Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/30b3ff-7036-4a2e-8eb5-074ffb423c13/1/sK0iZDwtl71x-LY0-40dT58B9Kc.mft
File: sK0iZDwtl71x-LY0-40dT58B9Kc.mft (raw, json)
Hash identifier: IkZFwfYMfvsYc/jnt3AQEI1PxV5FoQ2JxfRh423/WME=
Subject key identifier: 0A:04:5D:B1:29:F9:78:61:72:2D:0F:79:96:14:52:53:8F:4B:1A:FB
Authority key identifier: B0:AD:22:64:3C:2D:97:BD:71:F8:B6:34:FB:8D:1D:4F:9F:01:F4:A7
Certificate issuer: /CN=b0ad22643c2d97bd71f8b634fb8d1d4f9f01f4a7
Certificate serial: 019DCC3CE9D6783D6365E7B0B582D3254679
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sK0iZDwtl71x-LY0-40dT58B9Kc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/30b3ff-7036-4a2e-8eb5-074ffb423c13/1/sK0iZDwtl71x-LY0-40dT58B9Kc.mft
Manifest number: 133A
Signing time: Mon 27 Apr 2026 00:00:37 +0000
Manifest this update: Mon 27 Apr 2026 00:00:37 +0000
Manifest next update: Tue 28 Apr 2026 00:00:37 +0000
Files and hashes: 1: h3sE5dxGeAbRDxvt7OESDDknJfw.roa (hash: o8FzyZkryMLyMcYf+Zp1JhuP+yJeZt+99zqw52fdpd8=)
2: sK0iZDwtl71x-LY0-40dT58B9Kc.crl (hash: H82V1xazM+qWfLrL2uV5xMSze3y/cYRUBw940TO8WzA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/30b3ff-7036-4a2e-8eb5-074ffb423c13/1/sK0iZDwtl71x-LY0-40dT58B9Kc.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/30b3ff-7036-4a2e-8eb5-074ffb423c13/1/sK0iZDwtl71x-LY0-40dT58B9Kc.mft
rsync://rpki.ripe.net/repository/DEFAULT/sK0iZDwtl71x-LY0-40dT58B9Kc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 23:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cc:3c:e9:d6:78:3d:63:65:e7:b0:b5:82:d3:25:46:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0ad22643c2d97bd71f8b634fb8d1d4f9f01f4a7
Validity
Not Before: Apr 27 00:00:37 2026 GMT
Not After : Apr 28 00:00:37 2026 GMT
Subject: CN=0a045db129f97861722d0f79961452538f4b1afb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:20:fc:d9:61:76:c5:3a:03:12:da:26:e6:5d:
e4:20:09:30:91:a7:98:86:ef:22:c6:f9:bd:da:21:
56:d1:7f:a7:e5:84:c9:9b:c4:21:f8:5e:7d:e0:71:
21:51:8a:e3:ec:cc:53:ff:a8:a8:df:15:03:92:42:
32:c4:54:7d:84:94:da:1f:2f:7a:6a:7e:e1:fb:da:
4f:f4:73:be:04:5e:f3:36:18:06:5e:99:79:b3:18:
72:18:c0:2d:13:42:0c:7c:d7:e4:df:ea:f2:20:e7:
12:79:da:8c:75:68:89:b0:a2:a1:11:1e:68:35:ad:
e2:02:a3:ba:af:a9:a8:fa:0a:bc:80:8e:a3:17:c2:
77:0e:17:1d:f7:cf:97:fc:9b:06:38:2e:99:c0:f8:
31:0f:dc:9b:02:a1:05:63:ea:51:f5:9d:38:4e:a7:
1a:f3:99:09:dc:84:d3:b3:12:b0:33:87:40:bc:10:
da:80:49:66:fb:8e:59:3f:ca:74:61:50:b3:dd:9f:
27:b7:73:c1:91:4b:d1:81:9c:c0:55:0e:2b:4a:44:
ca:7f:7f:39:5f:20:be:fe:cb:6f:3b:b0:d3:60:84:
4d:de:a2:a4:69:0e:6a:ad:2e:a7:ae:5a:ad:04:01:
7a:6b:a6:c6:51:4e:de:ea:41:f3:bc:32:b2:bd:6a:
22:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:04:5D:B1:29:F9:78:61:72:2D:0F:79:96:14:52:53:8F:4B:1A:FB
X509v3 Authority Key Identifier:
keyid:B0:AD:22:64:3C:2D:97:BD:71:F8:B6:34:FB:8D:1D:4F:9F:01:F4:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sK0iZDwtl71x-LY0-40dT58B9Kc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/30b3ff-7036-4a2e-8eb5-074ffb423c13/1/sK0iZDwtl71x-LY0-40dT58B9Kc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/30b3ff-7036-4a2e-8eb5-074ffb423c13/1/sK0iZDwtl71x-LY0-40dT58B9Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
33:5c:ed:f3:11:f2:3f:e7:54:73:0e:65:44:e0:9c:8b:0f:15:
2d:cf:2c:7c:cc:38:90:73:f9:7a:c8:77:d9:51:1d:dd:f5:5e:
82:c7:e2:20:c3:45:4c:f4:72:85:ba:7d:f9:22:4b:c3:fc:b9:
1e:44:6e:1c:45:aa:23:69:e6:6b:e9:a2:75:75:a7:f1:5f:d3:
0a:a6:dc:5e:1d:72:1d:be:99:9b:b3:09:10:e4:19:60:93:11:
09:36:30:76:1a:f7:ff:43:49:6d:80:1b:d5:f4:96:c9:1f:13:
b4:29:d6:44:90:7e:98:0c:0d:9b:ed:0e:34:8b:e3:29:ea:ce:
6b:93:6f:1b:5e:09:64:74:c7:8a:1d:f4:67:70:0c:f8:c5:ed:
18:66:98:ba:35:9e:f1:02:cc:9d:49:e0:45:f2:13:7a:26:5a:
26:bc:75:32:75:0b:93:71:b9:b4:67:51:49:66:df:15:77:8f:
5b:04:cf:49:62:30:01:29:37:3e:25:f3:4c:6a:b9:21:32:d5:
eb:d6:cc:b1:d5:4f:bf:57:0a:53:47:29:15:11:c7:70:38:29:
e7:b3:c0:81:62:0e:88:3e:ae:5c:a9:06:ff:40:a8:85:1c:38:
e6:57:84:17:2d:7e:b5:df:45:a1:28:3a:3a:57:11:47:89:e5:
11:fc:e9:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3MPOnWeD1jZeewtYLTJUZ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYWQyMjY0M2MyZDk3YmQ3MWY4YjYzNGZiOGQxZDRmOWYw
MWY0YTcwHhcNMjYwNDI3MDAwMDM3WhcNMjYwNDI4MDAwMDM3WjAzMTEwLwYDVQQD
EygwYTA0NWRiMTI5Zjk3ODYxNzIyZDBmNzk5NjE0NTI1MzhmNGIxYWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSD82WF2xToDEtom5l3kIAkwkaeY
hu8ixvm92iFW0X+n5YTJm8Qh+F594HEhUYrj7MxT/6io3xUDkkIyxFR9hJTaHy96
an7h+9pP9HO+BF7zNhgGXpl5sxhyGMAtE0IMfNfk3+ryIOcSedqMdWiJsKKhER5o
Na3iAqO6r6mo+gq8gI6jF8J3Dhcd98+X/JsGOC6ZwPgxD9ybAqEFY+pR9Z04Tqca
85kJ3ITTsxKwM4dAvBDagElm+45ZP8p0YVCz3Z8nt3PBkUvRgZzAVQ4rSkTKf385
XyC+/stvO7DTYIRN3qKkaQ5qrS6nrlqtBAF6a6bGUU7e6kHzvDKyvWoiRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAoEXbEp+Xhhci0PeZYUUlOPSxr7MB8GA1UdIwQY
MBaAFLCtImQ8LZe9cfi2NPuNHU+fAfSnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0swaVpEd3RsNzF4LUxZMC00MGRUNThCOUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8zMGIzZmYtNzAzNi00YTJlLThlYjUt
MDc0ZmZiNDIzYzEzLzEvc0swaVpEd3RsNzF4LUxZMC00MGRUNThCOUtjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8zMGIzZmYtNzAzNi00YTJlLThlYjUtMDc0ZmZiNDIzYzEz
LzEvc0swaVpEd3RsNzF4LUxZMC00MGRUNThCOUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM1zt8xHy
P+dUcw5lROCciw8VLc8sfMw4kHP5esh32VEd3fVegsfiIMNFTPRyhbp9+SJLw/y5
HkRuHEWqI2nma+midXWn8V/TCqbcXh1yHb6Zm7MJEOQZYJMRCTYwdhr3/0NJbYAb
1fSWyR8TtCnWRJB+mAwNm+0ONIvjKerOa5NvG14JZHTHih30Z3AM+MXtGGaYujWe
8QLMnUngRfITeiZaJrx1MnULk3G5tGdRSWbfFXePWwTPSWIwASk3PiXzTGq5ITLV
69bMsdVPv1cKU0cpFRHHcDgp57PAgWIOiD6uXKkG/0CohRw45leEFy1+td9FoSg6
OlcRR4nlEfzpNA==
-----END CERTIFICATE-----
Generated at Mon Apr 27 04:16:58 2026 by rpki-client