Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/d351bf-71ce-4857-9e50-c2647385e727/1/2a0Y9MNgZyIPTYM8vHihD5TrCIg.mft
File: 2a0Y9MNgZyIPTYM8vHihD5TrCIg.mft (raw, json)
Hash identifier: 9qA6+kVLPSHqDzfGpNkbuRE9Fd+WdeclzjhLDWkrEh4=
Subject key identifier: 72:3D:19:AD:70:47:36:BF:54:FE:1E:BB:05:D7:4B:06:A2:30:B2:A0
Authority key identifier: D9:AD:18:F4:C3:60:67:22:0F:4D:83:3C:BC:78:A1:0F:94:EB:08:88
Certificate issuer: /CN=d9ad18f4c36067220f4d833cbc78a10f94eb0888
Certificate serial: 019D2884B6B9D152E70AEFFC1FE371E927EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2a0Y9MNgZyIPTYM8vHihD5TrCIg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/d351bf-71ce-4857-9e50-c2647385e727/1/2a0Y9MNgZyIPTYM8vHihD5TrCIg.mft
Manifest number: 0FA9
Signing time: Thu 26 Mar 2026 05:01:19 +0000
Manifest this update: Thu 26 Mar 2026 05:01:19 +0000
Manifest next update: Fri 27 Mar 2026 05:01:19 +0000
Files and hashes: 1: 2a0Y9MNgZyIPTYM8vHihD5TrCIg.crl (hash: ov1mYe6d+ufpoTXqrZ+dn+gyBLILWI5uQKioBXYG0qg=)
2: L2j3YbDrhxKGFha7tz1-c-vN-uQ.roa (hash: iDoMcXtz4bozdB/C54gk9t9e+mReC2IXbtgvzCL2Yp0=)
3: UIBjpglW4YWleiz-oKKmcURIxwc.roa (hash: ErWPaj7tYXmjYMsLMNAAh1j4o0c+Mnbdnzjy6PRwJIk=)
4: UZsKg_QtparPPd-wVk9iuY4cLb8.roa (hash: LXCP+y+LLCN1p4aORJt/oEFqWyCdqeZadpBwWIWxu8s=)
5: i5kyr5N66ZDTA3mtxGOlJ8kVut4.roa (hash: gEKkmfmle5KluLRAtXEyZBHa6B0VwRl775bqLnntmPA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/d351bf-71ce-4857-9e50-c2647385e727/1/2a0Y9MNgZyIPTYM8vHihD5TrCIg.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/d351bf-71ce-4857-9e50-c2647385e727/1/2a0Y9MNgZyIPTYM8vHihD5TrCIg.mft
rsync://rpki.ripe.net/repository/DEFAULT/2a0Y9MNgZyIPTYM8vHihD5TrCIg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 05:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:84:b6:b9:d1:52:e7:0a:ef:fc:1f:e3:71:e9:27:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9ad18f4c36067220f4d833cbc78a10f94eb0888
Validity
Not Before: Mar 26 05:01:19 2026 GMT
Not After : Mar 27 05:01:19 2026 GMT
Subject: CN=723d19ad704736bf54fe1ebb05d74b06a230b2a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:7f:a5:cb:18:9c:fe:51:88:bb:0f:3d:7f:d4:
92:cd:a4:10:08:a6:c8:0b:0f:5e:f4:07:f3:a1:3c:
69:da:98:bd:cf:3f:71:1c:a9:51:e6:7a:b9:d9:62:
a6:34:b6:4a:17:3d:b1:10:88:be:2e:d8:45:2a:fd:
64:c5:38:d7:37:37:f4:a5:5b:35:66:50:ca:4c:19:
e6:e8:36:09:69:a7:95:e5:97:d9:3d:72:a2:d9:ec:
3d:97:f1:ba:9c:a3:60:bd:06:7b:c9:5d:d5:5c:24:
ad:f3:34:11:94:77:07:65:ed:1e:18:09:c0:99:40:
dd:28:5c:29:5f:54:f5:66:b5:5b:8a:50:cc:08:b7:
db:45:3c:8d:51:5b:9f:0d:c9:e2:5a:bb:dc:95:27:
7a:4d:b3:c9:46:42:92:f2:ff:c7:06:ec:5f:bd:31:
52:58:27:ea:ba:42:99:08:81:fc:4c:66:95:47:16:
74:ab:c2:6a:35:a7:19:5a:7d:a8:a3:d9:72:9e:8a:
6c:76:11:f8:62:17:cd:e4:f0:86:b5:c1:03:37:d3:
5e:48:ae:4a:6c:41:be:21:0b:40:59:26:76:f8:bd:
a2:c8:5a:4b:9f:26:1e:17:c0:7a:db:fb:22:d1:e0:
37:ee:3e:dd:5d:19:14:bb:e1:5f:a4:07:b6:32:40:
9e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:3D:19:AD:70:47:36:BF:54:FE:1E:BB:05:D7:4B:06:A2:30:B2:A0
