Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.mft
File: 2ZaAKfEkCW6rlV35t6gciMszOgU.mft (raw, json)
Hash identifier: RbAreWh/yC9WzjzT18O2YXj4NoUIK14zPDYSrnJl8Vk=
Subject key identifier: F0:21:ED:95:1E:ED:4E:11:7D:1E:CB:4E:38:A3:6A:B7:AE:8A:18:40
Authority key identifier: D9:96:80:29:F1:24:09:6E:AB:95:5D:F9:B7:A8:1C:88:CB:33:3A:05
Certificate issuer: /CN=d9968029f124096eab955df9b7a81c88cb333a05
Certificate serial: 019DB20F59416860AAAA6C88FAC6916EB541
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ZaAKfEkCW6rlV35t6gciMszOgU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.mft
Manifest number: 1082
Signing time: Tue 21 Apr 2026 22:00:43 +0000
Manifest this update: Tue 21 Apr 2026 22:00:43 +0000
Manifest next update: Wed 22 Apr 2026 22:00:43 +0000
Files and hashes: 1: 2ZaAKfEkCW6rlV35t6gciMszOgU.crl (hash: 3bK4mvMail/My3WleR3Ak3NrN3ISMeGa1k3ZWoScyO0=)
2: 5iwb34X7et8A-ZwDnoqtR_xqPsw.roa (hash: WeDprzbgEpDRHXWUflU5QUsB4X7FqUJMR6LQN8vcE2M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.mft
rsync://rpki.ripe.net/repository/DEFAULT/2ZaAKfEkCW6rlV35t6gciMszOgU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Apr 2026 21:56:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b2:0f:59:41:68:60:aa:aa:6c:88:fa:c6:91:6e:b5:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9968029f124096eab955df9b7a81c88cb333a05
Validity
Not Before: Apr 21 22:00:43 2026 GMT
Not After : Apr 22 22:00:43 2026 GMT
Subject: CN=f021ed951eed4e117d1ecb4e38a36ab7ae8a1840
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:07:3b:be:61:b9:70:5b:d8:2c:6c:df:0b:61:
17:e1:72:c5:83:a1:89:9b:76:02:19:f6:89:bc:f6:
68:c2:eb:a7:a7:5a:68:89:72:4a:4e:00:c6:9a:1e:
b8:ba:8f:f3:38:d6:6a:27:72:12:6f:4f:3e:f7:92:
bf:70:16:00:91:ba:c8:56:ee:79:6b:82:64:d0:58:
1b:b7:c0:4b:f2:ea:63:9e:92:b5:65:0d:ba:99:1b:
d1:2f:38:44:10:59:bd:af:01:1e:96:2f:7c:51:ef:
6a:f8:6f:52:e1:dd:5c:c0:2f:a8:bd:d9:8e:86:de:
83:83:4b:26:67:92:d8:d9:a8:3f:58:3d:58:8d:91:
84:01:c3:a1:d9:5b:40:17:bf:8f:9f:f4:b5:c8:8d:
a6:5c:57:d0:ee:fb:4e:5c:6f:e5:65:06:d0:fc:b4:
ce:02:e5:78:24:fb:b1:a0:c1:e2:1c:df:7e:46:39:
6b:f0:34:a0:7f:c4:3b:ed:11:b9:2d:3f:bf:fc:d6:
f7:7e:94:a8:63:f9:4a:f4:81:2c:0b:cf:90:85:2f:
13:84:b2:36:d4:81:e9:1a:fd:f1:2a:49:bd:4f:45:
b9:e9:c6:3b:c7:46:bb:cb:41:f7:50:49:36:89:35:
ed:3b:7c:46:7e:34:da:bd:af:23:ac:e3:8a:82:ad:
e8:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:21:ED:95:1E:ED:4E:11:7D:1E:CB:4E:38:A3:6A:B7:AE:8A:18:40
X509v3 Authority Key Identifier:
keyid:D9:96:80:29:F1:24:09:6E:AB:95:5D:F9:B7:A8:1C:88:CB:33:3A:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZaAKfEkCW6rlV35t6gciMszOgU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5e:76:75:dd:e3:ee:bb:0c:07:2f:34:93:38:69:e5:18:28:78:
66:af:04:b4:4f:a6:a0:6b:e6:3d:ea:9c:b5:e1:85:7f:87:b5:
c4:1b:21:ff:8d:44:5e:b6:89:b0:67:31:c1:ae:2c:2b:6d:f7:
ba:ff:e9:0c:d7:41:2a:19:d0:31:57:87:7a:41:ef:40:03:c0:
16:b7:33:54:0e:64:68:ec:2c:56:56:87:02:2b:d8:f7:73:fe:
a2:e5:da:7f:d7:be:3b:4d:3b:97:5d:85:3f:e8:34:75:34:cb:
16:ae:6d:95:7c:be:b8:41:c8:de:71:4a:6f:16:f2:50:80:b6:
bb:24:6d:ca:bf:25:4c:22:c2:2e:61:8e:b0:0a:a7:c3:b9:18:
c7:8b:e6:4c:fa:fc:4a:9c:79:9d:db:8d:8f:93:ac:3b:1e:f2:
b7:34:c7:99:df:af:6b:6d:48:5a:54:04:4e:a0:1d:68:50:cc:
cc:0e:bb:64:41:87:b7:7a:34:e8:7a:75:5c:82:23:d7:27:cd:
6a:b7:9d:74:71:1c:bc:07:09:48:f4:e0:15:26:64:ac:1e:44:
9d:a4:d5:44:ba:c2:99:4b:c4:d8:f3:f0:6b:ef:0a:be:23:3e:
51:bf:99:5e:9c:1d:4f:7c:bc:3f:f3:43:cc:54:4b:ba:18:b0:
6f:a2:6f:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2yD1lBaGCqqmyI+saRbrVBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OTY4MDI5ZjEyNDA5NmVhYjk1NWRmOWI3YTgxYzg4Y2Iz
MzNhMDUwHhcNMjYwNDIxMjIwMDQzWhcNMjYwNDIyMjIwMDQzWjAzMTEwLwYDVQQD
EyhmMDIxZWQ5NTFlZWQ0ZTExN2QxZWNiNGUzOGEzNmFiN2FlOGExODQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAc7vmG5cFvYLGzfC2EX4XLFg6GJ
m3YCGfaJvPZowuunp1poiXJKTgDGmh64uo/zONZqJ3ISb08+95K/cBYAkbrIVu55
a4Jk0Fgbt8BL8upjnpK1ZQ26mRvRLzhEEFm9rwEeli98Ue9q+G9S4d1cwC+ovdmO
ht6Dg0smZ5LY2ag/WD1YjZGEAcOh2VtAF7+Pn/S1yI2mXFfQ7vtOXG/lZQbQ/LTO
AuV4JPuxoMHiHN9+Rjlr8DSgf8Q77RG5LT+//Nb3fpSoY/lK9IEsC8+QhS8ThLI2
1IHpGv3xKkm9T0W56cY7x0a7y0H3UEk2iTXtO3xGfjTava8jrOOKgq3oxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPAh7ZUe7U4RfR7LTjijareuihhAMB8GA1UdIwQY
MBaAFNmWgCnxJAluq5Vd+beoHIjLMzoFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlphQUtmRWtDVzZybFYzNXQ2Z2NpTXN6T2dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8yN2ExYmMtYjI1OC00MDVmLTlmOTMt
NmVlYTEyMjA1NzIwLzEvMlphQUtmRWtDVzZybFYzNXQ2Z2NpTXN6T2dVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8yN2ExYmMtYjI1OC00MDVmLTlmOTMtNmVlYTEyMjA1NzIw
LzEvMlphQUtmRWtDVzZybFYzNXQ2Z2NpTXN6T2dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXnZ13ePu
uwwHLzSTOGnlGCh4Zq8EtE+moGvmPeqcteGFf4e1xBsh/41EXraJsGcxwa4sK233
uv/pDNdBKhnQMVeHekHvQAPAFrczVA5kaOwsVlaHAivY93P+ouXaf9e+O007l12F
P+g0dTTLFq5tlXy+uEHI3nFKbxbyUIC2uyRtyr8lTCLCLmGOsAqnw7kYx4vmTPr8
Spx5nduNj5OsOx7ytzTHmd+va21IWlQETqAdaFDMzA67ZEGHt3o06Hp1XIIj1yfN
areddHEcvAcJSPTgFSZkrB5EnaTVRLrCmUvE2PPwa+8KviM+Ub+ZXpwdT3y8P/ND
zFRLuhiwb6Jvlw==
-----END CERTIFICATE-----
Generated at Wed Apr 22 03:10:53 2026 by rpki-client