Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
File: 2O6Q00LYZepn8rDS-3TAOfg-Skg.mft (raw, json)
Hash identifier: Heuw34eh0cu0oXVOlOQvzdYVKfrHvdckLO4lFnSy+bA=
Subject key identifier: F8:96:D2:A7:A2:08:7D:41:68:ED:89:9A:54:01:E3:09:CB:23:E3:1E
Authority key identifier: D8:EE:90:D3:42:D8:65:EA:67:F2:B0:D2:FB:74:C0:39:F8:3E:4A:48
Certificate issuer: /CN=d8ee90d342d865ea67f2b0d2fb74c039f83e4a48
Certificate serial: 019D9AE3120D67303EADCF53B7C4F07B33F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
Manifest number: 05E5
Signing time: Fri 17 Apr 2026 10:01:05 +0000
Manifest this update: Fri 17 Apr 2026 10:01:05 +0000
Manifest next update: Sat 18 Apr 2026 10:01:05 +0000
Files and hashes: 1: 2O6Q00LYZepn8rDS-3TAOfg-Skg.crl (hash: jlIpzMjrKyqU+5mr/GL6QQabnB07APTXVcub/0feeFg=)
2: OExalT86I2jE92WcpxOz8v2EM5M.roa (hash: 4ql4+dXrno2rRd9rLsGdlFCa1N0RlG63lEsTRJIQb8w=)
3: jkJ-dpXyGf9S_poPiFsD4kU6mb4.roa (hash: cQtWmc7dZO030WCUTKzMCSngnAwQZjveS+i9Nuw4lVc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 10:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:e3:12:0d:67:30:3e:ad:cf:53:b7:c4:f0:7b:33:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8ee90d342d865ea67f2b0d2fb74c039f83e4a48
Validity
Not Before: Apr 17 10:01:05 2026 GMT
Not After : Apr 18 10:01:05 2026 GMT
Subject: CN=f896d2a7a2087d4168ed899a5401e309cb23e31e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:2d:2a:b7:0f:49:0f:84:f3:8c:b4:bc:03:6f:
5e:d5:ce:81:15:5b:56:26:55:b2:39:a6:d4:78:6d:
9d:fa:4a:c1:83:41:fe:c4:2a:b7:ac:b5:83:aa:07:
3a:bf:73:38:8d:77:7e:c6:67:6f:8f:01:70:ba:94:
94:a5:af:ee:2d:ee:08:e8:6f:1d:3f:3f:51:87:ff:
84:8d:00:82:83:69:94:5e:30:6d:e0:82:7f:3f:19:
de:94:26:26:62:e1:eb:85:ea:e4:f9:90:27:69:92:
53:91:6b:a6:b6:47:56:fe:ed:b2:27:d0:40:10:5a:
74:5e:d0:93:58:e7:9c:9d:48:19:ec:13:37:db:7c:
bd:58:9b:71:77:b8:3e:15:e3:bc:07:10:bd:6c:d5:
69:34:76:09:2e:5b:7b:54:f6:de:c2:83:2f:96:41:
cf:71:f8:4a:c4:d9:c4:31:0a:39:e4:21:0f:28:ac:
ce:49:3e:a0:d4:05:c5:10:36:5e:2b:02:5b:d3:2b:
f6:38:8b:26:57:ed:ef:a8:38:d7:20:23:c9:ed:cf:
15:b8:a1:ab:51:2c:77:7f:55:c9:cb:56:79:15:19:
9b:d1:aa:a6:e6:ab:1f:8a:54:8e:cc:5b:49:d8:01:
5f:44:67:6f:09:cd:f1:75:0c:05:db:f1:da:56:e5:
91:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:96:D2:A7:A2:08:7D:41:68:ED:89:9A:54:01:E3:09:CB:23:E3:1E
X509v3 Authority Key Identifier:
