Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/a34200-4b9b-4334-a159-9cb296301e64/1/4z2f_axY52ErCVFE_sBrolhapqg.mft
File: 4z2f_axY52ErCVFE_sBrolhapqg.mft (raw, json)
Hash identifier: G/aycRuACA5sBtZM//vYLm/xpkiFIcusIisc4kPiiuA=
Subject key identifier: 02:07:89:D5:04:95:26:D3:D7:DB:6A:7F:1B:3D:5F:1E:B4:20:3E:72
Authority key identifier: E3:3D:9F:FD:AC:58:E7:61:2B:09:51:44:FE:C0:6B:A2:58:5A:A6:A8
Certificate issuer: /CN=e33d9ffdac58e7612b095144fec06ba2585aa6a8
Certificate serial: 019DD12C95D5A6CEBD0A9C346A6D867F3D0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4z2f_axY52ErCVFE_sBrolhapqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/a34200-4b9b-4334-a159-9cb296301e64/1/4z2f_axY52ErCVFE_sBrolhapqg.mft
Manifest number: 1635
Signing time: Mon 27 Apr 2026 23:00:53 +0000
Manifest this update: Mon 27 Apr 2026 23:00:53 +0000
Manifest next update: Tue 28 Apr 2026 23:00:53 +0000
Files and hashes: 1: 4z2f_axY52ErCVFE_sBrolhapqg.crl (hash: 4qFbZcbhqsB7o9CdQTATOk6lCzM2KH6D56jZ07pf/lk=)
2: i0WslBSNbZGrjfVFMISsJmr6unc.roa (hash: 1n8qaJxx+xqAWzWkPFiEInqRBUPmVPxyAAXtCgkJ0/Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/a34200-4b9b-4334-a159-9cb296301e64/1/4z2f_axY52ErCVFE_sBrolhapqg.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/a34200-4b9b-4334-a159-9cb296301e64/1/4z2f_axY52ErCVFE_sBrolhapqg.mft
rsync://rpki.ripe.net/repository/DEFAULT/4z2f_axY52ErCVFE_sBrolhapqg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 17:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d1:2c:95:d5:a6:ce:bd:0a:9c:34:6a:6d:86:7f:3d:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e33d9ffdac58e7612b095144fec06ba2585aa6a8
Validity
Not Before: Apr 27 23:00:53 2026 GMT
Not After : Apr 28 23:00:53 2026 GMT
Subject: CN=020789d5049526d3d7db6a7f1b3d5f1eb4203e72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:01:43:a6:84:aa:84:de:73:13:a8:a1:b5:73:
1c:9c:ed:22:8e:7f:dc:00:e3:3c:02:a1:24:44:22:
65:19:d9:d3:17:e1:ae:ba:54:5b:d1:f5:b1:19:05:
ce:09:9d:73:34:73:9b:6a:c0:17:ed:82:c5:d0:62:
9c:d8:79:74:67:4b:c9:c7:0a:ca:da:4d:c7:69:43:
ef:33:87:2a:2f:a3:01:93:d0:e5:cf:0e:7d:a8:16:
54:77:df:66:e4:56:f7:4d:6e:5d:32:6b:2d:01:61:
80:cb:7b:a8:99:a7:7a:37:13:0c:a5:70:2c:61:af:
ed:7a:66:b7:17:2c:bf:ed:04:7d:2f:d7:b2:73:54:
ba:13:7a:c0:dc:fe:44:12:a2:b1:fd:5c:16:41:ea:
0a:32:8e:d1:16:e2:f6:ed:f2:88:50:29:ac:24:62:
6f:23:07:b2:84:3b:41:cf:8d:c7:d5:10:b3:66:76:
b6:85:ff:b9:b1:fb:57:0d:c3:89:75:70:cf:8f:25:
6e:a5:d0:43:af:37:65:24:dd:e9:ed:09:a0:04:3b:
5b:cd:4c:83:40:df:16:74:75:57:32:2e:b9:1b:3f:
8a:17:34:d7:02:5f:b0:e7:2f:9d:07:f1:c3:d1:d0:
b5:aa:74:6e:0d:5e:e8:79:86:15:a1:cf:36:64:1a:
ad:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:07:89:D5:04:95:26:D3:D7:DB:6A:7F:1B:3D:5F:1E:B4:20:3E:72
X509v3 Authority Key Identifier:
keyid:E3:3D:9F:FD:AC:58:E7:61:2B:09:51:44:FE:C0:6B:A2:58:5A:A6:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4z2f_axY52ErCVFE_sBrolhapqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a34200-4b9b-4334-a159-9cb296301e64/1/4z2f_axY52ErCVFE_sBrolhapqg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a34200-4b9b-4334-a159-9cb296301e64/1/4z2f_axY52ErCVFE_sBrolhapqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
51:b6:10:77:6e:a3:82:15:ff:1e:25:ab:95:05:f5:af:9a:06:
cc:de:6b:35:11:bd:04:cf:a1:c8:f9:e7:8f:76:19:7e:79:5d:
e9:48:e6:c9:06:d4:ee:ef:7a:5a:0f:40:32:31:e3:c7:3a:b2:
a7:80:85:ec:77:87:43:c5:94:fb:df:01:68:b4:01:04:8c:d9:
3f:ec:ed:f0:db:6f:85:6b:d7:df:2d:19:24:8f:cb:5b:7f:92:
80:5e:3e:43:98:e7:12:46:53:27:d4:96:d6:7c:f5:d9:c3:7c:
72:49:d7:72:3e:79:ab:74:72:ca:89:78:66:4c:c9:43:8d:a8:
8a:00:1e:0f:56:09:01:e3:94:ed:8c:72:b5:0b:e9:0e:13:b8:
51:6b:40:ce:2e:64:48:d8:6c:95:78:af:7e:19:7b:cc:d0:31:
2a:6d:db:65:37:1d:48:03:09:d5:93:8c:69:ed:a7:85:f5:05:
ef:12:99:c6:9d:ca:86:cb:e4:5c:b8:2c:07:26:06:ab:e2:c2:
b8:2b:9a:d4:00:86:97:f2:27:22:47:0e:eb:4b:8e:a5:5f:92:
ae:b0:93:57:2e:c5:dd:9e:9a:36:77:74:69:c7:73:f7:aa:6a:
3d:c7:2d:cc:b2:be:57:4f:0d:7d:24:bb:10:59:ef:71:c1:1f:
da:b7:28:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3RLJXVps69Cpw0am2Gfz0KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzM2Q5ZmZkYWM1OGU3NjEyYjA5NTE0NGZlYzA2YmEyNTg1
YWE2YTgwHhcNMjYwNDI3MjMwMDUzWhcNMjYwNDI4MjMwMDUzWjAzMTEwLwYDVQQD
EygwMjA3ODlkNTA0OTUyNmQzZDdkYjZhN2YxYjNkNWYxZWI0MjAzZTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQFDpoSqhN5zE6ihtXMcnO0ijn/c
AOM8AqEkRCJlGdnTF+GuulRb0fWxGQXOCZ1zNHObasAX7YLF0GKc2Hl0Z0vJxwrK
2k3HaUPvM4cqL6MBk9Dlzw59qBZUd99m5Fb3TW5dMmstAWGAy3uomad6NxMMpXAs
Ya/tema3Fyy/7QR9L9eyc1S6E3rA3P5EEqKx/VwWQeoKMo7RFuL27fKIUCmsJGJv
IweyhDtBz43H1RCzZna2hf+5sftXDcOJdXDPjyVupdBDrzdlJN3p7QmgBDtbzUyD
QN8WdHVXMi65Gz+KFzTXAl+w5y+dB/HD0dC1qnRuDV7oeYYVoc82ZBqtOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAIHidUElSbT19tqfxs9Xx60ID5yMB8GA1UdIwQY
MBaAFOM9n/2sWOdhKwlRRP7Aa6JYWqaoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHoyZl9heFk1MkVyQ1ZGRV9zQnJvbGhhcHFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9hMzQyMDAtNGI5Yi00MzM0LWExNTkt
OWNiMjk2MzAxZTY0LzEvNHoyZl9heFk1MkVyQ1ZGRV9zQnJvbGhhcHFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9hMzQyMDAtNGI5Yi00MzM0LWExNTktOWNiMjk2MzAxZTY0
LzEvNHoyZl9heFk1MkVyQ1ZGRV9zQnJvbGhhcHFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUbYQd26j
ghX/HiWrlQX1r5oGzN5rNRG9BM+hyPnnj3YZfnld6UjmyQbU7u96Wg9AMjHjxzqy
p4CF7HeHQ8WU+98BaLQBBIzZP+zt8NtvhWvX3y0ZJI/LW3+SgF4+Q5jnEkZTJ9SW
1nz12cN8cknXcj55q3Ryyol4ZkzJQ42oigAeD1YJAeOU7YxytQvpDhO4UWtAzi5k
SNhslXivfhl7zNAxKm3bZTcdSAMJ1ZOMae2nhfUF7xKZxp3KhsvkXLgsByYGq+LC
uCua1ACGl/InIkcO60uOpV+SrrCTVy7F3Z6aNnd0acdz96pqPcctzLK+V08NfSS7
EFnvccEf2rcogw==
-----END CERTIFICATE-----
Generated at Tue Apr 28 03:22:54 2026 by rpki-client