Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft
File: 2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft (raw, json)
Hash identifier: 59IIXU5+t8tHFOFyLaajTEMnbNxK92xOPNehfPnl4NM=
Subject key identifier: E3:73:6F:23:F2:EC:62:50:BF:A2:6C:FD:0B:A3:7D:B4:20:D1:4B:A9
Authority key identifier: D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43
Certificate issuer: /CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
Certificate serial: 019D29978E4C2B8B306642FCDB7704CDA127
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft
Manifest number: 189F
Signing time: Thu 26 Mar 2026 10:01:31 +0000
Manifest this update: Thu 26 Mar 2026 10:01:31 +0000
Manifest next update: Fri 27 Mar 2026 10:01:31 +0000
Files and hashes: 1: 2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl (hash: JWwVgZbIGr464SU65x7BK6Wj/ispaEgyB/cTo4CX1PU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft
rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:97:8e:4c:2b:8b:30:66:42:fc:db:77:04:cd:a1:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
Validity
Not Before: Mar 26 10:01:31 2026 GMT
Not After : Mar 27 10:01:31 2026 GMT
Subject: CN=e3736f23f2ec6250bfa26cfd0ba37db420d14ba9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:6a:e5:42:05:01:88:a1:d3:b7:0e:26:43:77:
15:bf:78:79:5b:c1:03:62:a6:7c:07:67:f9:52:fc:
25:02:ec:55:5f:3d:f9:cc:3c:c0:9a:9c:f7:72:b8:
7a:48:32:de:f6:89:2d:e4:6e:e9:e2:71:dc:92:07:
29:c5:15:90:c5:c2:aa:63:0b:18:d6:03:8c:2e:67:
ef:4a:bf:94:a3:fb:8a:bd:5a:37:e6:9f:07:ea:ba:
19:3b:c1:c9:62:4a:e9:ab:cc:52:06:01:de:85:1c:
da:0e:d0:ff:95:66:56:52:2c:45:78:50:cd:19:06:
e9:f0:17:03:1a:38:62:23:3f:ac:26:2d:73:64:a2:
84:5b:a0:0f:7e:4b:06:cf:72:61:dd:39:d4:2c:3d:
74:bd:27:8c:a6:07:47:2c:0c:76:54:be:81:2e:31:
af:ad:75:fa:62:be:f0:9d:f2:f0:eb:7b:28:25:2f:
75:4b:1f:e0:66:57:c6:90:03:68:70:9e:bf:35:11:
f6:d5:8d:b6:7a:e6:e1:d7:04:7b:81:bf:01:8c:08:
fb:e1:63:e4:48:fe:d1:01:76:d7:c6:0a:12:81:b3:
47:d6:b5:51:ca:95:ca:89:af:73:c9:68:78:19:ab:
84:e2:fc:c1:7b:1b:ec:9a:d5:a9:ad:e3:be:3b:6b:
a7:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:73:6F:23:F2:EC:62:50:BF:A2:6C:FD:0B:A3:7D:B4:20:D1:4B:A9
X509v3 Authority Key Identifier:
keyid:D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a6:49:79:cf:d4:2b:57:51:5a:0a:b5:3b:df:65:49:41:d1:3d:
5d:38:9c:04:52:6c:09:bb:3f:0b:c8:49:6d:60:23:ac:fa:be:
3b:36:c0:55:04:51:9e:87:c1:a0:23:0f:bc:d1:e8:a4:ca:f8:
3c:42:41:5b:dc:88:97:c2:af:94:65:51:b6:c8:66:14:9e:a0:
10:2c:c6:df:a0:c8:16:52:55:ae:9c:11:a1:ed:4f:2d:74:fe:
8d:76:c4:3a:88:4e:a6:d6:c4:34:3b:ed:48:53:05:1c:5f:bb:
72:67:97:b8:84:af:fd:ca:53:55:09:7a:3a:d5:80:50:e5:65:
2f:a7:c4:08:61:ae:c1:53:43:d9:b6:ba:69:ee:91:bd:ab:1f:
e3:68:7c:25:b8:ff:5b:f4:16:aa:70:af:59:85:26:8b:3e:c9:
76:56:9f:00:19:e9:f4:52:fd:da:dd:2c:4c:5d:fd:17:f7:51:
44:81:32:1e:73:7f:08:88:0a:02:78:9a:4a:9c:04:ed:1b:c1:
22:d5:c5:fd:6f:91:17:e4:7b:f0:91:68:42:ac:b9:59:bc:31:
54:0a:86:d5:40:0a:69:84:58:85:a1:50:8b:47:17:eb:a2:24:
cd:b6:28:2c:88:b6:20:ab:10:27:fe:1b:25:1c:4d:02:a7:2c:
d5:23:56:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pl45MK4swZkL823cEzaEnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZDY2MmRjYzZmZTNiODFlZjNkZTJmY2EzY2ZjZWRjMTFl
YmFhNDMwHhcNMjYwMzI2MTAwMTMxWhcNMjYwMzI3MTAwMTMxWjAzMTEwLwYDVQQD
EyhlMzczNmYyM2YyZWM2MjUwYmZhMjZjZmQwYmEzN2RiNDIwZDE0YmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2rlQgUBiKHTtw4mQ3cVv3h5W8ED
YqZ8B2f5UvwlAuxVXz35zDzAmpz3crh6SDLe9okt5G7p4nHckgcpxRWQxcKqYwsY
1gOMLmfvSr+Uo/uKvVo35p8H6roZO8HJYkrpq8xSBgHehRzaDtD/lWZWUixFeFDN
GQbp8BcDGjhiIz+sJi1zZKKEW6APfksGz3Jh3TnULD10vSeMpgdHLAx2VL6BLjGv
rXX6Yr7wnfLw63soJS91Sx/gZlfGkANocJ6/NRH21Y22eubh1wR7gb8BjAj74WPk
SP7RAXbXxgoSgbNH1rVRypXKia9zyWh4GauE4vzBexvsmtWpreO+O2unlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFONzbyPy7GJQv6Js/QujfbQg0UupMB8GA1UdIwQY
MBaAFNjWYtzG/juB7z3i/KPPztwR66pDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1Yjct
Nzg1ZTU4ODM2NDRkLzEvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1YjctNzg1ZTU4ODM2NDRk
LzEvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApkl5z9Qr
V1FaCrU732VJQdE9XTicBFJsCbs/C8hJbWAjrPq+OzbAVQRRnofBoCMPvNHopMr4
PEJBW9yIl8KvlGVRtshmFJ6gECzG36DIFlJVrpwRoe1PLXT+jXbEOohOptbENDvt
SFMFHF+7cmeXuISv/cpTVQl6OtWAUOVlL6fECGGuwVND2ba6ae6Rvasf42h8Jbj/
W/QWqnCvWYUmiz7JdlafABnp9FL92t0sTF39F/dRRIEyHnN/CIgKAniaSpwE7RvB
ItXF/W+RF+R78JFoQqy5WbwxVAqG1UAKaYRYhaFQi0cX66IkzbYoLIi2IKsQJ/4b
JRxNAqcs1SNWRQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:03:50 2026 by rpki-client