Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.mft
File: 2FAiKC40aZ_lSLdShRmiWlDZEzo.mft (raw, json)
Hash identifier: QhSH7D0z2SseFrsUUUxVwt57s4xiv/gNqSZC8Oqs7SY=
Subject key identifier: B8:19:7E:04:51:57:9E:46:16:D9:B3:6D:04:02:94:48:8F:FC:E9:18
Authority key identifier: D8:50:22:28:2E:34:69:9F:E5:48:B7:52:85:19:A2:5A:50:D9:13:3A
Certificate issuer: /CN=d85022282e34699fe548b7528519a25a50d9133a
Certificate serial: 019D284DDF5D0CDA6B1AE42E153221A195BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2FAiKC40aZ_lSLdShRmiWlDZEzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.mft
Manifest number: 17B6
Signing time: Thu 26 Mar 2026 04:01:25 +0000
Manifest this update: Thu 26 Mar 2026 04:01:25 +0000
Manifest next update: Fri 27 Mar 2026 04:01:25 +0000
Files and hashes: 1: 2FAiKC40aZ_lSLdShRmiWlDZEzo.crl (hash: /EQnNdl739Cdaa0BgmwnfpGqhc+YLNJwTCNWvnKEcoM=)
2: xhpLteHeEuI9N2i0WjCkJHYwXtM.roa (hash: ZhHw/D8clg9QeWX4KlvzTONGmYlvYOv2tFZIA342W2c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.mft
rsync://rpki.ripe.net/repository/DEFAULT/2FAiKC40aZ_lSLdShRmiWlDZEzo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:4d:df:5d:0c:da:6b:1a:e4:2e:15:32:21:a1:95:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d85022282e34699fe548b7528519a25a50d9133a
Validity
Not Before: Mar 26 04:01:25 2026 GMT
Not After : Mar 27 04:01:25 2026 GMT
Subject: CN=b8197e0451579e4616d9b36d040294488ffce918
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:8d:fb:1d:23:75:e6:20:b4:30:12:66:72:dd:
23:ce:0d:c5:2d:6f:3f:02:37:dd:59:e3:df:a7:76:
52:2e:5a:72:c7:82:3b:1b:5a:bd:30:6b:e8:13:0f:
53:46:67:04:af:11:d4:80:e8:a0:bb:5c:2e:a1:67:
54:63:15:0f:d4:a7:32:eb:1e:e5:3d:3a:c4:b3:39:
95:d6:8b:a1:96:88:75:b2:9a:05:51:d1:58:08:e2:
cf:3e:28:64:5d:0d:72:5a:c9:ee:52:e3:36:69:8f:
a7:52:d1:f9:c9:71:c2:c4:e7:69:85:ea:40:a8:c0:
30:00:98:f6:4e:f8:6e:a5:40:b9:8d:16:52:10:65:
9d:11:99:dc:cd:46:4d:f3:18:f8:21:97:66:8a:02:
fd:85:9b:10:5f:7a:7f:f0:d1:1e:e0:48:c6:5c:27:
49:38:23:9d:cd:1b:bb:f8:ea:af:63:93:a4:f2:73:
88:98:36:86:c0:92:ba:a0:b0:fd:39:0e:e4:81:19:
d7:1d:f7:20:a6:25:ca:f4:f5:85:79:e4:61:4b:95:
3a:17:a7:b0:20:ec:b7:07:59:1f:ed:07:9f:10:8e:
44:f8:26:e0:8c:69:62:f9:b9:7a:3e:ac:2a:cb:eb:
16:a2:a7:10:8e:55:2f:39:a2:7c:f1:1e:96:52:41:
41:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:19:7E:04:51:57:9E:46:16:D9:B3:6D:04:02:94:48:8F:FC:E9:18
X509v3 Authority Key Identifier:
keyid:D8:50:22:28:2E:34:69:9F:E5:48:B7:52:85:19:A2:5A:50:D9:13:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2FAiKC40aZ_lSLdShRmiWlDZEzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
