Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/00a71e-def8-4a4f-a499-b60fbb14c19d/1/2JtE4sBX8BqZJh-Uu_baG_GGXzk.mft
File: 2JtE4sBX8BqZJh-Uu_baG_GGXzk.mft (raw, json)
Hash identifier: O1gdI5ZaJkf2sAO4l4iKXvQdLOE7Bp1fISPwtptKxcE=
Subject key identifier: 7E:8C:1D:28:0F:FC:54:C7:2B:90:CD:22:B6:4D:FA:93:13:A9:E2:3B
Authority key identifier: D8:9B:44:E2:C0:57:F0:1A:99:26:1F:94:BB:F6:DA:1B:F1:86:5F:39
Certificate issuer: /CN=d89b44e2c057f01a99261f94bbf6da1bf1865f39
Certificate serial: 019D33767A1F9043F69916A8FB0DFA81AD89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2JtE4sBX8BqZJh-Uu_baG_GGXzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/00a71e-def8-4a4f-a499-b60fbb14c19d/1/2JtE4sBX8BqZJh-Uu_baG_GGXzk.mft
Manifest number: 0DF3
Signing time: Sat 28 Mar 2026 08:01:35 +0000
Manifest this update: Sat 28 Mar 2026 08:01:35 +0000
Manifest next update: Sun 29 Mar 2026 08:01:35 +0000
Files and hashes: 1: 2JtE4sBX8BqZJh-Uu_baG_GGXzk.crl (hash: 6P/Br9oSWboC7fxhXfBp0zsi9GS3OehdcQva8ipH8B0=)
2: Mwa4BYhszDC6EiMM8uEuQovtbu0.roa (hash: +62IJVapKeotHfACQPyX6dSOxf44Up4jXmezBFrKB6Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/00a71e-def8-4a4f-a499-b60fbb14c19d/1/2JtE4sBX8BqZJh-Uu_baG_GGXzk.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/00a71e-def8-4a4f-a499-b60fbb14c19d/1/2JtE4sBX8BqZJh-Uu_baG_GGXzk.mft
rsync://rpki.ripe.net/repository/DEFAULT/2JtE4sBX8BqZJh-Uu_baG_GGXzk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 00:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:33:76:7a:1f:90:43:f6:99:16:a8:fb:0d:fa:81:ad:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d89b44e2c057f01a99261f94bbf6da1bf1865f39
Validity
Not Before: Mar 28 08:01:35 2026 GMT
Not After : Mar 29 08:01:35 2026 GMT
Subject: CN=7e8c1d280ffc54c72b90cd22b64dfa9313a9e23b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:db:e7:ec:a7:40:ee:87:93:75:1e:4d:e5:9c:
e0:ae:1b:8a:19:53:cc:e3:fb:a4:55:4d:d9:b2:34:
d5:dd:14:13:82:c7:7e:72:16:05:5d:ea:f5:a1:de:
1d:21:48:74:06:e3:c1:d3:b1:79:2f:39:ea:49:6e:
1b:9a:41:a4:7a:71:a4:63:75:b0:96:7b:0a:4f:60:
b9:ea:4f:c1:b4:04:41:a1:1b:01:c5:7e:30:d8:e7:
88:a8:b6:dc:22:88:3c:d2:94:b4:44:87:64:fb:dd:
d3:1d:fb:6b:90:ff:37:b0:1f:78:f4:d6:8b:4f:aa:
1f:71:d4:67:4f:d6:b4:26:55:a4:63:a0:7f:b7:35:
60:da:30:03:af:8e:a3:ce:fa:12:99:2b:61:cb:1b:
c5:bc:fa:e8:4e:33:2c:49:48:6c:6f:cc:5c:9d:e9:
5f:c0:69:46:66:c2:d2:d0:d1:a3:5e:e5:16:6a:03:
9d:2f:46:32:cf:05:06:d3:57:ff:d0:44:6f:bc:98:
02:cd:da:8d:7a:03:44:58:a8:03:7d:7d:27:37:70:
10:c6:8f:35:58:5e:4d:41:33:3e:77:72:f5:b8:3d:
b9:3f:e9:51:8a:f7:fc:5e:ad:36:bb:71:e6:81:c4:
d1:26:8a:39:71:65:53:7d:e2:bd:71:40:1e:de:0b:
a2:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:8C:1D:28:0F:FC:54:C7:2B:90:CD:22:B6:4D:FA:93:13:A9:E2:3B
X509v3 Authority Key Identifier:
