Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft
File: 2KPKzfjzNRS-Or3FLFDshkZ16VU.mft (raw, json)
Hash identifier: d9rRw/1awQqy/YqpEUL9wDiYouE+lO/SfK6uhxjIaHM=
Subject key identifier: 28:B9:4C:BD:C9:37:9C:C5:76:2A:12:ED:FB:BD:9F:5D:BC:05:02:0A
Authority key identifier: D8:A3:CA:CD:F8:F3:35:14:BE:3A:BD:C5:2C:50:EC:86:46:75:E9:55
Certificate issuer: /CN=d8a3cacdf8f33514be3abdc52c50ec864675e955
Certificate serial: 019D2BF2FB765B025DA5EA7665FBFFD8542E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2KPKzfjzNRS-Or3FLFDshkZ16VU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft
Manifest number: 0DE1
Signing time: Thu 26 Mar 2026 21:00:37 +0000
Manifest this update: Thu 26 Mar 2026 21:00:37 +0000
Manifest next update: Fri 27 Mar 2026 21:00:37 +0000
Files and hashes: 1: 2KPKzfjzNRS-Or3FLFDshkZ16VU.crl (hash: 4yT5RBDXoaWNakewziiCGijkd+4xyZ39Yrv2N0HE2XA=)
2: 55I-KJfDZCQf3-WIzaOmHLDw0UA.roa (hash: CHL8cZMB7OLAW5NGioo9AKdHll+9RPJn2SB7b3DCiOk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft
rsync://rpki.ripe.net/repository/DEFAULT/2KPKzfjzNRS-Or3FLFDshkZ16VU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2b:f2:fb:76:5b:02:5d:a5:ea:76:65:fb:ff:d8:54:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8a3cacdf8f33514be3abdc52c50ec864675e955
Validity
Not Before: Mar 26 21:00:37 2026 GMT
Not After : Mar 27 21:00:37 2026 GMT
Subject: CN=28b94cbdc9379cc5762a12edfbbd9f5dbc05020a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:9d:85:59:f4:df:a1:f1:aa:2b:d9:a8:bc:25:
e1:14:b9:5c:97:09:34:15:31:c4:ad:c3:b8:7b:9e:
b7:00:86:c6:30:6e:e9:0f:4f:42:c8:9c:7c:86:07:
2d:06:73:f4:cf:2a:86:f9:4c:e6:e2:25:ae:7f:a1:
89:7e:41:64:f7:ae:0f:59:d8:2b:e2:31:5f:f9:66:
8b:6c:3d:f4:66:51:26:be:ab:6b:49:e7:11:b3:25:
18:1f:2e:2e:d8:1e:d5:a5:76:c8:33:29:a9:a2:8d:
6f:82:1a:87:ae:5e:d7:08:a2:d9:88:2d:96:15:2f:
e5:74:a4:59:b4:ec:12:48:2a:10:67:ef:02:ff:53:
7e:ff:e8:b4:d7:19:1f:c4:42:69:a7:f7:ac:a8:e4:
9d:73:78:1c:ec:66:bb:c5:60:7a:09:7b:21:f8:14:
43:9c:d3:ae:8d:4f:76:dc:15:0b:55:e5:0b:54:ee:
e4:c4:2f:ac:51:3a:d0:a0:43:80:88:c1:71:ed:2b:
03:63:48:fc:1e:c9:59:6b:7b:6f:a4:75:ad:73:77:
bb:fd:35:c5:d6:a9:27:67:75:96:f4:4e:e8:82:7a:
bb:b7:49:7d:2b:5e:d6:c0:b7:7c:97:79:91:fd:2f:
70:99:59:ce:ed:04:fc:25:09:c5:4b:fe:62:2e:8a:
b5:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:B9:4C:BD:C9:37:9C:C5:76:2A:12:ED:FB:BD:9F:5D:BC:05:02:0A
X509v3 Authority Key Identifier:
keyid:D8:A3:CA:CD:F8:F3:35:14:BE:3A:BD:C5:2C:50:EC:86:46:75:E9:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2KPKzfjzNRS-Or3FLFDshkZ16VU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7b:f2:6f:01:8b:91:d3:c4:1e:06:ca:fd:b6:26:62:38:09:a0:
