Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.mft
File: 4Genud52frl9tk5RZHhJRjO9VOo.mft (raw, json)
Hash identifier: T2V6IrqhN7M1oHz6paED3PctXMwVPm9QyCLjjrB4te4=
Subject key identifier: 64:39:8E:9E:EC:63:85:75:D7:FB:CD:14:85:7F:96:22:F7:2E:61:EF
Authority key identifier: E0:67:A7:B9:DE:76:7E:B9:7D:B6:4E:51:64:78:49:46:33:BD:54:EA
Certificate issuer: /CN=e067a7b9de767eb97db64e516478494633bd54ea
Certificate serial: 019D273AF148A478B1A1B21B191345E04E3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Genud52frl9tk5RZHhJRjO9VOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.mft
Manifest number: 0E87
Signing time: Wed 25 Mar 2026 23:01:07 +0000
Manifest this update: Wed 25 Mar 2026 23:01:07 +0000
Manifest next update: Thu 26 Mar 2026 23:01:07 +0000
Files and hashes: 1: 4Genud52frl9tk5RZHhJRjO9VOo.crl (hash: qb/p27yg+sXNXfCJpXj+eYVIaHsaznGGR16p/Gkui/U=)
2: CdfLb6TofkWtReh_YXLGBpk_g6c.roa (hash: wzdkGkKknbVJYDWx/Ffoau27HnZpYfEves1fyMYu134=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.mft
rsync://rpki.ripe.net/repository/DEFAULT/4Genud52frl9tk5RZHhJRjO9VOo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:3a:f1:48:a4:78:b1:a1:b2:1b:19:13:45:e0:4e:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e067a7b9de767eb97db64e516478494633bd54ea
Validity
Not Before: Mar 25 23:01:07 2026 GMT
Not After : Mar 26 23:01:07 2026 GMT
Subject: CN=64398e9eec638575d7fbcd14857f9622f72e61ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:04:60:36:d6:a9:41:d4:93:13:7a:ff:2a:26:
ed:4f:56:3d:b7:cb:34:8e:5d:f6:b1:df:2e:3e:fe:
8e:c4:6f:69:51:7e:9a:39:b1:b9:fd:30:36:be:0b:
19:a7:a9:25:29:a5:c4:f1:e0:0e:00:ad:6f:bf:f8:
0b:48:5e:fb:71:be:36:d0:ba:5a:08:dd:33:16:9c:
e0:e3:77:b8:d2:02:a3:22:c0:f9:07:a9:1b:1d:c0:
1a:69:76:2e:f1:78:23:f1:61:be:39:d8:1f:42:17:
d0:e4:0b:e9:8b:f3:79:2c:64:b0:05:dc:4e:10:bf:
12:28:f6:11:10:c2:d6:bf:4f:97:6e:d4:b7:41:27:
8a:f3:9e:90:49:f6:0c:13:c2:74:1c:24:49:d2:0e:
cf:7f:de:98:7b:bf:05:ee:5a:b9:a6:1e:25:29:d9:
6c:76:c8:6a:8e:ea:d7:62:0c:8a:c6:bb:51:d0:01:
94:8d:56:4b:86:47:9a:38:47:05:fa:e3:1f:9a:4c:
52:32:02:d5:43:16:8f:45:2f:bc:13:e9:41:16:25:
42:5a:ca:d1:17:b2:4e:7c:0a:08:3b:49:7b:e2:e7:
67:d9:cb:6e:e2:cc:88:e1:aa:6e:07:9f:0d:cc:a4:
b0:f6:1e:f5:3e:3c:07:cf:d3:64:0e:de:ae:50:f8:
b5:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:39:8E:9E:EC:63:85:75:D7:FB:CD:14:85:7F:96:22:F7:2E:61:EF
X509v3 Authority Key Identifier:
keyid:E0:67:A7:B9:DE:76:7E:B9:7D:B6:4E:51:64:78:49:46:33:BD:54:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Genud52frl9tk5RZHhJRjO9VOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c9:76:00:4a:10:a3:cc:7a:8f:e9:c8:64:a1:69:8d:1a:38:0e:
bb:1e:2f:19:dd:8a:61:dd:0e:00:9a:74:33:d3:31:46:ba:aa:
be:fe:0c:ea:57:80:4a:50:59:24:3d:1e:95:07:0a:95:e2:05:
1a:69:ec:47:cb:c9:92:12:ea:d2:17:ab:39:ca:f3:61:37:6f:
f9:80:b9:f6:97:47:d6:08:b0:92:f8:37:bb:c0:a0:f0:dd:7d:
c5:12:28:03:1c:98:0b:e7:d9:93:48:e7:6d:5b:b9:41:c7:e6:
4c:13:3f:73:96:4b:0e:28:de:5e:6e:d0:77:31:c7:a4:81:3c:
6c:4b:74:8c:e8:34:91:3d:de:d7:db:a5:5c:1d:30:8e:37:49:
47:fd:49:ab:72:83:4c:71:c2:6f:33:9d:86:09:c4:3a:bf:35:
ce:e6:0d:a1:de:68:20:3b:05:11:f8:fc:1a:21:91:9a:c6:ef:
42:3d:15:16:f0:39:26:c9:53:e9:0c:c8:56:28:b1:ac:2c:2f:
46:77:03:83:5c:dd:f4:d1:1e:ea:47:51:4c:1f:ee:fc:77:f6:
c1:70:2e:69:97:02:fa:78:95:7f:42:b2:7b:17:cd:d1:cd:02:
ab:4c:63:d4:86:4e:e8:60:f8:a3:42:60:e4:21:9e:02:44:5c:
11:8e:15:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nOvFIpHixobIbGRNF4E4/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNjdhN2I5ZGU3NjdlYjk3ZGI2NGU1MTY0Nzg0OTQ2MzNi
ZDU0ZWEwHhcNMjYwMzI1MjMwMTA3WhcNMjYwMzI2MjMwMTA3WjAzMTEwLwYDVQQD
Eyg2NDM5OGU5ZWVjNjM4NTc1ZDdmYmNkMTQ4NTdmOTYyMmY3MmU2MWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5gRgNtapQdSTE3r/KibtT1Y9t8s0
jl32sd8uPv6OxG9pUX6aObG5/TA2vgsZp6klKaXE8eAOAK1vv/gLSF77cb420Lpa
CN0zFpzg43e40gKjIsD5B6kbHcAaaXYu8Xgj8WG+OdgfQhfQ5Avpi/N5LGSwBdxO
EL8SKPYREMLWv0+XbtS3QSeK856QSfYME8J0HCRJ0g7Pf96Ye78F7lq5ph4lKdls
dshqjurXYgyKxrtR0AGUjVZLhkeaOEcF+uMfmkxSMgLVQxaPRS+8E+lBFiVCWsrR
F7JOfAoIO0l74udn2ctu4syI4apuB58NzKSw9h71PjwHz9NkDt6uUPi1TQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGQ5jp7sY4V11/vNFIV/liL3LmHvMB8GA1UdIwQY
MBaAFOBnp7nedn65fbZOUWR4SUYzvVTqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEdlbnVkNTJmcmw5dGs1UlpIaEpSak85Vk9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kNTIwYzQtZGViNC00MzhiLTkzYmYt
NzY4ZjNkNmVlMTllLzEvNEdlbnVkNTJmcmw5dGs1UlpIaEpSak85Vk9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kNTIwYzQtZGViNC00MzhiLTkzYmYtNzY4ZjNkNmVlMTll
LzEvNEdlbnVkNTJmcmw5dGs1UlpIaEpSak85Vk9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyXYAShCj
zHqP6chkoWmNGjgOux4vGd2KYd0OAJp0M9MxRrqqvv4M6leASlBZJD0elQcKleIF
GmnsR8vJkhLq0herOcrzYTdv+YC59pdH1giwkvg3u8Cg8N19xRIoAxyYC+fZk0jn
bVu5QcfmTBM/c5ZLDijeXm7QdzHHpIE8bEt0jOg0kT3e19ulXB0wjjdJR/1Jq3KD
THHCbzOdhgnEOr81zuYNod5oIDsFEfj8GiGRmsbvQj0VFvA5JslT6QzIViixrCwv
RncDg1zd9NEe6kdRTB/u/Hf2wXAuaZcC+niVf0KyexfN0c0Cq0xj1IZO6GD4o0Jg
5CGeAkRcEY4VYA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:52:50 2026 by rpki-client