Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/7fcb35-4408-4218-9862-7f75a1b10ec3/1/2D73FCmY5OZWYFPixjpwgIxuojc.mft
File: 2D73FCmY5OZWYFPixjpwgIxuojc.mft (raw, json)
Hash identifier: Jn/xNJBjLY9dPJ4Wmu1WR5H87JuWOxTkbie0uS4ipOY=
Subject key identifier: 3C:A3:27:61:77:40:F1:68:36:4D:82:F9:7E:86:C7:1F:6F:06:B6:AF
Authority key identifier: D8:3E:F7:14:29:98:E4:E6:56:60:53:E2:C6:3A:70:80:8C:6E:A2:37
Certificate issuer: /CN=d83ef7142998e4e6566053e2c63a70808c6ea237
Certificate serial: 019D2695DC0592E819537EAF78CBC27E96D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2D73FCmY5OZWYFPixjpwgIxuojc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/7fcb35-4408-4218-9862-7f75a1b10ec3/1/2D73FCmY5OZWYFPixjpwgIxuojc.mft
Manifest number: 0406
Signing time: Wed 25 Mar 2026 20:00:48 +0000
Manifest this update: Wed 25 Mar 2026 20:00:48 +0000
Manifest next update: Thu 26 Mar 2026 20:00:48 +0000
Files and hashes: 1: 2D73FCmY5OZWYFPixjpwgIxuojc.crl (hash: FeoWIm5DbcGSOY6e0m2xn0qQ0S71JeGC9IqSDSVyvqo=)
2: nNN8oPaWzwsAkuqBUkdubOWtVpo.roa (hash: 0qPiY5OdqzEcTjsFlVm1KfW2HObtyaiMymvYvbm7kPE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/7fcb35-4408-4218-9862-7f75a1b10ec3/1/2D73FCmY5OZWYFPixjpwgIxuojc.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/7fcb35-4408-4218-9862-7f75a1b10ec3/1/2D73FCmY5OZWYFPixjpwgIxuojc.mft
rsync://rpki.ripe.net/repository/DEFAULT/2D73FCmY5OZWYFPixjpwgIxuojc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 20:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:95:dc:05:92:e8:19:53:7e:af:78:cb:c2:7e:96:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d83ef7142998e4e6566053e2c63a70808c6ea237
Validity
Not Before: Mar 25 20:00:48 2026 GMT
Not After : Mar 26 20:00:48 2026 GMT
Subject: CN=3ca327617740f168364d82f97e86c71f6f06b6af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:5f:07:84:0a:29:60:17:ef:61:50:c8:2f:99:
cd:5b:42:de:81:f3:89:d7:43:73:9c:77:6d:16:0b:
58:91:ca:45:f6:c8:ab:89:1f:98:5d:b6:e0:fc:2b:
eb:63:73:2a:dd:27:59:59:22:c0:95:74:bc:5c:30:
f4:aa:ea:9a:b0:1c:7b:81:a0:af:54:29:28:d1:f0:
69:56:9c:0a:d7:b0:cf:bf:fd:f5:72:30:ca:c9:84:
fd:11:e0:06:8d:e2:0a:27:12:5d:60:ab:75:8f:bd:
5e:9a:b9:7d:cf:35:b1:ca:93:73:87:0a:7b:f3:fe:
c3:ee:1c:13:d7:44:0a:ff:ea:be:ea:ca:5a:b0:43:
fa:8f:9e:8b:0d:14:f8:ea:42:b5:45:3b:1f:19:6e:
a9:ef:1c:d5:6b:99:53:c0:c4:c7:c1:9c:76:a7:0c:
af:ec:14:91:94:d1:3a:4e:9d:80:17:f2:74:92:9f:
9d:b2:7b:13:86:d2:f8:06:a4:ac:96:36:07:5f:9f:
7b:c4:43:2e:69:fb:94:a1:3e:fd:27:3b:c4:73:d2:
54:f5:5e:c2:36:d8:50:7d:e2:21:fd:88:ef:d7:f9:
ac:d5:19:5b:6f:b5:c8:d7:7e:7c:ce:f4:54:4c:29:
bf:8b:0c:33:4b:85:51:86:60:13:98:23:54:66:2e:
61:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:A3:27:61:77:40:F1:68:36:4D:82:F9:7E:86:C7:1F:6F:06:B6:AF
X509v3 Authority Key Identifier:
keyid:D8:3E:F7:14:29:98:E4:E6:56:60:53:E2:C6:3A:70:80:8C:6E:A2:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2D73FCmY5OZWYFPixjpwgIxuojc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/7fcb35-4408-4218-9862-7f75a1b10ec3/1/2D73FCmY5OZWYFPixjpwgIxuojc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/7fcb35-4408-4218-9862-7f75a1b10ec3/1/2D73FCmY5OZWYFPixjpwgIxuojc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2b:96:5e:bd:53:ea:37:1a:cb:29:2c:72:3f:0a:e3:15:ea:f9:
34:80:c6:be:9b:09:ea:6a:83:00:4a:ac:71:fe:2e:62:d9:d7:
b8:3a:66:a2:d5:f6:a5:3a:39:93:ca:71:94:8b:ba:71:3f:ef:
9e:92:db:13:05:48:24:74:f5:f8:d6:0e:f8:0b:e6:13:0e:27:
a1:a4:63:b3:10:3b:15:29:5a:cc:b0:6a:26:89:8d:5d:e8:b5:
ef:f8:75:21:f7:8e:a7:40:2a:fe:e9:fc:0b:3f:f2:e4:25:c5:
1c:8a:6f:57:63:0e:49:5d:c9:70:eb:48:87:0f:56:fd:1f:64:
7e:94:1e:f8:81:3e:31:a8:f1:1b:93:50:59:9d:c3:55:69:bf:
48:c8:23:ee:93:8a:19:82:5f:1f:a2:ee:d0:d3:ea:4c:c3:8f:
a7:d6:b5:dc:2d:ec:bf:87:55:6a:ac:5c:7f:03:a3:ec:ec:14:
51:51:00:e5:1c:1d:d1:9a:4e:41:a8:ee:0e:13:2a:c7:d6:a3:
e1:31:1e:e7:23:91:fa:17:0f:42:dd:f7:64:c1:9d:8a:30:f3:
24:bc:5d:f6:21:1b:07:9d:e4:e9:9a:64:9a:02:b4:4d:c2:8e:
43:49:c1:58:9e:d4:c9:4b:c3:de:7b:ce:7e:57:7e:48:c6:19:
71:ec:ff:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mldwFkugZU36veMvCfpbUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4M2VmNzE0Mjk5OGU0ZTY1NjYwNTNlMmM2M2E3MDgwOGM2
ZWEyMzcwHhcNMjYwMzI1MjAwMDQ4WhcNMjYwMzI2MjAwMDQ4WjAzMTEwLwYDVQQD
EygzY2EzMjc2MTc3NDBmMTY4MzY0ZDgyZjk3ZTg2YzcxZjZmMDZiNmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtl8HhAopYBfvYVDIL5nNW0LegfOJ
10NznHdtFgtYkcpF9siriR+YXbbg/CvrY3Mq3SdZWSLAlXS8XDD0quqasBx7gaCv
VCko0fBpVpwK17DPv/31cjDKyYT9EeAGjeIKJxJdYKt1j71emrl9zzWxypNzhwp7
8/7D7hwT10QK/+q+6spasEP6j56LDRT46kK1RTsfGW6p7xzVa5lTwMTHwZx2pwyv
7BSRlNE6Tp2AF/J0kp+dsnsThtL4BqSsljYHX597xEMuafuUoT79JzvEc9JU9V7C
NthQfeIh/Yjv1/ms1Rlbb7XI1358zvRUTCm/iwwzS4VRhmATmCNUZi5hwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDyjJ2F3QPFoNk2C+X6Gxx9vBravMB8GA1UdIwQY
MBaAFNg+9xQpmOTmVmBT4sY6cICMbqI3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkQ3M0ZDbVk1T1pXWUZQaXhqcHdnSXh1b2pjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy83ZmNiMzUtNDQwOC00MjE4LTk4NjIt
N2Y3NWExYjEwZWMzLzEvMkQ3M0ZDbVk1T1pXWUZQaXhqcHdnSXh1b2pjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy83ZmNiMzUtNDQwOC00MjE4LTk4NjItN2Y3NWExYjEwZWMz
LzEvMkQ3M0ZDbVk1T1pXWUZQaXhqcHdnSXh1b2pjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK5ZevVPq
NxrLKSxyPwrjFer5NIDGvpsJ6mqDAEqscf4uYtnXuDpmotX2pTo5k8pxlIu6cT/v
npLbEwVIJHT1+NYO+AvmEw4noaRjsxA7FSlazLBqJomNXei17/h1IfeOp0Aq/un8
Cz/y5CXFHIpvV2MOSV3JcOtIhw9W/R9kfpQe+IE+MajxG5NQWZ3DVWm/SMgj7pOK
GYJfH6Lu0NPqTMOPp9a13C3sv4dVaqxcfwOj7OwUUVEA5Rwd0ZpOQajuDhMqx9aj
4TEe5yOR+hcPQt33ZMGdijDzJLxd9iEbB53k6ZpkmgK0TcKOQ0nBWJ7UyUvD3nvO
fld+SMYZcez/uQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 03:41:21 2026 by rpki-client