Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/9b87f8-ca94-483f-88ea-4863911412fa/1/2yNWAARVt7WJTO0UaYWgqIifnkw.mft
File: 2yNWAARVt7WJTO0UaYWgqIifnkw.mft (raw, json)
Hash identifier: cdlapRHck18uZNRzeDvBp8zMW3VZrWX1vZEHnOPmdoE=
Subject key identifier: 3D:AD:C4:DE:5A:5C:F1:E8:F1:7C:3D:C3:A2:AE:54:CA:DC:BC:10:96
Authority key identifier: DB:23:56:00:04:55:B7:B5:89:4C:ED:14:69:85:A0:A8:88:9F:9E:4C
Certificate issuer: /CN=db2356000455b7b5894ced146985a0a8889f9e4c
Certificate serial: 019D2997255449C763A6A3344923ECCD2B87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2yNWAARVt7WJTO0UaYWgqIifnkw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/9b87f8-ca94-483f-88ea-4863911412fa/1/2yNWAARVt7WJTO0UaYWgqIifnkw.mft
Manifest number: 16A2
Signing time: Thu 26 Mar 2026 10:01:04 +0000
Manifest this update: Thu 26 Mar 2026 10:01:04 +0000
Manifest next update: Fri 27 Mar 2026 10:01:04 +0000
Files and hashes: 1: 2yNWAARVt7WJTO0UaYWgqIifnkw.crl (hash: 22l1k1l1xojtkSlEeawF8erZhW2xCAb9xb+2Kif7fJs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/9b87f8-ca94-483f-88ea-4863911412fa/1/2yNWAARVt7WJTO0UaYWgqIifnkw.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/9b87f8-ca94-483f-88ea-4863911412fa/1/2yNWAARVt7WJTO0UaYWgqIifnkw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2yNWAARVt7WJTO0UaYWgqIifnkw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:97:25:54:49:c7:63:a6:a3:34:49:23:ec:cd:2b:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db2356000455b7b5894ced146985a0a8889f9e4c
Validity
Not Before: Mar 26 10:01:04 2026 GMT
Not After : Mar 27 10:01:04 2026 GMT
Subject: CN=3dadc4de5a5cf1e8f17c3dc3a2ae54cadcbc1096
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:9f:ef:66:29:40:2b:b0:06:00:4e:e4:c2:b6:
70:e6:95:99:74:c0:bd:a3:76:fb:22:d0:59:5a:e1:
39:40:07:12:40:8d:f9:0f:d2:39:43:60:98:8b:b7:
e6:f1:65:21:a1:73:a2:df:73:2b:e5:02:bd:9d:cf:
c8:c6:8c:14:e3:d9:b9:88:57:87:34:1c:bb:30:9b:
f3:7e:66:5d:86:0e:ca:2c:70:3d:47:13:b8:0e:45:
4a:54:52:12:a6:f8:05:67:4d:b7:41:a6:1d:2e:22:
df:f0:12:31:6b:8c:b0:6b:a5:e0:e1:fc:fd:c7:a9:
a0:52:12:62:ad:13:0f:2c:87:3a:bb:66:fb:86:8b:
37:80:31:d0:cb:d2:55:15:96:b9:7a:48:0c:b9:1f:
ba:fa:ec:20:e0:d6:0f:f2:d8:8c:b8:6b:8f:8f:3b:
2d:a3:89:32:ac:bb:f8:59:1a:e3:72:f1:c0:1c:12:
f4:fe:d9:81:38:bd:d2:ea:bf:a5:35:7e:5f:0a:83:
f1:85:48:ce:fb:de:43:6c:d7:53:0f:fc:70:07:c9:
36:63:81:2c:ef:b7:23:32:33:07:b6:09:f0:3a:0f:
61:8c:83:62:be:5b:2a:12:ff:12:df:68:e7:3f:e2:
04:19:6e:33:2f:7c:b4:73:93:16:bd:59:be:85:4a:
e6:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:AD:C4:DE:5A:5C:F1:E8:F1:7C:3D:C3:A2:AE:54:CA:DC:BC:10:96
X509v3 Authority Key Identifier:
