Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.mft
File: r2A0bQgbHFyBCzlMZuEFErv02Mk.mft (raw, json)
Hash identifier: 2fz/sYuAP4psXJCJ6GJ9mOtyAKjOphGfEdHay//7wDI=
Subject key identifier: 35:53:94:72:FD:42:0A:60:5B:73:63:3B:3C:BC:5B:EC:BA:85:CC:67
Authority key identifier: AF:60:34:6D:08:1B:1C:5C:81:0B:39:4C:66:E1:05:12:BB:F4:D8:C9
Certificate issuer: /CN=af60346d081b1c5c810b394c66e10512bbf4d8c9
Certificate serial: 019D9B51149C8BCC9CBA240229AF19A3942C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r2A0bQgbHFyBCzlMZuEFErv02Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.mft
Manifest number: 05DC
Signing time: Fri 17 Apr 2026 12:01:15 +0000
Manifest this update: Fri 17 Apr 2026 12:01:15 +0000
Manifest next update: Sat 18 Apr 2026 12:01:15 +0000
Files and hashes: 1: MmHcaoSID19FRmGF5kFPH25PR2Q.roa (hash: Pv88TmQb3cGeVyGfPSrdF1R8Obs/Bo3T58FvtRvVnRM=)
2: r2A0bQgbHFyBCzlMZuEFErv02Mk.crl (hash: OUfw4nriAEG+sXqUslLIw1Rbw4WeMhp8CCffvi24j9E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.mft
rsync://rpki.ripe.net/repository/DEFAULT/r2A0bQgbHFyBCzlMZuEFErv02Mk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 12:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:51:14:9c:8b:cc:9c:ba:24:02:29:af:19:a3:94:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af60346d081b1c5c810b394c66e10512bbf4d8c9
Validity
Not Before: Apr 17 12:01:15 2026 GMT
Not After : Apr 18 12:01:15 2026 GMT
Subject: CN=35539472fd420a605b73633b3cbc5becba85cc67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d2:22:a9:7a:cb:e6:b1:ff:92:92:57:89:aa:
f2:f8:07:5a:71:69:db:26:4e:c6:a4:70:a1:d1:23:
3d:77:4c:2a:b6:76:9f:85:56:15:b7:49:8c:6f:27:
0d:2a:5d:f5:95:4c:8b:b4:76:79:3b:13:dc:e3:13:
cd:7e:c0:7c:70:fd:26:f5:35:23:e0:54:03:d8:f4:
19:87:9c:47:08:eb:3c:3c:00:ac:e4:69:ed:91:f5:
51:ec:c7:e3:f3:67:7c:0d:bd:ea:49:37:76:f0:e9:
55:4f:19:ce:61:db:6d:49:8b:d6:39:85:2d:0f:1b:
83:e7:41:60:39:62:ea:ae:cd:e6:eb:d5:a0:f2:c0:
6b:e6:e8:fe:7a:80:53:d3:e2:a2:96:96:2a:1a:ec:
a2:65:7e:3d:e0:33:52:76:11:b5:2d:d3:39:3f:ee:
e2:14:f3:f1:a3:d6:3b:43:53:5c:3a:35:00:8d:38:
0b:24:39:38:9b:59:55:71:64:18:21:80:a1:af:19:
3f:54:ce:6b:7e:a9:81:65:49:17:ba:71:d5:f1:56:
ec:73:26:8c:27:71:6d:87:c1:0b:46:6f:65:fe:d3:
85:66:0e:e0:ad:2c:3e:fc:c3:ef:a4:ad:04:d4:5f:
ec:3f:4f:82:9c:7c:57:00:50:0b:7c:3c:b8:98:d9:
dc:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:53:94:72:FD:42:0A:60:5B:73:63:3B:3C:BC:5B:EC:BA:85:CC:67
X509v3 Authority Key Identifier:
