Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/540c5f-a2a2-44e4-9287-41b54500fdcf/1/4koD-A9i2oZjUuGZCZfx1GzrL7A.mft
File: 4koD-A9i2oZjUuGZCZfx1GzrL7A.mft (raw, json)
Hash identifier: SUc7jBGJcAGmBuEnDGwfK+1PQpB7H6U+BMiXbtSKMjw=
Subject key identifier: 2D:DB:1D:85:7E:E6:F1:A0:CD:A1:05:D3:3D:84:43:44:96:E9:55:DE
Authority key identifier: E2:4A:03:F8:0F:62:DA:86:63:52:E1:99:09:97:F1:D4:6C:EB:2F:B0
Certificate issuer: /CN=e24a03f80f62da866352e1990997f1d46ceb2fb0
Certificate serial: 019D99D0BC4034EA0B1FFCD6E55165274D38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4koD-A9i2oZjUuGZCZfx1GzrL7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/540c5f-a2a2-44e4-9287-41b54500fdcf/1/4koD-A9i2oZjUuGZCZfx1GzrL7A.mft
Manifest number: 157F
Signing time: Fri 17 Apr 2026 05:01:26 +0000
Manifest this update: Fri 17 Apr 2026 05:01:26 +0000
Manifest next update: Sat 18 Apr 2026 05:01:26 +0000
Files and hashes: 1: 4koD-A9i2oZjUuGZCZfx1GzrL7A.crl (hash: LCrJhW0PpLqp4obqP3UV5ynR45pNMuCePZhgzoxoSWE=)
2: WlHlPJ2Yx-QYEFNJTd1fZunOqeI.roa (hash: V3F5Ix6QWwGrgFg4N8xfN4dbqz/bAEkV9NWs0dFeZ8I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/540c5f-a2a2-44e4-9287-41b54500fdcf/1/4koD-A9i2oZjUuGZCZfx1GzrL7A.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/540c5f-a2a2-44e4-9287-41b54500fdcf/1/4koD-A9i2oZjUuGZCZfx1GzrL7A.mft
rsync://rpki.ripe.net/repository/DEFAULT/4koD-A9i2oZjUuGZCZfx1GzrL7A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 05:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:d0:bc:40:34:ea:0b:1f:fc:d6:e5:51:65:27:4d:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e24a03f80f62da866352e1990997f1d46ceb2fb0
Validity
Not Before: Apr 17 05:01:26 2026 GMT
Not After : Apr 18 05:01:26 2026 GMT
Subject: CN=2ddb1d857ee6f1a0cda105d33d84434496e955de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:fb:7a:33:23:d9:d9:d0:9d:a8:69:43:b3:c8:
2c:91:ec:df:66:ef:50:d8:1a:39:0b:5f:2e:9e:e3:
c4:80:f0:0c:48:89:f2:d8:f3:7c:88:37:fb:7c:8b:
d1:4e:ba:3b:99:9a:77:c6:35:ba:16:8f:46:e0:df:
a0:fe:5c:0b:b1:76:63:9b:db:73:7b:91:e8:d5:e9:
57:31:ab:0c:d8:32:42:11:22:18:8d:80:fa:bd:bb:
78:45:5f:0d:25:c9:33:3f:20:30:9f:3c:18:1a:37:
6d:80:e3:54:da:40:c8:a7:39:10:31:3b:5e:90:49:
a6:2a:69:e9:f9:74:e6:7c:83:da:33:4d:e2:bc:df:
6e:78:0b:d4:25:e1:41:0c:21:ca:60:ac:19:7d:5f:
4a:be:e5:93:52:cc:71:8e:00:74:65:b6:ac:c6:e2:
1f:51:70:32:cc:f8:6e:ee:20:5d:bd:8e:34:e1:8f:
cd:39:fc:a3:76:d3:8a:a8:41:00:89:07:16:ca:a4:
77:bd:32:a0:3d:b3:12:36:ef:96:ba:e2:00:67:08:
27:9c:d5:7b:ad:d9:dc:3f:d0:c7:ca:6f:ad:78:bb:
df:16:a8:a7:99:86:7c:ee:ec:43:06:ff:00:b2:cd:
3d:e5:ff:c6:72:f2:da:b8:ba:81:a6:5c:08:5b:28:
68:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:DB:1D:85:7E:E6:F1:A0:CD:A1:05:D3:3D:84:43:44:96:E9:55:DE
X509v3 Authority Key Identifier:
keyid:E2:4A:03:F8:0F:62:DA:86:63:52:E1:99:09:97:F1:D4:6C:EB:2F:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4koD-A9i2oZjUuGZCZfx1GzrL7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/540c5f-a2a2-44e4-9287-41b54500fdcf/1/4koD-A9i2oZjUuGZCZfx1GzrL7A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/540c5f-a2a2-44e4-9287-41b54500fdcf/1/4koD-A9i2oZjUuGZCZfx1GzrL7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
71:d8:b6:90:48:46:2f:f4:56:91:f5:a5:d4:c0:70:c7:95:48:
62:e8:c3:1b:3d:36:3c:ad:82:a3:f2:5c:e1:ab:8e:30:56:8d:
94:f7:4a:99:0e:e7:ec:9e:c0:74:84:12:30:fb:01:66:a0:6f:
8d:f5:18:cd:99:ca:5e:3b:0e:a7:32:31:d8:b4:05:50:4a:a5:
62:06:f5:8b:9b:bb:04:c2:0f:92:a7:00:a9:53:57:c9:bd:d5:
6f:ed:0f:d1:85:a3:1f:de:88:83:7b:94:f9:9f:4f:92:42:73:
6d:1a:10:82:fd:f1:9c:e3:d8:77:c9:03:26:ea:d3:d2:52:f6:
8c:cf:64:17:04:c3:74:99:d1:d3:0c:97:33:c0:a8:52:1a:9f:
24:35:e6:53:b6:d0:04:24:6d:f5:12:7d:fe:36:a1:a7:81:d7:
07:60:05:bb:72:ef:92:c6:85:b8:46:28:bf:04:da:7f:82:50:
16:bb:2c:13:49:c8:8e:eb:23:5b:94:d5:fc:a8:7a:c0:1f:d1:
d5:cc:bc:15:ec:86:ff:98:37:f8:cc:1a:94:7d:cc:a5:52:a3:
05:87:9d:ab:17:1e:53:9f:4f:1c:ce:1c:8d:1b:82:4f:55:80:
59:8b:4c:cd:7e:86:79:59:97:50:93:87:86:67:75:b7:92:b8:
0e:02:65:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Z0LxANOoLH/zW5VFlJ004MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyNGEwM2Y4MGY2MmRhODY2MzUyZTE5OTA5OTdmMWQ0NmNl
YjJmYjAwHhcNMjYwNDE3MDUwMTI2WhcNMjYwNDE4MDUwMTI2WjAzMTEwLwYDVQQD
EygyZGRiMWQ4NTdlZTZmMWEwY2RhMTA1ZDMzZDg0NDM0NDk2ZTk1NWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvt6MyPZ2dCdqGlDs8gskezfZu9Q
2Bo5C18unuPEgPAMSIny2PN8iDf7fIvRTro7mZp3xjW6Fo9G4N+g/lwLsXZjm9tz
e5Ho1elXMasM2DJCESIYjYD6vbt4RV8NJckzPyAwnzwYGjdtgONU2kDIpzkQMTte
kEmmKmnp+XTmfIPaM03ivN9ueAvUJeFBDCHKYKwZfV9KvuWTUsxxjgB0ZbasxuIf
UXAyzPhu7iBdvY404Y/NOfyjdtOKqEEAiQcWyqR3vTKgPbMSNu+WuuIAZwgnnNV7
rdncP9DHym+teLvfFqinmYZ87uxDBv8Ass095f/GcvLauLqBplwIWyhodQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC3bHYV+5vGgzaEF0z2EQ0SW6VXeMB8GA1UdIwQY
MBaAFOJKA/gPYtqGY1LhmQmX8dRs6y+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGtvRC1BOWkyb1pqVXVHWkNaZngxR3pyTDdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC81NDBjNWYtYTJhMi00NGU0LTkyODct
NDFiNTQ1MDBmZGNmLzEvNGtvRC1BOWkyb1pqVXVHWkNaZngxR3pyTDdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC81NDBjNWYtYTJhMi00NGU0LTkyODctNDFiNTQ1MDBmZGNm
LzEvNGtvRC1BOWkyb1pqVXVHWkNaZngxR3pyTDdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcdi2kEhG
L/RWkfWl1MBwx5VIYujDGz02PK2Co/Jc4auOMFaNlPdKmQ7n7J7AdIQSMPsBZqBv
jfUYzZnKXjsOpzIx2LQFUEqlYgb1i5u7BMIPkqcAqVNXyb3Vb+0P0YWjH96Ig3uU
+Z9PkkJzbRoQgv3xnOPYd8kDJurT0lL2jM9kFwTDdJnR0wyXM8CoUhqfJDXmU7bQ
BCRt9RJ9/jahp4HXB2AFu3LvksaFuEYovwTaf4JQFrssE0nIjusjW5TV/Kh6wB/R
1cy8FeyG/5g3+MwalH3MpVKjBYedqxceU59PHM4cjRuCT1WAWYtMzX6GeVmXUJOH
hmd1t5K4DgJldA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 09:52:44 2026 by rpki-client