59:25:d6:d3:3c:b2:81:08:74:6d:54:5b:27:6a:53:f5:40:2e:
8a:78:bf:d5:5d:dc:eb:9d:c5:89:3f:51:f7:79:6e:b0:0a:11:
e8:6a:af:50:b2:a9:f9:cc:94:4a:f3:dd:cd:64:c1:23:5a:4e:
69:62:74:19:e2:d5:bc:1b:f2:98:c6:37:49:2d:48:94:77:54:
69:0d:df:49:63:46:3c:b9:26:00:ea:be:90:45:ee:44:af:dd:
9f:85:61:51:d4:15:99:2a:89:f2:90:3e:80:4f:1e:a8:19:32:
25:8d:b2:3c:f1:17:c4:df:71:10:58:5d:76:c8:e8:46:03:fc:
7a:22:92:86:b3:a6:b1:2e:ff:65:ca:cf:7f:a7:ba:18:08:7c:
7a:58:8b:db:88:f3:66:3e:bb:c4:64:cb:fe:a7:f4:37:2d:6b:
e4:ec:87:86:60:cd:2a:47:60:22:dc:12:30:56:51:4c:3e:51:
3d:3a:9d:3d:f4:a9:f2:6c:8b:b7:9d:1a:f5:de:92:30:95:6e:
7b:42:8c:4d:d6:41:e0:c9:ae:44:a0:14:de:6c:02:3b:9c:8c:
a6:40:6b:c3:ee:4d:0a:ca:b8:68:ba:c8:55:ec:61:12:29:e7:
cd:5c:ac:d1:e7:ac:28:74:e0:45:e6:92:4b:ba:fd:97:a3:81:
c9:5e:b5:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTd9dDNprGuQuFTIhoZW+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NTAyMjI4MmUzNDY5OWZlNTQ4Yjc1Mjg1MTlhMjVhNTBk
OTEzM2EwHhcNMjYwMzI2MDQwMTI1WhcNMjYwMzI3MDQwMTI1WjAzMTEwLwYDVQQD
EyhiODE5N2UwNDUxNTc5ZTQ2MTZkOWIzNmQwNDAyOTQ0ODhmZmNlOTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0o37HSN15iC0MBJmct0jzg3FLW8/
AjfdWePfp3ZSLlpyx4I7G1q9MGvoEw9TRmcErxHUgOigu1wuoWdUYxUP1Kcy6x7l
PTrEszmV1ouhloh1spoFUdFYCOLPPihkXQ1yWsnuUuM2aY+nUtH5yXHCxOdphepA
qMAwAJj2TvhupUC5jRZSEGWdEZnczUZN8xj4IZdmigL9hZsQX3p/8NEe4EjGXCdJ
OCOdzRu7+OqvY5Ok8nOImDaGwJK6oLD9OQ7kgRnXHfcgpiXK9PWFeeRhS5U6F6ew
IOy3B1kf7QefEI5E+CbgjGli+bl6Pqwqy+sWoqcQjlUvOaJ88R6WUkFBbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLgZfgRRV55GFtmzbQQClEiP/OkYMB8GA1UdIwQY
MBaAFNhQIiguNGmf5Ui3UoUZolpQ2RM6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkZBaUtDNDBhWl9sU0xkU2hSbWlXbERaRXpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy85NzU4ZWItNDEwOC00MDg3LWE4MTgt
NTBlYTY3MzI3Y2QxLzEvMkZBaUtDNDBhWl9sU0xkU2hSbWlXbERaRXpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy85NzU4ZWItNDEwOC00MDg3LWE4MTgtNTBlYTY3MzI3Y2Qx
LzEvMkZBaUtDNDBhWl9sU0xkU2hSbWlXbERaRXpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWSXW0zyy
gQh0bVRbJ2pT9UAuini/1V3c653FiT9R93lusAoR6GqvULKp+cyUSvPdzWTBI1pO
aWJ0GeLVvBvymMY3SS1IlHdUaQ3fSWNGPLkmAOq+kEXuRK/dn4VhUdQVmSqJ8pA+
gE8eqBkyJY2yPPEXxN9xEFhddsjoRgP8eiKShrOmsS7/ZcrPf6e6GAh8eliL24jz
Zj67xGTL/qf0Ny1r5OyHhmDNKkdgItwSMFZRTD5RPTqdPfSp8myLt50a9d6SMJVu
e0KMTdZB4MmuRKAU3mwCO5yMpkBrw+5NCsq4aLrIVexhEinnzVys0eesKHTgReaS
S7r9l6OByV61Fw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:55:20 2026 by rpki-client