Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/3084de-b159-4e54-9ed7-42d67840944d/1/DyKg7jvG4y2JLt3iV8u3mRefLNY.mft
File: DyKg7jvG4y2JLt3iV8u3mRefLNY.mft (raw, json)
Hash identifier: 92EPO0rR8vZ6JFBPOVfPGljd86miycg/viUO5ZOzZUM=
Subject key identifier: 47:2E:2F:AB:5C:EC:C0:A0:84:AF:D1:54:AA:B9:0C:B2:61:E0:64:52
Authority key identifier: 0F:22:A0:EE:3B:C6:E3:2D:89:2E:DD:E2:57:CB:B7:99:17:9F:2C:D6
Certificate issuer: /CN=0f22a0ee3bc6e32d892edde257cbb799179f2cd6
Certificate serial: 019F18D6DA7409A36F6A27FFC2F88A149D2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DyKg7jvG4y2JLt3iV8u3mRefLNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/3084de-b159-4e54-9ed7-42d67840944d/1/DyKg7jvG4y2JLt3iV8u3mRefLNY.mft
Manifest number: 0AF3
Signing time: Tue 30 Jun 2026 14:02:41 +0000
Manifest this update: Tue 30 Jun 2026 14:02:41 +0000
Manifest next update: Wed 01 Jul 2026 14:02:41 +0000
Files and hashes: 1: 6anxR7oWcscDd04QL41XaD9H2mI.roa (hash: HOaKAJ+9l8ZBJN2kLFM0Go13VYLLmXxM5vLOU8G4dHg=)
2: DyKg7jvG4y2JLt3iV8u3mRefLNY.crl (hash: 158RpmSz0jQ6v/vFJfrLSVJ8zTzgoUv1n2xZnsTcni8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/3084de-b159-4e54-9ed7-42d67840944d/1/DyKg7jvG4y2JLt3iV8u3mRefLNY.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/3084de-b159-4e54-9ed7-42d67840944d/1/DyKg7jvG4y2JLt3iV8u3mRefLNY.mft
rsync://rpki.ripe.net/repository/DEFAULT/DyKg7jvG4y2JLt3iV8u3mRefLNY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 14:02:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:18:d6:da:74:09:a3:6f:6a:27:ff:c2:f8:8a:14:9d:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f22a0ee3bc6e32d892edde257cbb799179f2cd6
Validity
Not Before: Jun 30 14:02:41 2026 GMT
Not After : Jul 1 14:02:41 2026 GMT
Subject: CN=472e2fab5cecc0a084afd154aab90cb261e06452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:1f:5d:8d:44:10:a1:6d:a1:bd:79:17:29:37:
be:3c:17:33:3d:78:4e:07:b1:0a:c3:39:28:50:5e:
e4:a4:06:b4:92:db:dd:0d:d8:43:e1:1e:8e:2e:fc:
5f:88:39:3b:e7:ba:62:80:3b:b4:b2:30:d9:b9:4e:
df:f0:4c:d9:be:53:c3:9a:34:0c:7c:56:4a:49:4a:
bb:bf:14:5c:87:ca:dc:18:c5:4c:d8:6f:10:ab:4e:
a5:60:c7:19:7f:f8:75:10:bb:fb:75:a5:0a:70:7d:
9e:d7:af:ee:21:64:90:29:57:0a:3c:88:d7:ee:55:
2c:2f:ea:0b:50:d2:52:70:74:92:98:76:33:c3:4a:
40:94:fa:8c:42:87:62:ea:e4:ed:c7:55:76:e2:9b:
e5:85:bd:9a:91:67:64:e7:ca:cd:a4:d2:c2:83:03:
33:0b:a4:de:80:9d:01:8d:44:51:a4:89:dc:78:22:
e4:d9:b2:f4:1f:3e:bd:ba:8e:21:9a:b0:87:52:17:
a3:16:73:66:5f:be:1b:b4:26:b2:41:f9:9a:9f:09:
53:c8:d5:0a:09:42:87:72:64:4b:dd:7b:e4:63:05:
2c:6c:25:6a:22:7c:56:e9:5e:3d:45:a6:b3:33:09:
75:8a:4f:d4:eb:51:61:c4:3a:27:35:b4:e4:47:d2:
55:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:2E:2F:AB:5C:EC:C0:A0:84:AF:D1:54:AA:B9:0C:B2:61:E0:64:52
X509v3 Authority Key Identifier:
keyid:0F:22:A0:EE:3B:C6:E3:2D:89:2E:DD:E2:57:CB:B7:99:17:9F:2C:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DyKg7jvG4y2JLt3iV8u3mRefLNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/3084de-b159-4e54-9ed7-42d67840944d/1/DyKg7jvG4y2JLt3iV8u3mRefLNY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/3084de-b159-4e54-9ed7-42d67840944d/1/DyKg7jvG4y2JLt3iV8u3mRefLNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5c:48:f3:22:cc:26:c9:53:a6:6d:57:d2:20:cd:3a:3e:12:af:
68:16:fe:d5:81:d7:f8:99:34:d5:b2:ad:bf:6e:24:4e:ae:eb:
ca:40:b2:a2:a8:1e:f1:d6:bb:62:08:33:ea:21:ef:71:ff:69:
b2:48:60:69:7d:f2:65:80:8b:70:29:9e:55:33:88:1f:1b:cf:
8e:db:ad:7c:76:4e:a6:90:04:1a:33:c5:0a:36:cb:44:9a:e2:
bc:02:93:4e:96:ae:b0:c1:57:90:ac:70:90:9f:4e:d0:93:d3:
10:f1:b2:19:da:1e:32:4c:f1:d2:8a:3f:2b:d8:16:3c:5e:42:
31:bb:21:8e:22:48:b1:d6:88:00:9f:66:80:55:94:ba:4b:92:
ce:bf:00:21:66:dc:15:b5:8f:70:10:fd:29:94:61:7e:27:81:
fc:83:76:a7:6d:bf:c4:a5:f1:24:23:82:cc:1e:f5:20:50:17:
8a:1b:93:b1:78:2d:85:83:58:79:87:9a:08:6f:30:c6:2c:ba:
0c:7c:07:29:52:fd:1f:69:09:04:dc:c0:b3:7a:7b:00:2e:11:
50:d3:14:e0:1c:23:1c:18:49:1a:6a:9c:5a:86:2b:e8:0b:da:
63:4e:df:5e:32:1c:40:25:02:cb:ad:15:c6:87:9c:b8:ac:df:
25:5b:1d:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8Y1tp0CaNvaif/wviKFJ0rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMjJhMGVlM2JjNmUzMmQ4OTJlZGRlMjU3Y2JiNzk5MTc5
ZjJjZDYwHhcNMjYwNjMwMTQwMjQxWhcNMjYwNzAxMTQwMjQxWjAzMTEwLwYDVQQD
Eyg0NzJlMmZhYjVjZWNjMGEwODRhZmQxNTRhYWI5MGNiMjYxZTA2NDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvh9djUQQoW2hvXkXKTe+PBczPXhO
B7EKwzkoUF7kpAa0ktvdDdhD4R6OLvxfiDk757pigDu0sjDZuU7f8EzZvlPDmjQM
fFZKSUq7vxRch8rcGMVM2G8Qq06lYMcZf/h1ELv7daUKcH2e16/uIWSQKVcKPIjX
7lUsL+oLUNJScHSSmHYzw0pAlPqMQodi6uTtx1V24pvlhb2akWdk58rNpNLCgwMz
C6TegJ0BjURRpInceCLk2bL0Hz69uo4hmrCHUhejFnNmX74btCayQfmanwlTyNUK
CUKHcmRL3XvkYwUsbCVqInxW6V49RaazMwl1ik/U61FhxDonNbTkR9JVewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEcuL6tc7MCghK/RVKq5DLJh4GRSMB8GA1UdIwQY
MBaAFA8ioO47xuMtiS7d4lfLt5kXnyzWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHlLZzdqdkc0eTJKTHQzaVY4dTNtUmVmTE5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8zMDg0ZGUtYjE1OS00ZTU0LTllZDct
NDJkNjc4NDA5NDRkLzEvRHlLZzdqdkc0eTJKTHQzaVY4dTNtUmVmTE5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy8zMDg0ZGUtYjE1OS00ZTU0LTllZDctNDJkNjc4NDA5NDRk
LzEvRHlLZzdqdkc0eTJKTHQzaVY4dTNtUmVmTE5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXEjzIswm
yVOmbVfSIM06PhKvaBb+1YHX+Jk01bKtv24kTq7rykCyoqge8da7Yggz6iHvcf9p
skhgaX3yZYCLcCmeVTOIHxvPjtutfHZOppAEGjPFCjbLRJrivAKTTpausMFXkKxw
kJ9O0JPTEPGyGdoeMkzx0oo/K9gWPF5CMbshjiJIsdaIAJ9mgFWUukuSzr8AIWbc
FbWPcBD9KZRhfieB/IN2p22/xKXxJCOCzB71IFAXihuTsXgthYNYeYeaCG8wxiy6
DHwHKVL9H2kJBNzAs3p7AC4RUNMU4BwjHBhJGmqcWoYr6AvaY07fXjIcQCUCy60V
xoecuKzfJVsdGg==
-----END CERTIFICATE-----
Generated at Tue Jun 30 18:24:35 2026 by rpki-client