Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.mft
File: bLhQ3rKL2y9lXi8bAtN8E8bUNFI.mft (raw, json)
Hash identifier: U4qrqyvTl3mBBBB5+CE8gFbeGilBZdbKJVqnFhC7EX0=
Subject key identifier: C7:33:EF:02:8A:8B:E2:6B:31:C6:95:6A:1C:11:5A:FA:BD:19:36:9B
Authority key identifier: 6C:B8:50:DE:B2:8B:DB:2F:65:5E:2F:1B:02:D3:7C:13:C6:D4:34:52
Certificate issuer: /CN=6cb850deb28bdb2f655e2f1b02d37c13c6d43452
Certificate serial: 019DB0216A589FEB6355EFDCC3489006B1E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.mft
Manifest number: 065A
Signing time: Tue 21 Apr 2026 13:01:13 +0000
Manifest this update: Tue 21 Apr 2026 13:01:13 +0000
Manifest next update: Wed 22 Apr 2026 13:01:13 +0000
Files and hashes: 1: Je_y8wxQvqCgs-B_X_JDDy6e4N4.roa (hash: EsZORo0khgTEum2xHY+MdLQ0jyUTYVdE3AQ38NpK21M=)
2: bLhQ3rKL2y9lXi8bAtN8E8bUNFI.crl (hash: LTWnLRYGq/XzSv1Avqspo7wr5A5VH1XIcuE1Z8waK7I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.mft
rsync://rpki.ripe.net/repository/DEFAULT/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Apr 2026 07:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b0:21:6a:58:9f:eb:63:55:ef:dc:c3:48:90:06:b1:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cb850deb28bdb2f655e2f1b02d37c13c6d43452
Validity
Not Before: Apr 21 13:01:13 2026 GMT
Not After : Apr 22 13:01:13 2026 GMT
Subject: CN=c733ef028a8be26b31c6956a1c115afabd19369b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4d:7d:2f:1c:4c:28:78:f4:50:30:23:2e:d2:
d5:ab:77:f1:6f:88:b8:5c:3e:60:a1:30:93:dc:ee:
39:d7:21:02:13:e3:a7:e7:88:8a:ac:40:12:b9:f7:
7a:02:bd:c5:ba:23:a6:a0:27:5b:74:10:40:f6:18:
08:6e:dc:dc:45:29:5a:5c:79:ea:45:83:00:5d:52:
f6:15:cc:d9:54:e2:74:f6:72:89:93:bd:4c:2d:f3:
6d:f5:ed:a9:c2:fa:72:4f:22:83:c1:d8:4b:15:d7:
3b:59:fc:a4:a5:e9:d2:6f:59:ff:21:41:24:b6:d5:
04:a9:aa:96:33:46:53:ca:f4:3f:e2:a6:a0:4d:e6:
79:93:83:16:d0:69:1a:92:0d:5f:12:88:82:c1:7e:
9d:20:98:db:4f:de:df:e2:07:90:f3:07:35:ec:89:
b0:32:6a:4d:a9:d0:76:74:d9:61:6f:51:7c:83:93:
8f:ea:a0:fe:ec:11:cb:4b:d6:a0:da:07:60:a2:fb:
1e:5c:65:a5:21:14:89:b6:1d:dc:b3:f0:06:95:98:
20:85:50:5b:e6:df:a1:6b:06:e7:65:83:99:59:c0:
fd:7e:96:a8:02:47:2b:ec:1d:4a:b8:27:a4:31:2c:
53:8d:1b:6b:b7:8e:83:54:6d:2f:22:b2:74:ab:d7:
85:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:33:EF:02:8A:8B:E2:6B:31:C6:95:6A:1C:11:5A:FA:BD:19:36:9B
X509v3 Authority Key Identifier:
keyid:6C:B8:50:DE:B2:8B:DB:2F:65:5E:2F:1B:02:D3:7C:13:C6:D4:34:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