keyid:DB:23:56:00:04:55:B7:B5:89:4C:ED:14:69:85:A0:A8:88:9F:9E:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2yNWAARVt7WJTO0UaYWgqIifnkw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/9b87f8-ca94-483f-88ea-4863911412fa/1/2yNWAARVt7WJTO0UaYWgqIifnkw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/9b87f8-ca94-483f-88ea-4863911412fa/1/2yNWAARVt7WJTO0UaYWgqIifnkw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c0:c9:f6:91:72:9a:73:ae:17:04:92:05:86:9d:39:5f:a8:9a:
9d:73:12:fe:3b:ca:91:bd:2d:16:c9:91:18:2a:9b:ab:c6:bb:
50:1c:dc:dc:66:d6:cf:ba:ad:49:e9:d2:a1:c3:3c:28:f3:83:
ac:d5:14:4b:8d:00:07:50:99:83:98:38:2f:53:d2:fd:85:aa:
ac:b7:20:79:f1:ec:54:14:9e:db:f1:5c:63:fb:ba:33:d4:d9:
81:b2:89:e9:3c:b0:e5:3c:7e:08:ef:6e:17:be:cc:15:1d:b2:
8b:53:5f:6e:89:69:69:43:87:20:7a:64:ad:6f:dd:f6:ff:26:
c5:8b:44:d4:4c:bb:88:42:af:f0:56:6e:d4:c4:e7:5a:0a:ba:
df:2e:22:39:2c:46:ba:54:02:6a:4b:bc:c0:72:a2:63:87:81:
16:e6:05:60:3b:6d:e7:58:e5:10:17:f6:ee:45:0a:67:27:df:
56:de:54:b6:f2:ab:da:6e:70:8f:a5:d3:a5:0b:8f:99:c9:b5:
de:d4:09:be:e7:d3:5f:86:45:91:8e:f8:94:b9:fe:8c:64:9d:
aa:92:9a:03:18:8d:36:cd:a3:cf:f1:75:2c:54:05:21:7a:03:
2c:27:e0:bc:cd:0c:b8:73:96:64:e6:68:09:09:96:2c:4a:93:
b2:a4:4d:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0plyVUScdjpqM0SSPszSuHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMjM1NjAwMDQ1NWI3YjU4OTRjZWQxNDY5ODVhMGE4ODg5
ZjllNGMwHhcNMjYwMzI2MTAwMTA0WhcNMjYwMzI3MTAwMTA0WjAzMTEwLwYDVQQD
EygzZGFkYzRkZTVhNWNmMWU4ZjE3YzNkYzNhMmFlNTRjYWRjYmMxMDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5/vZilAK7AGAE7kwrZw5pWZdMC9
o3b7ItBZWuE5QAcSQI35D9I5Q2CYi7fm8WUhoXOi33Mr5QK9nc/IxowU49m5iFeH
NBy7MJvzfmZdhg7KLHA9RxO4DkVKVFISpvgFZ023QaYdLiLf8BIxa4ywa6Xg4fz9
x6mgUhJirRMPLIc6u2b7hos3gDHQy9JVFZa5ekgMuR+6+uwg4NYP8tiMuGuPjzst
o4kyrLv4WRrjcvHAHBL0/tmBOL3S6r+lNX5fCoPxhUjO+95DbNdTD/xwB8k2Y4Es
77cjMjMHtgnwOg9hjINivlsqEv8S32jnP+IEGW4zL3y0c5MWvVm+hUrmUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD2txN5aXPHo8Xw9w6KuVMrcvBCWMB8GA1UdIwQY
MBaAFNsjVgAEVbe1iUztFGmFoKiIn55MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnlOV0FBUlZ0N1dKVE8wVWFZV2dxSWlmbmt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85Yjg3ZjgtY2E5NC00ODNmLTg4ZWEt
NDg2MzkxMTQxMmZhLzEvMnlOV0FBUlZ0N1dKVE8wVWFZV2dxSWlmbmt3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85Yjg3ZjgtY2E5NC00ODNmLTg4ZWEtNDg2MzkxMTQxMmZh
LzEvMnlOV0FBUlZ0N1dKVE8wVWFZV2dxSWlmbmt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwMn2kXKa
c64XBJIFhp05X6ianXMS/jvKkb0tFsmRGCqbq8a7UBzc3GbWz7qtSenSocM8KPOD
rNUUS40AB1CZg5g4L1PS/YWqrLcgefHsVBSe2/FcY/u6M9TZgbKJ6Tyw5Tx+CO9u
F77MFR2yi1NfbolpaUOHIHpkrW/d9v8mxYtE1Ey7iEKv8FZu1MTnWgq63y4iOSxG
ulQCaku8wHKiY4eBFuYFYDtt51jlEBf27kUKZyffVt5UtvKr2m5wj6XTpQuPmcm1
3tQJvufTX4ZFkY74lLn+jGSdqpKaAxiNNs2jz/F1LFQFIXoDLCfgvM0MuHOWZOZo
CQmWLEqTsqRN2Q==
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:43:19 2026 by rpki-client