Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/f14079-4114-4bec-879c-8b06ec564a1b/1/S2jh-6e0SntmYjayElPX1jYtDYM.mft
File: S2jh-6e0SntmYjayElPX1jYtDYM.mft (raw, json)
Hash identifier: qCn9zlNsZtJrH5fQDGRdfeN7U/Bh1QkduoSt6bL+B0g=
Subject key identifier: FE:4F:D0:43:5E:A7:8D:2C:28:68:57:D6:D1:35:F7:99:BA:04:9E:14
Authority key identifier: 4B:68:E1:FB:A7:B4:4A:7B:66:62:36:B2:12:53:D7:D6:36:2D:0D:83
Certificate issuer: /CN=4b68e1fba7b44a7b666236b21253d7d6362d0d83
Certificate serial: 019D98BD7C2355B007801A84543D83B6D0B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S2jh-6e0SntmYjayElPX1jYtDYM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/f14079-4114-4bec-879c-8b06ec564a1b/1/S2jh-6e0SntmYjayElPX1jYtDYM.mft
Manifest number: 0606
Signing time: Fri 17 Apr 2026 00:00:48 +0000
Manifest this update: Fri 17 Apr 2026 00:00:48 +0000
Manifest next update: Sat 18 Apr 2026 00:00:48 +0000
Files and hashes: 1: NuG7e-eaeYmgEKzW-gA4hm0E3yg.roa (hash: jBGdM1PIKUvp7PqxpDnR+tYU0/z5UBNUNem3R8n/8fI=)
2: S2jh-6e0SntmYjayElPX1jYtDYM.crl (hash: +Vrm1eXFXkKTESn2iKx1AkoOz/fJFsy7cSn8mzuSjvk=)
3: cYnE7FavrDSt3SrEYya63HS7_dI.roa (hash: KGEvNenXcCeg3TCO3nqemstjyExiwPsWFQTV1a5VNaA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/f14079-4114-4bec-879c-8b06ec564a1b/1/S2jh-6e0SntmYjayElPX1jYtDYM.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/f14079-4114-4bec-879c-8b06ec564a1b/1/S2jh-6e0SntmYjayElPX1jYtDYM.mft
rsync://rpki.ripe.net/repository/DEFAULT/S2jh-6e0SntmYjayElPX1jYtDYM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 00:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:98:bd:7c:23:55:b0:07:80:1a:84:54:3d:83:b6:d0:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b68e1fba7b44a7b666236b21253d7d6362d0d83
Validity
Not Before: Apr 17 00:00:48 2026 GMT
Not After : Apr 18 00:00:48 2026 GMT
Subject: CN=fe4fd0435ea78d2c286857d6d135f799ba049e14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ab:a7:2d:91:98:0e:d2:c8:fe:98:0f:60:a8:
70:9d:60:74:dc:fc:24:18:77:7d:71:93:36:6a:99:
54:4d:86:9f:42:ec:25:31:4e:21:57:34:fa:fd:9c:
41:64:b6:49:ff:3f:64:86:12:e8:5e:ee:e1:eb:1d:
b4:f8:3f:63:51:21:d4:2b:20:47:b3:2c:16:36:86:
15:16:f9:a4:0a:4f:01:a0:f2:99:46:92:bd:68:15:
e7:82:f4:fa:72:cb:d9:b9:17:ed:c1:0e:46:b9:ea:
bc:8b:67:e5:09:77:9e:a3:67:71:01:11:7d:04:ac:
a5:85:da:17:aa:f5:1c:68:fa:d6:f1:c6:b4:93:f4:
49:60:81:95:2d:5c:60:0e:ce:d8:55:1c:d2:d0:31:
f4:66:d2:e5:7a:04:33:19:bc:c0:2a:aa:bb:3b:6b:
be:03:a2:be:ad:ef:cc:f1:b3:07:ba:e9:4d:d2:cf:
a0:5b:a4:21:ae:22:dd:f7:ed:86:72:84:56:ba:2a:
5e:2e:9f:3d:95:a0:3d:2e:07:32:21:fa:50:f3:28:
fe:8b:7c:38:d3:9c:2e:2b:c5:7a:a3:22:35:2d:50:
7d:e0:f8:96:1c:a9:d9:78:48:2f:55:7a:f4:48:01:
11:37:31:6e:da:53:53:15:41:fb:29:84:ac:f1:15:
89:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:4F:D0:43:5E:A7:8D:2C:28:68:57:D6:D1:35:F7:99:BA:04:9E:14
X509v3 Authority Key Identifier:
keyid:4B:68:E1:FB:A7:B4:4A:7B:66:62:36:B2:12:53:D7:D6:36:2D:0D:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S2jh-6e0SntmYjayElPX1jYtDYM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/f14079-4114-4bec-879c-8b06ec564a1b/1/S2jh-6e0SntmYjayElPX1jYtDYM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/f14079-4114-4bec-879c-8b06ec564a1b/1/S2jh-6e0SntmYjayElPX1jYtDYM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
65:51:19:7f:37:65:4f:7c:06:9a:37:ce:fe:cc:c0:aa:17:f8:
22:2b:29:1d:b9:bb:87:e6:72:0e:67:cc:ba:ae:db:6d:04:79:
fe:b4:1b:5a:01:8a:3d:e4:13:d1:cd:b1:59:67:b0:ab:43:13:
40:f1:2a:1e:e6:af:69:c4:fe:1e:85:4f:45:51:a4:31:de:5e:
58:ec:52:05:e8:36:26:a6:5b:34:d1:7c:c4:59:c0:9c:9e:dd:
62:6c:f3:0e:cf:48:b5:e7:27:bb:a8:ed:1a:b9:18:2e:0b:45:
96:1a:dc:9f:47:0c:5f:fa:f7:3c:84:ff:0d:5a:45:20:aa:3d:
60:d9:e8:e7:26:f9:a6:c9:73:5a:2d:a1:d1:16:2d:f7:6b:0d:
e7:d3:9a:fa:06:2f:47:78:68:55:2b:24:75:38:07:2a:43:83:
72:12:f2:55:49:6e:ec:e0:38:7e:df:da:ae:86:94:47:61:68:
4d:ec:66:61:77:ca:8a:e5:69:ae:d0:a4:73:59:13:a1:10:cf:
e7:42:bc:80:ab:90:ad:99:92:7e:1f:8a:69:07:21:e7:02:1f:
3b:4c:ef:df:57:cc:87:0e:a9:c1:23:cb:3f:de:63:65:75:c3:
40:9e:b0:1c:76:4a:2c:51:6b:ab:96:61:c9:72:0e:46:1c:0d:
52:1c:8d:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YvXwjVbAHgBqEVD2DttC1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNjhlMWZiYTdiNDRhN2I2NjYyMzZiMjEyNTNkN2Q2MzYy
ZDBkODMwHhcNMjYwNDE3MDAwMDQ4WhcNMjYwNDE4MDAwMDQ4WjAzMTEwLwYDVQQD
EyhmZTRmZDA0MzVlYTc4ZDJjMjg2ODU3ZDZkMTM1Zjc5OWJhMDQ5ZTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6unLZGYDtLI/pgPYKhwnWB03Pwk
GHd9cZM2aplUTYafQuwlMU4hVzT6/ZxBZLZJ/z9khhLoXu7h6x20+D9jUSHUKyBH
sywWNoYVFvmkCk8BoPKZRpK9aBXngvT6csvZuRftwQ5Gueq8i2flCXeeo2dxARF9
BKylhdoXqvUcaPrW8ca0k/RJYIGVLVxgDs7YVRzS0DH0ZtLlegQzGbzAKqq7O2u+
A6K+re/M8bMHuulN0s+gW6QhriLd9+2GcoRWuipeLp89laA9LgcyIfpQ8yj+i3w4
05wuK8V6oyI1LVB94PiWHKnZeEgvVXr0SAERNzFu2lNTFUH7KYSs8RWJowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP5P0ENep40sKGhX1tE195m6BJ4UMB8GA1UdIwQY
MBaAFEto4funtEp7ZmI2shJT19Y2LQ2DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzJqaC02ZTBTbnRtWWpheUVsUFgxall0RFlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9mMTQwNzktNDExNC00YmVjLTg3OWMt
OGIwNmVjNTY0YTFiLzEvUzJqaC02ZTBTbnRtWWpheUVsUFgxall0RFlNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9mMTQwNzktNDExNC00YmVjLTg3OWMtOGIwNmVjNTY0YTFi
LzEvUzJqaC02ZTBTbnRtWWpheUVsUFgxall0RFlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZVEZfzdl
T3wGmjfO/szAqhf4IispHbm7h+ZyDmfMuq7bbQR5/rQbWgGKPeQT0c2xWWewq0MT
QPEqHuavacT+HoVPRVGkMd5eWOxSBeg2JqZbNNF8xFnAnJ7dYmzzDs9Itecnu6jt
GrkYLgtFlhrcn0cMX/r3PIT/DVpFIKo9YNno5yb5pslzWi2h0RYt92sN59Oa+gYv
R3hoVSskdTgHKkODchLyVUlu7OA4ft/aroaUR2FoTexmYXfKiuVprtCkc1kToRDP
50K8gKuQrZmSfh+KaQch5wIfO0zv31fMhw6pwSPLP95jZXXDQJ6wHHZKLFFrq5Zh
yXIORhwNUhyNNg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 10:46:32 2026 by rpki-client