Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/2f8MyFNVS935CZqjzuvTUka5KPU.mft
File: 2f8MyFNVS935CZqjzuvTUka5KPU.mft (raw, json)
Hash identifier: UOIkXBHz8FiwXlctxgjemcKS0Jrq0YdP7ZUe2y9v+Gs=
Subject key identifier: A3:9A:3F:7C:50:BD:0C:E7:56:40:DA:D1:55:F3:C8:24:C7:DF:77:79
Authority key identifier: D9:FF:0C:C8:53:55:4B:DD:F9:09:9A:A3:CE:EB:D3:52:46:B9:28:F5
Certificate issuer: /CN=d9ff0cc853554bddf9099aa3ceebd35246b928f5
Certificate serial: 019E1C7D5B1BF5C3AA7CFFA6A61787027274
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2f8MyFNVS935CZqjzuvTUka5KPU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/2f8MyFNVS935CZqjzuvTUka5KPU.mft
Manifest number: 0148
Signing time: Tue 12 May 2026 14:00:37 +0000
Manifest this update: Tue 12 May 2026 14:00:37 +0000
Manifest next update: Wed 13 May 2026 14:00:37 +0000
Files and hashes: 1: 1-OkpooCR750DOU3KO4Q0Au9Ls5A.roa (hash: Dj+AT1jX9rfVhJFGXz9XaLtPSZgqG/nTfTCrODe4StE=)
2: 2f8MyFNVS935CZqjzuvTUka5KPU.crl (hash: jAC2VIVnTyXBnMSAxsohKShtDtDJzpPiqti9X9jRsyg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/2f8MyFNVS935CZqjzuvTUka5KPU.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/2f8MyFNVS935CZqjzuvTUka5KPU.mft
rsync://rpki.ripe.net/repository/DEFAULT/2f8MyFNVS935CZqjzuvTUka5KPU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1c:7d:5b:1b:f5:c3:aa:7c:ff:a6:a6:17:87:02:72:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9ff0cc853554bddf9099aa3ceebd35246b928f5
Validity
Not Before: May 12 14:00:37 2026 GMT
Not After : May 13 14:00:37 2026 GMT
Subject: CN=a39a3f7c50bd0ce75640dad155f3c824c7df7779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f8:0d:8e:a0:22:c8:35:c0:3b:30:18:54:85:
fa:57:41:97:b1:aa:a4:af:3e:29:2d:98:33:34:05:
65:4c:09:ea:b0:ea:2d:71:83:a0:b5:d6:f9:16:e1:
ef:62:d7:9b:46:c4:e0:f5:11:c5:e3:54:bd:40:b5:
c9:c7:a8:57:6e:c6:68:83:12:38:9c:4f:d2:c4:8f:
7f:a6:2d:f4:a7:9a:15:30:06:bd:e9:97:ed:17:1c:
20:ce:ca:12:da:bc:7b:73:4e:59:75:e3:d9:99:c3:
e1:ff:db:fd:e7:44:09:f8:03:4e:a4:8f:b1:fe:04:
47:c5:64:05:c9:40:70:55:6c:5e:54:2f:af:07:5d:
85:6d:d1:09:52:ea:aa:61:3d:af:db:98:0e:ed:44:
08:9b:5e:de:20:2c:f4:43:4a:a2:32:d2:0a:32:59:
58:45:48:52:4c:4e:fc:50:f5:af:18:96:80:05:0d:
bb:39:a7:09:0c:94:bf:52:f1:1c:8e:48:6d:10:9f:
ed:04:88:3e:89:91:32:44:d7:df:30:f4:5c:4b:42:
86:4a:d4:25:b4:80:bb:1d:ed:9b:24:68:98:29:cf:
18:e1:73:29:f2:b6:6e:84:2c:7a:22:b8:69:04:4e:
68:e2:1d:54:39:cf:4c:fd:9b:c5:09:3a:67:96:19:
57:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:9A:3F:7C:50:BD:0C:E7:56:40:DA:D1:55:F3:C8:24:C7:DF:77:79
X509v3 Authority Key Identifier:
keyid:D9:FF:0C:C8:53:55:4B:DD:F9:09:9A:A3:CE:EB:D3:52:46:B9:28:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f8MyFNVS935CZqjzuvTUka5KPU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/2f8MyFNVS935CZqjzuvTUka5KPU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/2f8MyFNVS935CZqjzuvTUka5KPU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
34:cd:49:0d:49:20:40:4a:47:d8:60:50:d2:c1:e0:e8:e8:be:
5b:50:e5:bc:24:24:d2:95:55:81:7b:2e:ae:82:37:7a:d2:8c:
a8:68:b5:99:f4:18:a8:e8:53:56:6c:db:e8:ff:1d:e2:f4:46:
f1:bc:9d:b9:0d:23:29:b0:23:d2:5a:68:62:9e:f5:f7:91:64:
c8:b7:74:b5:59:a4:90:c2:c6:9a:a5:98:dc:4d:48:68:d8:0c:
fa:d2:f6:11:a5:91:03:df:15:f9:b5:69:35:ae:69:8e:af:27:
44:55:53:d9:fb:4a:47:f8:ad:12:5f:0f:fd:76:9a:5d:d8:f1:
e1:64:10:e2:5c:02:2b:43:2c:f9:96:0e:96:fe:9b:e3:4a:9a:
51:68:21:f3:10:99:db:0e:e6:f9:0e:47:e6:af:20:9c:10:24:
dc:a6:c9:78:94:ee:1a:88:f6:ca:67:0a:7d:de:9a:2e:df:5d:
db:c9:cc:8e:53:75:1e:c2:08:87:6f:4e:ee:03:18:84:52:95:
4f:ce:5c:24:f9:29:08:50:c7:7b:0e:bd:42:b6:be:76:c2:82:
03:9f:6c:71:ce:5d:d7:46:b7:e9:13:ba:39:c2:c1:a4:95:ef:
9e:12:58:83:0a:29:fe:a2:a8:7f:bb:fd:f2:d5:75:d6:bc:0d:
47:7a:c7:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4cfVsb9cOqfP+mpheHAnJ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZmYwY2M4NTM1NTRiZGRmOTA5OWFhM2NlZWJkMzUyNDZi
OTI4ZjUwHhcNMjYwNTEyMTQwMDM3WhcNMjYwNTEzMTQwMDM3WjAzMTEwLwYDVQQD
EyhhMzlhM2Y3YzUwYmQwY2U3NTY0MGRhZDE1NWYzYzgyNGM3ZGY3Nzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfgNjqAiyDXAOzAYVIX6V0GXsaqk
rz4pLZgzNAVlTAnqsOotcYOgtdb5FuHvYtebRsTg9RHF41S9QLXJx6hXbsZogxI4
nE/SxI9/pi30p5oVMAa96ZftFxwgzsoS2rx7c05ZdePZmcPh/9v950QJ+ANOpI+x
/gRHxWQFyUBwVWxeVC+vB12FbdEJUuqqYT2v25gO7UQIm17eICz0Q0qiMtIKMllY
RUhSTE78UPWvGJaABQ27OacJDJS/UvEcjkhtEJ/tBIg+iZEyRNffMPRcS0KGStQl
tIC7He2bJGiYKc8Y4XMp8rZuhCx6IrhpBE5o4h1UOc9M/ZvFCTpnlhlX5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKOaP3xQvQznVkDa0VXzyCTH33d5MB8GA1UdIwQY
MBaAFNn/DMhTVUvd+Qmao87r01JGuSj1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmY4TXlGTlZTOTM1Q1pxanp1dlRVa2E1S1BVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9hYWEwNWQtZTdiMS00ZTM5LTg0NzAt
Y2FmZTVlN2RiNzU4LzEvMmY4TXlGTlZTOTM1Q1pxanp1dlRVa2E1S1BVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9hYWEwNWQtZTdiMS00ZTM5LTg0NzAtY2FmZTVlN2RiNzU4
LzEvMmY4TXlGTlZTOTM1Q1pxanp1dlRVa2E1S1BVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANM1JDUkg
QEpH2GBQ0sHg6Oi+W1DlvCQk0pVVgXsuroI3etKMqGi1mfQYqOhTVmzb6P8d4vRG
8byduQ0jKbAj0lpoYp7195FkyLd0tVmkkMLGmqWY3E1IaNgM+tL2EaWRA98V+bVp
Na5pjq8nRFVT2ftKR/itEl8P/XaaXdjx4WQQ4lwCK0Ms+ZYOlv6b40qaUWgh8xCZ
2w7m+Q5H5q8gnBAk3KbJeJTuGoj2ymcKfd6aLt9d28nMjlN1HsIIh29O7gMYhFKV
T85cJPkpCFDHew69Qra+dsKCA59scc5d10a36RO6OcLBpJXvnhJYgwop/qKof7v9
8tV11rwNR3rHZQ==
-----END CERTIFICATE-----
Generated at Wed May 13 00:39:21 2026 by rpki-client