Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
File: CY97o0vGVnvTYW1XT3KF3XVW2_0.mft (raw, json)
Hash identifier: B3Qt3iIKei/lSEJVRVGwv3awNFrM7rR0lFG50+pNn6g=
Subject key identifier: BC:19:35:D6:F7:8C:CB:79:B2:77:D7:B3:80:69:0F:1F:D2:E5:AD:15
Authority key identifier: 09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD
Certificate issuer: /CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
Certificate serial: 019DA641EE2413E41ECBB8140806671367A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
Manifest number: 0CE9
Signing time: Sun 19 Apr 2026 15:00:31 +0000
Manifest this update: Sun 19 Apr 2026 15:00:31 +0000
Manifest next update: Mon 20 Apr 2026 15:00:31 +0000
Files and hashes: 1: CY97o0vGVnvTYW1XT3KF3XVW2_0.crl (hash: boV4/llG9XtaayQu8x7u271p+uYQ24NLi3Y/n2z/n/g=)
2: IP0aVLnaY0te3-WRrsi7DFaXO_4.roa (hash: Xxny1qG2mRhaeS5oj19RU/vhLPgA+jSoozjn6tTTwWo=)
3: MWiV7graQLeuw4AYgJ4ZHIBAuZE.roa (hash: 5UScMx33ea6UI1n+yqJ+oTPgZkvCg216H08oUJCNoCY=)
4: d_rxJJRdc6lxglOZm6MPcxsRKVk.roa (hash: 09cxzd1TQUa9YcSDbUPMORsaaMIR6hUWI/wpDIjuvuY=)
5: earkCFjIv2or5fVmfCpyFBzbJ_0.roa (hash: dftgCu9tVXj4WgdmgDTiT0Fq8ps61PTLkvPOyslNpyo=)
6: h5YHyc0MmzGvq4YgXx8Mpbt82CY.roa (hash: hT18pU7cTeKJ68OyFrQNbEbvLKO/d8ePLsbG9hT8IJE=)
7: vv0I_9PClUpsKdM3Ws5mpj_Dbv0.roa (hash: Adx+Z7kMAGiZBllXqmWexxHoAMFVLGtlGl9lUzeKx9M=)
8: z5VJJncILn8SiX_0PBUpwSIBZR4.roa (hash: Ob/d4htJ7+Y8sve6AbDZ63e9bI8Fjky35VjD4Z3kSis=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 15:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a6:41:ee:24:13:e4:1e:cb:b8:14:08:06:67:13:67:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
Validity
Not Before: Apr 19 15:00:31 2026 GMT
Not After : Apr 20 15:00:31 2026 GMT
Subject: CN=bc1935d6f78ccb79b277d7b380690f1fd2e5ad15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c3:dd:bc:0b:6d:10:be:85:4d:33:87:42:3d:
8a:0d:ad:1a:89:dd:df:39:48:44:43:bc:ef:a7:35:
c4:29:07:d0:17:ba:20:c2:16:74:1a:d0:85:f5:c7:
d2:4e:ae:83:db:d9:c6:13:65:cf:42:62:96:14:35:
d9:ce:55:d4:f4:c1:fa:33:c7:5f:6e:6c:d0:9f:75:
78:53:37:da:60:c7:82:0a:bb:06:44:20:f4:a0:2d:
c9:ee:1c:47:62:3e:5f:28:3d:94:fd:81:97:3f:b7:
e1:2a:b1:d9:9a:54:aa:1d:d1:72:37:02:c8:d6:f9:
0a:0f:40:4c:03:41:d5:61:f5:6b:d2:24:a8:a8:25:
83:34:84:6e:2a:f1:4c:e8:ef:15:cc:a8:bb:10:ad:
36:a2:32:47:13:57:ca:6c:d7:7b:51:b1:0a:41:75:
73:05:90:3a:1e:e8:cf:15:27:2a:d2:d8:58:83:9a:
33:50:4f:3b:09:0b:37:b7:4f:58:e6:69:17:3e:3b:
ca:a5:f3:89:65:41:61:2e:f1:7d:6b:37:1f:e7:33:
67:a6:2e:00:4d:9e:3d:3d:94:f0:a7:e0:46:f3:07:
d9:91:a2:70:17:ee:8c:6e:dc:a3:31:57:67:77:65:
c0:f2:3c:f3:34:f0:25:ac:e8:b4:f6:a6:34:47:ac:
09:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:19:35:D6:F7:8C:CB:79:B2:77:D7:B3:80:69:0F:1F:D2:E5:AD:15
X509v3 Authority Key Identifier:
keyid:09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:be:f4:47:40:a5:72:9b:91:fd:c5:ca:b5:6c:dd:a4:90:60:
6e:33:c3:e7:a4:a4:f1:ba:30:7b:6b:fa:fb:15:f3:dc:ae:29:
ae:b9:11:7d:96:5d:8e:57:75:ae:d7:60:6e:52:6e:a5:b3:8f:
cf:53:0d:eb:66:b0:6d:9a:84:e7:33:bc:9d:b5:63:5a:9c:9a:
85:e6:63:8a:56:53:ba:c9:af:db:0b:00:20:12:e7:87:ad:9e:
15:f2:c9:5b:84:8b:e1:07:51:ad:f9:da:f9:4d:b7:93:97:ba:
13:02:e3:c8:66:9b:32:cf:62:cb:ff:28:90:8b:f1:8c:bb:ef:
7d:d4:26:de:c3:f5:f7:8e:6a:b5:80:1f:0c:f4:00:92:2e:ed:
98:88:ae:d5:3a:66:db:b5:51:fd:06:03:57:d4:60:e4:31:d4:
a2:5a:88:7a:c7:ca:d4:df:71:4a:3a:bb:98:be:9d:49:0e:6f:
e7:c4:88:29:bd:64:10:ac:b6:f2:17:40:23:08:f7:ab:0f:ce:
87:12:b7:e1:ba:fb:d1:d9:00:89:6c:29:76:dc:f1:aa:b5:96:
6f:27:a3:6b:e8:83:2a:fe:a5:8f:4a:a6:52:98:1c:46:38:e8:
f9:ec:4a:4c:bf:11:60:36:f3:eb:ce:a4:c2:ed:f2:1b:78:45:
2e:91:0e:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2mQe4kE+Qey7gUCAZnE2eiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OGY3YmEzNGJjNjU2N2JkMzYxNmQ1NzRmNzI4NWRkNzU1
NmRiZmQwHhcNMjYwNDE5MTUwMDMxWhcNMjYwNDIwMTUwMDMxWjAzMTEwLwYDVQQD
EyhiYzE5MzVkNmY3OGNjYjc5YjI3N2Q3YjM4MDY5MGYxZmQyZTVhZDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8PdvAttEL6FTTOHQj2KDa0aid3f
OUhEQ7zvpzXEKQfQF7ogwhZ0GtCF9cfSTq6D29nGE2XPQmKWFDXZzlXU9MH6M8df
bmzQn3V4UzfaYMeCCrsGRCD0oC3J7hxHYj5fKD2U/YGXP7fhKrHZmlSqHdFyNwLI
1vkKD0BMA0HVYfVr0iSoqCWDNIRuKvFM6O8VzKi7EK02ojJHE1fKbNd7UbEKQXVz
BZA6HujPFScq0thYg5ozUE87CQs3t09Y5mkXPjvKpfOJZUFhLvF9azcf5zNnpi4A
TZ49PZTwp+BG8wfZkaJwF+6MbtyjMVdnd2XA8jzzNPAlrOi09qY0R6wJdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLwZNdb3jMt5snfXs4BpDx/S5a0VMB8GA1UdIwQY
MBaAFAmPe6NLxlZ702FtV09yhd11Vtv9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMt
ZTIxNjZhZDc0ZTNmLzEvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMtZTIxNjZhZDc0ZTNm
LzEvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh770R0Cl
cpuR/cXKtWzdpJBgbjPD56Sk8bowe2v6+xXz3K4prrkRfZZdjld1rtdgblJupbOP
z1MN62awbZqE5zO8nbVjWpyaheZjilZTusmv2wsAIBLnh62eFfLJW4SL4QdRrfna
+U23k5e6EwLjyGabMs9iy/8okIvxjLvvfdQm3sP1945qtYAfDPQAki7tmIiu1Tpm
27VR/QYDV9Rg5DHUolqIesfK1N9xSjq7mL6dSQ5v58SIKb1kEKy28hdAIwj3qw/O
hxK34br70dkAiWwpdtzxqrWWbyeja+iDKv6lj0qmUpgcRjjo+exKTL8RYDbz686k
wu3yG3hFLpEOgw==
-----END CERTIFICATE-----
Generated at Mon Apr 20 00:09:27 2026 by rpki-client