Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft
File: 2KPKzfjzNRS-Or3FLFDshkZ16VU.mft (raw, json)
Hash identifier: sflEBgoklBjLmKvL/O6DvNpc80PSJTFehmwvi7YqrtM=
Subject key identifier: 2B:04:17:43:C1:7D:AA:02:40:F3:B8:CE:20:F5:9B:89:F6:D9:A4:AF
Authority key identifier: D8:A3:CA:CD:F8:F3:35:14:BE:3A:BD:C5:2C:50:EC:86:46:75:E9:55
Certificate issuer: /CN=d8a3cacdf8f33514be3abdc52c50ec864675e955
Certificate serial: 019DA3AF29EAAA5B295EE5F92D35FDE05840
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2KPKzfjzNRS-Or3FLFDshkZ16VU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft
Manifest number: 0E1F
Signing time: Sun 19 Apr 2026 03:00:58 +0000
Manifest this update: Sun 19 Apr 2026 03:00:58 +0000
Manifest next update: Mon 20 Apr 2026 03:00:58 +0000
Files and hashes: 1: 2KPKzfjzNRS-Or3FLFDshkZ16VU.crl (hash: BWZlsY7LBAt5qBPNR6e41mVZXKao8FgpzHrXMCQHzt8=)
2: 55I-KJfDZCQf3-WIzaOmHLDw0UA.roa (hash: CHL8cZMB7OLAW5NGioo9AKdHll+9RPJn2SB7b3DCiOk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft
rsync://rpki.ripe.net/repository/DEFAULT/2KPKzfjzNRS-Or3FLFDshkZ16VU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a3:af:29:ea:aa:5b:29:5e:e5:f9:2d:35:fd:e0:58:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8a3cacdf8f33514be3abdc52c50ec864675e955
Validity
Not Before: Apr 19 03:00:58 2026 GMT
Not After : Apr 20 03:00:58 2026 GMT
Subject: CN=2b041743c17daa0240f3b8ce20f59b89f6d9a4af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:91:09:aa:81:03:e3:05:6d:14:9f:45:f4:ee:
50:6e:a8:89:1d:02:aa:c7:90:4e:a6:e1:08:81:0e:
87:15:41:c4:31:08:e1:9d:60:9d:17:a5:5a:5e:02:
dd:01:d2:3b:f9:e8:8a:d6:a4:86:ce:a4:25:29:f3:
d3:4c:9d:28:ff:af:64:bb:9a:7e:67:04:6a:5b:31:
d8:19:b6:40:46:c8:76:23:97:42:65:3e:be:bb:38:
55:7f:43:b2:52:25:92:db:bf:96:40:6f:7e:99:63:
3b:25:9c:ed:1a:cc:25:0f:6c:76:d7:b0:30:81:b5:
06:35:98:93:04:03:81:94:17:eb:a8:9b:fd:f8:2b:
fc:a3:0e:4f:23:96:78:60:d3:3c:0e:0e:85:9e:87:
53:76:d7:dc:f0:66:84:49:6c:e9:be:b2:a9:ca:06:
d3:53:17:e0:09:92:5c:c9:9e:c1:dd:c5:aa:83:f9:
90:13:d5:f2:86:ad:01:0d:05:e0:1a:ff:c7:bc:2d:
7b:d3:56:e0:76:83:33:de:81:f2:f7:d7:fb:b3:46:
64:21:8b:2e:08:08:e4:ca:3d:3d:b3:9c:fd:86:d7:
7c:e3:59:a1:86:2f:98:74:ff:0a:60:88:a5:27:1b:
46:e9:36:c2:86:54:95:e5:fa:db:8c:03:79:2b:55:
79:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:04:17:43:C1:7D:AA:02:40:F3:B8:CE:20:F5:9B:89:F6:D9:A4:AF
X509v3 Authority Key Identifier:
keyid:D8:A3:CA:CD:F8:F3:35:14:BE:3A:BD:C5:2C:50:EC:86:46:75:E9:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2KPKzfjzNRS-Or3FLFDshkZ16VU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
