Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.mft
File: 4Genud52frl9tk5RZHhJRjO9VOo.mft (raw, json)
Hash identifier: JYHCTY/PQbb5Z3AYF0aQRylSMlRdU+3VQrfp1EpGffY=
Subject key identifier: 09:E4:13:A6:15:E6:D1:84:5C:CD:10:0D:DC:A7:69:A6:23:A3:B0:40
Authority key identifier: E0:67:A7:B9:DE:76:7E:B9:7D:B6:4E:51:64:78:49:46:33:BD:54:EA
Certificate issuer: /CN=e067a7b9de767eb97db64e516478494633bd54ea
Certificate serial: 019CABA1B6D735C37FEE0079752E2FE6F79D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Genud52frl9tk5RZHhJRjO9VOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.mft
Manifest number: 0E47
Signing time: Sun 01 Mar 2026 23:00:27 +0000
Manifest this update: Sun 01 Mar 2026 23:00:27 +0000
Manifest next update: Mon 02 Mar 2026 23:00:27 +0000
Files and hashes: 1: 4Genud52frl9tk5RZHhJRjO9VOo.crl (hash: AaTmBlUFN8V9m4yR9UetaCPP2BPXsVeQewG8qkDaCkU=)
2: CdfLb6TofkWtReh_YXLGBpk_g6c.roa (hash: wzdkGkKknbVJYDWx/Ffoau27HnZpYfEves1fyMYu134=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.mft
rsync://rpki.ripe.net/repository/DEFAULT/4Genud52frl9tk5RZHhJRjO9VOo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:a1:b6:d7:35:c3:7f:ee:00:79:75:2e:2f:e6:f7:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e067a7b9de767eb97db64e516478494633bd54ea
Validity
Not Before: Mar 1 23:00:27 2026 GMT
Not After : Mar 2 23:00:27 2026 GMT
Subject: CN=09e413a615e6d1845ccd100ddca769a623a3b040
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7a:bb:de:bb:15:e4:1c:73:50:43:de:a3:3d:
ab:48:bc:6e:16:65:e2:7a:db:c7:e3:b0:ec:fa:ce:
6a:b9:e0:a5:18:7b:47:0a:7d:c4:0d:95:f0:78:4e:
e3:26:c0:ff:10:95:54:93:c6:03:60:8d:12:0b:b3:
82:d4:7e:42:16:b4:3d:fc:8f:fe:61:8d:77:b6:38:
49:a1:49:64:b3:9f:c6:91:2a:f2:9f:af:29:34:1d:
f7:5d:0a:81:00:5e:f7:fe:c7:53:73:27:7a:6c:c1:
c3:91:e2:0a:0f:f4:b5:14:a4:59:2e:3b:12:7e:e9:
02:33:3b:0d:e6:b7:7c:41:c0:f2:19:f9:70:3c:ab:
1c:d4:bf:27:e5:b8:04:bd:ac:da:33:8b:9b:2d:f2:
29:11:6e:36:8f:7c:3d:90:df:14:b1:04:a4:4d:b2:
ac:73:a0:e4:d3:0e:6b:d6:b4:b7:a6:d9:94:89:a9:
23:ee:a0:fd:eb:ff:3a:12:c7:ed:4e:8a:85:49:1b:
4f:ee:52:cb:b0:6e:bf:3a:4f:8f:2d:b5:97:81:e3:
d6:68:d5:04:37:d6:f9:d8:4c:86:cc:84:ca:b9:5f:
6c:be:14:64:6e:15:d0:ca:dd:61:71:e4:30:46:31:
0b:fc:77:5e:85:ea:2b:ed:a7:35:84:1c:ff:9c:8e:
bf:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:E4:13:A6:15:E6:D1:84:5C:CD:10:0D:DC:A7:69:A6:23:A3:B0:40
X509v3 Authority Key Identifier:
