Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.mft
File: 2afNm3hyoceqJis_rRqQdlAlKDI.mft (raw, json)
Hash identifier: T8kERnZIx5Xa7zvyLDNEwJqIKBipzUNJl0lpet+beYo=
Subject key identifier: 42:2A:52:52:E3:D1:B1:A2:D3:1C:05:71:C3:09:78:ED:D0:FC:AF:D9
Authority key identifier: D9:A7:CD:9B:78:72:A1:C7:AA:26:2B:3F:AD:1A:90:76:50:25:28:32
Certificate issuer: /CN=d9a7cd9b7872a1c7aa262b3fad1a907650252832
Certificate serial: 019E1C7DDF56C1AB6B1B26B16D4F991CEE82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2afNm3hyoceqJis_rRqQdlAlKDI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.mft
Manifest number: 072B
Signing time: Tue 12 May 2026 14:01:11 +0000
Manifest this update: Tue 12 May 2026 14:01:11 +0000
Manifest next update: Wed 13 May 2026 14:01:11 +0000
Files and hashes: 1: 2afNm3hyoceqJis_rRqQdlAlKDI.crl (hash: 9VEryASR0ycq5oXqcWxhkEQrOkFIQVOJgUEeqsNISqw=)
2: bkcUPSVyK1GtBOw35C6fpsJHCPw.roa (hash: 14nbBDwXuaYsul3Mhzz1OYQgsUX4OxdsMQADV56Zhh0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.mft
rsync://rpki.ripe.net/repository/DEFAULT/2afNm3hyoceqJis_rRqQdlAlKDI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1c:7d:df:56:c1:ab:6b:1b:26:b1:6d:4f:99:1c:ee:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9a7cd9b7872a1c7aa262b3fad1a907650252832
Validity
Not Before: May 12 14:01:11 2026 GMT
Not After : May 13 14:01:11 2026 GMT
Subject: CN=422a5252e3d1b1a2d31c0571c30978edd0fcafd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:b0:a4:06:84:bd:c4:6b:4c:d1:b7:b0:ee:9f:
38:20:58:f2:c8:b9:39:0b:9f:d4:93:bf:5e:2b:e3:
87:d5:e0:41:a8:59:e6:8b:68:85:ec:57:9b:6b:70:
28:f0:53:93:57:dd:13:dd:a6:b6:a7:d3:91:ab:f7:
27:cb:a3:06:b6:ab:9a:cf:94:da:03:67:25:4c:00:
a1:69:ba:52:b0:a4:82:63:31:f3:b6:94:82:ba:7a:
e8:e5:37:1c:98:c5:41:16:76:4d:65:17:d3:d0:c8:
f4:8b:1a:6c:2a:b8:f8:46:c0:90:53:a5:10:4f:2b:
46:ac:f7:10:7e:d9:c8:e9:79:89:92:38:20:a7:21:
eb:5e:ee:22:53:ea:79:67:0b:89:21:3e:96:e5:a5:
c9:52:25:3f:2c:08:e4:86:cc:34:8b:4f:0e:ed:b7:
98:6b:b1:63:c2:90:fd:ef:70:4d:e5:03:de:88:9e:
47:f2:c4:dd:0b:e5:95:37:1e:86:6d:51:fa:de:9e:
f3:fb:d9:5e:3b:e8:d6:c5:f4:2d:13:10:80:d3:14:
1c:b2:a5:38:f7:b1:34:b6:41:d4:25:71:34:aa:84:
36:08:0a:91:d1:f1:ae:67:82:6f:d3:73:66:09:37:
63:67:4e:ab:af:7a:af:70:43:86:0e:3e:30:c1:7d:
9e:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:2A:52:52:E3:D1:B1:A2:D3:1C:05:71:C3:09:78:ED:D0:FC:AF:D9
X509v3 Authority Key Identifier:
keyid:D9:A7:CD:9B:78:72:A1:C7:AA:26:2B:3F:AD:1A:90:76:50:25:28:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2afNm3hyoceqJis_rRqQdlAlKDI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9c:8d:aa:d6:b2:d1:4f:44:aa:8b:41:b4:41:c3:45:b2:7f:1c:
60:f1:de:63:34:7e:9c:a7:01:b2:8d:98:e3:33:a2:4a:66:ff:
a6:61:7b:6d:62:c5:9f:38:8e:0d:3f:d0:0a:b5:da:c3:c3:7c:
98:84:56:c2:0f:1c:b3:9e:51:03:26:8c:9f:be:1f:f6:2f:fc:
77:a6:e9:50:5d:70:08:c3:2c:90:df:92:75:8c:17:9c:3d:99:
5c:b4:35:50:83:75:53:d5:d6:90:43:28:bd:b8:9d:99:78:23:
8f:a4:f6:2b:8e:5a:a9:0b:e6:f0:f3:c7:91:84:a9:d7:40:6e:
f1:4b:13:1f:4e:45:6a:f3:c7:25:b2:bd:96:13:e9:06:07:ac:
d0:9e:c4:2c:12:9a:57:ed:04:6c:aa:ef:8f:00:40:f8:16:75:
c8:19:5d:2f:b5:92:eb:3f:45:24:79:31:f1:fe:7c:38:70:4b:
7c:eb:a3:a2:79:e7:f7:68:6b:67:66:27:3f:c3:ed:4a:56:1a:
79:22:d6:ba:00:62:c6:e9:c1:ab:9c:b9:65:f5:bc:98:5c:a5:
4b:22:31:c4:9e:3c:f3:ba:82:28:31:53:eb:48:67:49:40:07:
e6:fb:2c:79:61:2b:44:c8:b9:0d:2f:fa:74:6f:b9:72:ea:19:
00:57:a6:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4cfd9WwatrGyaxbU+ZHO6CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YTdjZDliNzg3MmExYzdhYTI2MmIzZmFkMWE5MDc2NTAy
NTI4MzIwHhcNMjYwNTEyMTQwMTExWhcNMjYwNTEzMTQwMTExWjAzMTEwLwYDVQQD
Eyg0MjJhNTI1MmUzZDFiMWEyZDMxYzA1NzFjMzA5NzhlZGQwZmNhZmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+LCkBoS9xGtM0bew7p84IFjyyLk5
C5/Uk79eK+OH1eBBqFnmi2iF7Feba3Ao8FOTV90T3aa2p9ORq/cny6MGtquaz5Ta
A2clTAChabpSsKSCYzHztpSCunro5TccmMVBFnZNZRfT0Mj0ixpsKrj4RsCQU6UQ
TytGrPcQftnI6XmJkjggpyHrXu4iU+p5ZwuJIT6W5aXJUiU/LAjkhsw0i08O7beY
a7FjwpD973BN5QPeiJ5H8sTdC+WVNx6GbVH63p7z+9leO+jWxfQtExCA0xQcsqU4
97E0tkHUJXE0qoQ2CAqR0fGuZ4Jv03NmCTdjZ06rr3qvcEOGDj4wwX2exwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEIqUlLj0bGi0xwFccMJeO3Q/K/ZMB8GA1UdIwQY
MBaAFNmnzZt4cqHHqiYrP60akHZQJSgyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmFmTm0zaHlvY2VxSmlzX3JScVFkbEFsS0RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jMDZmMDktOTA3Mi00ZDU3LTliNjQt
ZDA1YmU4YzVhNGIxLzEvMmFmTm0zaHlvY2VxSmlzX3JScVFkbEFsS0RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9jMDZmMDktOTA3Mi00ZDU3LTliNjQtZDA1YmU4YzVhNGIx
LzEvMmFmTm0zaHlvY2VxSmlzX3JScVFkbEFsS0RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnI2q1rLR
T0Sqi0G0QcNFsn8cYPHeYzR+nKcBso2Y4zOiSmb/pmF7bWLFnziODT/QCrXaw8N8
mIRWwg8cs55RAyaMn74f9i/8d6bpUF1wCMMskN+SdYwXnD2ZXLQ1UIN1U9XWkEMo
vbidmXgjj6T2K45aqQvm8PPHkYSp10Bu8UsTH05FavPHJbK9lhPpBges0J7ELBKa
V+0EbKrvjwBA+BZ1yBldL7WS6z9FJHkx8f58OHBLfOujonnn92hrZ2YnP8PtSlYa
eSLWugBixunBq5y5ZfW8mFylSyIxxJ4887qCKDFT60hnSUAH5vsseWErRMi5DS/6
dG+5cuoZAFemgA==
-----END CERTIFICATE-----
Generated at Tue May 12 21:42:59 2026 by rpki-client