Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/3df341-017c-4660-8cf7-44d64b9da459/1/2KzzS-KwTHzO8iIejR_LbKu0FZE.mft
File: 2KzzS-KwTHzO8iIejR_LbKu0FZE.mft (raw, json)
Hash identifier: nI09aMjtHRZMJYuKN390FAvFSJAuk7raW2wlFy91Q50=
Subject key identifier: 4E:B1:AE:A0:30:4F:E1:73:FB:C2:31:33:97:09:B3:2A:AA:D2:BC:DA
Authority key identifier: D8:AC:F3:4B:E2:B0:4C:7C:CE:F2:22:1E:8D:1F:CB:6C:AB:B4:15:91
Certificate issuer: /CN=d8acf34be2b04c7ccef2221e8d1fcb6cabb41591
Certificate serial: 019DA2D30129E0D6E7D8E836B1D0A3043A85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2KzzS-KwTHzO8iIejR_LbKu0FZE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/3df341-017c-4660-8cf7-44d64b9da459/1/2KzzS-KwTHzO8iIejR_LbKu0FZE.mft
Manifest number: 18C7
Signing time: Sat 18 Apr 2026 23:00:30 +0000
Manifest this update: Sat 18 Apr 2026 23:00:30 +0000
Manifest next update: Sun 19 Apr 2026 23:00:30 +0000
Files and hashes: 1: 1VZy0G-wHQ_TX2BXwKD4dH12AVw.roa (hash: mifTRRl6FrcrdgjIAd+uxzGUQnWJ54FTfDl9SZZKo7c=)
2: 2KzzS-KwTHzO8iIejR_LbKu0FZE.crl (hash: qoEHyAYJ3s/rX0IGDBQwyoZOtHp68mCKJogTp4Kwq+4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/3df341-017c-4660-8cf7-44d64b9da459/1/2KzzS-KwTHzO8iIejR_LbKu0FZE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/3df341-017c-4660-8cf7-44d64b9da459/1/2KzzS-KwTHzO8iIejR_LbKu0FZE.mft
rsync://rpki.ripe.net/repository/DEFAULT/2KzzS-KwTHzO8iIejR_LbKu0FZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Apr 2026 23:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a2:d3:01:29:e0:d6:e7:d8:e8:36:b1:d0:a3:04:3a:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8acf34be2b04c7ccef2221e8d1fcb6cabb41591
Validity
Not Before: Apr 18 23:00:30 2026 GMT
Not After : Apr 19 23:00:30 2026 GMT
Subject: CN=4eb1aea0304fe173fbc231339709b32aaad2bcda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e7:3a:96:43:c6:2c:40:22:0e:cd:40:7f:69:
05:bb:67:34:95:94:5b:f7:34:29:79:b8:ee:3d:4e:
89:6f:4d:db:b0:00:41:a9:41:cd:29:81:0b:77:f3:
72:4f:9d:4a:64:c0:c0:c3:4d:a9:08:80:f1:f6:ae:
9f:1d:03:e6:6f:80:19:52:d0:2b:4c:37:52:76:75:
74:cd:a9:c0:d3:fd:3e:bd:29:e2:bc:d0:91:4c:6f:
92:ab:39:cf:27:fa:e4:18:6d:fb:95:dd:a7:a7:d8:
da:4c:2a:c5:aa:84:07:ca:49:42:de:d1:46:c2:d6:
cc:e3:69:7f:61:6d:1e:6e:83:e7:a1:bd:72:12:fe:
f4:31:35:76:2f:8b:bf:c1:ba:39:ea:fa:c4:74:1b:
23:3c:67:40:ba:46:63:de:32:a4:47:65:05:ed:72:
83:65:db:41:40:94:cc:26:8c:31:ff:fa:56:38:28:
b3:88:f0:a5:c5:d9:d5:1c:04:13:ee:3c:16:29:e0:
59:65:df:ef:5b:71:14:17:2f:0b:f7:f7:2e:7c:87:
90:9d:f4:84:a4:49:7c:35:33:17:b1:f3:0d:c3:a1:
9c:2a:74:1c:1b:bd:3b:fe:92:be:82:4f:3e:4a:b3:
aa:c5:18:61:06:e9:02:8c:b6:03:39:68:c0:8a:24:
34:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:B1:AE:A0:30:4F:E1:73:FB:C2:31:33:97:09:B3:2A:AA:D2:BC:DA
X509v3 Authority Key Identifier:
keyid:D8:AC:F3:4B:E2:B0:4C:7C:CE:F2:22:1E:8D:1F:CB:6C:AB:B4:15:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2KzzS-KwTHzO8iIejR_LbKu0FZE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3df341-017c-4660-8cf7-44d64b9da459/1/2KzzS-KwTHzO8iIejR_LbKu0FZE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3df341-017c-4660-8cf7-44d64b9da459/1/2KzzS-KwTHzO8iIejR_LbKu0FZE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
cb:f1:2a:e7:17:24:e9:4c:d4:c6:ac:ba:68:6c:e8:0f:11:bf:
3b:61:9c:cb:5c:80:49:75:b3:a8:1b:4a:73:0e:77:e7:15:11:
0d:87:b6:4b:98:78:4e:e3:57:4e:e5:e8:8f:41:1e:18:89:56:
50:9d:51:16:a7:d5:1e:8c:1f:88:8a:29:87:5c:6e:4e:de:8a:
eb:b4:af:f3:b4:9f:1c:89:fa:f5:c0:6a:b6:97:d1:ce:01:96:
c9:20:80:50:3b:34:d9:0e:c9:20:b0:72:12:34:a9:22:dc:3c:
27:2f:4b:33:c6:86:41:1d:45:27:30:e5:22:70:4b:d0:27:eb:
16:45:01:fa:26:d3:1d:ee:94:94:31:b1:bb:74:4b:31:a3:d5:
d3:05:94:f4:1d:48:f3:d3:4e:42:9a:fc:e0:3e:61:70:85:83:
86:cb:a4:f0:b0:b4:be:88:4e:c2:98:26:15:dd:46:3f:b5:b8:
2b:5c:99:e6:e6:6b:d2:06:03:88:4f:9c:8a:5e:8a:50:fc:72:
cf:1d:03:50:06:fc:9d:4a:e3:fb:de:c0:02:54:a8:43:df:61:
5d:ac:47:a4:6b:91:53:d4:5e:da:68:63:ad:4e:e3:0b:8f:27:
20:ff:6e:3c:aa:27:be:39:b1:49:b1:2b:3d:0a:e4:76:54:87:
8e:b4:70:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2i0wEp4Nbn2Og2sdCjBDqFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YWNmMzRiZTJiMDRjN2NjZWYyMjIxZThkMWZjYjZjYWJi
NDE1OTEwHhcNMjYwNDE4MjMwMDMwWhcNMjYwNDE5MjMwMDMwWjAzMTEwLwYDVQQD
Eyg0ZWIxYWVhMDMwNGZlMTczZmJjMjMxMzM5NzA5YjMyYWFhZDJiY2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOc6lkPGLEAiDs1Af2kFu2c0lZRb
9zQpebjuPU6Jb03bsABBqUHNKYELd/NyT51KZMDAw02pCIDx9q6fHQPmb4AZUtAr
TDdSdnV0zanA0/0+vSnivNCRTG+SqznPJ/rkGG37ld2np9jaTCrFqoQHyklC3tFG
wtbM42l/YW0eboPnob1yEv70MTV2L4u/wbo56vrEdBsjPGdAukZj3jKkR2UF7XKD
ZdtBQJTMJowx//pWOCiziPClxdnVHAQT7jwWKeBZZd/vW3EUFy8L9/cufIeQnfSE
pEl8NTMXsfMNw6GcKnQcG707/pK+gk8+SrOqxRhhBukCjLYDOWjAiiQ0SwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE6xrqAwT+Fz+8IxM5cJsyqq0rzaMB8GA1UdIwQY
MBaAFNis80visEx8zvIiHo0fy2yrtBWRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkt6elMtS3dUSHpPOGlJZWpSX0xiS3UwRlpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8zZGYzNDEtMDE3Yy00NjYwLThjZjct
NDRkNjRiOWRhNDU5LzEvMkt6elMtS3dUSHpPOGlJZWpSX0xiS3UwRlpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8zZGYzNDEtMDE3Yy00NjYwLThjZjctNDRkNjRiOWRhNDU5
LzEvMkt6elMtS3dUSHpPOGlJZWpSX0xiS3UwRlpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAy/Eq5xck
6UzUxqy6aGzoDxG/O2Gcy1yASXWzqBtKcw535xURDYe2S5h4TuNXTuXoj0EeGIlW
UJ1RFqfVHowfiIoph1xuTt6K67Sv87SfHIn69cBqtpfRzgGWySCAUDs02Q7JILBy
EjSpItw8Jy9LM8aGQR1FJzDlInBL0CfrFkUB+ibTHe6UlDGxu3RLMaPV0wWU9B1I
89NOQpr84D5hcIWDhsuk8LC0vohOwpgmFd1GP7W4K1yZ5uZr0gYDiE+cil6KUPxy
zx0DUAb8nUrj+97AAlSoQ99hXaxHpGuRU9Re2mhjrU7jC48nIP9uPKonvjmxSbEr
PQrkdlSHjrRwrQ==
-----END CERTIFICATE-----
Generated at Sun Apr 19 08:51:06 2026 by rpki-client