Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/5b1149-647d-4067-9807-445d4588c312/1/2sedKFW4l0GCCNR7puUUYAFbXXs.mft
File: 2sedKFW4l0GCCNR7puUUYAFbXXs.mft (raw, json)
Hash identifier: P8KMjuXjKv1fvNXxr74HDfPVBfJDdbv1PTndyi+2GcQ=
Subject key identifier: A1:EB:0C:3F:BB:EA:D0:50:BB:63:A7:5C:BB:D9:D3:4B:78:9D:CC:E1
Authority key identifier: DA:C7:9D:28:55:B8:97:41:82:08:D4:7B:A6:E5:14:60:01:5B:5D:7B
Certificate issuer: /CN=dac79d2855b897418208d47ba6e51460015b5d7b
Certificate serial: 019E30A9114A1AD878C9334117D3FF65880D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2sedKFW4l0GCCNR7puUUYAFbXXs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/5b1149-647d-4067-9807-445d4588c312/1/2sedKFW4l0GCCNR7puUUYAFbXXs.mft
Manifest number: 1911
Signing time: Sat 16 May 2026 12:00:46 +0000
Manifest this update: Sat 16 May 2026 12:00:46 +0000
Manifest next update: Sun 17 May 2026 12:00:46 +0000
Files and hashes: 1: 2sedKFW4l0GCCNR7puUUYAFbXXs.crl (hash: kfnKoxaK6BkT5l+tyK8b6KsGv7srR4JqgFr/eBUFiyk=)
2: W0kRvlqE-31Sr-Gr1-WP6xucUMc.roa (hash: gwMXWawf0NyUE9CiPlgwtD8ZYkvJzBBryShpQ/lSl0c=)
3: vU_maC-JH0IvkViWYKyQOXCGBcE.roa (hash: NRSTpXd/DsQ6yidtnBy9uKfhJ+R2u9Rlp24X6kqd1ao=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/5b1149-647d-4067-9807-445d4588c312/1/2sedKFW4l0GCCNR7puUUYAFbXXs.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/5b1149-647d-4067-9807-445d4588c312/1/2sedKFW4l0GCCNR7puUUYAFbXXs.mft
rsync://rpki.ripe.net/repository/DEFAULT/2sedKFW4l0GCCNR7puUUYAFbXXs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 17 May 2026 12:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:30:a9:11:4a:1a:d8:78:c9:33:41:17:d3:ff:65:88:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dac79d2855b897418208d47ba6e51460015b5d7b
Validity
Not Before: May 16 12:00:46 2026 GMT
Not After : May 17 12:00:46 2026 GMT
Subject: CN=a1eb0c3fbbead050bb63a75cbbd9d34b789dcce1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:5c:95:6a:70:8e:01:ae:7e:55:c0:46:e4:cc:
a6:d0:a2:15:0f:29:f0:9f:fe:43:ac:3d:e7:bb:b2:
b0:85:39:6c:d5:e3:69:e4:06:73:c5:44:c7:34:5a:
15:eb:13:75:2b:cb:b9:71:2c:0f:0b:0c:68:f1:d4:
b1:9e:f6:cc:89:58:51:6a:30:01:80:69:df:3b:f5:
91:cc:f0:9e:ab:6e:3d:89:51:35:26:8b:60:02:21:
bf:9c:d9:84:fa:fd:08:e5:bc:95:b6:67:f4:8b:58:
5c:e9:3c:f8:bf:24:4b:a9:1c:23:02:b3:53:65:3e:
e3:bd:05:8d:00:96:5e:b1:59:9a:a4:23:5d:fc:74:
47:23:c2:52:a0:9b:31:3a:b0:29:26:5e:97:7e:14:
56:b6:99:21:af:dd:6e:93:5e:57:90:a9:ce:66:49:
d3:6a:9f:f7:df:26:d7:ad:6e:8c:38:02:07:d3:0a:
a1:12:09:eb:d8:a9:54:f4:c0:94:a1:3d:be:f9:65:
92:49:6a:46:03:15:27:72:85:0d:60:66:92:85:6b:
8b:52:15:10:a0:f7:88:2c:da:35:01:cd:cc:47:c5:
5b:eb:fb:24:bd:bc:6c:52:be:c5:8b:05:a0:eb:1c:
14:8a:86:d6:dd:1b:54:f4:d9:79:81:c0:87:97:4d:
e5:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:EB:0C:3F:BB:EA:D0:50:BB:63:A7:5C:BB:D9:D3:4B:78:9D:CC:E1
X509v3 Authority Key Identifier:
