Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/5273a4-10c8-40bf-b24f-5c1d5a6992d8/1/2fhm-wqoOicaDLfckDAYjInSPl0.mft
File: 2fhm-wqoOicaDLfckDAYjInSPl0.mft (raw, json)
Hash identifier: 06xhL8NXxsTBSiJF5lAQYAW1KMJUvwIQTJFv73LQffc=
Subject key identifier: 2A:7E:7E:38:DE:21:8B:20:E2:9D:8F:5A:81:35:25:66:62:5B:7C:1E
Authority key identifier: D9:F8:66:FB:0A:A8:3A:27:1A:0C:B7:DC:90:30:18:8C:89:D2:3E:5D
Certificate issuer: /CN=d9f866fb0aa83a271a0cb7dc9030188c89d23e5d
Certificate serial: 019D27A8C8E00D168A9734B72ED2D348E3B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fhm-wqoOicaDLfckDAYjInSPl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/5273a4-10c8-40bf-b24f-5c1d5a6992d8/1/2fhm-wqoOicaDLfckDAYjInSPl0.mft
Manifest number: 1889
Signing time: Thu 26 Mar 2026 01:01:05 +0000
Manifest this update: Thu 26 Mar 2026 01:01:05 +0000
Manifest next update: Fri 27 Mar 2026 01:01:05 +0000
Files and hashes: 1: 2fhm-wqoOicaDLfckDAYjInSPl0.crl (hash: r+hSUr8aOUTHiF/HRDttoTxZw3qf80M4ZViCiYAsbIQ=)
2: 7CuuMu75v2ke5Xdx3b9qKN7n4Y4.roa (hash: 4EY3GSH/tIrLwl1yZXfEtQ+XZsJnpbfMvJM5DC8DJrc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/5273a4-10c8-40bf-b24f-5c1d5a6992d8/1/2fhm-wqoOicaDLfckDAYjInSPl0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/5273a4-10c8-40bf-b24f-5c1d5a6992d8/1/2fhm-wqoOicaDLfckDAYjInSPl0.mft
rsync://rpki.ripe.net/repository/DEFAULT/2fhm-wqoOicaDLfckDAYjInSPl0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:a8:c8:e0:0d:16:8a:97:34:b7:2e:d2:d3:48:e3:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9f866fb0aa83a271a0cb7dc9030188c89d23e5d
Validity
Not Before: Mar 26 01:01:05 2026 GMT
Not After : Mar 27 01:01:05 2026 GMT
Subject: CN=2a7e7e38de218b20e29d8f5a81352566625b7c1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:73:01:a1:99:d9:45:d0:3d:36:7c:d7:6f:08:
b0:82:de:8f:88:0c:dd:69:64:bb:29:56:f4:02:40:
7d:4f:dc:66:74:70:67:86:af:f9:7c:31:89:6c:84:
ae:b9:75:0c:8b:04:26:eb:cf:3d:92:15:b4:d6:0d:
7f:46:9d:59:06:b2:8a:f6:04:ed:bf:1b:e1:fd:76:
db:85:24:8c:38:28:b4:13:b1:32:04:f7:8f:75:fa:
dc:fc:02:ce:78:35:a6:81:8c:5c:f5:fd:8a:b5:46:
ac:8a:02:b6:92:1b:f7:3d:41:db:12:60:17:cd:7b:
48:4d:d1:27:2e:17:5d:24:f5:29:e6:2b:e7:81:45:
55:07:d2:c7:55:f5:2a:ba:02:d7:a2:e6:f0:1e:50:
75:9e:21:56:e9:4f:c3:32:e2:0b:e0:70:60:56:3b:
f4:0e:2e:66:3a:d7:e9:93:2a:26:ab:b9:2f:71:93:
63:77:6d:02:ed:06:d3:73:e4:c5:e3:40:29:9a:d2:
b6:16:c5:cf:f9:b6:05:78:ae:3c:ef:b1:54:c8:22:
d9:3c:d7:2a:66:e5:eb:3e:61:15:b5:fc:00:52:49:
bf:1d:fe:8f:67:77:77:e8:29:ef:42:c6:66:b9:43:
76:4d:64:25:03:3e:d2:5e:f5:6b:30:54:6b:e9:0c:
c5:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:7E:7E:38:DE:21:8B:20:E2:9D:8F:5A:81:35:25:66:62:5B:7C:1E
X509v3 Authority Key Identifier:
keyid:D9:F8:66:FB:0A:A8:3A:27:1A:0C:B7:DC:90:30:18:8C:89:D2:3E:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fhm-wqoOicaDLfckDAYjInSPl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5273a4-10c8-40bf-b24f-5c1d5a6992d8/1/2fhm-wqoOicaDLfckDAYjInSPl0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5273a4-10c8-40bf-b24f-5c1d5a6992d8/1/2fhm-wqoOicaDLfckDAYjInSPl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
01:3a:6e:ce:c0:db:c9:86:b7:2a:c5:9f:72:16:58:14:fb:29:
61:49:0b:f3:6e:c3:0a:ea:b6:12:7e:77:7b:69:f6:17:a6:7d:
5b:c4:77:e5:85:cc:94:75:c2:20:24:de:92:c2:93:44:88:d6:
a0:a8:de:84:1f:d9:b2:83:27:a1:99:90:dd:87:9c:a3:f4:a2:
c8:22:0e:c8:3d:b2:42:47:d4:17:09:c1:66:5e:d9:57:f1:93:
13:91:7c:fb:d4:b6:8f:73:c8:5c:f6:ae:8c:24:bf:c9:aa:d1:
a4:94:11:f5:0d:ba:d9:af:92:66:c2:eb:d3:ae:80:23:f3:42:
91:86:9b:a7:6c:f9:c2:4d:29:e4:89:e0:bb:34:99:78:8f:c1:
c1:8b:d9:ad:34:03:32:a2:61:9f:b2:5a:93:73:ed:5e:db:20:
10:e3:05:01:8f:49:c1:32:25:0a:d4:06:b4:a4:c8:88:1b:e8:
ea:12:5e:3a:30:af:ad:07:b1:fb:0e:e5:b5:2e:32:0b:0c:06:
7b:72:aa:39:f4:df:03:03:38:be:19:7f:83:da:7d:cf:f2:51:
dc:f2:82:78:28:90:7f:7c:87:c8:9f:d2:7a:9b:b5:9b:6a:ca:
c0:0e:1d:fa:58:c4:aa:25:78:30:8d:ee:4b:50:86:73:4b:9c:
5b:fb:14:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqMjgDRaKlzS3LtLTSOO1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5Zjg2NmZiMGFhODNhMjcxYTBjYjdkYzkwMzAxODhjODlk
MjNlNWQwHhcNMjYwMzI2MDEwMTA1WhcNMjYwMzI3MDEwMTA1WjAzMTEwLwYDVQQD
EygyYTdlN2UzOGRlMjE4YjIwZTI5ZDhmNWE4MTM1MjU2NjYyNWI3YzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHMBoZnZRdA9NnzXbwiwgt6PiAzd
aWS7KVb0AkB9T9xmdHBnhq/5fDGJbISuuXUMiwQm6889khW01g1/Rp1ZBrKK9gTt
vxvh/XbbhSSMOCi0E7EyBPePdfrc/ALOeDWmgYxc9f2KtUasigK2khv3PUHbEmAX
zXtITdEnLhddJPUp5ivngUVVB9LHVfUqugLXoubwHlB1niFW6U/DMuIL4HBgVjv0
Di5mOtfpkyomq7kvcZNjd20C7QbTc+TF40ApmtK2FsXP+bYFeK4877FUyCLZPNcq
ZuXrPmEVtfwAUkm/Hf6PZ3d36CnvQsZmuUN2TWQlAz7SXvVrMFRr6QzFeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCp+fjjeIYsg4p2PWoE1JWZiW3weMB8GA1UdIwQY
MBaAFNn4ZvsKqDonGgy33JAwGIyJ0j5dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmZobS13cW9PaWNhRExmY2tEQVlqSW5TUGwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS81MjczYTQtMTBjOC00MGJmLWIyNGYt
NWMxZDVhNjk5MmQ4LzEvMmZobS13cW9PaWNhRExmY2tEQVlqSW5TUGwwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS81MjczYTQtMTBjOC00MGJmLWIyNGYtNWMxZDVhNjk5MmQ4
LzEvMmZobS13cW9PaWNhRExmY2tEQVlqSW5TUGwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAATpuzsDb
yYa3KsWfchZYFPspYUkL827DCuq2En53e2n2F6Z9W8R35YXMlHXCICTeksKTRIjW
oKjehB/ZsoMnoZmQ3Yeco/SiyCIOyD2yQkfUFwnBZl7ZV/GTE5F8+9S2j3PIXPau
jCS/yarRpJQR9Q262a+SZsLr066AI/NCkYabp2z5wk0p5InguzSZeI/BwYvZrTQD
MqJhn7Jak3PtXtsgEOMFAY9JwTIlCtQGtKTIiBvo6hJeOjCvrQex+w7ltS4yCwwG
e3KqOfTfAwM4vhl/g9p9z/JR3PKCeCiQf3yHyJ/Sepu1m2rKwA4d+ljEqiV4MI3u
S1CGc0ucW/sUTg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:56:06 2026 by rpki-client