Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/647485-635e-4ac6-b0b9-3351c577b432/1/2VSrlORZUZTSw5sdP-aokfHrkrw.mft
File: 2VSrlORZUZTSw5sdP-aokfHrkrw.mft (raw, json)
Hash identifier: Owt0bIDDnXoeJcVc3E2f/ZfwEZ1T88hrruc17d2syf4=
Subject key identifier: A5:C2:88:0A:AC:B7:F2:88:D1:6E:B5:43:D2:05:C4:19:90:79:EE:21
Authority key identifier: D9:54:AB:94:E4:59:51:94:D2:C3:9B:1D:3F:E6:A8:91:F1:EB:92:BC
Certificate issuer: /CN=d954ab94e4595194d2c39b1d3fe6a891f1eb92bc
Certificate serial: 019D99D06F3D6034CED3B8FD6E176629E1DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2VSrlORZUZTSw5sdP-aokfHrkrw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/647485-635e-4ac6-b0b9-3351c577b432/1/2VSrlORZUZTSw5sdP-aokfHrkrw.mft
Manifest number: 0A21
Signing time: Fri 17 Apr 2026 05:01:07 +0000
Manifest this update: Fri 17 Apr 2026 05:01:07 +0000
Manifest next update: Sat 18 Apr 2026 05:01:07 +0000
Files and hashes: 1: 2VSrlORZUZTSw5sdP-aokfHrkrw.crl (hash: MMamDngVQOK1DVVQmpfiMTXZoPu1McHWkwteiKtHqC0=)
2: qgMkoT1JMEGlzQ-9amlEk3JLWC4.roa (hash: y8/qKOIU/VnL+2E1k4DTDJCvpW8Lts5guxMB4ltkk0o=)
3: r3-oGCZiu-f0pzfjoZyY5hfWHE0.roa (hash: axK8NfXG0oP4PqyHKrnwHUrltZg/uDJF8UJbff87uoU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/647485-635e-4ac6-b0b9-3351c577b432/1/2VSrlORZUZTSw5sdP-aokfHrkrw.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/647485-635e-4ac6-b0b9-3351c577b432/1/2VSrlORZUZTSw5sdP-aokfHrkrw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2VSrlORZUZTSw5sdP-aokfHrkrw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 05:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:d0:6f:3d:60:34:ce:d3:b8:fd:6e:17:66:29:e1:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d954ab94e4595194d2c39b1d3fe6a891f1eb92bc
Validity
Not Before: Apr 17 05:01:07 2026 GMT
Not After : Apr 18 05:01:07 2026 GMT
Subject: CN=a5c2880aacb7f288d16eb543d205c4199079ee21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:03:50:ae:9a:3f:d2:f2:ca:d9:09:10:04:12:
e2:75:90:c6:37:31:9a:62:3f:d9:01:4d:26:be:59:
cb:8f:61:5b:e7:89:64:e9:59:e8:eb:a3:4e:b9:71:
d4:2b:57:60:7d:78:53:7e:1f:73:e3:8e:af:7d:02:
12:e4:c2:ae:1e:6c:a3:e9:c2:75:97:f1:da:b2:39:
12:2e:2d:7e:38:56:3e:40:9c:9f:33:49:4b:8c:2d:
11:26:74:76:cc:72:df:0e:63:c9:1e:61:32:ec:5a:
c3:e0:f9:12:37:93:e1:5a:5d:aa:2b:6a:2e:42:78:
96:e7:f0:06:a6:df:01:f0:d2:88:86:53:31:14:75:
9d:af:33:48:19:3a:7d:28:57:68:b8:3a:97:df:13:
5d:ae:35:d7:27:61:be:a0:9b:25:3f:dc:1c:34:86:
ab:88:fe:61:ec:01:ad:db:ea:eb:a0:9b:02:7a:af:
48:38:a3:72:a5:c8:a7:ad:5f:b6:be:6a:bf:40:82:
6c:89:64:59:41:f4:ea:0e:86:5a:1f:56:6e:70:32:
e0:e8:ca:ef:fa:cf:c1:1f:5b:70:e7:e7:c9:02:ef:
02:f1:80:dc:16:2f:54:a8:c4:d8:a9:12:80:49:ff:
04:47:a6:1b:e7:ff:bd:27:c9:a7:45:d3:39:9d:c5:
cf:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:C2:88:0A:AC:B7:F2:88:D1:6E:B5:43:D2:05:C4:19:90:79:EE:21
X509v3 Authority Key Identifier:
keyid:D9:54:AB:94:E4:59:51:94:D2:C3:9B:1D:3F:E6:A8:91:F1:EB:92:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2VSrlORZUZTSw5sdP-aokfHrkrw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/647485-635e-4ac6-b0b9-3351c577b432/1/2VSrlORZUZTSw5sdP-aokfHrkrw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/647485-635e-4ac6-b0b9-3351c577b432/1/2VSrlORZUZTSw5sdP-aokfHrkrw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1e:9b:c6:dd:43:91:70:e5:ca:23:67:75:26:28:92:5d:cd:6f:
0e:cf:e3:67:46:ce:d5:b8:37:52:05:04:14:c2:0f:85:67:2a:
be:50:b2:5e:d4:e7:7a:0c:f5:8c:2e:83:95:16:d4:4d:07:e4:
70:aa:10:ed:10:9f:61:99:b4:0a:22:27:56:ec:d9:ae:a6:57:
48:27:a6:e3:42:7a:89:2c:a6:4e:d1:66:b8:a8:70:02:68:2f:
7f:2d:56:90:84:3c:23:20:f7:b9:69:7f:1b:b0:e5:2a:f9:ef:
9a:c0:81:09:b6:01:23:73:20:67:ff:72:d1:08:f8:68:6d:7f:
ce:a4:4b:8d:f0:d2:4d:3a:fe:18:fd:68:9d:49:ef:78:ea:8a:
96:81:a1:0b:b4:e0:f4:ee:72:7c:42:17:f9:5f:65:dc:ad:f9:
8d:5f:13:80:67:1f:7d:ba:58:af:ed:a4:f3:dc:29:d5:c2:fd:
76:d9:73:30:2b:2f:30:0d:8d:27:85:d1:2d:24:0f:10:8b:44:
48:f8:c2:27:db:d4:8d:60:be:e0:55:ab:42:bc:d5:48:d8:08:
d7:9c:a6:7e:c8:31:cf:e0:16:67:56:9a:74:b5:0f:31:7b:77:
d4:b2:c1:61:17:d2:c8:7c:84:fd:05:f1:b8:87:82:37:03:4c:
90:ae:8a:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Z0G89YDTO07j9bhdmKeHfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5NTRhYjk0ZTQ1OTUxOTRkMmMzOWIxZDNmZTZhODkxZjFl
YjkyYmMwHhcNMjYwNDE3MDUwMTA3WhcNMjYwNDE4MDUwMTA3WjAzMTEwLwYDVQQD
EyhhNWMyODgwYWFjYjdmMjg4ZDE2ZWI1NDNkMjA1YzQxOTkwNzllZTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQNQrpo/0vLK2QkQBBLidZDGNzGa
Yj/ZAU0mvlnLj2Fb54lk6Vno66NOuXHUK1dgfXhTfh9z446vfQIS5MKuHmyj6cJ1
l/HasjkSLi1+OFY+QJyfM0lLjC0RJnR2zHLfDmPJHmEy7FrD4PkSN5PhWl2qK2ou
QniW5/AGpt8B8NKIhlMxFHWdrzNIGTp9KFdouDqX3xNdrjXXJ2G+oJslP9wcNIar
iP5h7AGt2+rroJsCeq9IOKNypcinrV+2vmq/QIJsiWRZQfTqDoZaH1ZucDLg6Mrv
+s/BH1tw5+fJAu8C8YDcFi9UqMTYqRKASf8ER6Yb5/+9J8mnRdM5ncXPSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKXCiAqst/KI0W61Q9IFxBmQee4hMB8GA1UdIwQY
MBaAFNlUq5TkWVGU0sObHT/mqJHx65K8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlZTcmxPUlpVWlRTdzVzZFAtYW9rZkhya3J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82NDc0ODUtNjM1ZS00YWM2LWIwYjkt
MzM1MWM1NzdiNDMyLzEvMlZTcmxPUlpVWlRTdzVzZFAtYW9rZkhya3J3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC82NDc0ODUtNjM1ZS00YWM2LWIwYjktMzM1MWM1NzdiNDMy
LzEvMlZTcmxPUlpVWlRTdzVzZFAtYW9rZkhya3J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHpvG3UOR
cOXKI2d1JiiSXc1vDs/jZ0bO1bg3UgUEFMIPhWcqvlCyXtTnegz1jC6DlRbUTQfk
cKoQ7RCfYZm0CiInVuzZrqZXSCem40J6iSymTtFmuKhwAmgvfy1WkIQ8IyD3uWl/
G7DlKvnvmsCBCbYBI3MgZ/9y0Qj4aG1/zqRLjfDSTTr+GP1onUnveOqKloGhC7Tg
9O5yfEIX+V9l3K35jV8TgGcffbpYr+2k89wp1cL9dtlzMCsvMA2NJ4XRLSQPEItE
SPjCJ9vUjWC+4FWrQrzVSNgI15ymfsgxz+AWZ1aadLUPMXt31LLBYRfSyHyE/QXx
uIeCNwNMkK6KQw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:58:18 2026 by rpki-client