Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.mft
File: 4Genud52frl9tk5RZHhJRjO9VOo.mft (raw, json)
Hash identifier: Q4OO2SFJ1vzfiRzc4c8PZ7qDLjkddhn64Ji0tytNF7w=
Subject key identifier: B8:DC:DD:CE:2F:76:B5:FE:A6:7B:64:54:76:7B:AB:AF:AA:C3:68:00
Authority key identifier: E0:67:A7:B9:DE:76:7E:B9:7D:B6:4E:51:64:78:49:46:33:BD:54:EA
Certificate issuer: /CN=e067a7b9de767eb97db64e516478494633bd54ea
Certificate serial: 019D389C22DD88F0D1BCE36B2D82755AB29D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Genud52frl9tk5RZHhJRjO9VOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.mft
Manifest number: 0E90
Signing time: Sun 29 Mar 2026 08:00:49 +0000
Manifest this update: Sun 29 Mar 2026 08:00:49 +0000
Manifest next update: Mon 30 Mar 2026 08:00:49 +0000
Files and hashes: 1: 4Genud52frl9tk5RZHhJRjO9VOo.crl (hash: du5jN/yhbAn113mIbH9fhjGMhNPWjvU6Zlbv1rrjMwU=)
2: CdfLb6TofkWtReh_YXLGBpk_g6c.roa (hash: wzdkGkKknbVJYDWx/Ffoau27HnZpYfEves1fyMYu134=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.mft
rsync://rpki.ripe.net/repository/DEFAULT/4Genud52frl9tk5RZHhJRjO9VOo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9c:22:dd:88:f0:d1:bc:e3:6b:2d:82:75:5a:b2:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e067a7b9de767eb97db64e516478494633bd54ea
Validity
Not Before: Mar 29 08:00:49 2026 GMT
Not After : Mar 30 08:00:49 2026 GMT
Subject: CN=b8dcddce2f76b5fea67b6454767babafaac36800
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:8a:ce:e3:06:9a:f9:e1:23:70:c4:c5:6d:ba:
90:4d:fc:a9:42:a0:00:23:b4:d3:42:29:1d:73:50:
34:98:b8:cf:73:8f:d1:b3:f1:d2:50:9d:95:32:4e:
43:67:f7:39:23:4e:6f:0a:1e:db:cb:dd:19:d7:9e:
9a:69:40:a9:84:6b:40:8f:46:e2:3c:bc:4c:64:07:
78:50:69:6c:d4:d6:b5:6e:12:f5:c9:ad:50:8f:c7:
ed:0a:3f:84:b1:8c:bb:cd:db:e1:57:98:d1:3d:20:
7c:8a:0b:f8:7c:6d:e3:5f:1f:63:74:16:7d:8b:81:
08:a8:cb:3e:5d:ef:bb:4c:72:12:6a:5d:82:9f:dc:
7e:18:67:ed:35:fb:8d:a6:36:85:87:9b:a7:1e:16:
a3:89:5e:a2:da:65:6f:f3:3c:58:08:f0:14:df:c0:
48:43:6b:d7:02:6c:84:63:0b:03:fb:95:12:aa:af:
85:72:48:d8:39:ce:34:b4:b9:22:e4:ad:b4:f5:7a:
9e:8b:9a:4f:18:ac:1e:34:9a:46:8b:5c:c5:57:3a:
d5:0f:f9:91:83:22:3f:43:27:6b:d7:79:0b:56:3f:
0f:5c:4a:b8:d2:b9:0e:05:bf:9c:e4:e8:66:92:a7:
ea:48:44:55:ac:34:24:b0:98:87:3c:fe:e4:d3:89:
6c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:DC:DD:CE:2F:76:B5:FE:A6:7B:64:54:76:7B:AB:AF:AA:C3:68:00
X509v3 Authority Key Identifier:
keyid:E0:67:A7:B9:DE:76:7E:B9:7D:B6:4E:51:64:78:49:46:33:BD:54:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Genud52frl9tk5RZHhJRjO9VOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