keyid:DA:C7:9D:28:55:B8:97:41:82:08:D4:7B:A6:E5:14:60:01:5B:5D:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2sedKFW4l0GCCNR7puUUYAFbXXs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/5b1149-647d-4067-9807-445d4588c312/1/2sedKFW4l0GCCNR7puUUYAFbXXs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/5b1149-647d-4067-9807-445d4588c312/1/2sedKFW4l0GCCNR7puUUYAFbXXs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
29:10:69:f6:2e:65:8d:49:2f:3f:d2:b4:2f:63:46:4a:e6:68:
d7:4b:34:b6:c7:7c:9d:00:5c:24:07:ec:67:1d:5d:fa:76:87:
75:f7:f0:c5:8a:65:69:7a:d8:4e:b3:0e:f8:d6:04:71:5c:a2:
1a:40:85:b1:66:ed:ac:19:af:a2:44:54:1b:5e:cd:6c:6e:55:
f5:74:26:b6:b2:72:bf:c2:c0:ef:11:e5:12:98:e9:d3:0c:26:
2d:c2:00:81:f3:ce:00:82:6c:ce:81:87:02:0c:46:5a:27:60:
95:74:04:15:de:b4:69:74:68:16:f1:52:19:c1:98:81:ff:61:
ba:97:78:c0:f1:ef:ac:0f:61:a8:2f:14:a6:bc:c4:74:36:f0:
72:4b:6b:41:a5:91:4e:90:cf:af:5c:0a:28:45:fe:fa:9c:bc:
dd:3b:35:79:82:78:d4:b6:99:7e:58:b5:42:5b:c4:f1:a9:8c:
93:a5:2a:4f:f0:4c:53:d4:32:3f:00:c7:48:2b:ed:08:5d:bb:
05:7b:0f:4d:df:1f:d3:7e:d1:c9:1a:af:aa:c3:d6:ca:e7:2b:
19:76:af:61:3d:0c:c3:e8:3b:f3:e5:9a:d2:22:22:ae:88:53:
17:41:b6:85:26:8f:35:e5:4d:12:ad:63:9b:e0:08:77:e0:bc:
6f:8f:e4:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4wqRFKGth4yTNBF9P/ZYgNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYzc5ZDI4NTViODk3NDE4MjA4ZDQ3YmE2ZTUxNDYwMDE1
YjVkN2IwHhcNMjYwNTE2MTIwMDQ2WhcNMjYwNTE3MTIwMDQ2WjAzMTEwLwYDVQQD
EyhhMWViMGMzZmJiZWFkMDUwYmI2M2E3NWNiYmQ5ZDM0Yjc4OWRjY2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0VyVanCOAa5+VcBG5Mym0KIVDynw
n/5DrD3nu7KwhTls1eNp5AZzxUTHNFoV6xN1K8u5cSwPCwxo8dSxnvbMiVhRajAB
gGnfO/WRzPCeq249iVE1JotgAiG/nNmE+v0I5byVtmf0i1hc6Tz4vyRLqRwjArNT
ZT7jvQWNAJZesVmapCNd/HRHI8JSoJsxOrApJl6XfhRWtpkhr91uk15XkKnOZknT
ap/33ybXrW6MOAIH0wqhEgnr2KlU9MCUoT2++WWSSWpGAxUncoUNYGaShWuLUhUQ
oPeILNo1Ac3MR8Vb6/skvbxsUr7FiwWg6xwUiobW3RtU9Nl5gcCHl03lnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKHrDD+76tBQu2OnXLvZ00t4nczhMB8GA1UdIwQY
MBaAFNrHnShVuJdBggjUe6blFGABW117MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnNlZEtGVzRsMEdDQ05SN3B1VVVZQUZiWFhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny81YjExNDktNjQ3ZC00MDY3LTk4MDct
NDQ1ZDQ1ODhjMzEyLzEvMnNlZEtGVzRsMEdDQ05SN3B1VVVZQUZiWFhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny81YjExNDktNjQ3ZC00MDY3LTk4MDctNDQ1ZDQ1ODhjMzEy
LzEvMnNlZEtGVzRsMEdDQ05SN3B1VVVZQUZiWFhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKRBp9i5l
jUkvP9K0L2NGSuZo10s0tsd8nQBcJAfsZx1d+naHdffwxYplaXrYTrMO+NYEcVyi
GkCFsWbtrBmvokRUG17NbG5V9XQmtrJyv8LA7xHlEpjp0wwmLcIAgfPOAIJszoGH
AgxGWidglXQEFd60aXRoFvFSGcGYgf9hupd4wPHvrA9hqC8UprzEdDbwcktrQaWR
TpDPr1wKKEX++py83Ts1eYJ41LaZfli1QlvE8amMk6UqT/BMU9QyPwDHSCvtCF27
BXsPTd8f037RyRqvqsPWyucrGXavYT0Mw+g78+Wa0iIirohTF0G2hSaPNeVNEq1j
m+AId+C8b4/kNw==
-----END CERTIFICATE-----
Generated at Sat May 16 17:13:51 2026 by rpki-client