Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/64119f-9684-4284-b232-af27d7ca1bf6/1/2dHiILYBtn_jDLt7fBvyL74i-08.mft
File: 2dHiILYBtn_jDLt7fBvyL74i-08.mft (raw, json)
Hash identifier: A+P8azhb4/U4Q9ahfEBkOMF3+n7thgd6LpcgIYKR7Sc=
Subject key identifier: B3:93:7C:79:25:3E:91:75:48:45:5E:29:CE:1C:8A:87:F0:17:11:B9
Authority key identifier: D9:D1:E2:20:B6:01:B6:7F:E3:0C:BB:7B:7C:1B:F2:2F:BE:22:FB:4F
Certificate issuer: /CN=d9d1e220b601b67fe30cbb7b7c1bf22fbe22fb4f
Certificate serial: 019D27DFFD86473704276B10EF3092E2D529
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2dHiILYBtn_jDLt7fBvyL74i-08.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/64119f-9684-4284-b232-af27d7ca1bf6/1/2dHiILYBtn_jDLt7fBvyL74i-08.mft
Manifest number: 0D14
Signing time: Thu 26 Mar 2026 02:01:23 +0000
Manifest this update: Thu 26 Mar 2026 02:01:23 +0000
Manifest next update: Fri 27 Mar 2026 02:01:23 +0000
Files and hashes: 1: 2dHiILYBtn_jDLt7fBvyL74i-08.crl (hash: 8GBdJiS6ZEjOpb59qZ52RwCQIHm0fmxazpSUuGvQdmM=)
2: RHS11XqX5pjtfXZH7I66Gp4Ow3s.roa (hash: 9qk+uC8E6OyhqYxBRe7jo40pbmRAOPPP2eDmccn/Upc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/64119f-9684-4284-b232-af27d7ca1bf6/1/2dHiILYBtn_jDLt7fBvyL74i-08.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/64119f-9684-4284-b232-af27d7ca1bf6/1/2dHiILYBtn_jDLt7fBvyL74i-08.mft
rsync://rpki.ripe.net/repository/DEFAULT/2dHiILYBtn_jDLt7fBvyL74i-08.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:df:fd:86:47:37:04:27:6b:10:ef:30:92:e2:d5:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9d1e220b601b67fe30cbb7b7c1bf22fbe22fb4f
Validity
Not Before: Mar 26 02:01:23 2026 GMT
Not After : Mar 27 02:01:23 2026 GMT
Subject: CN=b3937c79253e917548455e29ce1c8a87f01711b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:86:37:cc:a6:c6:9c:2a:14:44:ea:0e:45:ed:
66:92:2a:9a:57:8b:3e:f5:e4:66:45:8b:f2:de:eb:
5d:3b:9f:ce:52:84:63:e6:47:63:02:90:34:91:4f:
69:9b:bd:ed:8a:b4:e4:f4:a1:74:bd:84:0f:a6:a5:
5a:c3:40:f4:c1:1a:14:54:1b:81:a5:21:75:7d:5f:
ea:ca:6d:49:f1:01:6d:0d:e0:a5:74:56:e7:97:2e:
12:94:cc:59:d1:37:d4:e7:2e:12:fe:1a:e8:e9:c4:
e5:76:65:d2:60:4d:ef:14:4c:11:cb:c5:e6:56:fd:
2f:76:5d:bb:90:3c:5f:fe:2b:61:05:e8:60:c4:73:
c4:71:05:d3:cf:5b:d2:50:66:c3:a8:fe:d8:a9:9d:
9f:a2:30:b2:14:3c:35:8c:4b:f2:17:64:f1:76:71:
36:85:ea:8b:12:6f:67:1e:a0:89:d8:ac:88:16:a3:
c3:50:28:fc:1a:87:77:e4:2e:ac:7b:a7:9a:d3:2b:
12:52:f8:d4:63:13:e5:e7:55:47:6f:73:6e:df:60:
f5:c1:5e:93:99:6a:03:b7:a5:2c:68:48:45:a0:5a:
9c:1d:ee:fe:2b:d2:cf:77:3f:3b:4f:7b:b7:be:4c:
d8:d3:83:ef:71:9e:ca:05:c0:69:a6:55:49:cd:27:
ee:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:93:7C:79:25:3E:91:75:48:45:5E:29:CE:1C:8A:87:F0:17:11:B9
X509v3 Authority Key Identifier:
keyid:D9:D1:E2:20:B6:01:B6:7F:E3:0C:BB:7B:7C:1B:F2:2F:BE:22:FB:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2dHiILYBtn_jDLt7fBvyL74i-08.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/64119f-9684-4284-b232-af27d7ca1bf6/1/2dHiILYBtn_jDLt7fBvyL74i-08.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/64119f-9684-4284-b232-af27d7ca1bf6/1/2dHiILYBtn_jDLt7fBvyL74i-08.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
76:93:c1:88:9c:d8:d0:75:ff:c5:f7:14:d2:1c:26:98:f4:a9:
98:bc:33:7e:a5:88:8f:df:ff:af:b5:b3:96:4d:ca:0a:90:5e:
1a:a8:b6:f8:87:00:5b:ad:bd:99:2a:dd:18:18:76:1d:fd:24:
9f:80:b6:0c:1b:d7:b2:ab:2f:e3:62:5b:c5:4b:aa:dd:d2:1b:
2f:10:16:45:55:5b:17:6d:b2:27:f9:69:02:13:a5:71:6e:75:
f8:cb:9d:69:c0:60:7e:0d:5c:b2:9b:27:a3:a5:fe:b3:64:d9:
02:fe:d4:ae:9d:c9:65:1f:00:33:e8:13:65:51:6a:0e:21:00:
af:05:e2:32:e6:58:99:6c:0c:ab:41:6f:48:b7:99:6b:6b:3b:
e4:43:f5:9f:88:97:bc:4c:51:e8:3a:82:2a:53:3a:a4:cc:ae:
c9:54:6f:f5:e4:75:fb:21:1a:58:b0:7e:8d:a0:b1:4f:d4:eb:
a1:5c:af:4e:21:ce:3c:73:4a:b0:90:60:0a:b7:2a:e9:ab:10:
91:da:51:4d:83:2c:c8:15:06:3a:38:b5:d1:54:bd:ee:8f:d6:
3b:5d:58:b5:c5:39:dd:9c:2d:ff:d9:d2:51:0c:98:46:bb:07:
e8:b4:19:66:f1:bc:cc:7e:5a:c3:1d:79:d8:a8:02:5b:ff:c4:
56:cd:54:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n3/2GRzcEJ2sQ7zCS4tUpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZDFlMjIwYjYwMWI2N2ZlMzBjYmI3YjdjMWJmMjJmYmUy
MmZiNGYwHhcNMjYwMzI2MDIwMTIzWhcNMjYwMzI3MDIwMTIzWjAzMTEwLwYDVQQD
EyhiMzkzN2M3OTI1M2U5MTc1NDg0NTVlMjljZTFjOGE4N2YwMTcxMWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6YY3zKbGnCoUROoORe1mkiqaV4s+
9eRmRYvy3utdO5/OUoRj5kdjApA0kU9pm73tirTk9KF0vYQPpqVaw0D0wRoUVBuB
pSF1fV/qym1J8QFtDeCldFbnly4SlMxZ0TfU5y4S/hro6cTldmXSYE3vFEwRy8Xm
Vv0vdl27kDxf/ithBehgxHPEcQXTz1vSUGbDqP7YqZ2fojCyFDw1jEvyF2TxdnE2
heqLEm9nHqCJ2KyIFqPDUCj8God35C6se6ea0ysSUvjUYxPl51VHb3Nu32D1wV6T
mWoDt6UsaEhFoFqcHe7+K9LPdz87T3u3vkzY04PvcZ7KBcBpplVJzSfuRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLOTfHklPpF1SEVeKc4ciofwFxG5MB8GA1UdIwQY
MBaAFNnR4iC2AbZ/4wy7e3wb8i++IvtPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmRIaUlMWUJ0bl9qREx0N2ZCdnlMNzRpLTA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC82NDExOWYtOTY4NC00Mjg0LWIyMzIt
YWYyN2Q3Y2ExYmY2LzEvMmRIaUlMWUJ0bl9qREx0N2ZCdnlMNzRpLTA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC82NDExOWYtOTY4NC00Mjg0LWIyMzItYWYyN2Q3Y2ExYmY2
LzEvMmRIaUlMWUJ0bl9qREx0N2ZCdnlMNzRpLTA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdpPBiJzY
0HX/xfcU0hwmmPSpmLwzfqWIj9//r7Wzlk3KCpBeGqi2+IcAW629mSrdGBh2Hf0k
n4C2DBvXsqsv42JbxUuq3dIbLxAWRVVbF22yJ/lpAhOlcW51+MudacBgfg1cspsn
o6X+s2TZAv7Urp3JZR8AM+gTZVFqDiEArwXiMuZYmWwMq0FvSLeZa2s75EP1n4iX
vExR6DqCKlM6pMyuyVRv9eR1+yEaWLB+jaCxT9TroVyvTiHOPHNKsJBgCrcq6asQ
kdpRTYMsyBUGOji10VS97o/WO11YtcU53Zwt/9nSUQyYRrsH6LQZZvG8zH5awx15
2KgCW//EVs1UMw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:55:09 2026 by rpki-client