Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/e798b1-4b2d-4c1e-ba37-9e92625cda97/1/2TwNCKbGLnc4LoBBfocgmABMpOw.mft
File: 2TwNCKbGLnc4LoBBfocgmABMpOw.mft (raw, json)
Hash identifier: 3CRtSlH84/i94F/gKRqgX/6m10JluU1BH60keq2YGfA=
Subject key identifier: 0E:BB:4F:D8:45:84:4E:E3:9D:4D:FD:7A:CB:AE:64:0F:E3:C5:17:65
Authority key identifier: D9:3C:0D:08:A6:C6:2E:77:38:2E:80:41:7E:87:20:98:00:4C:A4:EC
Certificate issuer: /CN=d93c0d08a6c62e77382e80417e872098004ca4ec
Certificate serial: 019D2B1706E1E582063EE6F6A9C03B39EEB6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2TwNCKbGLnc4LoBBfocgmABMpOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/e798b1-4b2d-4c1e-ba37-9e92625cda97/1/2TwNCKbGLnc4LoBBfocgmABMpOw.mft
Manifest number: 72
Signing time: Thu 26 Mar 2026 17:00:22 +0000
Manifest this update: Thu 26 Mar 2026 17:00:22 +0000
Manifest next update: Fri 27 Mar 2026 17:00:22 +0000
Files and hashes: 1: 2TwNCKbGLnc4LoBBfocgmABMpOw.crl (hash: l9761EiInTc74g8B57fNqZuuw0eIwHMnbkCx3Nx2Diw=)
2: p1uSbL-UUVgMZUo_Jd2UtMfEjhg.roa (hash: 7ew9SV6essXaEgFcCj2o+LahCeQ3dZ5MSY5zyuMRzxM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/e798b1-4b2d-4c1e-ba37-9e92625cda97/1/2TwNCKbGLnc4LoBBfocgmABMpOw.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/e798b1-4b2d-4c1e-ba37-9e92625cda97/1/2TwNCKbGLnc4LoBBfocgmABMpOw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2TwNCKbGLnc4LoBBfocgmABMpOw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2b:17:06:e1:e5:82:06:3e:e6:f6:a9:c0:3b:39:ee:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93c0d08a6c62e77382e80417e872098004ca4ec
Validity
Not Before: Mar 26 17:00:22 2026 GMT
Not After : Mar 27 17:00:22 2026 GMT
Subject: CN=0ebb4fd845844ee39d4dfd7acbae640fe3c51765
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:c0:9f:cf:11:78:8e:62:4d:7f:3f:2c:30:ec:
0c:b7:3a:41:dd:0e:6c:05:73:12:d7:67:70:5a:d7:
df:53:54:d9:91:37:73:cb:3a:eb:8d:7c:96:6f:2a:
86:b5:69:5a:53:31:4c:76:4d:b5:d4:44:e8:e5:80:
8c:88:1b:5d:26:a8:11:e9:49:c8:ff:37:cb:d5:a3:
e0:0b:38:5d:9f:de:ac:0a:50:be:2a:4a:0b:4a:6c:
6a:55:4d:eb:32:2c:79:b8:3c:e2:37:22:4b:dd:a9:
92:5b:7a:1b:b3:da:3e:dd:d8:49:3a:f6:2e:8f:31:
fb:cd:e1:fa:97:9f:e0:32:b4:74:c9:fe:94:12:09:
ec:60:d1:3a:af:c9:99:ba:1b:7a:73:b4:7a:89:52:
50:7a:62:d1:9c:7d:c0:6c:05:c8:8e:dc:62:f4:f7:
f2:19:c3:a5:64:d2:51:d2:e5:74:20:53:f8:d2:93:
d9:72:ea:c1:24:82:1a:34:50:83:f9:54:bf:02:a7:
6f:39:d8:96:33:09:58:9b:27:ce:6c:2e:50:99:05:
3d:68:d2:06:06:38:92:59:f3:5a:f7:5b:a8:1a:97:
7a:c3:56:f7:52:c7:61:5b:ea:b1:b1:60:a1:80:12:
f3:94:b7:4e:d8:43:c4:e5:ca:29:b1:57:dd:09:a8:
d7:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:BB:4F:D8:45:84:4E:E3:9D:4D:FD:7A:CB:AE:64:0F:E3:C5:17:65
X509v3 Authority Key Identifier:
keyid:D9:3C:0D:08:A6:C6:2E:77:38:2E:80:41:7E:87:20:98:00:4C:A4:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2TwNCKbGLnc4LoBBfocgmABMpOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/e798b1-4b2d-4c1e-ba37-9e92625cda97/1/2TwNCKbGLnc4LoBBfocgmABMpOw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/e798b1-4b2d-4c1e-ba37-9e92625cda97/1/2TwNCKbGLnc4LoBBfocgmABMpOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
36:27:64:2d:8f:ef:2e:6d:2f:97:82:e3:89:fd:ae:05:c0:99:
cf:97:f5:27:39:79:53:dc:51:2d:18:f9:a5:c9:52:a3:d5:c5:
45:64:91:36:05:70:d6:70:12:81:bf:a5:f8:d6:bb:a9:4d:45:
bd:89:c4:c3:37:84:e7:45:d3:48:28:72:a8:0d:52:23:2f:6f:
0b:b7:c4:f0:fe:66:14:45:46:40:d4:aa:92:13:e0:2f:ce:a2:
1d:29:14:09:cc:01:eb:56:91:1d:21:13:d7:3a:93:52:ab:78:
71:6f:69:b4:8a:28:cb:f8:5f:7d:de:80:0a:1b:7b:ad:a7:84:
89:ed:1f:85:88:e3:4d:7f:2b:78:27:f0:39:c1:69:16:0e:6d:
cc:bb:79:a9:94:d4:84:90:d0:3d:e9:e3:af:aa:ee:1a:f0:cb:
be:1a:bd:26:cc:ec:38:8e:a6:47:c4:e5:8b:be:b7:30:94:68:
f6:04:86:31:22:71:8b:f5:13:0b:78:63:47:f8:ea:4a:b0:af:
a5:da:0e:5c:af:c3:cf:67:11:ff:4c:4a:d0:1d:ad:3f:1e:51:
e4:5c:8d:83:a6:4a:e6:94:95:8c:5c:0c:de:9d:4d:8f:38:01:
b6:51:32:d4:c8:aa:86:06:c1:d7:33:16:bc:35:2e:27:8b:49:
33:3f:dd:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0rFwbh5YIGPub2qcA7Oe62MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2MwZDA4YTZjNjJlNzczODJlODA0MTdlODcyMDk4MDA0
Y2E0ZWMwHhcNMjYwMzI2MTcwMDIyWhcNMjYwMzI3MTcwMDIyWjAzMTEwLwYDVQQD
EygwZWJiNGZkODQ1ODQ0ZWUzOWQ0ZGZkN2FjYmFlNjQwZmUzYzUxNzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsCfzxF4jmJNfz8sMOwMtzpB3Q5s
BXMS12dwWtffU1TZkTdzyzrrjXyWbyqGtWlaUzFMdk211ETo5YCMiBtdJqgR6UnI
/zfL1aPgCzhdn96sClC+KkoLSmxqVU3rMix5uDziNyJL3amSW3obs9o+3dhJOvYu
jzH7zeH6l5/gMrR0yf6UEgnsYNE6r8mZuht6c7R6iVJQemLRnH3AbAXIjtxi9Pfy
GcOlZNJR0uV0IFP40pPZcurBJIIaNFCD+VS/AqdvOdiWMwlYmyfObC5QmQU9aNIG
BjiSWfNa91uoGpd6w1b3UsdhW+qxsWChgBLzlLdO2EPE5copsVfdCajXOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA67T9hFhE7jnU39esuuZA/jxRdlMB8GA1UdIwQY
MBaAFNk8DQimxi53OC6AQX6HIJgATKTsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlR3TkNLYkdMbmM0TG9CQmZvY2dtQUJNcE93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9lNzk4YjEtNGIyZC00YzFlLWJhMzct
OWU5MjYyNWNkYTk3LzEvMlR3TkNLYkdMbmM0TG9CQmZvY2dtQUJNcE93Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9lNzk4YjEtNGIyZC00YzFlLWJhMzctOWU5MjYyNWNkYTk3
LzEvMlR3TkNLYkdMbmM0TG9CQmZvY2dtQUJNcE93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANidkLY/v
Lm0vl4Ljif2uBcCZz5f1Jzl5U9xRLRj5pclSo9XFRWSRNgVw1nASgb+l+Na7qU1F
vYnEwzeE50XTSChyqA1SIy9vC7fE8P5mFEVGQNSqkhPgL86iHSkUCcwB61aRHSET
1zqTUqt4cW9ptIooy/hffd6ACht7raeEie0fhYjjTX8reCfwOcFpFg5tzLt5qZTU
hJDQPenjr6ruGvDLvhq9JszsOI6mR8Tli763MJRo9gSGMSJxi/UTC3hjR/jqSrCv
pdoOXK/Dz2cR/0xK0B2tPx5R5FyNg6ZK5pSVjFwM3p1NjzgBtlEy1MiqhgbB1zMW
vDUuJ4tJMz/d0Q==
-----END CERTIFICATE-----
Generated at Thu Mar 26 20:06:50 2026 by rpki-client