Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/0df28d-924d-4b4e-94b8-824ffc6942f4/1/1onLcYkcbZS9nm8U8W5-N8LHKL8.mft
File: 1onLcYkcbZS9nm8U8W5-N8LHKL8.mft (raw, json)
Hash identifier: 8ed5F9lGoFqbDix99wDxPFZRq5NEFMchODpcZh+gTdM=
Subject key identifier: 72:C1:E4:22:5A:6D:44:D0:93:9C:4E:7F:10:EF:4F:CA:CD:1A:4A:A6
Authority key identifier: D6:89:CB:71:89:1C:6D:94:BD:9E:6F:14:F1:6E:7E:37:C2:C7:28:BF
Certificate issuer: /CN=d689cb71891c6d94bd9e6f14f16e7e37c2c728bf
Certificate serial: 019DFFBDB612BC2076F4C0219F2CCF1133A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1onLcYkcbZS9nm8U8W5-N8LHKL8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/0df28d-924d-4b4e-94b8-824ffc6942f4/1/1onLcYkcbZS9nm8U8W5-N8LHKL8.mft
Manifest number: 06AC
Signing time: Thu 07 May 2026 00:01:55 +0000
Manifest this update: Thu 07 May 2026 00:01:55 +0000
Manifest next update: Fri 08 May 2026 00:01:55 +0000
Files and hashes: 1: 1onLcYkcbZS9nm8U8W5-N8LHKL8.crl (hash: XmUz22tAD7XdefxVY5jNqx2dq9bBvEOLR6nU8Yee2Qw=)
2: A1S7zaMW03197K0PFUGmkuS6qHc.roa (hash: P0RbhOWnYpuPcWIDbY8PS2tuKH+AkCqge3UmcT8QPYg=)
3: HcWgx2MiMP_xtGT9IucxolgQeIY.roa (hash: rcEUsMaoUm7Xd2I+QLC1mGGbjcwOScogc6eZLbEfymQ=)
4: iTT1Go78g5owZfyu9ktxbP5JHAk.roa (hash: Qjj93lcgSQbKTpiPRrMG7KIy0uRqncRntlD8V9IPje4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/0df28d-924d-4b4e-94b8-824ffc6942f4/1/1onLcYkcbZS9nm8U8W5-N8LHKL8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/0df28d-924d-4b4e-94b8-824ffc6942f4/1/1onLcYkcbZS9nm8U8W5-N8LHKL8.mft
rsync://rpki.ripe.net/repository/DEFAULT/1onLcYkcbZS9nm8U8W5-N8LHKL8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 May 2026 21:44:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ff:bd:b6:12:bc:20:76:f4:c0:21:9f:2c:cf:11:33:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d689cb71891c6d94bd9e6f14f16e7e37c2c728bf
Validity
Not Before: May 7 00:01:55 2026 GMT
Not After : May 8 00:01:55 2026 GMT
Subject: CN=72c1e4225a6d44d0939c4e7f10ef4fcacd1a4aa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d7:9c:0e:ef:f1:7e:3f:ce:d1:b2:db:06:e1:
5c:88:b1:0a:78:41:a9:a6:10:9c:bb:7e:55:68:1b:
42:b3:2d:a3:1e:ee:ed:8f:ac:a6:22:f0:bb:63:70:
fb:6d:e8:ee:fa:98:29:8a:09:fe:0b:aa:28:81:81:
f9:a1:e2:54:ca:c9:fa:b8:db:73:b1:52:71:bd:01:
96:d2:b3:a1:66:a7:a5:e4:5d:48:e9:3f:3b:1d:d5:
3b:71:b3:f1:08:0a:89:c1:34:e7:e7:93:0c:3f:53:
d5:4e:1c:47:9b:3f:fe:e6:75:8a:d9:03:d1:62:a0:
eb:e8:b9:99:09:64:02:8f:d1:17:84:cd:bc:a1:21:
f0:6c:48:49:70:d9:2a:1f:4b:32:50:05:d9:c2:c8:
3f:3b:c8:7b:1e:2d:a4:49:2e:4c:96:c4:4e:93:25:
0a:f9:3c:e0:55:50:d8:7b:b9:2d:fc:76:66:96:f3:
f2:cb:1c:64:46:a2:c3:ce:74:92:c3:3d:56:2f:7b:
2c:b1:78:53:18:4a:b3:49:de:04:4e:20:72:97:59:
f6:7f:62:da:db:5e:0c:fd:5d:92:ae:3b:9d:e0:78:
eb:fc:75:ad:58:3c:33:53:1f:e1:81:3d:41:d4:54:
5e:64:1f:38:14:b4:24:73:ae:77:fe:98:1c:76:9a:
53:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:C1:E4:22:5A:6D:44:D0:93:9C:4E:7F:10:EF:4F:CA:CD:1A:4A:A6