keyid:AF:60:34:6D:08:1B:1C:5C:81:0B:39:4C:66:E1:05:12:BB:F4:D8:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r2A0bQgbHFyBCzlMZuEFErv02Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5f:b1:2c:07:9d:35:e6:e0:41:ec:d2:35:3c:f3:fa:7d:99:1b:
a2:d4:bf:dd:fc:18:e2:45:22:9f:d1:41:41:52:55:97:fa:e0:
27:53:97:41:f3:a3:36:01:f2:fd:11:e5:4d:cc:68:70:8b:49:
e9:53:ff:18:51:d2:0a:9c:4c:07:0c:f7:38:81:f7:f6:60:dd:
90:7e:a8:83:47:1e:ea:87:a6:49:a7:4e:b9:11:df:f2:80:af:
3c:9e:ca:f6:18:48:0d:9d:89:75:9a:a0:6b:85:31:70:80:7f:
ba:72:b7:40:fc:4f:f4:11:70:07:14:df:ce:9c:d2:e2:25:4d:
2f:ec:c9:bb:f5:99:02:da:99:6f:f4:8f:69:3e:e7:61:a8:35:
7a:f7:5f:62:19:d8:c4:b6:45:85:7a:47:ad:df:78:44:18:5b:
f3:60:73:3d:d1:14:1b:ed:2f:1a:dc:45:b1:46:91:7b:60:0a:
71:27:56:96:5b:fb:f8:ca:92:cc:75:2f:84:27:23:fe:5e:36:
6b:33:40:3e:16:15:30:95:60:22:e6:e0:cf:4a:ec:45:80:e3:
c2:dc:c5:13:63:55:05:d1:e7:3e:17:c7:25:40:8f:25:dd:9d:
37:db:20:c8:a5:b7:b6:4d:7c:48:53:90:1a:37:8e:72:7a:bd:
30:37:d6:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bURSci8ycuiQCKa8Zo5QsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNjAzNDZkMDgxYjFjNWM4MTBiMzk0YzY2ZTEwNTEyYmJm
NGQ4YzkwHhcNMjYwNDE3MTIwMTE1WhcNMjYwNDE4MTIwMTE1WjAzMTEwLwYDVQQD
EygzNTUzOTQ3MmZkNDIwYTYwNWI3MzYzM2IzY2JjNWJlY2JhODVjYzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9IiqXrL5rH/kpJXiary+AdacWnb
Jk7GpHCh0SM9d0wqtnafhVYVt0mMbycNKl31lUyLtHZ5OxPc4xPNfsB8cP0m9TUj
4FQD2PQZh5xHCOs8PACs5GntkfVR7Mfj82d8Db3qSTd28OlVTxnOYdttSYvWOYUt
DxuD50FgOWLqrs3m69Wg8sBr5uj+eoBT0+KilpYqGuyiZX494DNSdhG1LdM5P+7i
FPPxo9Y7Q1NcOjUAjTgLJDk4m1lVcWQYIYChrxk/VM5rfqmBZUkXunHV8VbscyaM
J3Fth8ELRm9l/tOFZg7grSw+/MPvpK0E1F/sP0+CnHxXAFALfDy4mNncFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDVTlHL9QgpgW3NjOzy8W+y6hcxnMB8GA1UdIwQY
MBaAFK9gNG0IGxxcgQs5TGbhBRK79NjJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjJBMGJRZ2JIRnlCQ3psTVp1RUZFcnYwMk1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9iNjYwZjQtODhjYi00NWYzLWE3MWEt
MjYzOTgzOWY4MjhkLzEvcjJBMGJRZ2JIRnlCQ3psTVp1RUZFcnYwMk1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9iNjYwZjQtODhjYi00NWYzLWE3MWEtMjYzOTgzOWY4Mjhk
LzEvcjJBMGJRZ2JIRnlCQ3psTVp1RUZFcnYwMk1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX7EsB501
5uBB7NI1PPP6fZkbotS/3fwY4kUin9FBQVJVl/rgJ1OXQfOjNgHy/RHlTcxocItJ
6VP/GFHSCpxMBwz3OIH39mDdkH6og0ce6oemSadOuRHf8oCvPJ7K9hhIDZ2JdZqg
a4UxcIB/unK3QPxP9BFwBxTfzpzS4iVNL+zJu/WZAtqZb/SPaT7nYag1evdfYhnY
xLZFhXpHrd94RBhb82BzPdEUG+0vGtxFsUaRe2AKcSdWllv7+MqSzHUvhCcj/l42
azNAPhYVMJVgIubgz0rsRYDjwtzFE2NVBdHnPhfHJUCPJd2dN9sgyKW3tk18SFOQ
GjeOcnq9MDfWNg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:53:57 2026 by rpki-client