Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
File: CY97o0vGVnvTYW1XT3KF3XVW2_0.mft (raw, json)
Hash identifier: xWiiLTvh0iA5LeMz345/rRo1iJZxSJh0N49J4PZQT7c=
Subject key identifier: 76:BC:03:13:D4:32:99:10:84:B4:66:51:A9:24:DE:03:CF:94:1D:1C
Authority key identifier: 09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD
Certificate issuer: /CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
Certificate serial: 019D7DB3CC06F3414846CAB342682FDD7206
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
Manifest number: 0CD4
Signing time: Sat 11 Apr 2026 18:00:28 +0000
Manifest this update: Sat 11 Apr 2026 18:00:28 +0000
Manifest next update: Sun 12 Apr 2026 18:00:28 +0000
Files and hashes: 1: CY97o0vGVnvTYW1XT3KF3XVW2_0.crl (hash: 6yBZXkT5ADflIq6j6jQrwVQq/V3NOPL9vlajcTa2NhY=)
2: IP0aVLnaY0te3-WRrsi7DFaXO_4.roa (hash: Xxny1qG2mRhaeS5oj19RU/vhLPgA+jSoozjn6tTTwWo=)
3: MWiV7graQLeuw4AYgJ4ZHIBAuZE.roa (hash: 5UScMx33ea6UI1n+yqJ+oTPgZkvCg216H08oUJCNoCY=)
4: d_rxJJRdc6lxglOZm6MPcxsRKVk.roa (hash: 09cxzd1TQUa9YcSDbUPMORsaaMIR6hUWI/wpDIjuvuY=)
5: earkCFjIv2or5fVmfCpyFBzbJ_0.roa (hash: dftgCu9tVXj4WgdmgDTiT0Fq8ps61PTLkvPOyslNpyo=)
6: h5YHyc0MmzGvq4YgXx8Mpbt82CY.roa (hash: hT18pU7cTeKJ68OyFrQNbEbvLKO/d8ePLsbG9hT8IJE=)
7: vv0I_9PClUpsKdM3Ws5mpj_Dbv0.roa (hash: Adx+Z7kMAGiZBllXqmWexxHoAMFVLGtlGl9lUzeKx9M=)
8: z5VJJncILn8SiX_0PBUpwSIBZR4.roa (hash: Ob/d4htJ7+Y8sve6AbDZ63e9bI8Fjky35VjD4Z3kSis=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 Apr 2026 18:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:7d:b3:cc:06:f3:41:48:46:ca:b3:42:68:2f:dd:72:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
Validity
Not Before: Apr 11 18:00:28 2026 GMT
Not After : Apr 12 18:00:28 2026 GMT
Subject: CN=76bc0313d432991084b46651a924de03cf941d1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:21:4d:11:89:c5:00:c3:5c:e3:75:98:66:14:
25:ee:55:37:ac:2f:b0:30:4c:84:1d:e0:23:10:15:
26:a0:72:7e:e4:36:fc:40:da:e6:85:48:31:74:86:
7c:24:52:46:42:db:1d:7f:80:6f:72:f8:8f:4b:e5:
79:93:77:b0:7b:39:93:19:40:40:c8:22:a1:8b:d4:
d4:d2:a5:3a:7c:85:7f:20:5f:0e:e2:7a:b9:a9:cc:
0b:39:fc:ce:ca:41:60:47:8b:a3:ff:8d:8f:fa:f3:
1e:ed:fa:27:31:e3:1a:5c:22:9d:a8:69:c0:8a:ad:
fb:17:54:65:1e:86:78:3e:f2:9f:5f:31:d2:d7:7d:
49:5a:d4:36:c8:60:26:5f:fb:5c:0a:c7:3d:e7:27:
cf:17:65:ba:bd:e8:9b:cb:20:42:1d:6f:19:c9:33:
51:95:b0:82:9b:c7:c3:4c:cf:42:fc:c8:d5:ee:19:
5d:fb:a3:4d:8d:ac:e6:14:7b:78:56:64:b0:e3:cf:
95:cd:70:9c:01:b9:87:a3:d3:b3:30:97:bd:3a:da:
58:80:f2:71:62:55:de:6a:d3:2a:40:3a:ce:6e:e5:
9c:0a:f1:86:3c:60:48:a4:2b:2b:35:d6:14:0b:2d:
93:e4:e8:a3:46:73:08:5c:f1:a0:0a:7e:59:53:6e:
3a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:BC:03:13:D4:32:99:10:84:B4:66:51:A9:24:DE:03:CF:94:1D:1C
X509v3 Authority Key Identifier:
keyid:09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1d:73:a7:36:91:a3:8e:63:a8:d6:71:c2:6a:2c:61:a5:e6:3f:
db:c2:af:49:f2:22:69:6a:a9:06:22:55:67:c1:df:88:11:3c:
e2:78:99:f4:d4:d5:32:46:3d:83:f1:77:7e:73:ba:6e:bd:98:
c9:46:04:a8:a0:9d:c7:71:d9:06:d3:29:f4:d2:2e:2a:eb:43:
2f:8f:a6:1e:f5:d9:e3:fd:4f:2d:10:9f:4a:fd:e9:1c:e2:85:
e8:38:af:6e:74:0b:90:05:f3:51:c3:f4:ff:55:f0:f8:a4:3d:
8e:29:57:10:b5:8e:24:3c:bd:94:1e:91:6a:ab:56:7e:e8:f8:
7d:c0:3d:21:51:2f:20:16:e2:e5:a2:19:50:b0:90:e0:94:22:
04:70:86:31:7c:07:1f:49:b1:18:8b:c9:f9:15:f8:9b:19:29:
c0:04:3f:6d:6b:08:c1:7b:3c:b8:19:cb:25:48:4d:4c:e4:85:
ef:d7:9a:c2:a9:82:cf:bc:ff:99:c7:8d:02:f8:8e:3e:47:1f:
45:c9:fd:14:56:e0:ec:92:55:5d:bd:54:6d:ed:43:86:80:6f:
12:9a:91:e9:5d:7a:d9:53:54:b6:13:bd:67:6f:ca:cc:62:65:
94:44:05:8b:bc:5c:fa:41:48:3d:1d:97:96:ba:07:38:22:77:
f2:f8:0f:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ19s8wG80FIRsqzQmgv3XIGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OGY3YmEzNGJjNjU2N2JkMzYxNmQ1NzRmNzI4NWRkNzU1
NmRiZmQwHhcNMjYwNDExMTgwMDI4WhcNMjYwNDEyMTgwMDI4WjAzMTEwLwYDVQQD
Eyg3NmJjMDMxM2Q0MzI5OTEwODRiNDY2NTFhOTI0ZGUwM2NmOTQxZDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyFNEYnFAMNc43WYZhQl7lU3rC+w
MEyEHeAjEBUmoHJ+5Db8QNrmhUgxdIZ8JFJGQtsdf4BvcviPS+V5k3ewezmTGUBA
yCKhi9TU0qU6fIV/IF8O4nq5qcwLOfzOykFgR4uj/42P+vMe7fonMeMaXCKdqGnA
iq37F1RlHoZ4PvKfXzHS131JWtQ2yGAmX/tcCsc95yfPF2W6veibyyBCHW8ZyTNR
lbCCm8fDTM9C/MjV7hld+6NNjazmFHt4VmSw48+VzXCcAbmHo9OzMJe9OtpYgPJx
YlXeatMqQDrObuWcCvGGPGBIpCsrNdYUCy2T5OijRnMIXPGgCn5ZU246hwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHa8AxPUMpkQhLRmUakk3gPPlB0cMB8GA1UdIwQY
MBaAFAmPe6NLxlZ702FtV09yhd11Vtv9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMt
ZTIxNjZhZDc0ZTNmLzEvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMtZTIxNjZhZDc0ZTNm
LzEvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHXOnNpGj
jmOo1nHCaixhpeY/28KvSfIiaWqpBiJVZ8HfiBE84niZ9NTVMkY9g/F3fnO6br2Y
yUYEqKCdx3HZBtMp9NIuKutDL4+mHvXZ4/1PLRCfSv3pHOKF6DivbnQLkAXzUcP0
/1Xw+KQ9jilXELWOJDy9lB6RaqtWfuj4fcA9IVEvIBbi5aIZULCQ4JQiBHCGMXwH
H0mxGIvJ+RX4mxkpwAQ/bWsIwXs8uBnLJUhNTOSF79eawqmCz7z/mceNAviOPkcf
Rcn9FFbg7JJVXb1Ube1DhoBvEpqR6V162VNUthO9Z2/KzGJllEQFi7xc+kFIPR2X
lroHOCJ38vgPwA==
-----END CERTIFICATE-----
Generated at Sat Apr 11 23:49:44 2026 by rpki-client