Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/213a95-aacf-40a9-9753-94c0b0b76029/1/S2MqdYtZMJ6GEInWVTruBnprNT8.mft
File: S2MqdYtZMJ6GEInWVTruBnprNT8.mft (raw, json)
Hash identifier: LAJnZlpGG43+GrorbgxE1Ve21ZI0siVHNqhuuXQTzXY=
Subject key identifier: BE:5C:1A:6A:FD:74:23:D5:AE:86:C8:34:A7:7D:32:6D:2B:E3:A9:0C
Authority key identifier: 4B:63:2A:75:8B:59:30:9E:86:10:89:D6:55:3A:EE:06:7A:6B:35:3F
Certificate issuer: /CN=4b632a758b59309e861089d6553aee067a6b353f
Certificate serial: 019D265F7F5D60A982F052E008E57A32E7B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S2MqdYtZMJ6GEInWVTruBnprNT8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/213a95-aacf-40a9-9753-94c0b0b76029/1/S2MqdYtZMJ6GEInWVTruBnprNT8.mft
Manifest number: 1888
Signing time: Wed 25 Mar 2026 19:01:25 +0000
Manifest this update: Wed 25 Mar 2026 19:01:25 +0000
Manifest next update: Thu 26 Mar 2026 19:01:25 +0000
Files and hashes: 1: 1j-cndh73up45TjcJHDMi8wQ8Xc.roa (hash: KpN3w6f7/yCpGmCh1vdlXsD6GVlxoKm9AQfV9ZcUMXk=)
2: 6E64GXrgmXNa9YSBiY3OujAPTwo.roa (hash: yS+gCnb/d3MQ3vFkPLZAQVV6eBJuu9tDUWcxSfLgTIU=)
3: S2MqdYtZMJ6GEInWVTruBnprNT8.crl (hash: P0t92oF59ByJ1rG2cz9IsUIaL9sdLeaO1hfzed+sZas=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/213a95-aacf-40a9-9753-94c0b0b76029/1/S2MqdYtZMJ6GEInWVTruBnprNT8.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/213a95-aacf-40a9-9753-94c0b0b76029/1/S2MqdYtZMJ6GEInWVTruBnprNT8.mft
rsync://rpki.ripe.net/repository/DEFAULT/S2MqdYtZMJ6GEInWVTruBnprNT8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 19:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:5f:7f:5d:60:a9:82:f0:52:e0:08:e5:7a:32:e7:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b632a758b59309e861089d6553aee067a6b353f
Validity
Not Before: Mar 25 19:01:25 2026 GMT
Not After : Mar 26 19:01:25 2026 GMT
Subject: CN=be5c1a6afd7423d5ae86c834a77d326d2be3a90c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:4e:c4:77:cc:9d:69:e4:6f:a3:b0:d7:e7:96:
2f:30:6a:31:01:df:01:da:fd:81:a1:2e:3f:55:d5:
e2:23:b0:4b:d7:f7:95:b2:a2:0b:f8:c7:02:f3:43:
df:36:85:0e:80:15:78:0b:83:2e:77:75:cc:f1:3f:
65:d9:b4:2d:b3:40:f6:ff:83:c1:f5:5f:2f:d7:97:
7c:d6:a7:82:b1:c0:0f:8d:21:09:fd:41:8e:df:50:
4c:f9:59:dd:55:cd:8c:61:31:3f:18:bd:ed:35:83:
36:7b:b1:09:69:e7:2f:bf:ef:c8:fd:81:b8:11:24:
8b:67:47:dd:0e:87:6b:98:bc:0a:90:a9:ee:9c:88:
19:39:5a:b9:13:53:e8:12:d5:9d:1e:d7:8e:5d:a6:
cd:e0:91:fa:6d:81:0b:94:50:9e:64:6c:13:39:51:
13:d1:01:56:a6:0e:51:24:75:b1:78:77:0f:10:02:
f9:7c:8e:a7:c3:b8:83:fb:e9:d3:16:ac:92:12:20:
e4:2d:7a:9a:f2:fb:cb:42:5e:4d:3f:b9:6b:cf:76:
47:80:ef:fa:41:d4:cf:68:e8:c5:b8:3b:cc:6c:12:
ed:d4:d5:47:4f:ef:a9:59:9a:8e:c0:dd:d3:7f:1f:
ba:9b:c4:fd:43:a2:ad:a6:3a:b3:f0:66:98:76:9e:
87:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:5C:1A:6A:FD:74:23:D5:AE:86:C8:34:A7:7D:32:6D:2B:E3:A9:0C
X509v3 Authority Key Identifier:
keyid:4B:63:2A:75:8B:59:30:9E:86:10:89:D6:55:3A:EE:06:7A:6B:35:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S2MqdYtZMJ6GEInWVTruBnprNT8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/213a95-aacf-40a9-9753-94c0b0b76029/1/S2MqdYtZMJ6GEInWVTruBnprNT8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/213a95-aacf-40a9-9753-94c0b0b76029/1/S2MqdYtZMJ6GEInWVTruBnprNT8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1d:c8:58:61:67:90:36:85:ea:fa:3c:05:37:bc:6a:2e:3b:93:
5c:d1:d9:38:9a:a6:bb:20:0c:82:17:c0:44:5f:e7:c9:e0:dd:
64:bf:70:3b:84:33:34:3a:b0:ee:85:6c:07:48:1a:e5:0d:3f:
56:fa:38:c3:e4:a1:bd:ae:2d:0c:62:23:a2:c4:13:e1:7d:97:
e4:5d:63:b9:3e:eb:7a:15:23:ef:5b:4a:37:1d:20:83:0f:c8:
ef:bf:9d:8c:3b:c8:22:bc:bc:0f:3d:e8:b7:60:8d:5e:68:da:
d4:58:31:29:5d:d1:ee:1d:58:9d:eb:1e:ca:3f:71:1b:72:70:
e8:4e:14:99:b5:f1:e7:9b:fc:27:08:d6:00:f6:cc:2e:c5:fc:
29:b7:cb:36:85:21:cb:42:32:04:d9:76:c4:6c:4f:48:b5:3b:
ed:89:1b:a9:e7:b2:45:86:3b:b9:c2:df:4a:64:25:9d:0d:21:
83:56:a6:96:18:99:e7:64:ce:85:b4:92:1f:ef:9c:77:b8:f7:
ab:51:af:00:27:b6:36:c6:b2:55:b3:b9:a0:91:8d:2c:fc:93:
3d:c6:50:8a:36:f8:fa:c6:2e:a6:27:32:46:3f:85:27:ca:d8:
5f:cf:74:37:c0:63:9f:f7:c5:71:a9:e7:b5:59:56:bf:94:8f:
45:02:16:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mX39dYKmC8FLgCOV6Mue3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNjMyYTc1OGI1OTMwOWU4NjEwODlkNjU1M2FlZTA2N2E2
YjM1M2YwHhcNMjYwMzI1MTkwMTI1WhcNMjYwMzI2MTkwMTI1WjAzMTEwLwYDVQQD
EyhiZTVjMWE2YWZkNzQyM2Q1YWU4NmM4MzRhNzdkMzI2ZDJiZTNhOTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr07Ed8ydaeRvo7DX55YvMGoxAd8B
2v2BoS4/VdXiI7BL1/eVsqIL+McC80PfNoUOgBV4C4Mud3XM8T9l2bQts0D2/4PB
9V8v15d81qeCscAPjSEJ/UGO31BM+VndVc2MYTE/GL3tNYM2e7EJaecvv+/I/YG4
ESSLZ0fdDodrmLwKkKnunIgZOVq5E1PoEtWdHteOXabN4JH6bYELlFCeZGwTOVET
0QFWpg5RJHWxeHcPEAL5fI6nw7iD++nTFqySEiDkLXqa8vvLQl5NP7lrz3ZHgO/6
QdTPaOjFuDvMbBLt1NVHT++pWZqOwN3Tfx+6m8T9Q6Ktpjqz8GaYdp6HOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL5cGmr9dCPVrobINKd9Mm0r46kMMB8GA1UdIwQY
MBaAFEtjKnWLWTCehhCJ1lU67gZ6azU/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzJNcWRZdFpNSjZHRUluV1ZUcnVCbnByTlQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8yMTNhOTUtYWFjZi00MGE5LTk3NTMt
OTRjMGIwYjc2MDI5LzEvUzJNcWRZdFpNSjZHRUluV1ZUcnVCbnByTlQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8yMTNhOTUtYWFjZi00MGE5LTk3NTMtOTRjMGIwYjc2MDI5
LzEvUzJNcWRZdFpNSjZHRUluV1ZUcnVCbnByTlQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHchYYWeQ
NoXq+jwFN7xqLjuTXNHZOJqmuyAMghfARF/nyeDdZL9wO4QzNDqw7oVsB0ga5Q0/
Vvo4w+Shva4tDGIjosQT4X2X5F1juT7rehUj71tKNx0ggw/I77+djDvIIry8Dz3o
t2CNXmja1FgxKV3R7h1Yneseyj9xG3Jw6E4UmbXx55v8JwjWAPbMLsX8KbfLNoUh
y0IyBNl2xGxPSLU77YkbqeeyRYY7ucLfSmQlnQ0hg1amlhiZ52TOhbSSH++cd7j3
q1GvACe2NsayVbO5oJGNLPyTPcZQijb4+sYupicyRj+FJ8rYX890N8Bjn/fFcann
tVlWv5SPRQIW8w==
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:39:19 2026 by rpki-client