Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft
File: 2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft (raw, json)
Hash identifier: dCTm6LTei3HVNO9FyVEHtpo3YHynXjrhgd1KCeX8YE0=
Subject key identifier: 97:C9:D1:33:5A:EC:15:2D:73:66:2C:6C:5A:9A:23:58:C3:9A:D7:74
Authority key identifier: D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43
Certificate issuer: /CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
Certificate serial: 019E1CEB403513B164751775534746370C3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft
Manifest number: 191D
Signing time: Tue 12 May 2026 16:00:39 +0000
Manifest this update: Tue 12 May 2026 16:00:39 +0000
Manifest next update: Wed 13 May 2026 16:00:39 +0000
Files and hashes: 1: 2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl (hash: /VoISG3oH/xDKCOnzrVcJikz+qvJc9doDwKYI1J1SSU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft
rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1c:eb:40:35:13:b1:64:75:17:75:53:47:46:37:0c:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
Validity
Not Before: May 12 16:00:39 2026 GMT
Not After : May 13 16:00:39 2026 GMT
Subject: CN=97c9d1335aec152d73662c6c5a9a2358c39ad774
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:db:ce:ae:03:e9:de:22:3d:23:1a:1f:6e:9c:
62:0d:6b:17:46:8c:4f:b1:5c:48:f1:5e:38:43:c6:
15:04:14:2e:7f:39:11:a7:69:c6:d7:0e:16:2e:f0:
19:78:cc:b7:90:96:37:f3:23:0b:89:3a:39:d5:f0:
56:2c:ac:a7:09:46:b6:f5:68:41:30:40:4d:aa:35:
b9:97:72:19:a7:4b:f3:c1:4a:f6:2f:8e:1d:9a:1f:
d1:dc:ea:30:ff:b1:1e:e1:28:75:9b:cb:ea:90:b9:
d0:66:16:8f:b6:e5:62:c3:62:93:a6:d9:04:23:22:
bd:48:c6:13:ed:6f:80:f2:2c:ca:90:f0:19:eb:e3:
4f:d4:49:40:ca:69:0d:2c:7b:85:1f:86:2f:e8:08:
42:fe:78:0d:b7:d3:7b:de:d7:00:ac:04:06:1d:12:
06:a1:f0:13:2e:b5:29:cb:51:d9:fa:a0:d3:1e:51:
28:02:be:71:44:63:25:85:6c:9e:0b:24:9d:31:40:
8c:da:f4:60:df:08:3c:3c:75:d8:4c:31:41:31:e1:
47:64:87:2e:9e:55:4e:b4:ba:fd:70:f8:28:c2:e9:
62:89:a8:9e:ed:c2:bf:1c:5f:15:b9:08:89:8b:f0:
29:6d:f9:7a:11:2e:20:e8:3d:f6:12:10:57:09:7f:
94:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:C9:D1:33:5A:EC:15:2D:73:66:2C:6C:5A:9A:23:58:C3:9A:D7:74
X509v3 Authority Key Identifier:
keyid:D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
34:88:a6:28:ec:03:ee:89:fb:ca:e1:50:1b:96:03:fb:af:44:
da:35:f8:cd:a4:20:e9:50:dd:33:b2:ef:43:9d:fb:b7:7e:22:
e9:aa:c9:88:13:ca:bc:16:fe:69:12:d8:73:fb:e0:b5:65:f5:
b6:02:e1:d2:2f:f2:2f:6d:f5:7f:af:db:1f:2c:97:0c:47:6e:
6d:6e:39:9c:ac:3b:49:57:24:b5:66:38:21:53:08:72:7d:0c:
2e:f7:bd:25:6c:ec:96:55:de:d5:7e:b3:d7:8c:c8:3d:14:d9:
0e:77:fc:0c:74:3a:af:f5:cb:14:69:12:5f:0f:4f:dd:e0:72:
bc:57:d0:58:21:c2:26:1e:1d:a3:ba:08:c1:66:db:56:43:21:
c4:8b:2a:c1:b6:17:86:ce:48:4f:38:67:13:dc:db:70:e6:5a:
ef:1d:41:b1:43:46:d9:2e:f2:49:6e:57:a6:76:48:d0:2a:77:
f7:be:48:22:cc:3a:4e:52:4e:2f:1a:f4:3c:ca:91:31:48:7d:
9a:8c:dc:e1:98:ef:0a:a9:84:ad:5e:20:23:4c:fe:f6:82:40:
91:b2:5d:4a:ed:5c:67:d6:dc:f6:d4:e1:38:5a:c1:4f:81:80:
87:49:10:76:9d:f8:25:39:84:1b:a1:0a:48:c6:f9:82:8a:b1:
73:3c:68:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4c60A1E7FkdRd1U0dGNww9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZDY2MmRjYzZmZTNiODFlZjNkZTJmY2EzY2ZjZWRjMTFl
YmFhNDMwHhcNMjYwNTEyMTYwMDM5WhcNMjYwNTEzMTYwMDM5WjAzMTEwLwYDVQQD
Eyg5N2M5ZDEzMzVhZWMxNTJkNzM2NjJjNmM1YTlhMjM1OGMzOWFkNzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4dvOrgPp3iI9IxofbpxiDWsXRoxP
sVxI8V44Q8YVBBQufzkRp2nG1w4WLvAZeMy3kJY38yMLiTo51fBWLKynCUa29WhB
MEBNqjW5l3IZp0vzwUr2L44dmh/R3Oow/7Ee4Sh1m8vqkLnQZhaPtuViw2KTptkE
IyK9SMYT7W+A8izKkPAZ6+NP1ElAymkNLHuFH4Yv6AhC/ngNt9N73tcArAQGHRIG
ofATLrUpy1HZ+qDTHlEoAr5xRGMlhWyeCySdMUCM2vRg3wg8PHXYTDFBMeFHZIcu
nlVOtLr9cPgowuliiaie7cK/HF8VuQiJi/Apbfl6ES4g6D32EhBXCX+U0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJfJ0TNa7BUtc2YsbFqaI1jDmtd0MB8GA1UdIwQY
MBaAFNjWYtzG/juB7z3i/KPPztwR66pDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1Yjct
Nzg1ZTU4ODM2NDRkLzEvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1YjctNzg1ZTU4ODM2NDRk
LzEvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANIimKOwD
7on7yuFQG5YD+69E2jX4zaQg6VDdM7LvQ537t34i6arJiBPKvBb+aRLYc/vgtWX1
tgLh0i/yL231f6/bHyyXDEdubW45nKw7SVcktWY4IVMIcn0MLve9JWzsllXe1X6z
14zIPRTZDnf8DHQ6r/XLFGkSXw9P3eByvFfQWCHCJh4do7oIwWbbVkMhxIsqwbYX
hs5ITzhnE9zbcOZa7x1BsUNG2S7ySW5XpnZI0Cp3975IIsw6TlJOLxr0PMqRMUh9
mozc4ZjvCqmErV4gI0z+9oJAkbJdSu1cZ9bc9tThOFrBT4GAh0kQdp34JTmEG6EK
SMb5goqxczxoSw==
-----END CERTIFICATE-----
Generated at Tue May 12 21:29:34 2026 by rpki-client