52:fd:75:ab:7f:d9:0a:69:5b:b0:33:80:89:c3:e7:25:0b:8d:
b5:fb:6d:39:c1:4c:2f:10:2c:71:05:19:e8:e3:ea:a2:31:cf:
67:5d:49:5c:66:2f:fa:c5:37:2f:58:ef:54:98:89:0e:a8:3f:
de:51:5b:c0:9f:6d:d7:f5:02:56:bf:e9:72:1c:b7:a3:b8:6b:
2b:7b:36:58:67:31:1b:b3:10:0b:69:f7:75:ab:73:a8:92:a8:
6e:24:0f:28:94:50:57:9b:20:86:aa:d6:a6:6e:26:c8:b1:ca:
81:47:5c:de:86:19:8f:8f:cb:c4:61:3d:3e:45:7c:3a:35:93:
b1:da:df:c1:12:63:8b:00:80:74:e1:30:6e:a4:fe:58:76:ad:
f0:8d:44:b8:85:08:eb:7a:2a:92:b5:3a:f3:b2:3b:0f:ec:45:
c1:bc:02:3b:45:ac:0f:b6:c6:20:15:6e:9b:a7:f4:d4:dc:7b:
9d:a0:8f:09:da:56:3a:d7:90:fb:83:0d:4b:23:4f:c7:98:af:
16:d3:c9:0d:02:07:9d:f6:b4:f8:33:3e:b7:b5:a7:79:d1:d9:
65:b8:a4:0f:62:bb:cf:ef:c9:c5:4e:d7:cb:33:43:06:4f:7b:
af:00:14:06:3f:19:26:00:1f:b2:d7:69:95:4a:60:7e:f4:02:
92:cf:24:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2jrynqqlspXuX5LTX94FhAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YTNjYWNkZjhmMzM1MTRiZTNhYmRjNTJjNTBlYzg2NDY3
NWU5NTUwHhcNMjYwNDE5MDMwMDU4WhcNMjYwNDIwMDMwMDU4WjAzMTEwLwYDVQQD
EygyYjA0MTc0M2MxN2RhYTAyNDBmM2I4Y2UyMGY1OWI4OWY2ZDlhNGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5EJqoED4wVtFJ9F9O5QbqiJHQKq
x5BOpuEIgQ6HFUHEMQjhnWCdF6VaXgLdAdI7+eiK1qSGzqQlKfPTTJ0o/69ku5p+
ZwRqWzHYGbZARsh2I5dCZT6+uzhVf0OyUiWS27+WQG9+mWM7JZztGswlD2x217Aw
gbUGNZiTBAOBlBfrqJv9+Cv8ow5PI5Z4YNM8Dg6FnodTdtfc8GaESWzpvrKpygbT
UxfgCZJcyZ7B3cWqg/mQE9Xyhq0BDQXgGv/HvC1701bgdoMz3oHy99f7s0ZkIYsu
CAjkyj09s5z9htd841mhhi+YdP8KYIilJxtG6TbChlSV5frbjAN5K1V5ZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCsEF0PBfaoCQPO4ziD1m4n22aSvMB8GA1UdIwQY
MBaAFNijys348zUUvjq9xSxQ7IZGdelVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMktQS3pmanpOUlMtT3IzRkxGRHNoa1oxNlZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zMzNjMWEtZTRhNS00OTZkLTlhODEt
Yjc5MWI5ODlhZjI5LzEvMktQS3pmanpOUlMtT3IzRkxGRHNoa1oxNlZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8zMzNjMWEtZTRhNS00OTZkLTlhODEtYjc5MWI5ODlhZjI5
LzEvMktQS3pmanpOUlMtT3IzRkxGRHNoa1oxNlZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUv11q3/Z
CmlbsDOAicPnJQuNtfttOcFMLxAscQUZ6OPqojHPZ11JXGYv+sU3L1jvVJiJDqg/
3lFbwJ9t1/UCVr/pchy3o7hrK3s2WGcxG7MQC2n3datzqJKobiQPKJRQV5sghqrW
pm4myLHKgUdc3oYZj4/LxGE9PkV8OjWTsdrfwRJjiwCAdOEwbqT+WHat8I1EuIUI
63oqkrU687I7D+xFwbwCO0WsD7bGIBVum6f01Nx7naCPCdpWOteQ+4MNSyNPx5iv
FtPJDQIHnfa0+DM+t7WnedHZZbikD2K7z+/JxU7XyzNDBk97rwAUBj8ZJgAfstdp
lUpgfvQCks8k+Q==
-----END CERTIFICATE-----
Generated at Sun Apr 19 08:59:28 2026 by rpki-client