6b:7c:f7:0e:c7:92:f6:94:31:da:77:3a:29:c7:ef:bb:9d:8a:
e0:6f:4a:93:ee:25:af:0a:2d:6f:1f:a8:4b:4d:bb:43:1a:4a:
cf:62:b9:16:fd:b5:a5:df:3f:5f:06:95:55:f6:92:d1:b8:12:
aa:63:1f:8c:fa:45:cb:92:1e:a5:fd:47:9f:65:96:8e:83:74:
4b:ee:f9:ee:3a:8b:36:f2:d7:a3:e1:91:66:3b:bc:5b:e8:a4:
d9:a5:95:7b:f2:42:4c:6a:3c:d8:63:d6:76:8f:e8:f5:d0:dc:
f6:ba:8f:9e:5d:0e:c9:ad:0e:b9:d4:06:fb:9a:f0:29:d5:50:
75:4c:9d:63:55:b5:3f:ea:c9:60:87:2f:ea:e2:f8:ca:70:a5:
93:fa:7c:7f:cf:ea:f2:9a:15:51:c8:50:0f:a7:87:64:18:79:
1f:19:63:3c:58:35:08:1d:0e:24:42:c2:32:84:69:a9:16:0a:
e3:9a:cc:12:b2:e2:1c:9b:35:f4:d7:3e:ca:e4:c4:95:3f:fe:
2f:11:fa:d7:08:d3:16:d9:c4:01:dd:75:8a:15:f6:68:eb:b7:
ad:fa:4a:fd:3c:db:f7:24:0e:78:3f:65:24:22:54:cc:1f:f2:
53:e1:76:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0r8vt2WwJdpep2Zfv/2FQuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YTNjYWNkZjhmMzM1MTRiZTNhYmRjNTJjNTBlYzg2NDY3
NWU5NTUwHhcNMjYwMzI2MjEwMDM3WhcNMjYwMzI3MjEwMDM3WjAzMTEwLwYDVQQD
EygyOGI5NGNiZGM5Mzc5Y2M1NzYyYTEyZWRmYmJkOWY1ZGJjMDUwMjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJ2FWfTfofGqK9movCXhFLlclwk0
FTHErcO4e563AIbGMG7pD09CyJx8hgctBnP0zyqG+Uzm4iWuf6GJfkFk964PWdgr
4jFf+WaLbD30ZlEmvqtrSecRsyUYHy4u2B7VpXbIMympoo1vghqHrl7XCKLZiC2W
FS/ldKRZtOwSSCoQZ+8C/1N+/+i01xkfxEJpp/esqOSdc3gc7Ga7xWB6CXsh+BRD
nNOujU923BULVeULVO7kxC+sUTrQoEOAiMFx7SsDY0j8HslZa3tvpHWtc3e7/TXF
1qknZ3WW9E7ognq7t0l9K17WwLd8l3mR/S9wmVnO7QT8JQnFS/5iLoq1wQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCi5TL3JN5zFdioS7fu9n128BQIKMB8GA1UdIwQY
MBaAFNijys348zUUvjq9xSxQ7IZGdelVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMktQS3pmanpOUlMtT3IzRkxGRHNoa1oxNlZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zMzNjMWEtZTRhNS00OTZkLTlhODEt
Yjc5MWI5ODlhZjI5LzEvMktQS3pmanpOUlMtT3IzRkxGRHNoa1oxNlZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8zMzNjMWEtZTRhNS00OTZkLTlhODEtYjc5MWI5ODlhZjI5
LzEvMktQS3pmanpOUlMtT3IzRkxGRHNoa1oxNlZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe/JvAYuR
08QeBsr9tiZiOAmga3z3DseS9pQx2nc6Kcfvu52K4G9Kk+4lrwotbx+oS027QxpK
z2K5Fv21pd8/XwaVVfaS0bgSqmMfjPpFy5Iepf1Hn2WWjoN0S+757jqLNvLXo+GR
Zju8W+ik2aWVe/JCTGo82GPWdo/o9dDc9rqPnl0Oya0OudQG+5rwKdVQdUydY1W1
P+rJYIcv6uL4ynClk/p8f8/q8poVUchQD6eHZBh5HxljPFg1CB0OJELCMoRpqRYK
45rMErLiHJs19Nc+yuTElT/+LxH61wjTFtnEAd11ihX2aOu3rfpK/Tzb9yQOeD9l
JCJUzB/yU+F2ZQ==
-----END CERTIFICATE-----
Generated at Fri Mar 27 01:55:04 2026 by rpki-client