Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/9bc5bc-8f99-42ed-a8ce-5b86ba585922/1/2zdeFqGTZ96ZuySsEV0lmioEgaw.mft
File: 2zdeFqGTZ96ZuySsEV0lmioEgaw.mft (raw, json)
Hash identifier: VlcSpur9tX65gDyRdtEvkwy53+Vva3fNUzitvKBTGsw=
Subject key identifier: 4B:05:C5:EA:3F:E7:F2:24:C6:12:C2:73:B2:A9:98:1D:9C:0D:7F:FD
Authority key identifier: DB:37:5E:16:A1:93:67:DE:99:BB:24:AC:11:5D:25:9A:2A:04:81:AC
Certificate issuer: /CN=db375e16a19367de99bb24ac115d259a2a0481ac
Certificate serial: 019D9B50EEB03B50E5F41FC56DE62A0D399F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2zdeFqGTZ96ZuySsEV0lmioEgaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/9bc5bc-8f99-42ed-a8ce-5b86ba585922/1/2zdeFqGTZ96ZuySsEV0lmioEgaw.mft
Manifest number: 0E5C
Signing time: Fri 17 Apr 2026 12:01:05 +0000
Manifest this update: Fri 17 Apr 2026 12:01:05 +0000
Manifest next update: Sat 18 Apr 2026 12:01:05 +0000
Files and hashes: 1: 2zdeFqGTZ96ZuySsEV0lmioEgaw.crl (hash: KmYCTjqxmPRTtN9YTUTUd/u+YNxByfIswD1ydFGMVeU=)
2: uej861Aq66aiTbTh46AGK_JiRjQ.roa (hash: u2XmnqcYHbAJLSpNo2ks9hVCb6DlSKyd8Mczf2hO9GI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/9bc5bc-8f99-42ed-a8ce-5b86ba585922/1/2zdeFqGTZ96ZuySsEV0lmioEgaw.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/9bc5bc-8f99-42ed-a8ce-5b86ba585922/1/2zdeFqGTZ96ZuySsEV0lmioEgaw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2zdeFqGTZ96ZuySsEV0lmioEgaw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:50:ee:b0:3b:50:e5:f4:1f:c5:6d:e6:2a:0d:39:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db375e16a19367de99bb24ac115d259a2a0481ac
Validity
Not Before: Apr 17 12:01:05 2026 GMT
Not After : Apr 18 12:01:05 2026 GMT
Subject: CN=4b05c5ea3fe7f224c612c273b2a9981d9c0d7ffd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d8:91:c0:36:7c:64:8e:d0:b6:34:d0:7a:e6:
94:4c:e6:2a:87:6b:b3:64:9f:96:db:51:75:dc:39:
bc:9c:b7:c8:c7:6e:ae:d8:55:9e:47:58:bd:51:32:
36:71:a2:d7:09:b6:1d:ec:26:aa:fa:21:6b:32:bf:
df:e5:31:40:71:47:70:9b:ea:b0:5e:ad:8a:41:8a:
9c:3b:3c:ab:45:f1:80:51:60:d5:08:2a:77:4e:cc:
d6:f3:18:1f:a2:16:e3:e0:5a:d6:6b:16:a5:5a:f6:
ee:57:42:bb:8c:d3:0e:f8:f1:6e:7a:a4:8f:d3:93:
e2:22:63:53:a1:84:76:7e:8f:aa:c6:85:62:89:26:
80:03:ae:71:c8:5b:25:33:f2:70:e8:90:81:4c:a2:
c9:a8:89:31:f6:47:93:ee:6d:d9:18:f1:91:e6:be:
52:ee:25:80:ff:2a:e8:51:62:b1:67:91:a0:fd:8f:
3f:3e:ce:26:60:e1:f8:75:c8:99:c4:ed:a9:bc:bc:
ff:96:c0:bc:01:ce:b3:9a:19:c8:83:10:66:05:07:
cb:d7:ad:db:93:85:b5:f4:ad:c7:31:19:fc:9b:26:
97:31:fe:a5:3f:b0:f9:c0:55:33:65:28:f9:1a:72:
0e:90:dd:55:00:24:6d:9c:48:2e:e3:21:41:5f:89:
fd:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:05:C5:EA:3F:E7:F2:24:C6:12:C2:73:B2:A9:98:1D:9C:0D:7F:FD
X509v3 Authority Key Identifier:
keyid:DB:37:5E:16:A1:93:67:DE:99:BB:24:AC:11:5D:25:9A:2A:04:81:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2zdeFqGTZ96ZuySsEV0lmioEgaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/9bc5bc-8f99-42ed-a8ce-5b86ba585922/1/2zdeFqGTZ96ZuySsEV0lmioEgaw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/9bc5bc-8f99-42ed-a8ce-5b86ba585922/1/2zdeFqGTZ96ZuySsEV0lmioEgaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9c:53:ea:d6:63:8d:15:e3:ce:7c:f6:64:26:e2:99:6b:b8:58:
da:6c:51:75:cc:62:64:0f:5a:23:a3:c6:98:2c:54:d2:90:6e:
c5:31:b4:22:fd:ea:2e:14:40:bb:0c:4a:2a:54:63:ee:18:8c:
53:92:83:58:b2:9d:b4:b1:92:4d:58:06:d2:fc:b4:13:3b:9c:
a4:f0:19:0e:ac:cc:ed:97:30:e5:87:96:d3:6d:33:98:9e:2e:
40:ce:0e:be:a5:07:67:d2:8f:0f:1a:00:15:5c:3e:e5:b1:38:
6f:b5:fb:cb:be:1e:8f:66:bb:02:f1:7a:fa:14:0d:a3:ed:91:
86:e7:45:39:91:8d:61:4e:22:c5:32:99:f0:13:cd:13:e0:b8:
ab:aa:6e:0f:a3:36:13:ad:2a:f6:8f:97:0c:75:6d:80:68:b3:
9f:c8:43:75:14:8e:54:04:5c:22:e3:36:c6:99:36:66:f3:95:
af:2c:68:2f:a0:41:8f:07:56:fc:9b:78:39:28:fc:b9:e9:29:
06:a0:7b:10:8c:31:e5:ab:d1:96:4b:df:cb:74:3c:b6:65:7b:
59:1f:62:50:e4:81:16:50:9b:b2:5a:5c:b3:b4:7e:81:59:51:
91:f7:54:13:6d:e2:5f:1d:f8:d2:26:6b:88:28:f1:30:d1:c4:
15:b2:50:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bUO6wO1Dl9B/FbeYqDTmfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMzc1ZTE2YTE5MzY3ZGU5OWJiMjRhYzExNWQyNTlhMmEw
NDgxYWMwHhcNMjYwNDE3MTIwMTA1WhcNMjYwNDE4MTIwMTA1WjAzMTEwLwYDVQQD
Eyg0YjA1YzVlYTNmZTdmMjI0YzYxMmMyNzNiMmE5OTgxZDljMGQ3ZmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9iRwDZ8ZI7QtjTQeuaUTOYqh2uz
ZJ+W21F13Dm8nLfIx26u2FWeR1i9UTI2caLXCbYd7Caq+iFrMr/f5TFAcUdwm+qw
Xq2KQYqcOzyrRfGAUWDVCCp3TszW8xgfohbj4FrWaxalWvbuV0K7jNMO+PFueqSP
05PiImNToYR2fo+qxoViiSaAA65xyFslM/Jw6JCBTKLJqIkx9keT7m3ZGPGR5r5S
7iWA/yroUWKxZ5Gg/Y8/Ps4mYOH4dciZxO2pvLz/lsC8Ac6zmhnIgxBmBQfL163b
k4W19K3HMRn8myaXMf6lP7D5wFUzZSj5GnIOkN1VACRtnEgu4yFBX4n9VQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEsFxeo/5/IkxhLCc7KpmB2cDX/9MB8GA1UdIwQY
MBaAFNs3Xhahk2fembskrBFdJZoqBIGsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnpkZUZxR1RaOTZadXlTc0VWMGxtaW9FZ2F3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy85YmM1YmMtOGY5OS00MmVkLWE4Y2Ut
NWI4NmJhNTg1OTIyLzEvMnpkZUZxR1RaOTZadXlTc0VWMGxtaW9FZ2F3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy85YmM1YmMtOGY5OS00MmVkLWE4Y2UtNWI4NmJhNTg1OTIy
LzEvMnpkZUZxR1RaOTZadXlTc0VWMGxtaW9FZ2F3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnFPq1mON
FePOfPZkJuKZa7hY2mxRdcxiZA9aI6PGmCxU0pBuxTG0Iv3qLhRAuwxKKlRj7hiM
U5KDWLKdtLGSTVgG0vy0EzucpPAZDqzM7Zcw5YeW020zmJ4uQM4OvqUHZ9KPDxoA
FVw+5bE4b7X7y74ej2a7AvF6+hQNo+2RhudFOZGNYU4ixTKZ8BPNE+C4q6puD6M2
E60q9o+XDHVtgGizn8hDdRSOVARcIuM2xpk2ZvOVryxoL6BBjwdW/Jt4OSj8uekp
BqB7EIwx5avRlkvfy3Q8tmV7WR9iUOSBFlCbslpcs7R+gVlRkfdUE23iXx340iZr
iCjxMNHEFbJQtg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:42:52 2026 by rpki-client