Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/1e7c48-f8c2-4679-b771-46ca26aff545/1/sFcIRcI56ZkcibxcUEMekIeGDE0.mft
File: sFcIRcI56ZkcibxcUEMekIeGDE0.mft (raw, json)
Hash identifier: xKY0CrookysjKwV11L9k9goNSFXkTZsUJQy68H91Rug=
Subject key identifier: 86:5D:B9:95:21:6A:85:EC:E7:B9:AD:F9:BA:F9:5B:DA:84:7A:FD:FA
Authority key identifier: B0:57:08:45:C2:39:E9:99:1C:89:BC:5C:50:43:1E:90:87:86:0C:4D
Certificate issuer: /CN=b0570845c239e9991c89bc5c50431e9087860c4d
Certificate serial: 019E295DA051C1DA3602D0B976B02DD91579
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sFcIRcI56ZkcibxcUEMekIeGDE0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/1e7c48-f8c2-4679-b771-46ca26aff545/1/sFcIRcI56ZkcibxcUEMekIeGDE0.mft
Manifest number: 0391
Signing time: Fri 15 May 2026 02:01:02 +0000
Manifest this update: Fri 15 May 2026 02:01:02 +0000
Manifest next update: Sat 16 May 2026 02:01:02 +0000
Files and hashes: 1: 4aIPGA9JRPxEK7I9L95ryY2K9TY.asa (hash: 9bKlD90E7ui2k15WwWPJTwc0RviRRCniPkaRGNo+4k8=)
2: bj-eKZEWwgbFrSRYLRr_CuFuTtU.roa (hash: h33I7T9Mz8kSS3GjVd4AzAlJFMkoqssxIF1o4jIxuts=)
3: sFcIRcI56ZkcibxcUEMekIeGDE0.crl (hash: bLSQNtcQy7kttkRIeGCCxaG4PfEzk/eUs62Ihg01gFI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/1e7c48-f8c2-4679-b771-46ca26aff545/1/sFcIRcI56ZkcibxcUEMekIeGDE0.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/1e7c48-f8c2-4679-b771-46ca26aff545/1/sFcIRcI56ZkcibxcUEMekIeGDE0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sFcIRcI56ZkcibxcUEMekIeGDE0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 16 May 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:29:5d:a0:51:c1:da:36:02:d0:b9:76:b0:2d:d9:15:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0570845c239e9991c89bc5c50431e9087860c4d
Validity
Not Before: May 15 02:01:02 2026 GMT
Not After : May 16 02:01:02 2026 GMT
Subject: CN=865db995216a85ece7b9adf9baf95bda847afdfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:84:20:2d:c9:91:74:53:6e:19:b3:00:87:62:
94:65:e5:5b:d2:f0:bc:43:a2:0a:66:ee:5d:43:f7:
17:92:8b:8c:44:e6:be:5c:ca:08:f3:60:a0:3a:04:
03:93:cf:ab:33:dd:8c:1f:e1:dc:80:49:51:76:fd:
7e:b3:4f:f1:48:b4:ef:37:8a:26:d8:2b:ca:c8:74:
dc:0c:d3:8b:3c:2a:1e:e6:a6:0b:01:ef:09:bf:9e:
d3:41:4b:11:78:e5:2e:4f:f1:8c:11:a2:b0:c9:a1:
a8:9c:5a:13:42:f0:af:25:c1:58:b4:cb:ae:4c:73:
a4:37:ea:b0:4e:24:4a:ea:cf:50:d6:30:70:37:cc:
0b:35:b3:e4:de:02:ab:85:ae:12:92:fa:40:79:82:
36:f7:14:ee:91:9e:c5:ad:92:06:8c:82:0c:04:05:
f9:eb:e4:c9:9b:55:ce:e6:65:1c:a0:0b:6b:be:00:
1c:b9:12:d2:22:f9:41:55:c5:3f:fa:6a:1a:5b:53:
80:ed:56:49:f5:85:61:8b:33:14:dc:c7:1e:4f:7f:
ba:f0:22:25:ef:36:e0:a0:bc:a7:d0:48:02:9d:fd:
31:20:ff:29:79:8a:60:9b:fc:f2:32:d2:cd:6c:51:
ff:98:42:a3:fa:07:bd:9f:36:44:20:67:37:3a:e3:
9a:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:5D:B9:95:21:6A:85:EC:E7:B9:AD:F9:BA:F9:5B:DA:84:7A:FD:FA
X509v3 Authority Key Identifier:
keyid:B0:57:08:45:C2:39:E9:99:1C:89:BC:5C:50:43:1E:90:87:86:0C:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sFcIRcI56ZkcibxcUEMekIeGDE0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/1e7c48-f8c2-4679-b771-46ca26aff545/1/sFcIRcI56ZkcibxcUEMekIeGDE0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/1e7c48-f8c2-4679-b771-46ca26aff545/1/sFcIRcI56ZkcibxcUEMekIeGDE0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
85:06:37:da:5a:dd:eb:04:b4:b9:2b:a1:26:8e:8a:73:ea:7b:
9a:08:96:44:21:52:ab:2b:0d:95:80:04:e7:e0:f8:30:f4:89:
79:75:0b:78:e2:62:60:42:f1:04:ec:3a:ec:d3:6a:23:8d:c7:
c3:16:fe:96:6d:a9:f3:b5:63:e6:22:fc:7e:a0:63:39:90:dd:
3f:7b:12:3f:b4:f4:cb:1b:04:e4:67:35:c7:6d:e8:ed:16:2c:
5b:59:46:ab:99:cb:d5:ea:b2:84:bb:1d:e9:a0:15:e2:d0:9b:
53:29:31:8a:73:41:2d:1b:4a:e2:d8:2a:06:91:75:c8:6b:b4:
78:74:a5:53:32:27:af:92:e9:af:88:04:51:78:84:a3:fd:97:
ad:88:a9:c4:06:43:e5:07:98:1d:95:67:74:53:b9:a3:76:eb:
ee:ef:c2:09:34:7d:83:96:2c:af:fa:41:f1:b1:35:f9:77:f7:
ac:50:30:f4:57:29:dc:bf:07:a3:61:4c:fd:99:d1:37:de:dd:
8e:7e:f5:d5:97:02:73:53:f4:bc:41:83:06:67:35:d3:03:cf:
15:d0:24:47:38:f8:12:ef:86:d4:13:0e:ef:2c:bc:21:4c:61:
34:e2:ab:88:2d:95:e5:28:49:d0:5f:30:c4:7d:42:d8:d0:24:
b9:49:2c:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4pXaBRwdo2AtC5drAt2RV5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNTcwODQ1YzIzOWU5OTkxYzg5YmM1YzUwNDMxZTkwODc4
NjBjNGQwHhcNMjYwNTE1MDIwMTAyWhcNMjYwNTE2MDIwMTAyWjAzMTEwLwYDVQQD
Eyg4NjVkYjk5NTIxNmE4NWVjZTdiOWFkZjliYWY5NWJkYTg0N2FmZGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIQgLcmRdFNuGbMAh2KUZeVb0vC8
Q6IKZu5dQ/cXkouMROa+XMoI82CgOgQDk8+rM92MH+HcgElRdv1+s0/xSLTvN4om
2CvKyHTcDNOLPCoe5qYLAe8Jv57TQUsReOUuT/GMEaKwyaGonFoTQvCvJcFYtMuu
THOkN+qwTiRK6s9Q1jBwN8wLNbPk3gKrha4SkvpAeYI29xTukZ7FrZIGjIIMBAX5
6+TJm1XO5mUcoAtrvgAcuRLSIvlBVcU/+moaW1OA7VZJ9YVhizMU3MceT3+68CIl
7zbgoLyn0EgCnf0xIP8peYpgm/zyMtLNbFH/mEKj+ge9nzZEIGc3OuOabwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIZduZUhaoXs57mt+br5W9qEev36MB8GA1UdIwQY
MBaAFLBXCEXCOemZHIm8XFBDHpCHhgxNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0ZjSVJjSTU2WmtjaWJ4Y1VFTWVrSWVHREUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8xZTdjNDgtZjhjMi00Njc5LWI3NzEt
NDZjYTI2YWZmNTQ1LzEvc0ZjSVJjSTU2WmtjaWJ4Y1VFTWVrSWVHREUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8xZTdjNDgtZjhjMi00Njc5LWI3NzEtNDZjYTI2YWZmNTQ1
LzEvc0ZjSVJjSTU2WmtjaWJ4Y1VFTWVrSWVHREUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhQY32lrd
6wS0uSuhJo6Kc+p7mgiWRCFSqysNlYAE5+D4MPSJeXULeOJiYELxBOw67NNqI43H
wxb+lm2p87Vj5iL8fqBjOZDdP3sSP7T0yxsE5Gc1x23o7RYsW1lGq5nL1eqyhLsd
6aAV4tCbUykxinNBLRtK4tgqBpF1yGu0eHSlUzInr5Lpr4gEUXiEo/2XrYipxAZD
5QeYHZVndFO5o3br7u/CCTR9g5Ysr/pB8bE1+Xf3rFAw9Fcp3L8Ho2FM/ZnRN97d
jn711ZcCc1P0vEGDBmc10wPPFdAkRzj4Eu+G1BMO7yy8IUxhNOKriC2V5ShJ0F8w
xH1C2NAkuUksWg==
-----END CERTIFICATE-----
Generated at Fri May 15 07:03:11 2026 by rpki-client