Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/1737fc-b221-4ff0-bfa7-5d674caddd6f/1/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.mft
File: 2nOjmg4EXd-u9QLx_ZHGzBZQlFk.mft (raw, json)
Hash identifier: 4gqoeU7Tib2RlQSAr0Debpz1EZbnVYVpHfSiy4CtXrc=
Subject key identifier: A2:EC:DF:36:5E:94:79:09:F4:EF:6F:0E:A5:0F:3E:9E:40:58:AD:06
Authority key identifier: DA:73:A3:9A:0E:04:5D:DF:AE:F5:02:F1:FD:91:C6:CC:16:50:94:59
Certificate issuer: /CN=da73a39a0e045ddfaef502f1fd91c6cc16509459
Certificate serial: 019D26CCEBB499F0AA85800C82055A5B205C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/1737fc-b221-4ff0-bfa7-5d674caddd6f/1/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.mft
Manifest number: 1016
Signing time: Wed 25 Mar 2026 21:00:56 +0000
Manifest this update: Wed 25 Mar 2026 21:00:56 +0000
Manifest next update: Thu 26 Mar 2026 21:00:56 +0000
Files and hashes: 1: 2nOjmg4EXd-u9QLx_ZHGzBZQlFk.crl (hash: l7G98T6VZil5unc//0JpN1tjXeaXmA8VdEeK5D+th9E=)
2: XGXdZuWArU8DUaMKbDMpc7L7WG4.roa (hash: b1uv3hiq3QuqB6rWvknFaAIJIJ6UZQWlgoHNYzcvoDA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/1737fc-b221-4ff0-bfa7-5d674caddd6f/1/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/1737fc-b221-4ff0-bfa7-5d674caddd6f/1/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.mft
rsync://rpki.ripe.net/repository/DEFAULT/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 21:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:cc:eb:b4:99:f0:aa:85:80:0c:82:05:5a:5b:20:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da73a39a0e045ddfaef502f1fd91c6cc16509459
Validity
Not Before: Mar 25 21:00:56 2026 GMT
Not After : Mar 26 21:00:56 2026 GMT
Subject: CN=a2ecdf365e947909f4ef6f0ea50f3e9e4058ad06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ba:2f:66:38:97:e5:d3:7c:ac:eb:dc:ac:21:
84:c7:72:cf:bc:73:f2:19:b5:f6:5b:be:77:9f:e6:
e3:66:f0:d6:8e:13:0f:17:0d:4f:52:ac:a0:7a:6f:
6f:13:0e:03:ff:1f:51:0b:ff:54:da:2f:5c:a0:5d:
6a:f5:2e:31:85:35:13:e9:89:d3:91:98:98:5b:af:
10:05:61:87:86:c2:d5:a4:c4:93:c4:b8:a1:39:4b:
b9:85:93:17:af:79:37:cf:0b:14:a2:f7:f2:f1:de:
f7:d1:92:1d:78:96:fe:33:15:5a:5e:09:32:34:af:
ea:2e:ab:fc:fd:f7:cc:e8:9d:ff:dc:49:0f:39:a2:
af:c2:65:97:aa:57:1d:e9:4f:90:e1:9d:b7:b8:6f:
17:4b:bf:96:92:a8:e2:d7:75:34:4f:eb:a5:0a:2d:
38:a2:ca:1d:c7:29:16:7e:be:4b:0b:81:4c:f8:63:
36:2f:7c:c8:bf:45:b9:31:1f:36:93:1d:82:82:d0:
a3:a8:45:64:cc:54:e0:f1:22:30:70:e4:57:77:df:
59:ae:10:19:8d:e4:7f:6b:a5:0d:0c:4f:8d:d1:b2:
91:0a:ac:c7:b5:13:bb:46:67:88:b4:85:47:89:5d:
2a:60:67:96:0d:b8:36:31:e2:7f:b9:1c:ee:c9:53:
c3:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:EC:DF:36:5E:94:79:09:F4:EF:6F:0E:A5:0F:3E:9E:40:58:AD:06
X509v3 Authority Key Identifier:
