Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/317cc1-64c2-472e-914b-0bfb86884404/1/4kycUM9OLawF4fBDKCJOIKRgXXc.mft
File: 4kycUM9OLawF4fBDKCJOIKRgXXc.mft (raw, json)
Hash identifier: o8qKly4CzakIrqa+YyTMjO18b6OaDjx++mFlW1BKMRs=
Subject key identifier: 2F:5E:CD:A5:88:18:A6:7E:4E:F4:EC:64:4B:6A:3D:2D:D5:A4:A7:06
Authority key identifier: E2:4C:9C:50:CF:4E:2D:AC:05:E1:F0:43:28:22:4E:20:A4:60:5D:77
Certificate issuer: /CN=e24c9c50cf4e2dac05e1f04328224e20a4605d77
Certificate serial: 019D2A723E6A70FC292110E6D1CFEED2213B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4kycUM9OLawF4fBDKCJOIKRgXXc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/317cc1-64c2-472e-914b-0bfb86884404/1/4kycUM9OLawF4fBDKCJOIKRgXXc.mft
Manifest number: 0F71
Signing time: Thu 26 Mar 2026 14:00:23 +0000
Manifest this update: Thu 26 Mar 2026 14:00:23 +0000
Manifest next update: Fri 27 Mar 2026 14:00:23 +0000
Files and hashes: 1: 4kycUM9OLawF4fBDKCJOIKRgXXc.crl (hash: d2kPksKPoFOFrwmbXGbMsfPxEPvEY5DMi+II8OtxPSA=)
2: tMtN8-QriDVpgeW2wDDvJvfjR9M.roa (hash: xSHPKvxZeM3dEwuvm0xnQCeYW9E45CjCYOCoqNZiqPQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/317cc1-64c2-472e-914b-0bfb86884404/1/4kycUM9OLawF4fBDKCJOIKRgXXc.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/317cc1-64c2-472e-914b-0bfb86884404/1/4kycUM9OLawF4fBDKCJOIKRgXXc.mft
rsync://rpki.ripe.net/repository/DEFAULT/4kycUM9OLawF4fBDKCJOIKRgXXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:72:3e:6a:70:fc:29:21:10:e6:d1:cf:ee:d2:21:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e24c9c50cf4e2dac05e1f04328224e20a4605d77
Validity
Not Before: Mar 26 14:00:23 2026 GMT
Not After : Mar 27 14:00:23 2026 GMT
Subject: CN=2f5ecda58818a67e4ef4ec644b6a3d2dd5a4a706
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:de:b7:c5:dc:83:5d:19:ab:76:0d:fe:92:97:
1c:72:d6:61:11:ff:62:62:9a:f2:1c:89:e2:83:8e:
30:55:5a:16:1e:05:27:7f:a8:6a:d0:79:94:25:e9:
aa:6c:67:03:5c:ef:cf:c9:21:ba:53:92:2e:ff:52:
2d:a4:52:dd:8e:6a:33:33:c1:76:ad:f7:9f:9e:b0:
96:67:f9:dc:27:f9:b3:82:fe:cd:1d:06:0e:3f:26:
65:63:62:d4:cd:bc:d3:b8:7f:48:d4:3e:c6:c7:db:
3b:28:49:e4:bc:94:67:17:8d:e0:d0:78:56:23:0d:
01:b9:9a:d1:f5:8e:1c:c6:cf:4d:a8:2c:f7:5c:1e:
74:f5:eb:07:6c:b3:b3:99:1f:fa:54:bb:11:96:6a:
e6:7c:1a:02:02:1e:31:51:ba:1f:2a:8d:99:ce:de:
4c:bb:d6:3e:85:68:84:86:0b:13:fe:0c:88:73:8a:
42:53:b0:c2:ea:b1:07:90:da:70:9c:45:b3:23:86:
39:f4:6f:09:cb:1f:45:06:5b:7c:77:a6:bd:a2:33:
15:d1:c1:2f:f5:d4:16:87:9c:99:33:65:aa:e0:0b:
f1:7c:17:e0:9d:1b:28:e2:5a:e2:71:83:f7:1d:f2:
ce:2e:53:47:0b:c4:f1:ca:45:21:6f:8b:cd:ff:ae:
09:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:5E:CD:A5:88:18:A6:7E:4E:F4:EC:64:4B:6A:3D:2D:D5:A4:A7:06
X509v3 Authority Key Identifier:
keyid:E2:4C:9C:50:CF:4E:2D:AC:05:E1:F0:43:28:22:4E:20:A4:60:5D:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4kycUM9OLawF4fBDKCJOIKRgXXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/317cc1-64c2-472e-914b-0bfb86884404/1/4kycUM9OLawF4fBDKCJOIKRgXXc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/317cc1-64c2-472e-914b-0bfb86884404/1/4kycUM9OLawF4fBDKCJOIKRgXXc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
24:87:b4:fe:d0:da:e4:58:a4:68:21:65:76:f7:a8:57:c0:6d:
66:37:37:8f:ce:fa:99:e3:5d:79:84:64:2b:be:d9:e5:c9:48:
29:76:02:bc:79:6e:c9:bd:9d:c1:c2:f0:32:95:52:4d:f9:dc:
e9:3e:31:55:c0:b6:1f:39:e6:1c:09:ba:13:3c:68:db:74:38:
e3:05:e1:2b:91:3a:72:da:ed:b3:6a:66:15:9d:71:37:52:fe:
14:7a:d6:7a:d3:a8:95:e0:68:19:c1:ea:3e:bb:39:91:24:23:
14:65:67:0c:28:7a:6e:62:6f:f4:30:f7:33:5a:f1:2e:2d:49:
e7:14:36:11:23:4e:f2:98:c4:f8:1e:1f:7f:78:0c:c4:25:e7:
6d:11:ad:ef:36:4b:ee:95:4f:f0:77:52:a9:cd:dd:a7:41:1d:
7a:7a:22:50:7c:1d:fb:06:e5:6e:c1:7d:bf:ee:97:2f:64:da:
23:6a:0e:f7:b5:5d:f2:05:30:a9:63:b2:69:5b:4c:35:fd:d1:
19:39:4b:1d:38:01:6e:44:5a:4d:7b:59:0d:6b:25:31:24:cc:
9b:12:43:e7:c5:ff:06:7b:9b:5d:4f:1a:d1:c0:8e:0a:06:a1:
b3:d6:16:ef:0f:ae:21:79:1d:34:6f:7f:b2:66:a8:e3:68:c0:
5f:a7:9e:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qcj5qcPwpIRDm0c/u0iE7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyNGM5YzUwY2Y0ZTJkYWMwNWUxZjA0MzI4MjI0ZTIwYTQ2
MDVkNzcwHhcNMjYwMzI2MTQwMDIzWhcNMjYwMzI3MTQwMDIzWjAzMTEwLwYDVQQD
EygyZjVlY2RhNTg4MThhNjdlNGVmNGVjNjQ0YjZhM2QyZGQ1YTRhNzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvd63xdyDXRmrdg3+kpccctZhEf9i
YpryHInig44wVVoWHgUnf6hq0HmUJemqbGcDXO/PySG6U5Iu/1ItpFLdjmozM8F2
rfefnrCWZ/ncJ/mzgv7NHQYOPyZlY2LUzbzTuH9I1D7Gx9s7KEnkvJRnF43g0HhW
Iw0BuZrR9Y4cxs9NqCz3XB509esHbLOzmR/6VLsRlmrmfBoCAh4xUbofKo2Zzt5M
u9Y+hWiEhgsT/gyIc4pCU7DC6rEHkNpwnEWzI4Y59G8Jyx9FBlt8d6a9ojMV0cEv
9dQWh5yZM2Wq4AvxfBfgnRso4lricYP3HfLOLlNHC8TxykUhb4vN/64JfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC9ezaWIGKZ+TvTsZEtqPS3VpKcGMB8GA1UdIwQY
MBaAFOJMnFDPTi2sBeHwQygiTiCkYF13MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGt5Y1VNOU9MYXdGNGZCREtDSk9JS1JnWFhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zMTdjYzEtNjRjMi00NzJlLTkxNGIt
MGJmYjg2ODg0NDA0LzEvNGt5Y1VNOU9MYXdGNGZCREtDSk9JS1JnWFhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zMTdjYzEtNjRjMi00NzJlLTkxNGItMGJmYjg2ODg0NDA0
LzEvNGt5Y1VNOU9MYXdGNGZCREtDSk9JS1JnWFhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJIe0/tDa
5FikaCFldveoV8BtZjc3j876meNdeYRkK77Z5clIKXYCvHluyb2dwcLwMpVSTfnc
6T4xVcC2HznmHAm6Ezxo23Q44wXhK5E6ctrts2pmFZ1xN1L+FHrWetOoleBoGcHq
Prs5kSQjFGVnDCh6bmJv9DD3M1rxLi1J5xQ2ESNO8pjE+B4ff3gMxCXnbRGt7zZL
7pVP8HdSqc3dp0EdenoiUHwd+wblbsF9v+6XL2TaI2oO97Vd8gUwqWOyaVtMNf3R
GTlLHTgBbkRaTXtZDWslMSTMmxJD58X/BnubXU8a0cCOCgahs9YW7w+uIXkdNG9/
smao42jAX6eeIw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:04:26 2026 by rpki-client