X509v3 Authority Key Identifier:
keyid:D6:89:CB:71:89:1C:6D:94:BD:9E:6F:14:F1:6E:7E:37:C2:C7:28:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1onLcYkcbZS9nm8U8W5-N8LHKL8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/0df28d-924d-4b4e-94b8-824ffc6942f4/1/1onLcYkcbZS9nm8U8W5-N8LHKL8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/0df28d-924d-4b4e-94b8-824ffc6942f4/1/1onLcYkcbZS9nm8U8W5-N8LHKL8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2d:fd:6f:33:68:bb:e8:ce:5a:91:19:ed:f3:63:d4:2d:35:a8:
3b:fc:83:3b:63:ca:17:6f:fa:0a:97:69:a6:36:ad:27:74:b9:
64:76:6a:80:47:6d:33:6a:fa:46:fd:aa:02:eb:43:23:f9:e5:
54:36:c9:b2:87:d1:4d:73:c6:2c:2b:77:2f:73:cf:ee:34:b6:
33:dd:30:70:55:44:80:5d:7a:3c:c1:1c:60:18:f9:9b:c3:f4:
4f:5b:ce:2b:ee:62:8c:04:f9:90:a1:3f:ca:53:63:b2:c6:27:
de:18:a9:7b:03:c2:ae:3c:b0:07:34:39:e8:30:15:0a:2c:7f:
78:44:7f:7e:e7:89:da:4b:df:91:86:8d:43:5c:60:53:b4:4c:
e5:4a:b7:ae:73:1e:41:a8:cc:ce:d7:b8:5c:ff:80:5c:61:1d:
ae:7c:9b:ee:46:84:e5:79:46:5c:d3:91:da:97:3d:c6:e6:f3:
d9:5c:f8:38:ae:ea:8e:08:0b:ba:ce:82:06:d3:1b:5f:27:42:
74:eb:dd:18:e0:f9:2c:13:82:2a:9a:46:d7:4a:82:6f:54:24:
d6:b2:4b:f5:4e:d5:4c:c6:4c:5c:24:ef:2e:7b:e4:05:75:4c:
32:f2:61:35:f2:cb:7e:0a:c0:24:22:c9:c2:a7:d4:0d:3b:e0:
fe:0d:4c:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3/vbYSvCB29MAhnyzPETOpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ODljYjcxODkxYzZkOTRiZDllNmYxNGYxNmU3ZTM3YzJj
NzI4YmYwHhcNMjYwNTA3MDAwMTU1WhcNMjYwNTA4MDAwMTU1WjAzMTEwLwYDVQQD
Eyg3MmMxZTQyMjVhNmQ0NGQwOTM5YzRlN2YxMGVmNGZjYWNkMWE0YWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9ecDu/xfj/O0bLbBuFciLEKeEGp
phCcu35VaBtCsy2jHu7tj6ymIvC7Y3D7beju+pgpign+C6oogYH5oeJUysn6uNtz
sVJxvQGW0rOhZqel5F1I6T87HdU7cbPxCAqJwTTn55MMP1PVThxHmz/+5nWK2QPR
YqDr6LmZCWQCj9EXhM28oSHwbEhJcNkqH0syUAXZwsg/O8h7Hi2kSS5MlsROkyUK
+TzgVVDYe7kt/HZmlvPyyxxkRqLDznSSwz1WL3sssXhTGEqzSd4ETiByl1n2f2La
214M/V2Srjud4Hjr/HWtWDwzUx/hgT1B1FReZB84FLQkc653/pgcdppTCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHLB5CJabUTQk5xOfxDvT8rNGkqmMB8GA1UdIwQY
MBaAFNaJy3GJHG2UvZ5vFPFufjfCxyi/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMW9uTGNZa2NiWlM5bm04VThXNS1OOExIS0w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8wZGYyOGQtOTI0ZC00YjRlLTk0Yjgt
ODI0ZmZjNjk0MmY0LzEvMW9uTGNZa2NiWlM5bm04VThXNS1OOExIS0w4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8wZGYyOGQtOTI0ZC00YjRlLTk0YjgtODI0ZmZjNjk0MmY0
LzEvMW9uTGNZa2NiWlM5bm04VThXNS1OOExIS0w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALf1vM2i7
6M5akRnt82PULTWoO/yDO2PKF2/6CpdppjatJ3S5ZHZqgEdtM2r6Rv2qAutDI/nl
VDbJsofRTXPGLCt3L3PP7jS2M90wcFVEgF16PMEcYBj5m8P0T1vOK+5ijAT5kKE/
ylNjssYn3hipewPCrjywBzQ56DAVCix/eER/fueJ2kvfkYaNQ1xgU7RM5Uq3rnMe
QajMzte4XP+AXGEdrnyb7kaE5XlGXNOR2pc9xubz2Vz4OK7qjggLus6CBtMbXydC
dOvdGOD5LBOCKppG10qCb1Qk1rJL9U7VTMZMXCTvLnvkBXVMMvJhNfLLfgrAJCLJ
wqfUDTvg/g1Mkw==
-----END CERTIFICATE-----
Generated at Thu May 7 03:56:47 2026 by rpki-client