix+mBCisNs451+vUnxOwljDHjqwZeRl74/IwDOkoFp8rSFabfoWji7
MrJeL90fWosgjiuf4h0wq2Ry12dMiU4y8qp8f8NtN9j3PXVRkepARtcNj0e3PElS
8ugm/VYZp7dO0cyBnlLUHst1Z1ZhUZsRnTOZjoLWVNzCv2Xvgl/9xXIp6AdYD7TH
Ru1YbzuVsVfvMA==
-----END CERTIFICATE-----
Generated at Mon Apr 27 20:12:59 2026 by rpki-client