Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/408e37-fae2-48b5-bd15-73d94cb54526/1/MzBvg92caNG7WukbUMJukpyB0v0.mft
File: MzBvg92caNG7WukbUMJukpyB0v0.mft (raw, json)
Hash identifier: tsDlkj6oVr4QiBqjAj1Du1bZMW1JuZhyMnCJYofJBsE=
Subject key identifier: D4:49:FA:E9:1E:8E:E4:03:04:D3:71:FE:A2:0A:60:84:3F:5E:E6:C6
Authority key identifier: 33:30:6F:83:DD:9C:68:D1:BB:5A:E9:1B:50:C2:6E:92:9C:81:D2:FD
Certificate issuer: /CN=33306f83dd9c68d1bb5ae91b50c26e929c81d2fd
Certificate serial: 019DA52FB2BAEB52F5315F8EF1DE7BBCB400
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MzBvg92caNG7WukbUMJukpyB0v0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/408e37-fae2-48b5-bd15-73d94cb54526/1/MzBvg92caNG7WukbUMJukpyB0v0.mft
Manifest number: 041C
Signing time: Sun 19 Apr 2026 10:00:59 +0000
Manifest this update: Sun 19 Apr 2026 10:00:59 +0000
Manifest next update: Mon 20 Apr 2026 10:00:59 +0000
Files and hashes: 1: 2FWfjreR50s05nG8c3Epkp-QpOk.roa (hash: QKVrsfHtk1frMC5gbyYQSs+jJV5TW9T1z5wCTl60joI=)
2: MzBvg92caNG7WukbUMJukpyB0v0.crl (hash: 5zMpeULJ0d4ZbqJEl+U4b9d05BEMBGwwDTxw5+FcM4M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/408e37-fae2-48b5-bd15-73d94cb54526/1/MzBvg92caNG7WukbUMJukpyB0v0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/408e37-fae2-48b5-bd15-73d94cb54526/1/MzBvg92caNG7WukbUMJukpyB0v0.mft
rsync://rpki.ripe.net/repository/DEFAULT/MzBvg92caNG7WukbUMJukpyB0v0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 04:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a5:2f:b2:ba:eb:52:f5:31:5f:8e:f1:de:7b:bc:b4:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33306f83dd9c68d1bb5ae91b50c26e929c81d2fd
Validity
Not Before: Apr 19 10:00:59 2026 GMT
Not After : Apr 20 10:00:59 2026 GMT
Subject: CN=d449fae91e8ee40304d371fea20a60843f5ee6c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a6:ba:9f:3c:d2:ca:24:4e:b4:78:bb:09:b3:
09:2d:b9:94:0b:3c:76:bc:13:9b:95:1d:a4:24:55:
ed:22:b4:31:e3:38:59:f9:38:61:db:7b:38:22:2a:
63:88:ef:10:df:54:cd:56:75:88:6a:af:0f:7e:f7:
69:21:ab:62:36:f3:56:a8:3f:46:b0:c9:4a:c5:aa:
24:a8:9b:1b:41:e6:2d:4c:26:b0:3b:24:2d:06:af:
f7:ef:87:fe:e6:65:58:27:fd:c7:8e:58:4d:40:d3:
a8:76:3f:4f:1d:7d:2d:29:8d:11:f6:88:62:82:4c:
bd:40:67:b5:6e:c1:f4:40:44:fd:6c:f9:d4:5c:46:
bd:85:a5:27:9a:96:36:00:ae:fd:97:13:42:d0:79:
d9:ac:59:3a:44:3c:9e:1e:99:71:10:f7:9c:df:c9:
43:b3:df:c6:59:80:52:8c:f7:99:f8:1f:f0:28:fe:
35:8b:1d:76:35:4e:36:fb:97:17:a0:57:ce:60:3e:
f5:45:63:db:6d:7a:bf:01:b4:cb:f0:e4:27:15:a1:
2b:e6:20:7a:b8:d3:7d:8d:b0:15:7d:57:82:44:fe:
a9:9a:8f:22:29:1d:1b:5e:65:b1:1e:17:66:76:dd:
ee:c6:e3:32:a5:ce:05:8a:a7:38:ab:65:9f:69:00:
80:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:49:FA:E9:1E:8E:E4:03:04:D3:71:FE:A2:0A:60:84:3F:5E:E6:C6
X509v3 Authority Key Identifier:
keyid:33:30:6F:83:DD:9C:68:D1:BB:5A:E9:1B:50:C2:6E:92:9C:81:D2:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MzBvg92caNG7WukbUMJukpyB0v0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/408e37-fae2-48b5-bd15-73d94cb54526/1/MzBvg92caNG7WukbUMJukpyB0v0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/408e37-fae2-48b5-bd15-73d94cb54526/1/MzBvg92caNG7WukbUMJukpyB0v0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
e6:d5:28:9a:43:ce:5d:bf:09:3b:22:f0:97:cf:b7:db:58:3d:
c9:cf:6e:27:05:60:cd:6a:16:6c:d5:72:76:f9:54:38:bf:68:
d7:1c:0d:43:4d:64:17:91:b9:57:2e:e2:69:2c:5e:2a:32:f5:
c6:8d:3a:84:dd:2f:76:41:62:58:45:2a:4a:20:66:f3:70:a2:
7b:23:01:89:9c:7b:0f:5c:d9:ae:c0:16:8f:b8:35:9a:e8:07:
75:44:43:28:28:66:41:60:bf:81:17:12:42:c9:6b:63:df:55:
cd:d7:03:b3:10:eb:f9:40:e3:df:07:9c:34:a3:a9:ef:b4:b7:
0a:4b:4a:63:1e:45:f2:29:ec:66:e5:76:d1:60:46:1d:a1:6d:
b3:b9:9c:a4:41:12:01:63:13:9c:40:01:6f:2a:a0:d5:b3:ad:
fd:e4:dd:bf:14:51:64:81:b3:60:22:fd:9e:d8:0e:b6:89:3d:
fe:f2:09:ec:26:4b:e7:33:bf:c2:6b:46:cb:4a:b7:0c:fb:75:
49:6c:9f:b0:f2:0a:ba:b8:98:62:b3:47:c5:89:05:71:ff:26:
7b:68:6e:7d:9f:fb:44:d4:cb:83:2e:29:08:f4:3b:bc:45:bc:
5d:87:89:9c:16:c5:9d:78:78:85:32:38:37:4c:bd:f6:ba:ec:
2a:3f:13:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2lL7K661L1MV+O8d57vLQAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMzA2ZjgzZGQ5YzY4ZDFiYjVhZTkxYjUwYzI2ZTkyOWM4
MWQyZmQwHhcNMjYwNDE5MTAwMDU5WhcNMjYwNDIwMTAwMDU5WjAzMTEwLwYDVQQD
EyhkNDQ5ZmFlOTFlOGVlNDAzMDRkMzcxZmVhMjBhNjA4NDNmNWVlNmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqa6nzzSyiROtHi7CbMJLbmUCzx2
vBOblR2kJFXtIrQx4zhZ+Thh23s4IipjiO8Q31TNVnWIaq8PfvdpIatiNvNWqD9G
sMlKxaokqJsbQeYtTCawOyQtBq/374f+5mVYJ/3HjlhNQNOodj9PHX0tKY0R9ohi
gky9QGe1bsH0QET9bPnUXEa9haUnmpY2AK79lxNC0HnZrFk6RDyeHplxEPec38lD
s9/GWYBSjPeZ+B/wKP41ix12NU42+5cXoFfOYD71RWPbbXq/AbTL8OQnFaEr5iB6
uNN9jbAVfVeCRP6pmo8iKR0bXmWxHhdmdt3uxuMypc4Fiqc4q2WfaQCAWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNRJ+ukejuQDBNNx/qIKYIQ/XubGMB8GA1UdIwQY
MBaAFDMwb4PdnGjRu1rpG1DCbpKcgdL9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXpCdmc5MmNhTkc3V3VrYlVNSnVrcHlCMHYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80MDhlMzctZmFlMi00OGI1LWJkMTUt
NzNkOTRjYjU0NTI2LzEvTXpCdmc5MmNhTkc3V3VrYlVNSnVrcHlCMHYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS80MDhlMzctZmFlMi00OGI1LWJkMTUtNzNkOTRjYjU0NTI2
LzEvTXpCdmc5MmNhTkc3V3VrYlVNSnVrcHlCMHYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA5tUomkPO
Xb8JOyLwl8+321g9yc9uJwVgzWoWbNVydvlUOL9o1xwNQ01kF5G5Vy7iaSxeKjL1
xo06hN0vdkFiWEUqSiBm83CieyMBiZx7D1zZrsAWj7g1mugHdURDKChmQWC/gRcS
QslrY99VzdcDsxDr+UDj3wecNKOp77S3CktKYx5F8insZuV20WBGHaFts7mcpEES
AWMTnEABbyqg1bOt/eTdvxRRZIGzYCL9ntgOtok9/vIJ7CZL5zO/wmtGy0q3DPt1
SWyfsPIKuriYYrNHxYkFcf8me2hufZ/7RNTLgy4pCPQ7vEW8XYeJnBbFnXh4hTI4
N0y99rrsKj8Teg==
-----END CERTIFICATE-----
Generated at Sun Apr 19 13:43:14 2026 by rpki-client