keyid:D8:9B:44:E2:C0:57:F0:1A:99:26:1F:94:BB:F6:DA:1B:F1:86:5F:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2JtE4sBX8BqZJh-Uu_baG_GGXzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/00a71e-def8-4a4f-a499-b60fbb14c19d/1/2JtE4sBX8BqZJh-Uu_baG_GGXzk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/00a71e-def8-4a4f-a499-b60fbb14c19d/1/2JtE4sBX8BqZJh-Uu_baG_GGXzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
32:2d:25:e5:c1:f0:d8:a2:7f:0e:3d:23:88:f0:be:45:6c:9d:
4b:fd:d8:44:c1:3b:8a:f1:ad:b0:3c:85:ae:54:1c:af:f3:34:
cd:75:8b:82:2f:58:a3:56:f1:c3:57:25:d2:a7:cc:7e:e5:6e:
e0:98:0e:39:60:3d:60:dd:97:d7:eb:dc:0c:16:2d:1c:7e:23:
1f:5a:a0:b3:78:4f:8e:6b:92:70:aa:2c:c2:01:c8:a5:ca:54:
fc:f3:aa:27:a9:f0:48:0d:ff:82:86:0a:e2:b4:91:a9:4c:79:
0e:22:ea:6c:dc:15:5f:3c:41:db:95:52:82:80:68:75:f4:b7:
3a:dc:3d:79:52:a5:d0:92:8c:bf:ef:c1:1a:99:f2:89:b8:ab:
0a:ab:32:a3:86:3f:a7:13:15:29:a5:f4:a5:e1:cc:93:26:87:
68:d2:04:2e:aa:7b:d3:8c:d9:49:e4:fd:dc:ad:97:26:43:87:
fc:59:8f:16:c1:f0:b3:bd:24:37:5b:02:88:49:a6:20:5d:1a:
31:56:e5:1b:32:dc:17:5d:03:58:50:a2:6d:64:80:d7:34:aa:
9d:ef:f4:2a:50:75:c3:b0:01:bd:51:f9:84:04:32:da:5f:d0:
dc:85:9c:bd:d3:f7:10:e2:22:53:92:3c:12:56:87:67:34:7b:
20:40:5a:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0zdnofkEP2mRao+w36ga2JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4OWI0NGUyYzA1N2YwMWE5OTI2MWY5NGJiZjZkYTFiZjE4
NjVmMzkwHhcNMjYwMzI4MDgwMTM1WhcNMjYwMzI5MDgwMTM1WjAzMTEwLwYDVQQD
Eyg3ZThjMWQyODBmZmM1NGM3MmI5MGNkMjJiNjRkZmE5MzEzYTllMjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytvn7KdA7oeTdR5N5ZzgrhuKGVPM
4/ukVU3ZsjTV3RQTgsd+chYFXer1od4dIUh0BuPB07F5LznqSW4bmkGkenGkY3Ww
lnsKT2C56k/BtARBoRsBxX4w2OeIqLbcIog80pS0RIdk+93THftrkP83sB949NaL
T6ofcdRnT9a0JlWkY6B/tzVg2jADr46jzvoSmSthyxvFvProTjMsSUhsb8xcnelf
wGlGZsLS0NGjXuUWagOdL0YyzwUG01f/0ERvvJgCzdqNegNEWKgDfX0nN3AQxo81
WF5NQTM+d3L1uD25P+lRivf8Xq02u3HmgcTRJoo5cWVTfeK9cUAe3guiawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH6MHSgP/FTHK5DNIrZN+pMTqeI7MB8GA1UdIwQY
MBaAFNibROLAV/AamSYflLv22hvxhl85MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkp0RTRzQlg4QnFaSmgtVXVfYmFHX0dHWHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8wMGE3MWUtZGVmOC00YTRmLWE0OTkt
YjYwZmJiMTRjMTlkLzEvMkp0RTRzQlg4QnFaSmgtVXVfYmFHX0dHWHprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8wMGE3MWUtZGVmOC00YTRmLWE0OTktYjYwZmJiMTRjMTlk
LzEvMkp0RTRzQlg4QnFaSmgtVXVfYmFHX0dHWHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMi0l5cHw
2KJ/Dj0jiPC+RWydS/3YRME7ivGtsDyFrlQcr/M0zXWLgi9Yo1bxw1cl0qfMfuVu
4JgOOWA9YN2X1+vcDBYtHH4jH1qgs3hPjmuScKoswgHIpcpU/POqJ6nwSA3/goYK
4rSRqUx5DiLqbNwVXzxB25VSgoBodfS3Otw9eVKl0JKMv+/BGpnyibirCqsyo4Y/
pxMVKaX0peHMkyaHaNIELqp704zZSeT93K2XJkOH/FmPFsHws70kN1sCiEmmIF0a
MVblGzLcF10DWFCibWSA1zSqne/0KlB1w7ABvVH5hAQy2l/Q3IWcvdP3EOIiU5I8
ElaHZzR7IEBaqQ==
-----END CERTIFICATE-----
Generated at Sat Mar 28 10:25:14 2026 by rpki-client