Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/46fa02-6587-4c62-973e-b12501f34ff0/1/2My6s6LYEMX6KdzanVAgJhbvueg.mft
File: 2My6s6LYEMX6KdzanVAgJhbvueg.mft (raw, json)
Hash identifier: tbRS41qnmsqYMtPy9xzqRt9ZI9lEYjNqgxcFWGHukJw=
Subject key identifier: 7D:4D:F6:D0:FC:3C:73:23:65:F9:80:2D:A2:E3:E6:E3:9E:A9:55:28
Authority key identifier: D8:CC:BA:B3:A2:D8:10:C5:FA:29:DC:DA:9D:50:20:26:16:EF:B9:E8
Certificate issuer: /CN=d8ccbab3a2d810c5fa29dcda9d50202616efb9e8
Certificate serial: 019E1CEBC422BCC356260EEA22C35267CE6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2My6s6LYEMX6KdzanVAgJhbvueg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/46fa02-6587-4c62-973e-b12501f34ff0/1/2My6s6LYEMX6KdzanVAgJhbvueg.mft
Manifest number: 0370
Signing time: Tue 12 May 2026 16:01:13 +0000
Manifest this update: Tue 12 May 2026 16:01:13 +0000
Manifest next update: Wed 13 May 2026 16:01:13 +0000
Files and hashes: 1: 2My6s6LYEMX6KdzanVAgJhbvueg.crl (hash: yetjmczxy/GQOoTBUxQx/QMyhCsTfyBrxhnWxr77KMM=)
2: n5FUtwJmC4hLyvlbNVZ9aYw4EWg.roa (hash: ApevewrPNzMKwdZYmudK6D8Ih9aFuZDtkDlyK/2Y0WA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/46fa02-6587-4c62-973e-b12501f34ff0/1/2My6s6LYEMX6KdzanVAgJhbvueg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/46fa02-6587-4c62-973e-b12501f34ff0/1/2My6s6LYEMX6KdzanVAgJhbvueg.mft
rsync://rpki.ripe.net/repository/DEFAULT/2My6s6LYEMX6KdzanVAgJhbvueg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1c:eb:c4:22:bc:c3:56:26:0e:ea:22:c3:52:67:ce:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8ccbab3a2d810c5fa29dcda9d50202616efb9e8
Validity
Not Before: May 12 16:01:13 2026 GMT
Not After : May 13 16:01:13 2026 GMT
Subject: CN=7d4df6d0fc3c732365f9802da2e3e6e39ea95528
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:25:af:f0:9b:18:3a:28:95:f7:50:85:8d:ca:
3f:c8:0d:83:d7:d0:a7:a8:5b:d4:78:f3:20:d0:61:
a5:58:2c:36:bf:9f:26:8b:71:bf:9a:38:e3:24:e7:
ee:f9:c0:be:10:14:da:93:3c:f5:07:94:e3:3d:34:
fb:05:50:0e:9e:4d:52:1f:48:d6:70:ae:14:ac:bf:
0a:1a:b5:a9:7d:1d:32:94:c7:10:4e:b8:cd:b7:0b:
d2:ba:17:27:5e:f5:4b:57:c4:72:b8:01:b6:8b:64:
43:5b:fc:a3:70:a2:d1:f8:a7:7a:b6:7d:9d:3b:81:
82:ba:fe:0d:25:30:95:61:ed:19:67:92:3f:3c:8c:
01:ce:08:74:03:ee:6a:66:77:03:5b:fe:6a:e0:5b:
6d:69:cd:34:9b:19:ef:9a:a1:4a:be:43:09:0c:11:
69:ef:01:3b:15:e1:eb:93:2c:73:3f:ab:b8:48:e2:
98:4e:1b:c8:4e:ca:bc:0b:d4:27:39:e2:3c:52:c5:
0d:56:88:9c:a1:ff:32:2f:0c:40:94:ce:55:1e:94:
ea:0c:44:aa:ad:ed:2f:b3:eb:d4:bc:b1:55:d9:a4:
be:9f:ec:6f:e3:3f:0c:fd:d0:7b:79:d6:9e:2e:c6:
d1:18:a6:c7:9d:55:e6:37:94:49:bc:b5:53:4b:6b:
6a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:4D:F6:D0:FC:3C:73:23:65:F9:80:2D:A2:E3:E6:E3:9E:A9:55:28
X509v3 Authority Key Identifier:
