Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/09d72e-8267-4393-8363-89f1815d4c19/1/1a8gwCbeEE2W8XrLr054fvnTAgY.mft
File: 1a8gwCbeEE2W8XrLr054fvnTAgY.mft (raw, json)
Hash identifier: XsgET6WRzGkBtmUdGn9ifTYHsH4xUqQ10UT68SRRHtw=
Subject key identifier: 4D:C1:C4:05:61:BE:6E:47:96:F7:05:86:4F:E3:C4:E7:DA:AF:A8:1D
Authority key identifier: D5:AF:20:C0:26:DE:10:4D:96:F1:7A:CB:AF:4E:78:7E:F9:D3:02:06
Certificate issuer: /CN=d5af20c026de104d96f17acbaf4e787ef9d30206
Certificate serial: 019DD79CEDB8099723756EA3993EE853BEDC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1a8gwCbeEE2W8XrLr054fvnTAgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/09d72e-8267-4393-8363-89f1815d4c19/1/1a8gwCbeEE2W8XrLr054fvnTAgY.mft
Manifest number: 0D21
Signing time: Wed 29 Apr 2026 05:01:19 +0000
Manifest this update: Wed 29 Apr 2026 05:01:19 +0000
Manifest next update: Thu 30 Apr 2026 05:01:19 +0000
Files and hashes: 1: 1a8gwCbeEE2W8XrLr054fvnTAgY.crl (hash: 3W8RN+cYPSomFQdV/aAMaXz0tFe31s/iYvcLZtYMr4Q=)
2: bbNTfIJmhGsZ2V8DBjEahyC2lWE.roa (hash: /Eg3PukaE2y9AWWE2+6unARGBgb5uWfL7NaM72cQJhU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/09d72e-8267-4393-8363-89f1815d4c19/1/1a8gwCbeEE2W8XrLr054fvnTAgY.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/09d72e-8267-4393-8363-89f1815d4c19/1/1a8gwCbeEE2W8XrLr054fvnTAgY.mft
rsync://rpki.ripe.net/repository/DEFAULT/1a8gwCbeEE2W8XrLr054fvnTAgY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 30 Apr 2026 05:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d7:9c:ed:b8:09:97:23:75:6e:a3:99:3e:e8:53:be:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5af20c026de104d96f17acbaf4e787ef9d30206
Validity
Not Before: Apr 29 05:01:19 2026 GMT
Not After : Apr 30 05:01:19 2026 GMT
Subject: CN=4dc1c40561be6e4796f705864fe3c4e7daafa81d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e9:ad:44:13:40:e9:64:8e:e7:ad:2a:06:8a:
12:17:16:d2:70:9f:02:00:cb:0a:53:ee:c0:7b:87:
02:ea:88:4f:8f:50:55:dd:b9:99:39:68:d6:35:3b:
22:04:c8:67:91:b2:c7:86:98:2b:f9:e9:8f:de:96:
28:11:5c:a6:05:bb:9c:07:e2:ad:23:1a:2d:c2:66:
a9:d9:e2:df:db:ac:28:1e:66:e5:2a:f9:19:6d:80:
b0:92:95:a8:85:4f:c3:c2:bb:32:1c:8f:07:8d:06:
5e:1c:53:ea:f1:a5:16:ff:68:08:28:f6:62:86:61:
b1:a4:97:a0:ab:58:df:53:68:ad:eb:82:bc:6f:16:
5d:59:3d:ba:04:47:da:b9:e3:a8:10:a8:46:2e:10:
13:27:27:4a:69:68:92:4a:37:03:83:29:15:36:97:
cf:87:b6:fb:58:35:68:96:88:34:5d:19:07:6a:70:
41:bb:55:76:2f:9b:f4:8e:61:29:7d:34:9b:86:59:
45:7c:45:45:72:21:a1:eb:ca:5e:ae:cf:f2:1b:bb:
f4:9e:4b:03:80:ed:28:6f:55:a4:69:b1:80:2f:ea:
48:64:d1:1d:42:dd:a9:ce:fc:8d:8c:1d:bc:65:51:
62:cd:cc:80:9a:a8:b0:08:fe:a8:6b:8e:3e:81:b8:
80:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:C1:C4:05:61:BE:6E:47:96:F7:05:86:4F:E3:C4:E7:DA:AF:A8:1D
X509v3 Authority Key Identifier:
keyid:D5:AF:20:C0:26:DE:10:4D:96:F1:7A:CB:AF:4E:78:7E:F9:D3:02:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a8gwCbeEE2W8XrLr054fvnTAgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/09d72e-8267-4393-8363-89f1815d4c19/1/1a8gwCbeEE2W8XrLr054fvnTAgY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/09d72e-8267-4393-8363-89f1815d4c19/1/1a8gwCbeEE2W8XrLr054fvnTAgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
de:9c:94:06:63:f1:85:4e:7e:cf:7b:fc:59:e7:9b:b8:db:74:
4c:91:ea:0a:c3:a3:20:84:1b:22:dc:38:3f:6d:91:0e:bc:78:
e2:00:36:0b:a4:87:ec:63:b8:87:29:44:df:5f:dc:b1:c5:59:
9f:25:69:62:79:d6:05:05:21:be:cd:00:77:24:49:d9:4e:d5:
71:12:29:9c:d0:c2:3c:4a:e3:4e:0e:da:a6:9c:7d:bd:c5:37:
16:d3:24:78:e9:80:20:79:37:11:da:04:1a:d4:b6:61:0b:75:
a5:92:1a:ed:45:75:6a:d4:0e:78:9d:d9:13:ad:03:5c:4b:19:
86:d8:d7:1b:1e:ba:2f:6b:ab:ef:b5:b7:e7:61:06:7e:9f:a2:
d9:f1:9a:ff:96:6b:23:25:8b:57:35:26:49:cb:26:20:90:56:
3f:9b:74:2f:1d:6c:b1:bc:18:26:ff:aa:d4:91:98:ab:03:4e:
66:fa:35:e5:98:63:f4:d7:3d:40:b7:ae:45:ec:96:a4:1b:18:
95:74:b6:e8:1e:bc:54:a2:a2:e4:9f:1b:db:ad:0f:da:54:b7:
99:48:4d:e1:4c:c3:59:9a:59:32:f3:38:78:43:7a:ad:8b:a2:
4c:24:b5:da:83:ee:71:cc:60:7c:81:76:b0:b2:3c:c6:14:77:
30:fc:4c:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3XnO24CZcjdW6jmT7oU77cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1YWYyMGMwMjZkZTEwNGQ5NmYxN2FjYmFmNGU3ODdlZjlk
MzAyMDYwHhcNMjYwNDI5MDUwMTE5WhcNMjYwNDMwMDUwMTE5WjAzMTEwLwYDVQQD
Eyg0ZGMxYzQwNTYxYmU2ZTQ3OTZmNzA1ODY0ZmUzYzRlN2RhYWZhODFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+mtRBNA6WSO560qBooSFxbScJ8C
AMsKU+7Ae4cC6ohPj1BV3bmZOWjWNTsiBMhnkbLHhpgr+emP3pYoEVymBbucB+Kt
Ixotwmap2eLf26woHmblKvkZbYCwkpWohU/DwrsyHI8HjQZeHFPq8aUW/2gIKPZi
hmGxpJegq1jfU2it64K8bxZdWT26BEfaueOoEKhGLhATJydKaWiSSjcDgykVNpfP
h7b7WDVolog0XRkHanBBu1V2L5v0jmEpfTSbhllFfEVFciGh68pers/yG7v0nksD
gO0ob1WkabGAL+pIZNEdQt2pzvyNjB28ZVFizcyAmqiwCP6oa44+gbiAjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE3BxAVhvm5HlvcFhk/jxOfar6gdMB8GA1UdIwQY
MBaAFNWvIMAm3hBNlvF6y69OeH750wIGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWE4Z3dDYmVFRTJXOFhyTHIwNTRmdm5UQWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8wOWQ3MmUtODI2Ny00MzkzLTgzNjMt
ODlmMTgxNWQ0YzE5LzEvMWE4Z3dDYmVFRTJXOFhyTHIwNTRmdm5UQWdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8wOWQ3MmUtODI2Ny00MzkzLTgzNjMtODlmMTgxNWQ0YzE5
LzEvMWE4Z3dDYmVFRTJXOFhyTHIwNTRmdm5UQWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA3pyUBmPx
hU5+z3v8WeebuNt0TJHqCsOjIIQbItw4P22RDrx44gA2C6SH7GO4hylE31/cscVZ
nyVpYnnWBQUhvs0AdyRJ2U7VcRIpnNDCPErjTg7appx9vcU3FtMkeOmAIHk3EdoE
GtS2YQt1pZIa7UV1atQOeJ3ZE60DXEsZhtjXGx66L2ur77W352EGfp+i2fGa/5Zr
IyWLVzUmScsmIJBWP5t0Lx1ssbwYJv+q1JGYqwNOZvo15Zhj9Nc9QLeuReyWpBsY
lXS26B68VKKi5J8b260P2lS3mUhN4UzDWZpZMvM4eEN6rYuiTCS12oPuccxgfIF2
sLI8xhR3MPxMzw==
-----END CERTIFICATE-----
Generated at Wed Apr 29 08:14:38 2026 by rpki-client