42:57:0f:29:31:d7:02:0c:28:cc:3e:1e:83:64:d0:00:70:77:
c2:f9:f2:02:c4:67:97:53:d0:7c:13:9d:d0:4b:6c:2a:86:9c:
3e:d9:3d:22:2a:eb:f7:5c:3d:2e:1c:17:76:87:58:a8:48:db:
87:45:ac:4e:19:af:52:21:d5:46:bb:75:fb:53:97:b2:44:c9:
00:7c:27:d3:d8:06:9d:c5:7f:2d:7a:6d:df:1f:eb:9a:4f:5b:
8f:3f:26:36:c9:eb:37:3d:2d:91:07:e2:62:9b:0f:88:f9:d5:
fe:9f:20:65:a3:33:b1:d6:8e:48:4c:17:fe:05:b3:32:93:bb:
33:95:89:93:e3:c5:06:d9:2c:c7:b4:01:3b:2b:21:ae:45:6f:
de:30:e1:ac:ef:ac:a6:d8:4b:19:d4:4e:df:34:f7:d5:b2:60:
45:03:95:10:7a:28:44:d9:b6:95:37:a4:11:40:91:6a:33:bb:
e3:62:7d:61:ca:0f:df:e7:6c:c4:08:48:dc:e8:34:fb:d1:3d:
20:56:33:90:ce:6d:b3:e5:c8:e1:8e:04:64:c8:be:a6:6f:1f:
d3:82:3e:91:5a:cf:ba:7f:a7:70:55:3c:ec:05:45:d5:03:85:
a3:43:6d:c8:91:f3:fd:f1:03:d5:b0:e6:2a:69:08:a4:6a:67:
e6:74:c8:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2wIWpYn+tjVe/cw0iQBrHiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYjg1MGRlYjI4YmRiMmY2NTVlMmYxYjAyZDM3YzEzYzZk
NDM0NTIwHhcNMjYwNDIxMTMwMTEzWhcNMjYwNDIyMTMwMTEzWjAzMTEwLwYDVQQD
EyhjNzMzZWYwMjhhOGJlMjZiMzFjNjk1NmExYzExNWFmYWJkMTkzNjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqk19LxxMKHj0UDAjLtLVq3fxb4i4
XD5goTCT3O451yECE+On54iKrEASufd6Ar3FuiOmoCdbdBBA9hgIbtzcRSlaXHnq
RYMAXVL2FczZVOJ09nKJk71MLfNt9e2pwvpyTyKDwdhLFdc7WfykpenSb1n/IUEk
ttUEqaqWM0ZTyvQ/4qagTeZ5k4MW0Gkakg1fEoiCwX6dIJjbT97f4geQ8wc17Imw
MmpNqdB2dNlhb1F8g5OP6qD+7BHLS9ag2gdgovseXGWlIRSJth3cs/AGlZgghVBb
5t+hawbnZYOZWcD9fpaoAkcr7B1KuCekMSxTjRtrt46DVG0vIrJ0q9eFTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMcz7wKKi+JrMcaVahwRWvq9GTabMB8GA1UdIwQY
MBaAFGy4UN6yi9svZV4vGwLTfBPG1DRSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkxoUTNyS0wyeTlsWGk4YkF0TjhFOGJVTkZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9iMmQ3MGQtNDk1My00ZDYxLWI4Yzkt
ODhiMmQyY2Y3YzMxLzEvYkxoUTNyS0wyeTlsWGk4YkF0TjhFOGJVTkZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9iMmQ3MGQtNDk1My00ZDYxLWI4YzktODhiMmQyY2Y3YzMx
LzEvYkxoUTNyS0wyeTlsWGk4YkF0TjhFOGJVTkZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQlcPKTHX
AgwozD4eg2TQAHB3wvnyAsRnl1PQfBOd0EtsKoacPtk9Iirr91w9LhwXdodYqEjb
h0WsThmvUiHVRrt1+1OXskTJAHwn09gGncV/LXpt3x/rmk9bjz8mNsnrNz0tkQfi
YpsPiPnV/p8gZaMzsdaOSEwX/gWzMpO7M5WJk+PFBtksx7QBOyshrkVv3jDhrO+s
pthLGdRO3zT31bJgRQOVEHooRNm2lTekEUCRajO742J9YcoP3+dsxAhI3Og0+9E9
IFYzkM5ts+XI4Y4EZMi+pm8f04I+kVrPun+ncFU87AVF1QOFo0NtyJHz/fED1bDm
KmkIpGpn5nTIIg==
-----END CERTIFICATE-----
Generated at Tue Apr 21 15:58:44 2026 by rpki-client