18:03:fe:a4:d2:bc:da:df:72:53:9f:e4:4f:d9:e8:f5:bd:07:
b6:2e:29:8b:a8:22:72:52:aa:85:a5:e4:fc:ee:15:26:d7:a0:
ef:7e:21:79:8e:ee:f8:e8:1f:a7:78:a5:9f:02:f8:b6:b7:55:
06:09:a3:70:12:21:2e:22:0d:3b:ff:21:bf:15:71:16:da:b1:
9a:0f:df:81:7e:8d:ca:35:32:4d:5d:ff:19:a4:e3:a8:fe:96:
21:2b:3d:fc:cd:84:e7:b5:b7:7b:1e:70:2c:6b:80:f1:88:e8:
b5:ef:1a:45:bb:b3:d1:96:3e:d6:f6:98:63:d1:54:e8:57:77:
50:2c:ce:0a:5a:fa:12:a4:4d:62:60:48:8e:cf:4d:85:14:db:
c0:44:65:02:85:bc:99:87:e2:50:e6:6f:60:0a:0b:08:4a:d6:
30:69:45:e3:b4:2c:e8:a3:20:a1:73:00:73:be:22:9d:4c:ab:
fd:98:eb:6d:1c:f1:54:10:4b:bb:dd:b8:44:09:25:27:90:3b:
bb:cc:35:ca:a1:71:64:64:74:b8:e3:90:bb:3a:a9:77:6b:4a:
a0:e3:e6:f3:56:75:88:15:d8:48:f9:63:89:7a:c8:fb:59:4f:
9f:62:02:cc:79:2f:b7:5d:a5:de:1a:3b:74:c1:16:ab:83:5b:
b5:68:f4:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nCLdiPDRvONrLYJ1WrKdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNjdhN2I5ZGU3NjdlYjk3ZGI2NGU1MTY0Nzg0OTQ2MzNi
ZDU0ZWEwHhcNMjYwMzI5MDgwMDQ5WhcNMjYwMzMwMDgwMDQ5WjAzMTEwLwYDVQQD
EyhiOGRjZGRjZTJmNzZiNWZlYTY3YjY0NTQ3NjdiYWJhZmFhYzM2ODAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5IrO4waa+eEjcMTFbbqQTfypQqAA
I7TTQikdc1A0mLjPc4/Rs/HSUJ2VMk5DZ/c5I05vCh7by90Z156aaUCphGtAj0bi
PLxMZAd4UGls1Na1bhL1ya1Qj8ftCj+EsYy7zdvhV5jRPSB8igv4fG3jXx9jdBZ9
i4EIqMs+Xe+7THISal2Cn9x+GGftNfuNpjaFh5unHhajiV6i2mVv8zxYCPAU38BI
Q2vXAmyEYwsD+5USqq+FckjYOc40tLki5K209Xqei5pPGKweNJpGi1zFVzrVD/mR
gyI/Qydr13kLVj8PXEq40rkOBb+c5OhmkqfqSERVrDQksJiHPP7k04ls2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLjc3c4vdrX+pntkVHZ7q6+qw2gAMB8GA1UdIwQY
MBaAFOBnp7nedn65fbZOUWR4SUYzvVTqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEdlbnVkNTJmcmw5dGs1UlpIaEpSak85Vk9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kNTIwYzQtZGViNC00MzhiLTkzYmYt
NzY4ZjNkNmVlMTllLzEvNEdlbnVkNTJmcmw5dGs1UlpIaEpSak85Vk9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kNTIwYzQtZGViNC00MzhiLTkzYmYtNzY4ZjNkNmVlMTll
LzEvNEdlbnVkNTJmcmw5dGs1UlpIaEpSak85Vk9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGAP+pNK8
2t9yU5/kT9no9b0Hti4pi6giclKqhaXk/O4VJteg734heY7u+Ogfp3ilnwL4trdV
BgmjcBIhLiINO/8hvxVxFtqxmg/fgX6NyjUyTV3/GaTjqP6WISs9/M2E57W3ex5w
LGuA8Yjote8aRbuz0ZY+1vaYY9FU6Fd3UCzOClr6EqRNYmBIjs9NhRTbwERlAoW8
mYfiUOZvYAoLCErWMGlF47Qs6KMgoXMAc74inUyr/ZjrbRzxVBBLu924RAklJ5A7
u8w1yqFxZGR0uOOQuzqpd2tKoOPm81Z1iBXYSPljiXrI+1lPn2ICzHkvt12l3ho7
dMEWq4NbtWj0Fg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:47:29 2026 by rpki-client