Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/e37b66-45a1-4956-9731-3496e48e5514/1/2xQOBpsx8rhMXb0hPtRnc7BjPlI.mft
File: 2xQOBpsx8rhMXb0hPtRnc7BjPlI.mft (raw, json)
Hash identifier: OH98uLXB7jrugzoXhyXo+nLeX7E63yVur32/ZHqC1XE=
Subject key identifier: C8:EC:22:39:64:52:12:72:16:2A:07:B0:22:89:6B:21:D5:72:86:91
Authority key identifier: DB:14:0E:06:9B:31:F2:B8:4C:5D:BD:21:3E:D4:67:73:B0:63:3E:52
Certificate issuer: /CN=db140e069b31f2b84c5dbd213ed46773b0633e52
Certificate serial: 019D33E3A65CD7346F3CE1C9D982080EFBC8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2xQOBpsx8rhMXb0hPtRnc7BjPlI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/e37b66-45a1-4956-9731-3496e48e5514/1/2xQOBpsx8rhMXb0hPtRnc7BjPlI.mft
Manifest number: 8F
Signing time: Sat 28 Mar 2026 10:00:50 +0000
Manifest this update: Sat 28 Mar 2026 10:00:50 +0000
Manifest next update: Sun 29 Mar 2026 10:00:50 +0000
Files and hashes: 1: 2xQOBpsx8rhMXb0hPtRnc7BjPlI.crl (hash: +hjDl2yDmsu532E65VmIB75QVXagThMTuY0UY4Uf1fg=)
2: QZpcoFZ-mTdXgaU_KSl2tUqS-WA.roa (hash: kKgOgir5OcWMeFMyd0QfuGiJS19k1i7Dnvnix7dS1ZM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/e37b66-45a1-4956-9731-3496e48e5514/1/2xQOBpsx8rhMXb0hPtRnc7BjPlI.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/e37b66-45a1-4956-9731-3496e48e5514/1/2xQOBpsx8rhMXb0hPtRnc7BjPlI.mft
rsync://rpki.ripe.net/repository/DEFAULT/2xQOBpsx8rhMXb0hPtRnc7BjPlI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:33:e3:a6:5c:d7:34:6f:3c:e1:c9:d9:82:08:0e:fb:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db140e069b31f2b84c5dbd213ed46773b0633e52
Validity
Not Before: Mar 28 10:00:50 2026 GMT
Not After : Mar 29 10:00:50 2026 GMT
Subject: CN=c8ec223964521272162a07b022896b21d5728691
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:07:69:71:8c:d8:b4:37:48:4a:b3:18:82:91:
ff:77:cb:ea:6c:46:88:c7:5a:fe:17:b5:9e:43:ca:
78:6a:b2:1e:56:7a:db:f2:c5:4d:46:ac:d1:ea:3a:
28:10:26:bc:41:95:23:cd:43:b3:12:15:e6:cd:6d:
16:a2:75:28:77:a7:c2:7c:a4:16:4c:05:2b:90:bf:
1a:f5:8c:15:87:ef:39:ae:e8:53:8c:e2:2e:a8:90:
46:d3:4a:4b:1c:68:21:00:61:c2:00:ad:2b:a8:7a:
44:c2:7c:ec:22:d8:79:a9:8b:c7:96:82:26:6f:f6:
14:f7:84:a0:08:2a:7f:b6:dc:87:5d:83:2c:1d:ad:
26:7e:19:6e:17:87:2d:59:71:e5:fd:94:22:f6:27:
b2:0d:95:de:93:8d:fa:0c:a8:70:38:1f:d9:af:ac:
0e:3c:a9:56:f9:ee:7f:b0:08:49:40:81:e9:9e:0e:
00:0f:54:13:c6:f4:a0:b9:6f:74:8c:9e:9e:f0:a7:
1a:c3:ae:cc:40:af:79:75:25:97:5d:7b:0e:f6:3f:
62:5f:77:d6:98:a2:21:00:52:73:b7:3c:39:fb:6a:
f3:4b:a4:fa:71:71:08:94:d1:ec:93:f5:bc:41:43:
c8:86:75:1e:7e:4b:4e:7a:1a:a5:2a:97:24:48:a1:
d7:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:EC:22:39:64:52:12:72:16:2A:07:B0:22:89:6B:21:D5:72:86:91
X509v3 Authority Key Identifier:
keyid:DB:14:0E:06:9B:31:F2:B8:4C:5D:BD:21:3E:D4:67:73:B0:63:3E:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2xQOBpsx8rhMXb0hPtRnc7BjPlI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e37b66-45a1-4956-9731-3496e48e5514/1/2xQOBpsx8rhMXb0hPtRnc7BjPlI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e37b66-45a1-4956-9731-3496e48e5514/1/2xQOBpsx8rhMXb0hPtRnc7BjPlI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
99:a3:cd:31:23:fb:c0:94:04:7b:a1:b0:a5:2a:79:c8:bd:5d:
4b:8f:02:70:2d:0b:2e:eb:65:ab:60:7f:33:bc:9d:2d:b8:dd:
24:4d:74:63:73:30:be:1d:6b:5e:3e:4c:bc:70:f0:8d:48:13:
e0:60:d8:90:a5:7d:3a:ac:7e:dd:7f:35:0a:a2:75:cf:15:41:
92:58:dd:b8:f2:13:05:e5:92:9b:66:86:d6:18:cc:f4:50:54:
ad:c1:48:d7:f6:e5:16:58:83:a6:b4:23:ce:56:39:e5:d3:89:
99:c4:54:b4:cb:86:67:20:da:c1:f3:4a:17:a0:de:10:4a:04:
e7:a0:f9:80:64:4b:d1:70:b1:b9:76:d3:bc:aa:b2:6c:bf:05:
ca:8d:82:05:b3:28:3d:c5:c4:7e:09:cb:8e:e7:cd:a5:d2:c8:
a1:47:62:d1:dd:df:1f:2d:34:34:06:0b:66:f3:e2:bd:10:c6:
5e:a8:01:4e:3e:51:36:16:9e:cc:29:6a:4a:f4:eb:6e:74:fa:
fa:2b:05:8d:4b:3c:a0:75:98:39:88:ac:27:bb:e0:94:e2:15:
da:e7:ed:be:cb:82:f8:ac:5a:88:a9:1d:21:f7:68:58:8d:06:
e6:73:eb:e2:7f:fb:9e:56:f9:51:a5:8f:7d:3b:a1:73:29:22:
07:be:51:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0z46Zc1zRvPOHJ2YIIDvvIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMTQwZTA2OWIzMWYyYjg0YzVkYmQyMTNlZDQ2NzczYjA2
MzNlNTIwHhcNMjYwMzI4MTAwMDUwWhcNMjYwMzI5MTAwMDUwWjAzMTEwLwYDVQQD
EyhjOGVjMjIzOTY0NTIxMjcyMTYyYTA3YjAyMjg5NmIyMWQ1NzI4NjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgdpcYzYtDdISrMYgpH/d8vqbEaI
x1r+F7WeQ8p4arIeVnrb8sVNRqzR6jooECa8QZUjzUOzEhXmzW0WonUod6fCfKQW
TAUrkL8a9YwVh+85ruhTjOIuqJBG00pLHGghAGHCAK0rqHpEwnzsIth5qYvHloIm
b/YU94SgCCp/ttyHXYMsHa0mfhluF4ctWXHl/ZQi9ieyDZXek436DKhwOB/Zr6wO
PKlW+e5/sAhJQIHpng4AD1QTxvSguW90jJ6e8Kcaw67MQK95dSWXXXsO9j9iX3fW
mKIhAFJztzw5+2rzS6T6cXEIlNHsk/W8QUPIhnUefktOehqlKpckSKHXTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMjsIjlkUhJyFioHsCKJayHVcoaRMB8GA1UdIwQY
MBaAFNsUDgabMfK4TF29IT7UZ3OwYz5SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnhRT0Jwc3g4cmhNWGIwaFB0Um5jN0JqUGxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9lMzdiNjYtNDVhMS00OTU2LTk3MzEt
MzQ5NmU0OGU1NTE0LzEvMnhRT0Jwc3g4cmhNWGIwaFB0Um5jN0JqUGxJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9lMzdiNjYtNDVhMS00OTU2LTk3MzEtMzQ5NmU0OGU1NTE0
LzEvMnhRT0Jwc3g4cmhNWGIwaFB0Um5jN0JqUGxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmaPNMSP7
wJQEe6GwpSp5yL1dS48CcC0LLutlq2B/M7ydLbjdJE10Y3Mwvh1rXj5MvHDwjUgT
4GDYkKV9Oqx+3X81CqJ1zxVBkljduPITBeWSm2aG1hjM9FBUrcFI1/blFliDprQj
zlY55dOJmcRUtMuGZyDawfNKF6DeEEoE56D5gGRL0XCxuXbTvKqybL8Fyo2CBbMo
PcXEfgnLjufNpdLIoUdi0d3fHy00NAYLZvPivRDGXqgBTj5RNhaezClqSvTrbnT6
+isFjUs8oHWYOYisJ7vglOIV2uftvsuC+KxaiKkdIfdoWI0G5nPr4n/7nlb5UaWP
fTuhcykiB75RhQ==
-----END CERTIFICATE-----
Generated at Sat Mar 28 11:39:55 2026 by rpki-client