keyid:E0:67:A7:B9:DE:76:7E:B9:7D:B6:4E:51:64:78:49:46:33:BD:54:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Genud52frl9tk5RZHhJRjO9VOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c8:61:a3:8e:f5:68:5b:c1:06:30:b0:1a:7f:5a:64:84:8f:6f:
c2:29:f2:d9:1e:9c:c8:d9:6e:5f:fe:98:27:77:68:ef:b1:f1:
35:80:9a:e1:f7:bf:b1:2a:47:95:f1:d4:82:7f:f0:f1:22:0d:
03:0b:15:46:45:58:74:0e:d7:6c:6a:12:66:ba:59:c4:a2:b1:
63:3f:1a:9f:29:f9:7d:a6:5f:f7:1d:37:49:59:b8:5d:72:57:
e5:8c:00:df:71:79:6e:19:c7:90:1c:f5:d6:7a:3e:ff:fe:30:
54:fe:4a:90:59:d5:a6:11:69:61:c5:2b:85:f3:a0:ac:5a:fc:
99:f1:63:ae:84:63:79:85:ae:e0:ca:56:bc:80:6d:6c:7d:43:
d7:d1:ee:6b:76:0b:12:aa:44:e7:61:2d:c4:b9:02:5f:4c:5a:
2f:68:17:2e:c7:cc:8b:5a:2d:eb:02:e4:80:ab:5b:f2:5f:21:
4f:7b:1a:43:98:a9:84:68:ec:e7:9a:d2:20:62:46:64:29:b5:
53:86:95:b0:ec:17:08:fe:7f:62:cc:ac:c4:bf:1e:ca:7d:41:
66:3f:2f:3e:03:50:00:df:94:24:4d:2d:88:58:e6:e0:1c:b4:
91:18:e6:73:2b:92:93:a1:6c:65:65:7c:c3:d3:e3:a4:07:b5:
c1:7d:d9:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrobbXNcN/7gB5dS4v5vedMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNjdhN2I5ZGU3NjdlYjk3ZGI2NGU1MTY0Nzg0OTQ2MzNi
ZDU0ZWEwHhcNMjYwMzAxMjMwMDI3WhcNMjYwMzAyMjMwMDI3WjAzMTEwLwYDVQQD
EygwOWU0MTNhNjE1ZTZkMTg0NWNjZDEwMGRkY2E3NjlhNjIzYTNiMDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXq73rsV5BxzUEPeoz2rSLxuFmXi
etvH47Ds+s5queClGHtHCn3EDZXweE7jJsD/EJVUk8YDYI0SC7OC1H5CFrQ9/I/+
YY13tjhJoUlks5/GkSryn68pNB33XQqBAF73/sdTcyd6bMHDkeIKD/S1FKRZLjsS
fukCMzsN5rd8QcDyGflwPKsc1L8n5bgEvazaM4ubLfIpEW42j3w9kN8UsQSkTbKs
c6Dk0w5r1rS3ptmUiakj7qD96/86EsftToqFSRtP7lLLsG6/Ok+PLbWXgePWaNUE
N9b52EyGzITKuV9svhRkbhXQyt1hceQwRjEL/Hdeheor7ac1hBz/nI6/RwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAnkE6YV5tGEXM0QDdynaaYjo7BAMB8GA1UdIwQY
MBaAFOBnp7nedn65fbZOUWR4SUYzvVTqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEdlbnVkNTJmcmw5dGs1UlpIaEpSak85Vk9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kNTIwYzQtZGViNC00MzhiLTkzYmYt
NzY4ZjNkNmVlMTllLzEvNEdlbnVkNTJmcmw5dGs1UlpIaEpSak85Vk9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kNTIwYzQtZGViNC00MzhiLTkzYmYtNzY4ZjNkNmVlMTll
LzEvNEdlbnVkNTJmcmw5dGs1UlpIaEpSak85Vk9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyGGjjvVo
W8EGMLAaf1pkhI9vwiny2R6cyNluX/6YJ3do77HxNYCa4fe/sSpHlfHUgn/w8SIN
AwsVRkVYdA7XbGoSZrpZxKKxYz8anyn5faZf9x03SVm4XXJX5YwA33F5bhnHkBz1
1no+//4wVP5KkFnVphFpYcUrhfOgrFr8mfFjroRjeYWu4MpWvIBtbH1D19Hua3YL
EqpE52EtxLkCX0xaL2gXLsfMi1ot6wLkgKtb8l8hT3saQ5iphGjs55rSIGJGZCm1
U4aVsOwXCP5/YsysxL8eyn1BZj8vPgNQAN+UJE0tiFjm4By0kRjmcyuSk6FsZWV8
w9PjpAe1wX3ZrA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:27:53 2026 by rpki-client