Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/918245-7b50-4952-a3a7-a45916955e6f/1/sXtEkEx2lKVAig0pcsOf8LGwPqU.mft
File: sXtEkEx2lKVAig0pcsOf8LGwPqU.mft (raw, json)
Hash identifier: Ucxr4uDmtmNKpb1NZhdfr3idzOM4F1KZ5vd/5bRwhfU=
Subject key identifier: B7:E9:F6:A2:87:89:96:73:6B:B8:FE:E0:DA:79:C5:F5:7E:FD:9F:0C
Authority key identifier: B1:7B:44:90:4C:76:94:A5:40:8A:0D:29:72:C3:9F:F0:B1:B0:3E:A5
Certificate issuer: /CN=b17b44904c7694a5408a0d2972c39ff0b1b03ea5
Certificate serial: 019DCE63074EEAF1A9C90D47285F798AEEC5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sXtEkEx2lKVAig0pcsOf8LGwPqU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/918245-7b50-4952-a3a7-a45916955e6f/1/sXtEkEx2lKVAig0pcsOf8LGwPqU.mft
Manifest number: 1127
Signing time: Mon 27 Apr 2026 10:01:29 +0000
Manifest this update: Mon 27 Apr 2026 10:01:29 +0000
Manifest next update: Tue 28 Apr 2026 10:01:29 +0000
Files and hashes: 1: _RUk9FpS67FmhL3-cjuZddAmpdk.roa (hash: B9UAAuPL9bMWFoRGXof1Klm+Lwvuj9esb9qSVPpnlxw=)
2: sXtEkEx2lKVAig0pcsOf8LGwPqU.crl (hash: mZHslBfDtQpAD6vaSXq/owVWQsda6Id+1OyXOlr9Blo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/918245-7b50-4952-a3a7-a45916955e6f/1/sXtEkEx2lKVAig0pcsOf8LGwPqU.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/918245-7b50-4952-a3a7-a45916955e6f/1/sXtEkEx2lKVAig0pcsOf8LGwPqU.mft
rsync://rpki.ripe.net/repository/DEFAULT/sXtEkEx2lKVAig0pcsOf8LGwPqU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 10:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ce:63:07:4e:ea:f1:a9:c9:0d:47:28:5f:79:8a:ee:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b17b44904c7694a5408a0d2972c39ff0b1b03ea5
Validity
Not Before: Apr 27 10:01:29 2026 GMT
Not After : Apr 28 10:01:29 2026 GMT
Subject: CN=b7e9f6a2878996736bb8fee0da79c5f57efd9f0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b2:09:73:5b:fa:48:c0:5c:d9:57:d9:9f:85:
3f:60:9b:a6:71:52:57:bb:c2:4f:f1:4f:a7:93:0f:
21:9c:74:33:47:7d:85:76:1c:91:df:68:e0:42:f9:
c9:62:dc:2e:ac:e2:a5:2e:30:13:d5:f6:7c:1b:c1:
2b:dc:38:3e:9a:74:7b:f3:e5:07:3e:da:42:8d:07:
45:2e:8e:d1:a3:77:84:b1:17:15:d7:41:63:88:18:
c9:cc:60:91:d5:aa:d7:ef:32:14:5e:99:35:56:47:
21:7e:bd:5c:dd:4e:77:dc:de:42:dc:2f:44:8e:b1:
79:5b:f4:3d:67:53:7b:d6:d2:1d:4d:b7:20:18:7c:
bb:7d:ff:d8:1b:25:b1:09:ba:d6:80:7e:7e:98:1f:
b0:ec:ec:88:b8:98:ef:68:97:ed:fe:75:09:9c:eb:
f3:db:73:4a:8f:93:ae:16:80:81:4f:e5:bb:5c:ef:
e2:af:42:0c:fd:2f:d8:d6:0d:85:1e:df:0d:b6:8e:
89:dd:1f:66:87:2f:91:fd:fe:1f:49:a3:4e:d4:ec:
c3:60:e7:45:f0:90:16:5f:c9:dc:8f:a8:bf:04:ad:
2e:a8:58:a2:c0:15:01:71:fd:4e:0f:44:9f:ef:e0:
d0:f9:f3:27:c6:40:d9:b4:3d:52:bf:b6:33:14:69:
64:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:E9:F6:A2:87:89:96:73:6B:B8:FE:E0:DA:79:C5:F5:7E:FD:9F:0C
X509v3 Authority Key Identifier:
keyid:B1:7B:44:90:4C:76:94:A5:40:8A:0D:29:72:C3:9F:F0:B1:B0:3E:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sXtEkEx2lKVAig0pcsOf8LGwPqU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/918245-7b50-4952-a3a7-a45916955e6f/1/sXtEkEx2lKVAig0pcsOf8LGwPqU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/918245-7b50-4952-a3a7-a45916955e6f/1/sXtEkEx2lKVAig0pcsOf8LGwPqU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
14:c2:bc:9a:a0:49:22:37:0b:b0:ba:da:8e:43:6b:7b:0f:4b:
45:5d:90:c3:a2:a5:09:95:d9:1d:4a:e9:db:61:04:c5:a6:41:
f2:2a:9f:d0:db:ab:4c:0a:d2:35:18:1d:ce:e1:3c:80:50:f5:
03:37:ae:9a:11:8f:40:f2:8d:ca:a3:eb:8e:c4:12:db:12:3a:
85:5d:93:26:d9:93:f9:cc:2b:5e:24:28:94:fe:e2:7f:da:d6:
54:dd:6d:5a:56:fa:84:8a:f8:99:4f:1b:41:1c:09:08:26:d2:
3f:f5:4a:2e:96:b2:92:23:10:55:fb:96:71:4a:bf:2c:c9:d3:
b2:76:cc:3c:55:d5:0e:35:f6:4d:87:57:26:5e:a7:ba:7f:6f:
94:63:67:dc:0c:da:f0:1b:fb:37:19:a1:e8:10:b1:05:43:6e:
01:2a:c6:9f:7a:1a:42:62:cb:39:60:48:2e:09:aa:db:ff:ad:
98:05:eb:ab:3b:dd:91:db:e7:53:bc:31:8f:ea:d5:a4:5c:66:
61:b1:b4:56:4c:e4:24:6a:90:93:7c:fd:0b:6c:9a:16:3b:f3:
8d:8c:6f:1a:a3:14:f8:ca:e6:d5:8f:68:bd:3f:73:07:84:11:
7b:c5:80:a9:92:f6:df:83:b8:6b:e1:93:67:a2:f4:99:b4:b4:
d8:15:ec:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3OYwdO6vGpyQ1HKF95iu7FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxN2I0NDkwNGM3Njk0YTU0MDhhMGQyOTcyYzM5ZmYwYjFi
MDNlYTUwHhcNMjYwNDI3MTAwMTI5WhcNMjYwNDI4MTAwMTI5WjAzMTEwLwYDVQQD
EyhiN2U5ZjZhMjg3ODk5NjczNmJiOGZlZTBkYTc5YzVmNTdlZmQ5ZjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrIJc1v6SMBc2VfZn4U/YJumcVJX
u8JP8U+nkw8hnHQzR32FdhyR32jgQvnJYtwurOKlLjAT1fZ8G8Er3Dg+mnR78+UH
PtpCjQdFLo7Ro3eEsRcV10FjiBjJzGCR1arX7zIUXpk1Vkchfr1c3U533N5C3C9E
jrF5W/Q9Z1N71tIdTbcgGHy7ff/YGyWxCbrWgH5+mB+w7OyIuJjvaJft/nUJnOvz
23NKj5OuFoCBT+W7XO/ir0IM/S/Y1g2FHt8Nto6J3R9mhy+R/f4fSaNO1OzDYOdF
8JAWX8ncj6i/BK0uqFiiwBUBcf1OD0Sf7+DQ+fMnxkDZtD1Sv7YzFGlkrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLfp9qKHiZZza7j+4Np5xfV+/Z8MMB8GA1UdIwQY
MBaAFLF7RJBMdpSlQIoNKXLDn/CxsD6lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1h0RWtFeDJsS1ZBaWcwcGNzT2Y4TEd3UHFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC85MTgyNDUtN2I1MC00OTUyLWEzYTct
YTQ1OTE2OTU1ZTZmLzEvc1h0RWtFeDJsS1ZBaWcwcGNzT2Y4TEd3UHFVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC85MTgyNDUtN2I1MC00OTUyLWEzYTctYTQ1OTE2OTU1ZTZm
LzEvc1h0RWtFeDJsS1ZBaWcwcGNzT2Y4TEd3UHFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFMK8mqBJ
IjcLsLrajkNrew9LRV2Qw6KlCZXZHUrp22EExaZB8iqf0NurTArSNRgdzuE8gFD1
AzeumhGPQPKNyqPrjsQS2xI6hV2TJtmT+cwrXiQolP7if9rWVN1tWlb6hIr4mU8b
QRwJCCbSP/VKLpaykiMQVfuWcUq/LMnTsnbMPFXVDjX2TYdXJl6nun9vlGNn3Aza
8Bv7Nxmh6BCxBUNuASrGn3oaQmLLOWBILgmq2/+tmAXrqzvdkdvnU7wxj+rVpFxm
YbG0VkzkJGqQk3z9C2yaFjvzjYxvGqMU+Mrm1Y9ovT9zB4QRe8WAqZL234O4a+GT
Z6L0mbS02BXsYA==
-----END CERTIFICATE-----
Generated at Mon Apr 27 19:08:56 2026 by rpki-client