Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.mft
File: 2Xp3kwEih5p2ZHDfjWYMmEQqmTI.mft (raw, json)
Hash identifier: Rb21UCYOHci8y1IBzit1pKehc1ucAoSgSpubaTb4aV8=
Subject key identifier: 79:DC:C5:C1:31:E9:5F:2A:3B:E2:7C:D6:B2:3B:16:CD:63:35:37:7E
Authority key identifier: D9:7A:77:93:01:22:87:9A:76:64:70:DF:8D:66:0C:98:44:2A:99:32
Certificate issuer: /CN=d97a77930122879a766470df8d660c98442a9932
Certificate serial: 019D2929696FE216CB69F9A44DD3F39338CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.mft
Manifest number: 0360
Signing time: Thu 26 Mar 2026 08:01:12 +0000
Manifest this update: Thu 26 Mar 2026 08:01:12 +0000
Manifest next update: Fri 27 Mar 2026 08:01:12 +0000
Files and hashes: 1: 2Xp3kwEih5p2ZHDfjWYMmEQqmTI.crl (hash: 6OVf1sGIVz0wZPHRyEl9jRfcqzfJtVPBFtldHjuMzG0=)
2: g5qpXHQ9YaIQcSP18I2z298mHVU.roa (hash: OPcErLNEwIQeoOOXzCBshI4BboTsjuLPiVED3RVYlVs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.mft
rsync://rpki.ripe.net/repository/DEFAULT/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:29:69:6f:e2:16:cb:69:f9:a4:4d:d3:f3:93:38:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d97a77930122879a766470df8d660c98442a9932
Validity
Not Before: Mar 26 08:01:12 2026 GMT
Not After : Mar 27 08:01:12 2026 GMT
Subject: CN=79dcc5c131e95f2a3be27cd6b23b16cd6335377e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:c8:21:7b:82:1c:04:a1:57:0a:f8:12:ef:79:
92:a1:fb:24:e0:3e:a1:7f:8c:3c:c4:c8:64:6a:08:
6d:3b:df:b3:7c:b5:ec:ea:96:c2:51:4e:16:46:35:
4a:2b:50:7e:58:f7:85:1d:71:bb:01:c2:31:3b:59:
a0:30:18:65:35:3b:b7:03:81:5f:2a:6b:9d:e5:b7:
6d:64:fb:a5:eb:9e:23:e9:0a:2a:df:05:8c:8b:40:
4c:d0:9d:a2:ef:d4:e3:0c:15:8d:12:8a:86:07:c4:
17:29:12:f7:92:56:4d:6b:a5:b0:79:e1:33:34:9f:
4f:d3:c5:3a:18:79:69:d2:10:f9:4c:90:96:6f:cc:
bd:5a:77:a7:b8:ac:83:ef:c5:a9:33:79:ef:2a:98:
17:c3:b1:58:93:cc:f4:a9:ef:96:a1:29:a6:87:90:
d0:65:a8:24:dc:38:18:3c:5d:b7:b7:ad:9c:0f:02:
4b:c6:aa:5b:39:3d:77:24:69:34:15:a5:11:fb:b0:
1e:07:59:a6:a4:1c:1f:d1:91:fe:34:ec:2c:e3:6b:
d3:f4:50:77:82:e1:7c:4b:18:ab:e0:ab:a0:be:16:
1d:71:90:90:72:06:89:b2:c1:3d:94:27:cb:30:78:
f2:ea:72:93:7f:47:45:08:32:4f:cc:68:70:6d:89:
b8:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:DC:C5:C1:31:E9:5F:2A:3B:E2:7C:D6:B2:3B:16:CD:63:35:37:7E
X509v3 Authority Key Identifier:
keyid:D9:7A:77:93:01:22:87:9A:76:64:70:DF:8D:66:0C:98:44:2A:99:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:1a:ff:6e:fc:fb:e1:75:be:c2:0d:e4:31:cb:8b:ed:92:71:
4d:e5:9a:73:6a:48:2c:23:a0:09:ec:d7:d9:db:40:30:95:3a:
20:aa:2e:3c:b6:bf:70:bf:08:ca:d8:44:78:b9:66:cc:19:97:
97:a9:0e:35:cb:f2:57:2b:28:d5:9e:d7:9f:c3:a7:d4:89:be:
67:c4:ba:69:04:2d:b3:d4:24:13:79:0c:e7:2a:7a:e3:e2:70:
ce:4c:f4:1b:18:1a:c8:e2:c4:8e:e0:eb:e0:f5:b2:b0:5f:5b:
cf:ce:ad:ff:35:d3:cf:c0:7c:fe:45:3b:d8:b0:ab:6a:82:14:
27:ea:2e:c6:e9:1f:1b:6b:ad:3d:f4:a9:fe:77:53:cf:4a:24:
e8:9f:bc:ac:8d:a5:a2:51:9c:34:7d:a0:10:32:ee:36:32:09:
ef:1b:3d:f2:0b:22:d6:ca:87:d0:00:ca:37:b7:54:78:12:58:
36:09:82:1f:a7:a3:fa:6e:e1:d7:1f:49:bd:4c:ae:63:43:7c:
c7:0f:9a:b3:4f:65:ca:81:8b:ad:29:ca:15:71:4e:05:58:ce:
43:9a:df:14:06:2a:39:e9:8b:e5:29:85:54:6a:e8:51:fa:b2:
0c:f2:5d:2d:95:f0:c8:68:6b:e1:9d:48:b9:15:93:eb:d3:30:
1d:78:ac:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pKWlv4hbLafmkTdPzkzjPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5N2E3NzkzMDEyMjg3OWE3NjY0NzBkZjhkNjYwYzk4NDQy
YTk5MzIwHhcNMjYwMzI2MDgwMTEyWhcNMjYwMzI3MDgwMTEyWjAzMTEwLwYDVQQD
Eyg3OWRjYzVjMTMxZTk1ZjJhM2JlMjdjZDZiMjNiMTZjZDYzMzUzNzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Mghe4IcBKFXCvgS73mSofsk4D6h
f4w8xMhkaghtO9+zfLXs6pbCUU4WRjVKK1B+WPeFHXG7AcIxO1mgMBhlNTu3A4Ff
Kmud5bdtZPul654j6Qoq3wWMi0BM0J2i79TjDBWNEoqGB8QXKRL3klZNa6WweeEz
NJ9P08U6GHlp0hD5TJCWb8y9WnenuKyD78WpM3nvKpgXw7FYk8z0qe+WoSmmh5DQ
Zagk3DgYPF23t62cDwJLxqpbOT13JGk0FaUR+7AeB1mmpBwf0ZH+NOws42vT9FB3
guF8Sxir4KugvhYdcZCQcgaJssE9lCfLMHjy6nKTf0dFCDJPzGhwbYm4WQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHncxcEx6V8qO+J81rI7Fs1jNTd+MB8GA1UdIwQY
MBaAFNl6d5MBIoeadmRw341mDJhEKpkyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlhwM2t3RWloNXAyWkhEZmpXWU1tRVFxbVRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yYTQ5MjItNDM0Yi00N2IxLWIzMDQt
Y2Q0NTlhNjU3MjFiLzEvMlhwM2t3RWloNXAyWkhEZmpXWU1tRVFxbVRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8yYTQ5MjItNDM0Yi00N2IxLWIzMDQtY2Q0NTlhNjU3MjFi
LzEvMlhwM2t3RWloNXAyWkhEZmpXWU1tRVFxbVRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIRr/bvz7
4XW+wg3kMcuL7ZJxTeWac2pILCOgCezX2dtAMJU6IKouPLa/cL8IythEeLlmzBmX
l6kONcvyVyso1Z7Xn8On1Im+Z8S6aQQts9QkE3kM5yp64+Jwzkz0GxgayOLEjuDr
4PWysF9bz86t/zXTz8B8/kU72LCraoIUJ+ouxukfG2utPfSp/ndTz0ok6J+8rI2l
olGcNH2gEDLuNjIJ7xs98gsi1sqH0ADKN7dUeBJYNgmCH6ej+m7h1x9JvUyuY0N8
xw+as09lyoGLrSnKFXFOBVjOQ5rfFAYqOemL5SmFVGroUfqyDPJdLZXwyGhr4Z1I
uRWT69MwHXisEA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:03:24 2026 by rpki-client