Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
File: a0P3ovQ2ixel4DXOS9km-KFC1os.mft (raw, json)
Hash identifier: AR34HxxWw9rZ+mTcsBf/TOtntaTq+2Wgn6r9cjmvS5E=
Subject key identifier: 56:4E:0C:6F:3F:E4:22:E2:B8:27:7A:3B:23:AB:73:B8:42:B0:B3:16
Authority key identifier: 6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B
Certificate issuer: /CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b
Certificate serial: 019DCED0B6F4A2E6F55C5C040F204B67143D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
Manifest number: 18DC
Signing time: Mon 27 Apr 2026 12:01:17 +0000
Manifest this update: Mon 27 Apr 2026 12:01:17 +0000
Manifest next update: Tue 28 Apr 2026 12:01:17 +0000
Files and hashes: 1: MuWBM4y_8sU7g6FEyEJdZpch7MA.roa (hash: polciHBhuEIudcpVsohkilsNPMnWK3IMSBDrJXYyToE=)
2: a0P3ovQ2ixel4DXOS9km-KFC1os.crl (hash: T/6vpsBxN3gpvRbQq0mKeWyj720N9V4E4GjTx1h/kc0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 08:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ce:d0:b6:f4:a2:e6:f5:5c:5c:04:0f:20:4b:67:14:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b
Validity
Not Before: Apr 27 12:01:17 2026 GMT
Not After : Apr 28 12:01:17 2026 GMT
Subject: CN=564e0c6f3fe422e2b8277a3b23ab73b842b0b316
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:85:40:50:7a:c2:80:38:1a:1f:b7:a1:9b:f4:
3d:3e:91:25:07:c3:26:1b:d4:83:37:ed:01:08:b3:
89:8a:64:27:c4:bf:b7:74:26:fa:53:24:3e:bb:cb:
c5:38:b3:aa:79:2f:e7:97:f7:73:55:49:f1:c5:d3:
08:7b:9e:31:6a:61:3e:66:7b:9e:11:6b:06:f8:a2:
b9:5b:86:96:26:31:f6:4e:cd:67:b2:53:83:0f:2c:
3d:20:6d:00:9d:64:66:b2:bc:20:6e:58:96:77:93:
e3:7a:15:1c:f4:ca:fb:f1:57:02:48:49:be:71:06:
88:85:96:4c:6e:5f:a2:2b:23:71:b4:87:df:f8:97:
35:ef:ce:55:fa:0a:c5:ed:40:f5:d4:31:22:9b:4f:
c7:f8:00:fa:a2:70:03:38:20:93:7c:50:3d:af:f8:
67:70:37:ef:3b:f9:66:a3:f1:ca:b7:fa:42:66:97:
8d:65:4d:b9:6f:84:da:f0:66:3b:63:72:b4:dc:7e:
ce:43:9f:b4:38:18:7f:54:28:cc:e1:0a:4f:4d:b0:
fd:fc:ad:fc:41:e7:f4:06:32:8b:84:81:3e:a1:10:
e8:2f:25:b1:b9:3e:17:55:ea:51:b4:e8:41:04:ba:
4e:8d:42:37:1d:46:ed:45:16:09:c4:42:b6:21:a0:
ae:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:4E:0C:6F:3F:E4:22:E2:B8:27:7A:3B:23:AB:73:B8:42:B0:B3:16
X509v3 Authority Key Identifier:
keyid:6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0c:9c:49:c7:3d:5a:70:7f:e9:45:b3:21:09:b6:86:f3:cd:20:
86:06:85:40:b0:dc:72:b3:11:00:22:1f:b3:7e:ce:68:10:e4:
7e:40:90:42:6f:94:be:e0:3b:1a:81:a4:5d:b8:4d:a9:4a:8d:
37:d0:3f:23:32:a3:7f:10:56:af:64:29:c5:9f:3a:ee:34:b6:
85:0c:c0:61:5f:b6:00:2f:ba:0a:be:01:13:36:69:cb:a0:b0:
d4:5c:f1:a0:fa:d6:d2:f2:4c:27:88:d4:d7:a6:7d:87:34:6b:
f0:3b:27:30:66:fc:5e:db:2c:43:8d:bc:9b:6d:c4:66:07:8c:
69:b8:6c:6b:94:3a:b1:05:27:fc:e5:0a:6c:d9:a2:d8:a8:60:
a0:a0:f5:04:24:89:99:21:13:21:03:5d:f3:28:24:d5:2d:f4:
45:d2:c1:84:38:40:4e:c6:47:02:69:4f:9c:32:23:74:f8:18:
ff:ca:e3:12:b0:56:a0:e9:bc:7d:b3:77:82:12:ae:4a:3a:98:
0d:1c:bb:ff:7b:a0:89:6c:0d:6d:36:94:f1:02:2e:dd:7d:c1:
85:8d:66:4e:ee:c4:f0:2e:19:5b:80:f9:1f:3c:77:8b:29:cf:
62:65:53:8f:26:4c:f1:0d:2e:45:d6:b4:27:f3:5d:52:da:b0:
e0:97:a4:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3O0Lb0oub1XFwEDyBLZxQ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNDNmN2EyZjQzNjhiMTdhNWUwMzVjZTRiZDkyNmY4YTE0
MmQ2OGIwHhcNMjYwNDI3MTIwMTE3WhcNMjYwNDI4MTIwMTE3WjAzMTEwLwYDVQQD
Eyg1NjRlMGM2ZjNmZTQyMmUyYjgyNzdhM2IyM2FiNzNiODQyYjBiMzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYVAUHrCgDgaH7ehm/Q9PpElB8Mm
G9SDN+0BCLOJimQnxL+3dCb6UyQ+u8vFOLOqeS/nl/dzVUnxxdMIe54xamE+Znue
EWsG+KK5W4aWJjH2Ts1nslODDyw9IG0AnWRmsrwgbliWd5PjehUc9Mr78VcCSEm+
cQaIhZZMbl+iKyNxtIff+Jc1785V+grF7UD11DEim0/H+AD6onADOCCTfFA9r/hn
cDfvO/lmo/HKt/pCZpeNZU25b4Ta8GY7Y3K03H7OQ5+0OBh/VCjM4QpPTbD9/K38
Qef0BjKLhIE+oRDoLyWxuT4XVepRtOhBBLpOjUI3HUbtRRYJxEK2IaCuSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFZODG8/5CLiuCd6OyOrc7hCsLMWMB8GA1UdIwQY
MBaAFGtD96L0NosXpeA1zkvZJvihQtaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMt
MzViMDMxMzZkZDAzLzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMtMzViMDMxMzZkZDAz
LzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADJxJxz1a
cH/pRbMhCbaG880ghgaFQLDccrMRACIfs37OaBDkfkCQQm+UvuA7GoGkXbhNqUqN
N9A/IzKjfxBWr2QpxZ867jS2hQzAYV+2AC+6Cr4BEzZpy6Cw1FzxoPrW0vJMJ4jU
16Z9hzRr8DsnMGb8XtssQ428m23EZgeMabhsa5Q6sQUn/OUKbNmi2KhgoKD1BCSJ
mSETIQNd8ygk1S30RdLBhDhATsZHAmlPnDIjdPgY/8rjErBWoOm8fbN3ghKuSjqY
DRy7/3ugiWwNbTaU8QIu3X3BhY1mTu7E8C4ZW4D5Hzx3iynPYmVTjyZM8Q0uRda0
J/NdUtqw4JekLQ==
-----END CERTIFICATE-----
Generated at Mon Apr 27 15:40:21 2026 by rpki-client