Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
File: 2iTzVyHKMag-L26TfhdAjm57LGE.mft (raw, json)
Hash identifier: lGONRQszqJX16xZb7gqqsgLlLv2ZcwBzO9GhLkoJW0w=
Subject key identifier: DC:D6:15:C0:84:17:2D:AC:BC:0B:DC:1D:D7:BD:7E:D9:F3:EE:34:52
Authority key identifier: DA:24:F3:57:21:CA:31:A8:3E:2F:6E:93:7E:17:40:8E:6E:7B:2C:61
Certificate issuer: /CN=da24f35721ca31a83e2f6e937e17408e6e7b2c61
Certificate serial: 019D2772DF648699D6B4743FFD6E1A0363C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
Manifest number: 188C
Signing time: Thu 26 Mar 2026 00:02:12 +0000
Manifest this update: Thu 26 Mar 2026 00:02:12 +0000
Manifest next update: Fri 27 Mar 2026 00:02:12 +0000
Files and hashes: 1: 2iTzVyHKMag-L26TfhdAjm57LGE.crl (hash: YlM2DjSdYaz4WlzgqT/2onWnJ7M8XCu6AB8qktSSI/0=)
2: EMYZWM6m9RpWCTQk3MWhN1mZ9-0.roa (hash: c9D6HF2YxGeHbf3oxM7nmQWg4IZpAm/i+q7H/DzFs4k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:72:df:64:86:99:d6:b4:74:3f:fd:6e:1a:03:63:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da24f35721ca31a83e2f6e937e17408e6e7b2c61
Validity
Not Before: Mar 26 00:02:12 2026 GMT
Not After : Mar 27 00:02:12 2026 GMT
Subject: CN=dcd615c084172dacbc0bdc1dd7bd7ed9f3ee3452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:cb:d5:99:b8:8f:28:9a:68:e2:cc:8b:d7:38:
ff:7a:55:14:41:10:51:d1:04:24:1d:ee:f8:13:6a:
8a:fc:f2:86:85:e0:87:e6:3e:d0:13:21:6d:aa:07:
e2:bb:d8:1d:7c:92:35:e5:ed:78:05:9e:f5:2b:64:
77:c4:50:74:e6:8f:6b:f0:d6:87:f7:5f:04:33:8d:
de:b0:dd:6b:e2:ea:f0:4b:39:45:30:14:35:26:e3:
3d:8c:af:57:b9:00:ce:f3:fe:2f:9e:8f:77:4d:78:
37:70:14:5d:1a:c8:0d:2d:bd:d9:67:b4:ae:59:87:
60:4f:05:07:92:d1:bd:9f:1c:9e:ad:09:87:46:f1:
63:d8:cd:02:78:05:b1:3c:37:b7:a3:ed:85:3f:68:
90:3b:92:50:f0:af:a6:f3:c0:dc:02:23:3e:c7:d2:
1a:4f:be:2d:f8:5a:68:e3:f1:29:fc:6c:ae:b6:99:
3e:22:e1:c8:3e:96:23:fb:40:0c:09:c0:3c:76:e0:
46:77:8c:d8:99:4f:b9:01:56:76:6d:3f:13:76:49:
c8:62:f9:c7:b8:82:f4:77:dc:e3:83:63:b2:87:a5:
ae:d6:69:3e:0b:a6:bd:85:1f:7c:03:e9:18:28:35:
5f:5e:e1:86:93:f3:77:04:94:39:f3:34:fa:95:25:
d4:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:D6:15:C0:84:17:2D:AC:BC:0B:DC:1D:D7:BD:7E:D9:F3:EE:34:52
X509v3 Authority Key Identifier:
keyid:DA:24:F3:57:21:CA:31:A8:3E:2F:6E:93:7E:17:40:8E:6E:7B:2C:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0f:8c:98:60:dc:ce:21:e8:f0:3e:14:44:56:e8:6e:9b:b2:d5:
02:1d:6f:54:97:eb:d8:b4:e9:85:d6:b8:dc:d3:f0:09:de:85:
2d:a5:46:57:da:57:69:74:90:47:f3:ed:e2:38:78:fb:34:cc:
c2:5f:c1:17:59:00:c6:e4:3c:fc:2c:00:ad:20:5a:50:34:2a:
d2:e3:64:de:25:df:5b:71:09:5b:05:1a:c4:3a:38:a3:a9:04:
fb:db:96:67:e8:95:a7:84:23:a8:50:94:9f:bc:f0:d4:a1:42:
fb:85:1a:ed:91:0d:b5:6b:f2:33:f1:a4:8f:1b:ff:c6:f0:85:
ec:a4:11:a8:ef:af:fa:09:16:ae:5f:8c:14:d5:c6:cf:b1:b1:
59:5e:29:92:4c:d0:f6:13:8a:66:4e:ff:ea:44:32:10:27:90:
7e:10:87:0a:45:64:ed:a9:66:9a:23:9d:75:4f:9c:eb:cb:6f:
7a:3b:19:c9:be:7f:8c:76:60:b8:e0:b5:e2:f9:5a:81:98:24:
12:bc:8b:6e:b6:3f:1c:b5:c3:11:24:fa:f5:c9:de:08:54:4c:
29:7f:b3:36:f5:bb:cc:c7:e9:2e:70:8c:b5:1d:05:40:e7:38:
54:4a:42:92:9f:27:5d:f3:f7:83:27:e9:bd:d5:d8:26:05:40:
74:43:c3:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nct9khpnWtHQ//W4aA2PDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMjRmMzU3MjFjYTMxYTgzZTJmNmU5MzdlMTc0MDhlNmU3
YjJjNjEwHhcNMjYwMzI2MDAwMjEyWhcNMjYwMzI3MDAwMjEyWjAzMTEwLwYDVQQD
EyhkY2Q2MTVjMDg0MTcyZGFjYmMwYmRjMWRkN2JkN2VkOWYzZWUzNDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8vVmbiPKJpo4syL1zj/elUUQRBR
0QQkHe74E2qK/PKGheCH5j7QEyFtqgfiu9gdfJI15e14BZ71K2R3xFB05o9r8NaH
918EM43esN1r4urwSzlFMBQ1JuM9jK9XuQDO8/4vno93TXg3cBRdGsgNLb3ZZ7Su
WYdgTwUHktG9nxyerQmHRvFj2M0CeAWxPDe3o+2FP2iQO5JQ8K+m88DcAiM+x9Ia
T74t+Fpo4/Ep/Gyutpk+IuHIPpYj+0AMCcA8duBGd4zYmU+5AVZ2bT8TdknIYvnH
uIL0d9zjg2Oyh6Wu1mk+C6a9hR98A+kYKDVfXuGGk/N3BJQ58zT6lSXUXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNzWFcCEFy2svAvcHde9ftnz7jRSMB8GA1UdIwQY
MBaAFNok81chyjGoPi9uk34XQI5ueyxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9lY2VjZjQtZTkzMC00MTkyLTg0ZGQt
ODBmMzFkM2VhMTUyLzEvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9lY2VjZjQtZTkzMC00MTkyLTg0ZGQtODBmMzFkM2VhMTUy
LzEvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD4yYYNzO
IejwPhREVuhum7LVAh1vVJfr2LTphda43NPwCd6FLaVGV9pXaXSQR/Pt4jh4+zTM
wl/BF1kAxuQ8/CwArSBaUDQq0uNk3iXfW3EJWwUaxDo4o6kE+9uWZ+iVp4QjqFCU
n7zw1KFC+4Ua7ZENtWvyM/Gkjxv/xvCF7KQRqO+v+gkWrl+MFNXGz7GxWV4pkkzQ
9hOKZk7/6kQyECeQfhCHCkVk7almmiOddU+c68tvejsZyb5/jHZguOC14vlagZgk
EryLbrY/HLXDEST69cneCFRMKX+zNvW7zMfpLnCMtR0FQOc4VEpCkp8nXfP3gyfp
vdXYJgVAdEPD9Q==
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:53:00 2026 by rpki-client