keyid:D8:EE:90:D3:42:D8:65:EA:67:F2:B0:D2:FB:74:C0:39:F8:3E:4A:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:95:c7:37:dc:48:9f:9b:c2:c3:76:8f:30:28:08:0f:87:86:
bb:19:cb:6c:e5:25:5a:03:73:7d:01:f2:8b:f9:35:ab:8a:04:
5b:7c:39:70:c0:79:b1:db:40:db:c3:0f:5c:7c:3b:ee:c8:fe:
48:97:57:45:d2:f7:47:ac:b9:81:79:d5:3d:9a:d1:96:a0:20:
2c:ff:9d:6b:1b:c2:76:44:92:c1:48:ec:1f:f8:38:86:20:2f:
26:43:0d:be:5d:25:62:e6:4c:fa:3a:e4:d5:94:b5:c6:2e:fb:
82:ff:db:f2:1f:d9:4a:8f:d3:41:f5:f6:b0:82:bb:cf:a5:7b:
7f:11:e0:74:c3:19:c0:5d:b6:cc:b0:4d:79:da:d8:ad:ce:2f:
6a:61:f8:2b:88:6c:a3:5f:51:70:33:91:84:56:14:ff:26:7b:
33:02:14:10:94:8d:c9:60:a2:b2:67:ae:ae:ec:12:32:22:26:
e3:9d:98:a6:a7:10:09:0c:02:2d:41:d5:c5:a0:d0:7e:ec:93:
21:ca:aa:80:61:72:b9:cd:fe:f0:78:3b:f0:49:e1:96:9c:b0:
e6:85:6e:12:3b:7c:db:de:bd:4a:fe:5e:b9:e5:4c:c8:c4:70:
11:c5:95:da:e2:ba:dc:a9:0f:49:6c:ca:67:b5:c4:03:ea:26:
13:4b:7f:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4xINZzA+rc9Tt8TwezP1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZWU5MGQzNDJkODY1ZWE2N2YyYjBkMmZiNzRjMDM5Zjgz
ZTRhNDgwHhcNMjYwNDE3MTAwMTA1WhcNMjYwNDE4MTAwMTA1WjAzMTEwLwYDVQQD
EyhmODk2ZDJhN2EyMDg3ZDQxNjhlZDg5OWE1NDAxZTMwOWNiMjNlMzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAry0qtw9JD4TzjLS8A29e1c6BFVtW
JlWyOabUeG2d+krBg0H+xCq3rLWDqgc6v3M4jXd+xmdvjwFwupSUpa/uLe4I6G8d
Pz9Rh/+EjQCCg2mUXjBt4IJ/PxnelCYmYuHrherk+ZAnaZJTkWumtkdW/u2yJ9BA
EFp0XtCTWOecnUgZ7BM323y9WJtxd7g+FeO8BxC9bNVpNHYJLlt7VPbewoMvlkHP
cfhKxNnEMQo55CEPKKzOST6g1AXFEDZeKwJb0yv2OIsmV+3vqDjXICPJ7c8VuKGr
USx3f1XJy1Z5FRmb0aqm5qsfilSOzFtJ2AFfRGdvCc3xdQwF2/HaVuWRkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPiW0qeiCH1BaO2JmlQB4wnLI+MeMB8GA1UdIwQY
MBaAFNjukNNC2GXqZ/Kw0vt0wDn4PkpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9jZjVjMTAtMjEzMS00MTE2LWI2Zjkt
NTEwNTI1YzQ3NDRjLzEvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9jZjVjMTAtMjEzMS00MTE2LWI2ZjktNTEwNTI1YzQ3NDRj
LzEvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADpXHN9xI
n5vCw3aPMCgID4eGuxnLbOUlWgNzfQHyi/k1q4oEW3w5cMB5sdtA28MPXHw77sj+
SJdXRdL3R6y5gXnVPZrRlqAgLP+daxvCdkSSwUjsH/g4hiAvJkMNvl0lYuZM+jrk
1ZS1xi77gv/b8h/ZSo/TQfX2sIK7z6V7fxHgdMMZwF22zLBNedrYrc4vamH4K4hs
o19RcDORhFYU/yZ7MwIUEJSNyWCismeuruwSMiIm452YpqcQCQwCLUHVxaDQfuyT
IcqqgGFyuc3+8Hg78Enhlpyw5oVuEjt82969Sv5eueVMyMRwEcWV2uK63KkPSWzK
Z7XEA+omE0t/HA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:46:53 2026 by rpki-client