Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/415d4b-f7a6-49d6-a7ad-ddf0b8b09616/1/FLcYAN3cSX9g-e23gzyUlzq33Bw.mft
File: FLcYAN3cSX9g-e23gzyUlzq33Bw.mft (raw, json)
Hash identifier: NyaVAfnVsYQOKnGqtFWc7q1Fj42iua+5Yr6GKS7NOv4=
Subject key identifier: 5A:C9:1A:BB:4F:CE:7A:0E:F6:CD:EA:01:8B:31:10:4E:66:AA:3D:23
Authority key identifier: 14:B7:18:00:DD:DC:49:7F:60:F9:ED:B7:83:3C:94:97:3A:B7:DC:1C
Certificate issuer: /CN=14b71800dddc497f60f9edb7833c94973ab7dc1c
Certificate serial: 019DCFE2F9AF9D6358AA743878D6BFFA9BB9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FLcYAN3cSX9g-e23gzyUlzq33Bw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/415d4b-f7a6-49d6-a7ad-ddf0b8b09616/1/FLcYAN3cSX9g-e23gzyUlzq33Bw.mft
Manifest number: 17CA
Signing time: Mon 27 Apr 2026 17:00:51 +0000
Manifest this update: Mon 27 Apr 2026 17:00:51 +0000
Manifest next update: Tue 28 Apr 2026 17:00:51 +0000
Files and hashes: 1: CmtFVtO9hzZe40i8krBc2erjmj0.roa (hash: zXgMe4Op7B660E2hvvLX+Q3KPKDasJwTTDrEF1VufuM=)
2: FLcYAN3cSX9g-e23gzyUlzq33Bw.crl (hash: oZ2hFzvjgbXch6uR3MKIY1Vca710TVA44ho70VXQVhc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/415d4b-f7a6-49d6-a7ad-ddf0b8b09616/1/FLcYAN3cSX9g-e23gzyUlzq33Bw.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/415d4b-f7a6-49d6-a7ad-ddf0b8b09616/1/FLcYAN3cSX9g-e23gzyUlzq33Bw.mft
rsync://rpki.ripe.net/repository/DEFAULT/FLcYAN3cSX9g-e23gzyUlzq33Bw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 17:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cf:e2:f9:af:9d:63:58:aa:74:38:78:d6:bf:fa:9b:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14b71800dddc497f60f9edb7833c94973ab7dc1c
Validity
Not Before: Apr 27 17:00:51 2026 GMT
Not After : Apr 28 17:00:51 2026 GMT
Subject: CN=5ac91abb4fce7a0ef6cdea018b31104e66aa3d23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:49:4f:00:cb:1d:d8:4d:bf:43:4a:39:a5:a0:
a2:0a:ce:09:e2:7d:24:30:c1:a9:df:17:60:9b:ea:
0a:c9:ed:52:a4:0d:95:fa:06:dc:3d:68:4c:5a:19:
13:77:4b:a3:23:3d:f4:87:9d:6b:d2:0f:2a:81:89:
61:6b:45:74:46:b1:f0:ac:66:fa:56:c0:dc:0b:df:
04:64:d8:31:f1:e2:80:27:16:d8:d7:11:5a:4d:b5:
f3:4c:41:b8:5a:90:c1:a9:a4:85:69:19:81:c1:9b:
c9:b1:03:85:f5:28:11:93:33:34:5c:45:49:f7:16:
88:66:5d:98:8e:cd:06:13:b2:66:d5:b5:58:da:5a:
8d:15:57:d8:d7:0f:49:c9:84:3b:93:59:a4:74:2e:
12:b6:84:33:d3:4d:da:7f:0f:8e:1d:ce:b0:69:0c:
26:f2:d6:dd:d8:a5:8e:fb:24:b9:25:3f:a7:7f:ee:
df:ed:76:66:5f:31:05:9f:0a:c2:9d:f1:0e:17:76:
7f:05:13:b2:74:8f:7f:56:2e:7e:d2:4c:97:f5:62:
73:83:43:33:17:52:63:37:fd:76:4b:a2:2d:5d:bf:
b5:1d:39:87:76:07:cb:6d:2e:bd:1f:c1:08:35:c6:
47:a1:b3:6e:f8:52:04:28:79:9b:ba:df:c0:33:00:
1e:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:C9:1A:BB:4F:CE:7A:0E:F6:CD:EA:01:8B:31:10:4E:66:AA:3D:23
X509v3 Authority Key Identifier:
keyid:14:B7:18:00:DD:DC:49:7F:60:F9:ED:B7:83:3C:94:97:3A:B7:DC:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FLcYAN3cSX9g-e23gzyUlzq33Bw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/415d4b-f7a6-49d6-a7ad-ddf0b8b09616/1/FLcYAN3cSX9g-e23gzyUlzq33Bw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/415d4b-f7a6-49d6-a7ad-ddf0b8b09616/1/FLcYAN3cSX9g-e23gzyUlzq33Bw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bb:cb:d2:ec:41:35:6c:b6:0e:72:d4:0a:05:a9:cd:46:59:93:
6c:bb:31:c0:5f:3d:ba:8b:6e:bf:80:e9:8d:22:28:3d:64:71:
8b:bc:d1:c9:18:ad:b2:87:f0:61:17:0b:82:5e:62:c0:7e:b7:
3a:87:9b:40:20:05:35:13:af:b9:a2:5f:7b:70:b0:7f:1b:8c:
2d:0a:07:81:59:e8:9b:80:f7:48:fd:f8:ba:80:a5:16:17:7e:
d7:5d:16:ba:0f:c6:7b:b9:55:a4:49:5a:80:39:b8:71:58:80:
4d:2e:eb:ba:f8:a7:ea:31:08:fc:69:ce:3e:8e:7b:bf:e8:5e:
aa:c6:c9:6f:1d:0a:9f:a5:ca:db:8d:6a:f6:48:ed:21:7d:35:
15:5e:05:22:7a:64:ae:b5:02:40:8e:64:dd:bc:82:0c:d2:c7:
6f:68:22:c4:10:f0:11:05:82:fc:0f:b5:4c:b5:bc:c3:0b:c0:
fa:f7:63:08:11:e1:c5:20:52:54:76:93:b6:e0:3f:28:32:5a:
2b:18:1d:b0:f3:77:48:14:e0:19:aa:34:89:90:04:98:71:02:
f2:38:7f:41:a6:7b:14:f9:f8:d8:81:8e:2d:9b:3c:01:2e:8d:
a5:b4:93:16:bc:3c:2e:e2:22:99:98:bd:ae:b6:fc:fb:1f:40:
a4:ad:f9:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3P4vmvnWNYqnQ4eNa/+pu5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YjcxODAwZGRkYzQ5N2Y2MGY5ZWRiNzgzM2M5NDk3M2Fi
N2RjMWMwHhcNMjYwNDI3MTcwMDUxWhcNMjYwNDI4MTcwMDUxWjAzMTEwLwYDVQQD
Eyg1YWM5MWFiYjRmY2U3YTBlZjZjZGVhMDE4YjMxMTA0ZTY2YWEzZDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6UlPAMsd2E2/Q0o5paCiCs4J4n0k
MMGp3xdgm+oKye1SpA2V+gbcPWhMWhkTd0ujIz30h51r0g8qgYlha0V0RrHwrGb6
VsDcC98EZNgx8eKAJxbY1xFaTbXzTEG4WpDBqaSFaRmBwZvJsQOF9SgRkzM0XEVJ
9xaIZl2Yjs0GE7Jm1bVY2lqNFVfY1w9JyYQ7k1mkdC4StoQz003afw+OHc6waQwm
8tbd2KWO+yS5JT+nf+7f7XZmXzEFnwrCnfEOF3Z/BROydI9/Vi5+0kyX9WJzg0Mz
F1JjN/12S6ItXb+1HTmHdgfLbS69H8EINcZHobNu+FIEKHmbut/AMwAe/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFrJGrtPznoO9s3qAYsxEE5mqj0jMB8GA1UdIwQY
MBaAFBS3GADd3El/YPntt4M8lJc6t9wcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkxjWUFOM2NTWDlnLWUyM2d6eVVsenEzM0J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy80MTVkNGItZjdhNi00OWQ2LWE3YWQt
ZGRmMGI4YjA5NjE2LzEvRkxjWUFOM2NTWDlnLWUyM2d6eVVsenEzM0J3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy80MTVkNGItZjdhNi00OWQ2LWE3YWQtZGRmMGI4YjA5NjE2
LzEvRkxjWUFOM2NTWDlnLWUyM2d6eVVsenEzM0J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu8vS7EE1
bLYOctQKBanNRlmTbLsxwF89uotuv4DpjSIoPWRxi7zRyRitsofwYRcLgl5iwH63
OoebQCAFNROvuaJfe3CwfxuMLQoHgVnom4D3SP34uoClFhd+110Wug/Ge7lVpEla
gDm4cViATS7ruvin6jEI/GnOPo57v+heqsbJbx0Kn6XK241q9kjtIX01FV4FInpk
rrUCQI5k3byCDNLHb2gixBDwEQWC/A+1TLW8wwvA+vdjCBHhxSBSVHaTtuA/KDJa
KxgdsPN3SBTgGao0iZAEmHEC8jh/QaZ7FPn42IGOLZs8AS6NpbSTFrw8LuIimZi9
rrb8+x9ApK351g==
-----END CERTIFICATE-----
Generated at Mon Apr 27 21:05:34 2026 by rpki-client