Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/540c5f-a2a2-44e4-9287-41b54500fdcf/1/4koD-A9i2oZjUuGZCZfx1GzrL7A.mft
File: 4koD-A9i2oZjUuGZCZfx1GzrL7A.mft (raw, json)
Hash identifier: bHonq1Aw+z5ieTePjsbJsGwDVfblavI2P4laC+mZdIE=
Subject key identifier: C9:CE:32:20:7A:1A:B3:00:F9:22:4C:AC:D2:6F:66:4E:EE:0B:57:B0
Authority key identifier: E2:4A:03:F8:0F:62:DA:86:63:52:E1:99:09:97:F1:D4:6C:EB:2F:B0
Certificate issuer: /CN=e24a03f80f62da866352e1990997f1d46ceb2fb0
Certificate serial: 019D40FA55226B3B8F2315A39165DAA3BF63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4koD-A9i2oZjUuGZCZfx1GzrL7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/540c5f-a2a2-44e4-9287-41b54500fdcf/1/4koD-A9i2oZjUuGZCZfx1GzrL7A.mft
Manifest number: 1551
Signing time: Mon 30 Mar 2026 23:00:40 +0000
Manifest this update: Mon 30 Mar 2026 23:00:40 +0000
Manifest next update: Tue 31 Mar 2026 23:00:40 +0000
Files and hashes: 1: 4koD-A9i2oZjUuGZCZfx1GzrL7A.crl (hash: ux9kKhny8tHEHFZ9pg5RrMIoUmMY5L+aqrOFJBPRZIk=)
2: WlHlPJ2Yx-QYEFNJTd1fZunOqeI.roa (hash: V3F5Ix6QWwGrgFg4N8xfN4dbqz/bAEkV9NWs0dFeZ8I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/540c5f-a2a2-44e4-9287-41b54500fdcf/1/4koD-A9i2oZjUuGZCZfx1GzrL7A.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/540c5f-a2a2-44e4-9287-41b54500fdcf/1/4koD-A9i2oZjUuGZCZfx1GzrL7A.mft
rsync://rpki.ripe.net/repository/DEFAULT/4koD-A9i2oZjUuGZCZfx1GzrL7A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 31 Mar 2026 23:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:40:fa:55:22:6b:3b:8f:23:15:a3:91:65:da:a3:bf:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e24a03f80f62da866352e1990997f1d46ceb2fb0
Validity
Not Before: Mar 30 23:00:40 2026 GMT
Not After : Mar 31 23:00:40 2026 GMT
Subject: CN=c9ce32207a1ab300f9224cacd26f664eee0b57b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:e7:13:47:54:85:a3:23:c3:22:77:27:06:d4:
01:e2:76:ba:fa:5c:44:9e:27:b2:1c:91:b4:8e:bd:
07:a9:53:2d:34:fb:88:27:83:63:0c:00:94:12:c5:
8e:31:32:88:e7:26:31:52:f6:0e:34:59:53:01:97:
04:90:1a:ac:01:45:ed:ff:1d:2d:57:f3:24:df:e1:
75:31:86:ee:2d:a0:58:d1:ab:27:cf:dd:50:82:ec:
31:cd:32:d3:6b:a8:bf:87:3a:c2:d0:d0:c8:5c:8c:
b0:91:a5:3f:fb:a7:2a:be:ae:9d:00:42:8e:a8:af:
43:3d:5a:7e:b8:42:b5:e8:1f:17:66:58:6f:02:9f:
a1:33:6a:31:c7:b4:2f:a8:5a:76:9d:bd:43:4b:99:
87:e6:2c:ed:0f:22:57:81:46:81:06:ae:66:db:85:
51:36:af:97:66:d6:b4:d0:28:d1:5d:51:98:40:23:
1c:ba:1b:8f:af:70:5c:27:9c:69:0a:78:e6:8a:04:
0b:a6:10:af:38:fd:f4:c9:2c:80:75:f5:e8:84:34:
fa:20:19:75:e9:76:30:a8:03:52:50:f8:71:bd:0c:
ea:b1:9f:e1:03:c6:08:8e:19:6d:c5:46:e1:1a:2c:
60:b9:6a:6e:c7:16:82:4d:d0:96:e7:33:d2:5c:a1:
81:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:CE:32:20:7A:1A:B3:00:F9:22:4C:AC:D2:6F:66:4E:EE:0B:57:B0
X509v3 Authority Key Identifier:
keyid:E2:4A:03:F8:0F:62:DA:86:63:52:E1:99:09:97:F1:D4:6C:EB:2F:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4koD-A9i2oZjUuGZCZfx1GzrL7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/540c5f-a2a2-44e4-9287-41b54500fdcf/1/4koD-A9i2oZjUuGZCZfx1GzrL7A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/540c5f-a2a2-44e4-9287-41b54500fdcf/1/4koD-A9i2oZjUuGZCZfx1GzrL7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
10:72:86:59:f5:57:83:a0:e0:a3:f6:89:32:64:8b:6c:07:15:
c3:99:b4:19:de:9c:ed:1a:94:a7:55:6a:af:5b:04:79:1b:cb:
c0:37:90:10:9e:1b:b3:38:85:11:66:e1:02:3c:38:b2:37:36:
40:7a:b6:c6:d1:ac:1a:f9:06:a0:96:a1:12:70:5c:11:50:0d:
c2:62:4a:06:09:0f:9a:dd:18:07:d6:d5:3a:2d:ea:8c:ed:80:
14:34:99:dd:30:93:5b:b9:80:1c:12:78:38:70:d3:15:34:36:
d9:68:22:d4:46:85:10:cb:38:31:67:fb:cf:06:2f:50:bd:09:
2d:58:54:64:64:5a:ef:b5:dd:37:e2:8d:b8:d1:a6:d0:8c:87:
d1:c2:78:9b:17:95:aa:db:76:28:61:bd:fb:6c:bc:65:9e:1c:
c2:09:ef:12:ed:d2:6b:03:10:b5:d1:fc:d2:6d:c8:9e:ea:f6:
d0:58:71:0f:1d:4b:70:e0:ef:7d:2a:19:f9:f6:34:49:c2:ac:
07:40:5b:af:cc:7d:fd:00:59:e5:bf:1c:30:01:21:16:fd:ae:
5d:eb:a6:a2:91:75:26:29:43:46:e0:1e:47:03:cc:b5:dc:21:
5a:37:c8:6b:4d:c9:b7:6f:78:88:ee:14:ad:ba:e2:0d:33:5c:
d6:2f:bb:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ1A+lUiazuPIxWjkWXao79jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyNGEwM2Y4MGY2MmRhODY2MzUyZTE5OTA5OTdmMWQ0NmNl
YjJmYjAwHhcNMjYwMzMwMjMwMDQwWhcNMjYwMzMxMjMwMDQwWjAzMTEwLwYDVQQD
EyhjOWNlMzIyMDdhMWFiMzAwZjkyMjRjYWNkMjZmNjY0ZWVlMGI1N2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ecTR1SFoyPDIncnBtQB4na6+lxE
nieyHJG0jr0HqVMtNPuIJ4NjDACUEsWOMTKI5yYxUvYONFlTAZcEkBqsAUXt/x0t
V/Mk3+F1MYbuLaBY0asnz91QguwxzTLTa6i/hzrC0NDIXIywkaU/+6cqvq6dAEKO
qK9DPVp+uEK16B8XZlhvAp+hM2oxx7QvqFp2nb1DS5mH5iztDyJXgUaBBq5m24VR
Nq+XZta00CjRXVGYQCMcuhuPr3BcJ5xpCnjmigQLphCvOP30ySyAdfXohDT6IBl1
6XYwqANSUPhxvQzqsZ/hA8YIjhltxUbhGixguWpuxxaCTdCW5zPSXKGBzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMnOMiB6GrMA+SJMrNJvZk7uC1ewMB8GA1UdIwQY
MBaAFOJKA/gPYtqGY1LhmQmX8dRs6y+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGtvRC1BOWkyb1pqVXVHWkNaZngxR3pyTDdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC81NDBjNWYtYTJhMi00NGU0LTkyODct
NDFiNTQ1MDBmZGNmLzEvNGtvRC1BOWkyb1pqVXVHWkNaZngxR3pyTDdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC81NDBjNWYtYTJhMi00NGU0LTkyODctNDFiNTQ1MDBmZGNm
LzEvNGtvRC1BOWkyb1pqVXVHWkNaZngxR3pyTDdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEHKGWfVX
g6Dgo/aJMmSLbAcVw5m0Gd6c7RqUp1Vqr1sEeRvLwDeQEJ4bsziFEWbhAjw4sjc2
QHq2xtGsGvkGoJahEnBcEVANwmJKBgkPmt0YB9bVOi3qjO2AFDSZ3TCTW7mAHBJ4
OHDTFTQ22Wgi1EaFEMs4MWf7zwYvUL0JLVhUZGRa77XdN+KNuNGm0IyH0cJ4mxeV
qtt2KGG9+2y8ZZ4cwgnvEu3SawMQtdH80m3Inur20FhxDx1LcODvfSoZ+fY0ScKs
B0Bbr8x9/QBZ5b8cMAEhFv2uXeumopF1JilDRuAeRwPMtdwhWjfIa03Jt294iO4U
rbriDTNc1i+7Tg==
-----END CERTIFICATE-----
Generated at Tue Mar 31 09:31:16 2026 by rpki-client