Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/4ad454-0048-411a-b1ea-24b30606e219/1/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.mft
File: 2Rh8msEPIFFSsSjs3CFXyQJJFqQ.mft (raw, json)
Hash identifier: 0ag50xev9n/bs4drglNSO7XPE1feee+povh1q4GCm00=
Subject key identifier: BC:41:1E:74:72:E6:1D:8B:E9:F3:24:96:E8:C2:89:F7:B4:29:2C:CB
Authority key identifier: D9:18:7C:9A:C1:0F:20:51:52:B1:28:EC:DC:21:57:C9:02:49:16:A4
Certificate issuer: /CN=d9187c9ac10f205152b128ecdc2157c9024916a4
Certificate serial: 019D2AE1231102D04D6497904C1982FEA45F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/4ad454-0048-411a-b1ea-24b30606e219/1/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.mft
Manifest number: 1886
Signing time: Thu 26 Mar 2026 16:01:30 +0000
Manifest this update: Thu 26 Mar 2026 16:01:30 +0000
Manifest next update: Fri 27 Mar 2026 16:01:30 +0000
Files and hashes: 1: 2Rh8msEPIFFSsSjs3CFXyQJJFqQ.crl (hash: MNzt83C7Z5NmUbK8Th1Wi00ADurUKh2CcUPMkZiKexU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/4ad454-0048-411a-b1ea-24b30606e219/1/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/4ad454-0048-411a-b1ea-24b30606e219/1/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:e1:23:11:02:d0:4d:64:97:90:4c:19:82:fe:a4:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9187c9ac10f205152b128ecdc2157c9024916a4
Validity
Not Before: Mar 26 16:01:30 2026 GMT
Not After : Mar 27 16:01:30 2026 GMT
Subject: CN=bc411e7472e61d8be9f32496e8c289f7b4292ccb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a6:d1:86:12:7b:7e:6e:a6:e6:38:88:4b:bc:
2e:7e:c0:6d:ea:07:75:d9:39:48:31:a2:1f:61:4d:
5c:3a:ca:34:f5:41:68:87:b4:2f:05:a9:33:f1:9c:
b3:39:64:79:40:ba:50:6b:11:fc:3a:4a:4d:14:e8:
dd:1f:1d:da:d5:ac:38:3c:ad:cb:7b:84:da:e6:6d:
98:0b:52:de:d9:8c:ee:af:eb:3e:35:b5:62:86:73:
a3:ef:8f:cb:94:c6:79:62:19:51:56:32:0d:2f:a9:
8d:48:7c:df:d6:40:3c:7d:ad:ca:54:9f:de:07:34:
1c:5b:6d:97:80:18:b5:16:8e:87:09:07:00:cf:15:
9b:5d:b2:1a:26:e6:c1:9d:de:72:5b:71:6b:aa:a7:
01:b8:6b:3a:b0:85:18:ea:92:26:53:f2:f3:c9:82:
1f:5d:55:67:ad:b2:0d:77:e7:e1:5c:75:1c:8b:2f:
d5:38:1d:bd:cf:e6:a0:09:a4:ab:68:0d:fd:82:64:
d9:22:af:c5:37:91:f9:14:c4:80:89:83:5f:f7:71:
18:52:5f:b4:87:a2:aa:20:0a:1e:ad:4c:ae:a2:63:
1e:7d:c5:c6:7e:01:99:1a:88:68:4e:54:1f:d0:7d:
a1:5a:31:32:8b:e2:44:0c:58:4f:34:1d:44:32:b7:
c5:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:41:1E:74:72:E6:1D:8B:E9:F3:24:96:E8:C2:89:F7:B4:29:2C:CB
X509v3 Authority Key Identifier:
keyid:D9:18:7C:9A:C1:0F:20:51:52:B1:28:EC:DC:21:57:C9:02:49:16:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/4ad454-0048-411a-b1ea-24b30606e219/1/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/4ad454-0048-411a-b1ea-24b30606e219/1/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:26:aa:08:b0:f8:a1:73:03:47:29:70:54:8d:a3:74:55:98:
50:16:38:aa:69:28:6c:83:f6:ea:39:72:b7:05:15:24:aa:cb:
19:1a:ce:6d:93:22:9e:68:d8:af:8b:f8:ca:d6:96:0a:44:fc:
7a:ce:08:81:38:be:10:b7:ff:94:08:80:5b:41:d5:78:cb:b8:
52:be:84:e6:6a:86:b1:6e:dd:86:e0:f2:f7:da:4a:ce:97:38:
f7:fc:f1:16:06:8b:e3:28:27:ca:77:56:05:a6:00:89:97:8e:
89:60:12:0f:df:c3:85:0c:20:b9:4e:ee:86:38:e6:8b:14:1f:
cc:19:b4:a2:b2:60:41:e0:17:64:10:5b:78:79:2f:1b:6b:29:
44:0f:04:3d:c1:ad:59:bc:78:f0:bf:e4:22:39:75:20:e3:02:
e1:4c:5d:ae:31:f3:4b:7c:68:c9:fe:cd:3c:61:28:d8:53:67:
3d:f2:16:d6:20:0f:3d:7e:f6:66:50:7b:3d:46:44:e4:0d:68:
25:c7:ef:83:8b:f2:c8:ab:4f:96:32:8c:2e:98:6a:31:7d:c4:
01:37:c0:c6:ae:7c:23:7b:85:fc:9b:f7:36:f8:e0:40:d7:ba:
1f:ef:48:f2:61:8e:03:b0:ad:0b:81:9c:2d:f6:bf:0f:b8:88:
a0:27:e0:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4SMRAtBNZJeQTBmC/qRfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MTg3YzlhYzEwZjIwNTE1MmIxMjhlY2RjMjE1N2M5MDI0
OTE2YTQwHhcNMjYwMzI2MTYwMTMwWhcNMjYwMzI3MTYwMTMwWjAzMTEwLwYDVQQD
EyhiYzQxMWU3NDcyZTYxZDhiZTlmMzI0OTZlOGMyODlmN2I0MjkyY2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6bRhhJ7fm6m5jiIS7wufsBt6gd1
2TlIMaIfYU1cOso09UFoh7QvBakz8ZyzOWR5QLpQaxH8OkpNFOjdHx3a1aw4PK3L
e4Ta5m2YC1Le2Yzur+s+NbVihnOj74/LlMZ5YhlRVjINL6mNSHzf1kA8fa3KVJ/e
BzQcW22XgBi1Fo6HCQcAzxWbXbIaJubBnd5yW3FrqqcBuGs6sIUY6pImU/LzyYIf
XVVnrbINd+fhXHUciy/VOB29z+agCaSraA39gmTZIq/FN5H5FMSAiYNf93EYUl+0
h6KqIAoerUyuomMefcXGfgGZGohoTlQf0H2hWjEyi+JEDFhPNB1EMrfF2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLxBHnRy5h2L6fMklujCife0KSzLMB8GA1UdIwQY
MBaAFNkYfJrBDyBRUrEo7NwhV8kCSRakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlJoOG1zRVBJRkZTc1NqczNDRlh5UUpKRnFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy80YWQ0NTQtMDA0OC00MTFhLWIxZWEt
MjRiMzA2MDZlMjE5LzEvMlJoOG1zRVBJRkZTc1NqczNDRlh5UUpKRnFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy80YWQ0NTQtMDA0OC00MTFhLWIxZWEtMjRiMzA2MDZlMjE5
LzEvMlJoOG1zRVBJRkZTc1NqczNDRlh5UUpKRnFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADiaqCLD4
oXMDRylwVI2jdFWYUBY4qmkobIP26jlytwUVJKrLGRrObZMinmjYr4v4ytaWCkT8
es4IgTi+ELf/lAiAW0HVeMu4Ur6E5mqGsW7dhuDy99pKzpc49/zxFgaL4ygnyndW
BaYAiZeOiWASD9/DhQwguU7uhjjmixQfzBm0orJgQeAXZBBbeHkvG2spRA8EPcGt
Wbx48L/kIjl1IOMC4UxdrjHzS3xoyf7NPGEo2FNnPfIW1iAPPX72ZlB7PUZE5A1o
Jcfvg4vyyKtPljKMLphqMX3EATfAxq58I3uF/Jv3NvjgQNe6H+9I8mGOA7CtC4Gc
Lfa/D7iIoCfgdQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:23:19 2026 by rpki-client