Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.mft
File: 2J8W9XSSQzePgUyUskA010s5J98.mft (raw, json)
Hash identifier: wdRnACARoqH8EO/TiDlRl8GCwxrUSOyiji/zviBhvek=
Subject key identifier: D5:58:5E:1D:60:EE:09:73:23:0F:54:05:23:D6:6F:80:0F:20:DD:4E
Authority key identifier: D8:9F:16:F5:74:92:43:37:8F:81:4C:94:B2:40:34:D7:4B:39:27:DF
Certificate issuer: /CN=d89f16f5749243378f814c94b24034d74b3927df
Certificate serial: 019D296123EA482D9E45510E2BE60BABFACA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2J8W9XSSQzePgUyUskA010s5J98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.mft
Manifest number: 0536
Signing time: Thu 26 Mar 2026 09:02:05 +0000
Manifest this update: Thu 26 Mar 2026 09:02:05 +0000
Manifest next update: Fri 27 Mar 2026 09:02:05 +0000
Files and hashes: 1: 2J8W9XSSQzePgUyUskA010s5J98.crl (hash: nPA97SVh9EgwRHm1ZlM/JzWxa53l77mPpUD4IRK8BHk=)
2: 4vjv7ETAasx0tRKIpHxecSePkHs.roa (hash: 2AsMwZr9rbOc2Qfm0AhPalnC6K6xXB1YyB0oF7P/lrY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.mft
rsync://rpki.ripe.net/repository/DEFAULT/2J8W9XSSQzePgUyUskA010s5J98.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:61:23:ea:48:2d:9e:45:51:0e:2b:e6:0b:ab:fa:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d89f16f5749243378f814c94b24034d74b3927df
Validity
Not Before: Mar 26 09:02:05 2026 GMT
Not After : Mar 27 09:02:05 2026 GMT
Subject: CN=d5585e1d60ee0973230f540523d66f800f20dd4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:66:15:cf:e5:5b:50:30:cb:57:fd:9c:aa:7b:
b2:29:f7:f7:a6:e4:d1:32:68:98:28:80:74:16:2a:
c5:7f:d9:06:91:c0:6c:44:74:ac:64:82:8c:d8:eb:
e3:0e:4c:69:fa:10:46:84:d2:71:fd:a3:a9:36:f2:
95:c2:dd:37:bc:4f:66:7a:aa:83:84:6b:ea:74:53:
4a:26:34:19:e6:91:d3:4c:1e:7e:4b:99:78:18:b8:
22:34:5d:12:79:4f:cc:a9:5f:af:1a:40:a5:9a:9c:
ed:52:80:87:2a:30:80:92:bd:85:06:42:ef:d0:9d:
90:b5:94:60:dd:6a:69:d7:a1:b1:23:0d:10:b8:cc:
2b:3c:b7:08:37:fc:41:83:f1:d2:9d:0d:7e:3d:fc:
62:03:94:42:4b:b0:c6:d4:0a:68:f8:ad:60:83:ea:
fe:14:89:c8:0d:2e:19:f4:2e:29:b3:37:f6:93:99:
bc:00:c6:82:24:12:f1:d0:33:e8:f2:62:de:88:0b:
ea:29:81:ed:63:61:87:26:98:ac:ab:33:a4:91:9e:
e5:64:79:14:a6:ba:64:b2:ba:9b:a7:ea:e5:e3:ba:
d9:77:08:e3:7b:2f:4f:60:7f:8a:09:ca:8a:16:96:
c5:f4:ea:da:ad:a8:6b:13:eb:91:70:10:7d:c7:69:
63:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:58:5E:1D:60:EE:09:73:23:0F:54:05:23:D6:6F:80:0F:20:DD:4E
X509v3 Authority Key Identifier:
keyid:D8:9F:16:F5:74:92:43:37:8F:81:4C:94:B2:40:34:D7:4B:39:27:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2J8W9XSSQzePgUyUskA010s5J98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:b8:86:03:d9:70:ef:3e:d5:6a:4e:8b:5a:12:c0:76:a8:29:
23:5a:5f:1f:0b:58:f2:38:5d:fc:0d:02:4c:19:10:48:11:07:
45:1a:fb:44:58:b5:59:7e:0a:08:3c:c2:73:9f:c5:51:60:ab:
ce:ba:af:4f:34:95:77:b2:24:59:62:c2:f1:26:5f:e2:a8:ac:
ab:8c:ea:e5:0b:ad:96:55:2e:cc:e7:0d:01:63:46:d3:e2:74:
c6:da:95:f3:b4:3f:df:91:30:d8:99:00:5c:76:8e:4c:0f:b6:
88:8d:60:cd:c5:ac:21:64:37:d8:aa:e8:0b:46:af:b2:c8:9a:
41:1e:e3:29:d9:39:34:82:cf:f3:fa:45:cb:48:22:13:86:10:
d9:8c:bf:78:28:87:76:68:d6:70:42:4b:a1:f0:92:f7:48:72:
5c:63:9e:b0:94:3f:69:66:01:fd:c8:b7:e3:a0:b7:60:c6:b6:
8d:21:26:2b:e8:5f:a8:78:52:cd:be:ec:09:8f:73:43:66:13:
60:61:64:b4:a4:ab:cb:40:5b:88:06:3a:ad:d0:43:82:07:fa:
5a:a3:91:01:5a:31:aa:ef:df:99:53:e1:82:15:a6:93:62:e5:
63:6a:3a:ab:f3:d1:7e:73:5e:ec:ed:54:3f:6b:c2:e6:74:b6:
97:bc:9c:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYSPqSC2eRVEOK+YLq/rKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4OWYxNmY1NzQ5MjQzMzc4ZjgxNGM5NGIyNDAzNGQ3NGIz
OTI3ZGYwHhcNMjYwMzI2MDkwMjA1WhcNMjYwMzI3MDkwMjA1WjAzMTEwLwYDVQQD
EyhkNTU4NWUxZDYwZWUwOTczMjMwZjU0MDUyM2Q2NmY4MDBmMjBkZDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA32YVz+VbUDDLV/2cqnuyKff3puTR
MmiYKIB0FirFf9kGkcBsRHSsZIKM2OvjDkxp+hBGhNJx/aOpNvKVwt03vE9meqqD
hGvqdFNKJjQZ5pHTTB5+S5l4GLgiNF0SeU/MqV+vGkClmpztUoCHKjCAkr2FBkLv
0J2QtZRg3Wpp16GxIw0QuMwrPLcIN/xBg/HSnQ1+PfxiA5RCS7DG1Apo+K1gg+r+
FInIDS4Z9C4pszf2k5m8AMaCJBLx0DPo8mLeiAvqKYHtY2GHJpisqzOkkZ7lZHkU
prpksrqbp+rl47rZdwjjey9PYH+KCcqKFpbF9OrarahrE+uRcBB9x2ljjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNVYXh1g7glzIw9UBSPWb4APIN1OMB8GA1UdIwQY
MBaAFNifFvV0kkM3j4FMlLJANNdLOSffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMko4VzlYU1NRemVQZ1V5VXNrQTAxMHM1Sjk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi83OTdlNjUtM2RhMC00ZDZlLWI2OTUt
MzQ2YmQ5NzNjODQzLzEvMko4VzlYU1NRemVQZ1V5VXNrQTAxMHM1Sjk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi83OTdlNjUtM2RhMC00ZDZlLWI2OTUtMzQ2YmQ5NzNjODQz
LzEvMko4VzlYU1NRemVQZ1V5VXNrQTAxMHM1Sjk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYLiGA9lw
7z7Vak6LWhLAdqgpI1pfHwtY8jhd/A0CTBkQSBEHRRr7RFi1WX4KCDzCc5/FUWCr
zrqvTzSVd7IkWWLC8SZf4qisq4zq5QutllUuzOcNAWNG0+J0xtqV87Q/35Ew2JkA
XHaOTA+2iI1gzcWsIWQ32KroC0avssiaQR7jKdk5NILP8/pFy0giE4YQ2Yy/eCiH
dmjWcEJLofCS90hyXGOesJQ/aWYB/ci346C3YMa2jSEmK+hfqHhSzb7sCY9zQ2YT
YGFktKSry0BbiAY6rdBDggf6WqORAVoxqu/fmVPhghWmk2LlY2o6q/PRfnNe7O1U
P2vC5nS2l7ycOQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:08:58 2026 by rpki-client