keyid:D8:CC:BA:B3:A2:D8:10:C5:FA:29:DC:DA:9D:50:20:26:16:EF:B9:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2My6s6LYEMX6KdzanVAgJhbvueg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/46fa02-6587-4c62-973e-b12501f34ff0/1/2My6s6LYEMX6KdzanVAgJhbvueg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/46fa02-6587-4c62-973e-b12501f34ff0/1/2My6s6LYEMX6KdzanVAgJhbvueg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
53:57:0d:ce:fe:27:b4:4d:2e:07:64:dd:b2:68:db:dd:19:2a:
cf:2c:a4:6d:d2:5f:b8:26:a4:10:c7:52:e2:ca:b3:95:6e:2e:
1b:04:53:7f:fc:ea:a1:d7:96:bb:9d:65:b2:9c:03:70:b0:e4:
43:31:99:09:cd:92:e5:65:76:16:9a:9d:ec:7b:d5:d2:24:16:
83:71:6e:ee:b5:78:3d:e3:13:a1:62:8c:77:3e:85:48:d2:20:
f6:11:a3:66:4e:f3:c7:e7:54:01:38:14:27:5f:df:66:5b:a8:
66:67:db:ce:24:12:86:16:01:5a:74:a0:86:1f:bd:dd:6b:74:
61:87:24:62:5c:b4:e2:89:7b:30:3f:e6:cc:a4:6a:45:fe:1a:
35:a5:10:df:1d:10:d0:5a:14:c3:dc:e9:95:5d:46:4c:8e:75:
e4:14:b4:10:e0:81:a4:87:5e:e1:b2:5b:ef:6a:7f:1d:34:81:
24:f3:ad:78:f9:f5:fe:6a:6a:46:ea:fa:90:88:9f:a4:66:bd:
c7:f4:c2:54:9c:43:12:17:f5:17:77:54:96:02:97:67:7f:79:
95:a0:ca:cd:50:08:34:88:88:1c:9d:9f:76:ca:18:ad:2e:d1:
1b:4f:e3:c8:b4:cf:fc:7c:4f:9e:01:2c:ac:49:3f:4f:c8:77:
dc:50:e5:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4c68QivMNWJg7qIsNSZ85vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4Y2NiYWIzYTJkODEwYzVmYTI5ZGNkYTlkNTAyMDI2MTZl
ZmI5ZTgwHhcNMjYwNTEyMTYwMTEzWhcNMjYwNTEzMTYwMTEzWjAzMTEwLwYDVQQD
Eyg3ZDRkZjZkMGZjM2M3MzIzNjVmOTgwMmRhMmUzZTZlMzllYTk1NTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSWv8JsYOiiV91CFjco/yA2D19Cn
qFvUePMg0GGlWCw2v58mi3G/mjjjJOfu+cC+EBTakzz1B5TjPTT7BVAOnk1SH0jW
cK4UrL8KGrWpfR0ylMcQTrjNtwvSuhcnXvVLV8RyuAG2i2RDW/yjcKLR+Kd6tn2d
O4GCuv4NJTCVYe0ZZ5I/PIwBzgh0A+5qZncDW/5q4Fttac00mxnvmqFKvkMJDBFp
7wE7FeHrkyxzP6u4SOKYThvITsq8C9QnOeI8UsUNVoicof8yLwxAlM5VHpTqDESq
re0vs+vUvLFV2aS+n+xv4z8M/dB7edaeLsbRGKbHnVXmN5RJvLVTS2tqewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH1N9tD8PHMjZfmALaLj5uOeqVUoMB8GA1UdIwQY
MBaAFNjMurOi2BDF+inc2p1QICYW77noMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk15NnM2TFlFTVg2S2R6YW5WQWdKaGJ2dWVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi80NmZhMDItNjU4Ny00YzYyLTk3M2Ut
YjEyNTAxZjM0ZmYwLzEvMk15NnM2TFlFTVg2S2R6YW5WQWdKaGJ2dWVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi80NmZhMDItNjU4Ny00YzYyLTk3M2UtYjEyNTAxZjM0ZmYw
LzEvMk15NnM2TFlFTVg2S2R6YW5WQWdKaGJ2dWVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU1cNzv4n
tE0uB2Tdsmjb3RkqzyykbdJfuCakEMdS4sqzlW4uGwRTf/zqodeWu51lspwDcLDk
QzGZCc2S5WV2Fpqd7HvV0iQWg3Fu7rV4PeMToWKMdz6FSNIg9hGjZk7zx+dUATgU
J1/fZluoZmfbziQShhYBWnSghh+93Wt0YYckYly04ol7MD/mzKRqRf4aNaUQ3x0Q
0FoUw9zplV1GTI515BS0EOCBpIde4bJb72p/HTSBJPOtePn1/mpqRur6kIifpGa9
x/TCVJxDEhf1F3dUlgKXZ395laDKzVAINIiIHJ2fdsoYrS7RG0/jyLTP/HxPngEs
rEk/T8h33FDlEg==
-----END CERTIFICATE-----
Generated at Tue May 12 21:36:48 2026 by rpki-client