Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/540c5f-a2a2-44e4-9287-41b54500fdcf/1/4koD-A9i2oZjUuGZCZfx1GzrL7A.mft
File: 4koD-A9i2oZjUuGZCZfx1GzrL7A.mft (raw, json)
Hash identifier: IrccJZBsCpBWB3oJ3+tv2R7T97ZZusZLEqxZt+TMRvg=
Subject key identifier: CE:94:1F:1E:14:71:FD:AE:96:46:FB:D0:CD:83:ED:78:AA:EE:6C:4A
Authority key identifier: E2:4A:03:F8:0F:62:DA:86:63:52:E1:99:09:97:F1:D4:6C:EB:2F:B0
Certificate issuer: /CN=e24a03f80f62da866352e1990997f1d46ceb2fb0
Certificate serial: 019CAA58A4875B0491F5C23FD1D39078ECF6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4koD-A9i2oZjUuGZCZfx1GzrL7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/540c5f-a2a2-44e4-9287-41b54500fdcf/1/4koD-A9i2oZjUuGZCZfx1GzrL7A.mft
Manifest number: 1503
Signing time: Sun 01 Mar 2026 17:01:01 +0000
Manifest this update: Sun 01 Mar 2026 17:01:01 +0000
Manifest next update: Mon 02 Mar 2026 17:01:01 +0000
Files and hashes: 1: 4koD-A9i2oZjUuGZCZfx1GzrL7A.crl (hash: tl/bIrwn+hhYc6KvdlytbxzFspt1NuLWz5BW5leTvrw=)
2: WlHlPJ2Yx-QYEFNJTd1fZunOqeI.roa (hash: V3F5Ix6QWwGrgFg4N8xfN4dbqz/bAEkV9NWs0dFeZ8I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/540c5f-a2a2-44e4-9287-41b54500fdcf/1/4koD-A9i2oZjUuGZCZfx1GzrL7A.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/540c5f-a2a2-44e4-9287-41b54500fdcf/1/4koD-A9i2oZjUuGZCZfx1GzrL7A.mft
rsync://rpki.ripe.net/repository/DEFAULT/4koD-A9i2oZjUuGZCZfx1GzrL7A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 17:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:58:a4:87:5b:04:91:f5:c2:3f:d1:d3:90:78:ec:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e24a03f80f62da866352e1990997f1d46ceb2fb0
Validity
Not Before: Mar 1 17:01:01 2026 GMT
Not After : Mar 2 17:01:01 2026 GMT
Subject: CN=ce941f1e1471fdae9646fbd0cd83ed78aaee6c4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:30:a6:ac:6b:98:aa:18:84:57:5d:55:17:e3:
15:19:db:25:45:9d:9d:ac:f0:86:fe:6b:7d:02:fe:
d4:ff:87:38:2a:f3:8f:70:1d:b2:bd:ad:c6:4c:68:
54:cf:ee:1d:1c:09:8e:ae:2b:9b:28:2f:0b:27:1e:
93:74:01:8b:69:c3:41:07:22:ae:73:04:20:90:91:
d6:bc:a3:e2:f5:d2:94:14:b8:19:c3:41:28:c5:5a:
57:54:6f:66:25:74:8c:cb:92:19:75:c2:02:e7:d4:
70:3e:ec:7e:ca:be:34:cb:15:23:a1:35:ea:c7:a0:
34:0d:7b:71:d1:9a:e5:43:43:a9:0d:8d:15:83:4a:
e6:fd:0f:6e:c3:7b:76:2d:e4:08:57:02:5d:f4:5a:
4a:7b:a0:2d:dc:8d:bb:ca:94:43:c8:2f:ac:d6:d3:
a4:c6:55:e6:1c:91:a9:f8:86:91:af:ba:c3:98:ed:
13:35:2f:7a:90:f4:46:e5:0c:10:21:b0:5e:4c:12:
4a:a5:8a:1a:81:96:4f:6e:e0:0f:d8:9c:9f:7c:19:
70:c0:15:18:c9:86:2f:59:a4:3a:ba:ca:7f:97:4a:
5f:51:e0:54:dc:5c:53:7c:b6:23:20:c7:76:6c:23:
a7:7f:26:87:70:a8:03:b6:e6:bf:6f:6e:f2:50:ff:
b2:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:94:1F:1E:14:71:FD:AE:96:46:FB:D0:CD:83:ED:78:AA:EE:6C:4A
X509v3 Authority Key Identifier:
keyid:E2:4A:03:F8:0F:62:DA:86:63:52:E1:99:09:97:F1:D4:6C:EB:2F:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4koD-A9i2oZjUuGZCZfx1GzrL7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/540c5f-a2a2-44e4-9287-41b54500fdcf/1/4koD-A9i2oZjUuGZCZfx1GzrL7A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/540c5f-a2a2-44e4-9287-41b54500fdcf/1/4koD-A9i2oZjUuGZCZfx1GzrL7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8c:00:74:64:a5:a1:90:62:a1:b6:28:d7:19:8c:34:0d:d2:32:
f0:5b:ed:b2:4d:6d:f5:55:ec:08:69:64:fb:c4:42:a5:40:d4:
86:2a:bf:aa:24:18:13:83:27:45:6c:c5:22:39:94:65:89:07:
dc:70:74:f6:9f:c5:13:c2:60:88:9d:ed:fa:56:00:7d:24:74:
20:1b:e8:33:9b:01:5c:c1:83:0a:a1:09:be:6b:9d:45:15:d9:
fb:dd:6a:18:1f:03:3d:f4:bc:24:7b:8d:8a:45:c2:79:98:5c:
23:79:f1:cb:93:87:6d:90:85:ff:03:10:6e:e6:52:7d:da:cf:
30:82:bc:51:f5:37:92:76:81:02:6a:78:a7:24:e7:bc:4b:41:
c3:32:28:23:98:a4:04:5f:7b:d7:72:a0:dd:75:94:e5:a2:38:
a2:b7:71:c7:15:a4:c1:39:df:b3:50:15:dc:32:74:87:63:a2:
8d:b2:a6:b9:82:2c:27:17:5a:4d:db:ea:78:2a:14:6e:f4:25:
35:c5:df:47:94:f4:38:bf:73:ec:1d:46:07:fe:37:b7:3e:e2:
6b:b3:de:14:74:63:fd:8f:27:f5:35:ec:60:0f:fc:20:8f:07:
3d:5b:d7:04:cc:dc:38:6b:e1:52:e3:0f:68:cc:2e:66:14:87:
b6:2b:2e:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWKSHWwSR9cI/0dOQeOz2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyNGEwM2Y4MGY2MmRhODY2MzUyZTE5OTA5OTdmMWQ0NmNl
YjJmYjAwHhcNMjYwMzAxMTcwMTAxWhcNMjYwMzAyMTcwMTAxWjAzMTEwLwYDVQQD
EyhjZTk0MWYxZTE0NzFmZGFlOTY0NmZiZDBjZDgzZWQ3OGFhZWU2YzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDCmrGuYqhiEV11VF+MVGdslRZ2d
rPCG/mt9Av7U/4c4KvOPcB2yva3GTGhUz+4dHAmOriubKC8LJx6TdAGLacNBByKu
cwQgkJHWvKPi9dKUFLgZw0EoxVpXVG9mJXSMy5IZdcIC59RwPux+yr40yxUjoTXq
x6A0DXtx0ZrlQ0OpDY0Vg0rm/Q9uw3t2LeQIVwJd9FpKe6At3I27ypRDyC+s1tOk
xlXmHJGp+IaRr7rDmO0TNS96kPRG5QwQIbBeTBJKpYoagZZPbuAP2JyffBlwwBUY
yYYvWaQ6usp/l0pfUeBU3FxTfLYjIMd2bCOnfyaHcKgDtua/b27yUP+ybQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM6UHx4Ucf2ulkb70M2D7Xiq7mxKMB8GA1UdIwQY
MBaAFOJKA/gPYtqGY1LhmQmX8dRs6y+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGtvRC1BOWkyb1pqVXVHWkNaZngxR3pyTDdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC81NDBjNWYtYTJhMi00NGU0LTkyODct
NDFiNTQ1MDBmZGNmLzEvNGtvRC1BOWkyb1pqVXVHWkNaZngxR3pyTDdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC81NDBjNWYtYTJhMi00NGU0LTkyODctNDFiNTQ1MDBmZGNm
LzEvNGtvRC1BOWkyb1pqVXVHWkNaZngxR3pyTDdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjAB0ZKWh
kGKhtijXGYw0DdIy8Fvtsk1t9VXsCGlk+8RCpUDUhiq/qiQYE4MnRWzFIjmUZYkH
3HB09p/FE8JgiJ3t+lYAfSR0IBvoM5sBXMGDCqEJvmudRRXZ+91qGB8DPfS8JHuN
ikXCeZhcI3nxy5OHbZCF/wMQbuZSfdrPMIK8UfU3knaBAmp4pyTnvEtBwzIoI5ik
BF9713Kg3XWU5aI4ordxxxWkwTnfs1AV3DJ0h2OijbKmuYIsJxdaTdvqeCoUbvQl
NcXfR5T0OL9z7B1GB/43tz7ia7PeFHRj/Y8n9TXsYA/8II8HPVvXBMzcOGvhUuMP
aMwuZhSHtisuyQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:03:15 2026 by rpki-client