keyid:DA:73:A3:9A:0E:04:5D:DF:AE:F5:02:F1:FD:91:C6:CC:16:50:94:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/1737fc-b221-4ff0-bfa7-5d674caddd6f/1/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/1737fc-b221-4ff0-bfa7-5d674caddd6f/1/2nOjmg4EXd-u9QLx_ZHGzBZQlFk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
93:7a:e5:4c:a6:3a:d3:b6:8a:28:5e:df:6d:d9:0a:d8:32:99:
2e:8e:35:16:f8:d4:68:6d:35:96:08:96:f8:bf:5f:8e:85:e6:
e1:93:c3:d8:8d:05:94:7a:51:54:aa:e7:e2:ee:7a:81:0f:84:
53:c8:0a:09:4b:dc:68:e5:84:fe:45:b8:97:79:c3:e4:9e:62:
d8:e4:c2:0f:8c:1f:6a:f9:e0:e2:69:ce:9a:21:b1:1d:d5:ef:
8d:55:e5:9b:1d:28:38:6d:58:a2:d9:45:ed:66:f6:da:0e:c7:
a5:1d:6c:36:e7:ac:61:60:76:8e:61:a6:31:b9:c1:d4:06:72:
2f:a3:7f:ee:0d:6f:5f:ee:82:7e:89:85:d8:66:b0:8f:79:a8:
80:d3:ce:e8:b0:fd:b6:0a:e6:36:a9:93:1e:fc:b1:ab:72:06:
15:55:fb:55:b5:be:83:e5:f9:5b:c0:78:22:b3:94:22:f0:44:
96:bd:c7:8d:ba:d3:78:95:4f:b3:b5:5a:33:39:63:be:22:27:
98:62:f0:3d:0a:31:c6:0d:b1:af:ed:64:b5:77:39:5b:c6:b5:
e9:b9:6f:cd:bc:76:7c:33:c6:a6:98:6f:7e:26:4a:6c:d7:67:
b6:e0:a2:2a:37:8a:73:ef:6b:3d:70:60:04:e1:93:50:7c:b1:
4d:5d:14:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mzOu0mfCqhYAMggVaWyBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNzNhMzlhMGUwNDVkZGZhZWY1MDJmMWZkOTFjNmNjMTY1
MDk0NTkwHhcNMjYwMzI1MjEwMDU2WhcNMjYwMzI2MjEwMDU2WjAzMTEwLwYDVQQD
EyhhMmVjZGYzNjVlOTQ3OTA5ZjRlZjZmMGVhNTBmM2U5ZTQwNThhZDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0rovZjiX5dN8rOvcrCGEx3LPvHPy
GbX2W753n+bjZvDWjhMPFw1PUqygem9vEw4D/x9RC/9U2i9coF1q9S4xhTUT6YnT
kZiYW68QBWGHhsLVpMSTxLihOUu5hZMXr3k3zwsUovfy8d730ZIdeJb+MxVaXgky
NK/qLqv8/ffM6J3/3EkPOaKvwmWXqlcd6U+Q4Z23uG8XS7+Wkqji13U0T+ulCi04
osodxykWfr5LC4FM+GM2L3zIv0W5MR82kx2CgtCjqEVkzFTg8SIwcORXd99ZrhAZ
jeR/a6UNDE+N0bKRCqzHtRO7RmeItIVHiV0qYGeWDbg2MeJ/uRzuyVPDmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKLs3zZelHkJ9O9vDqUPPp5AWK0GMB8GA1UdIwQY
MBaAFNpzo5oOBF3frvUC8f2RxswWUJRZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm5Pam1nNEVYZC11OVFMeF9aSEd6QlpRbEZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8xNzM3ZmMtYjIyMS00ZmYwLWJmYTct
NWQ2NzRjYWRkZDZmLzEvMm5Pam1nNEVYZC11OVFMeF9aSEd6QlpRbEZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8xNzM3ZmMtYjIyMS00ZmYwLWJmYTctNWQ2NzRjYWRkZDZm
LzEvMm5Pam1nNEVYZC11OVFMeF9aSEd6QlpRbEZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk3rlTKY6
07aKKF7fbdkK2DKZLo41FvjUaG01lgiW+L9fjoXm4ZPD2I0FlHpRVKrn4u56gQ+E
U8gKCUvcaOWE/kW4l3nD5J5i2OTCD4wfavng4mnOmiGxHdXvjVXlmx0oOG1YotlF
7Wb22g7HpR1sNuesYWB2jmGmMbnB1AZyL6N/7g1vX+6CfomF2Gawj3mogNPO6LD9
tgrmNqmTHvyxq3IGFVX7VbW+g+X5W8B4IrOUIvBElr3HjbrTeJVPs7VaMzljviIn
mGLwPQoxxg2xr+1ktXc5W8a16blvzbx2fDPGpphvfiZKbNdntuCiKjeKc+9rPXBg
BOGTUHyxTV0Ulg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:00:08 2026 by rpki-client