X509v3 Authority Key Identifier:
keyid:D9:AD:18:F4:C3:60:67:22:0F:4D:83:3C:BC:78:A1:0F:94:EB:08:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a0Y9MNgZyIPTYM8vHihD5TrCIg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d351bf-71ce-4857-9e50-c2647385e727/1/2a0Y9MNgZyIPTYM8vHihD5TrCIg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d351bf-71ce-4857-9e50-c2647385e727/1/2a0Y9MNgZyIPTYM8vHihD5TrCIg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
00:92:24:b3:1e:3f:ce:be:84:2f:00:06:8f:1e:d7:54:11:b1:
aa:55:80:e2:9a:3f:49:fd:40:a6:b3:66:6a:e3:a5:bc:77:e5:
08:b6:eb:eb:41:c8:df:a0:40:64:d1:e1:bf:33:72:71:0c:0b:
cc:30:7b:62:11:61:86:e3:89:d1:6f:b6:65:3c:88:1b:21:e4:
f5:4f:41:29:40:6a:99:c2:c9:7c:28:4e:ec:b0:a1:c9:5b:e1:
42:6c:a1:da:7a:b2:30:f0:66:06:14:97:a1:db:48:6f:9e:98:
d1:49:43:9e:e9:26:0b:10:54:e7:2d:39:ce:ea:11:9a:a1:3a:
a5:3a:d1:a9:40:14:a5:0d:9b:72:4a:75:e8:02:9a:41:ab:3d:
54:74:b1:06:1a:49:a4:e3:4a:24:d5:91:5f:60:7c:45:22:89:
d5:d7:b2:e7:8e:95:fc:c5:66:14:62:25:08:d1:ec:ff:bc:55:
2d:b8:63:59:1c:3a:9b:a2:dd:07:bc:e9:83:22:e2:77:d9:5a:
42:2b:21:1c:66:74:c4:62:01:13:49:94:04:dd:60:54:53:fd:
8b:b9:b6:95:ba:14:de:10:a2:d1:da:cb:3c:4b:7a:11:79:66:
eb:5b:c3:6b:79:f4:b0:35:d9:36:3e:15:11:34:b5:71:50:3e:
e2:f1:51:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ohLa50VLnCu/8H+Nx6SfvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YWQxOGY0YzM2MDY3MjIwZjRkODMzY2JjNzhhMTBmOTRl
YjA4ODgwHhcNMjYwMzI2MDUwMTE5WhcNMjYwMzI3MDUwMTE5WjAzMTEwLwYDVQQD
Eyg3MjNkMTlhZDcwNDczNmJmNTRmZTFlYmIwNWQ3NGIwNmEyMzBiMmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3+lyxic/lGIuw89f9SSzaQQCKbI
Cw9e9AfzoTxp2pi9zz9xHKlR5nq52WKmNLZKFz2xEIi+LthFKv1kxTjXNzf0pVs1
ZlDKTBnm6DYJaaeV5ZfZPXKi2ew9l/G6nKNgvQZ7yV3VXCSt8zQRlHcHZe0eGAnA
mUDdKFwpX1T1ZrVbilDMCLfbRTyNUVufDcniWrvclSd6TbPJRkKS8v/HBuxfvTFS
WCfqukKZCIH8TGaVRxZ0q8JqNacZWn2oo9lynopsdhH4YhfN5PCGtcEDN9NeSK5K
bEG+IQtAWSZ2+L2iyFpLnyYeF8B62/si0eA37j7dXRkUu+FfpAe2MkCecwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHI9Ga1wRza/VP4euwXXSwaiMLKgMB8GA1UdIwQY
MBaAFNmtGPTDYGciD02DPLx4oQ+U6wiIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmEwWTlNTmdaeUlQVFlNOHZIaWhENVRyQ0lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9kMzUxYmYtNzFjZS00ODU3LTllNTAt
YzI2NDczODVlNzI3LzEvMmEwWTlNTmdaeUlQVFlNOHZIaWhENVRyQ0lnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9kMzUxYmYtNzFjZS00ODU3LTllNTAtYzI2NDczODVlNzI3
LzEvMmEwWTlNTmdaeUlQVFlNOHZIaWhENVRyQ0lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAJIksx4/
zr6ELwAGjx7XVBGxqlWA4po/Sf1AprNmauOlvHflCLbr60HI36BAZNHhvzNycQwL
zDB7YhFhhuOJ0W+2ZTyIGyHk9U9BKUBqmcLJfChO7LChyVvhQmyh2nqyMPBmBhSX
odtIb56Y0UlDnukmCxBU5y05zuoRmqE6pTrRqUAUpQ2bckp16AKaQas9VHSxBhpJ
pONKJNWRX2B8RSKJ1dey546V/MVmFGIlCNHs/7xVLbhjWRw6m6LdB7zpgyLid9la
QishHGZ0xGIBE0mUBN1gVFP9i7m2lboU3hCi0drLPEt6EXlm61vDa3n0sDXZNj4V
ETS1cVA+4vFRnA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:30:02 2026 by rpki-client