Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.mft
File: 2Xp3kwEih5p2ZHDfjWYMmEQqmTI.mft (raw, json)
Hash identifier: ImW/jOntogTLQk9KRZUd/yep43xlJ6lkZjCEdwUAkrc=
Subject key identifier: 9E:6B:29:4B:AF:0A:D1:58:D7:2C:40:5B:20:E3:18:91:54:E8:44:84
Authority key identifier: D9:7A:77:93:01:22:87:9A:76:64:70:DF:8D:66:0C:98:44:2A:99:32
Certificate issuer: /CN=d97a77930122879a766470df8d660c98442a9932
Certificate serial: 019E1C7DD642C343883C63EAB69BF9CEE0DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.mft
Manifest number: 03DE
Signing time: Tue 12 May 2026 14:01:09 +0000
Manifest this update: Tue 12 May 2026 14:01:09 +0000
Manifest next update: Wed 13 May 2026 14:01:09 +0000
Files and hashes: 1: 2Xp3kwEih5p2ZHDfjWYMmEQqmTI.crl (hash: Qh89p7Jp2D4lxMxOmIE4CVvmgyKHm5iawiAcjWspm1w=)
2: g5qpXHQ9YaIQcSP18I2z298mHVU.roa (hash: OPcErLNEwIQeoOOXzCBshI4BboTsjuLPiVED3RVYlVs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.mft
rsync://rpki.ripe.net/repository/DEFAULT/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1c:7d:d6:42:c3:43:88:3c:63:ea:b6:9b:f9:ce:e0:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d97a77930122879a766470df8d660c98442a9932
Validity
Not Before: May 12 14:01:09 2026 GMT
Not After : May 13 14:01:09 2026 GMT
Subject: CN=9e6b294baf0ad158d72c405b20e3189154e84484
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6e:2d:a7:e2:d5:cd:2b:45:f3:c9:18:9b:cf:
08:ee:20:47:2f:ac:12:1d:42:1f:d8:3d:a7:f9:75:
b6:3e:6e:e7:a6:6f:8e:62:5e:9b:5e:76:53:42:b3:
e3:46:e4:75:c5:df:49:06:65:fe:48:58:81:3c:d2:
ca:67:aa:82:17:82:2f:56:d0:85:21:23:43:7a:d6:
94:88:19:6a:c4:12:e4:eb:5d:43:fa:dc:8b:a7:fd:
3a:66:83:66:fa:65:7c:b5:08:4a:59:20:f6:40:ce:
28:59:f1:ec:da:e0:ae:2b:30:10:3f:a3:56:f5:9d:
50:1e:0a:66:a8:bf:a3:4f:55:83:04:15:05:a9:bf:
4d:4a:4d:f7:2d:f6:a6:d7:9f:3c:ab:24:45:59:03:
14:2f:5a:28:d9:16:03:db:bf:13:99:9c:4a:87:32:
33:4a:0d:70:ed:be:42:09:40:9b:66:b4:de:9a:40:
55:b8:1d:02:da:d0:f5:32:76:86:4e:a2:d6:4c:c8:
2f:a0:f7:4f:6d:3c:08:eb:98:97:4b:95:3f:4e:ca:
1a:d9:a8:44:ac:19:6e:ef:be:b7:6d:fb:69:8a:e1:
21:79:84:43:3f:78:d1:75:d5:3e:9d:56:e6:de:c2:
e1:a4:56:dc:b4:1c:14:03:f5:e6:df:ff:a5:48:85:
0d:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:6B:29:4B:AF:0A:D1:58:D7:2C:40:5B:20:E3:18:91:54:E8:44:84
X509v3 Authority Key Identifier:
keyid:D9:7A:77:93:01:22:87:9A:76:64:70:DF:8D:66:0C:98:44:2A:99:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
10:1c:85:b6:de:e9:30:87:61:8f:16:fd:ed:22:c7:69:a8:36:
15:d2:7d:04:1a:df:4c:35:7a:3f:71:a2:13:8b:57:c3:4c:8e:
be:5b:a1:04:87:5a:14:e4:ef:df:01:0e:fa:10:17:89:e3:cc:
5b:c4:52:52:12:25:22:46:23:c0:73:86:17:7a:bc:12:b9:d0:
84:56:e0:9f:29:6e:cd:04:49:72:ba:5e:bd:ba:42:d1:24:83:
ba:9c:b5:84:63:23:01:c1:27:5e:ae:9a:30:8c:6e:b5:ee:68:
9a:58:ee:37:5a:f3:c9:dd:4d:19:4c:c5:d8:c7:04:7f:c9:a5:
52:34:46:63:41:73:03:fd:90:99:2c:8a:b2:eb:e1:88:ce:31:
2e:6b:80:62:ef:70:c0:f0:bd:92:9f:dc:41:c8:74:a0:af:88:
db:08:5f:1d:3c:c1:41:58:99:12:ba:8b:66:50:1d:66:ac:80:
ac:05:9d:ed:81:54:84:df:9d:c2:cb:c5:eb:11:1b:f3:8b:49:
e6:69:01:ee:8f:76:d7:e3:8b:2f:26:e2:61:87:2a:ad:bd:4f:
c7:00:52:0e:51:4d:d3:ea:5c:bd:0c:da:5a:45:0a:9a:7b:55:
a7:cd:73:32:9e:4a:04:f6:e1:ab:2b:b0:13:88:ec:d5:fa:13:
1c:4b:0d:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4cfdZCw0OIPGPqtpv5zuDcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5N2E3NzkzMDEyMjg3OWE3NjY0NzBkZjhkNjYwYzk4NDQy
YTk5MzIwHhcNMjYwNTEyMTQwMTA5WhcNMjYwNTEzMTQwMTA5WjAzMTEwLwYDVQQD
Eyg5ZTZiMjk0YmFmMGFkMTU4ZDcyYzQwNWIyMGUzMTg5MTU0ZTg0NDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsG4tp+LVzStF88kYm88I7iBHL6wS
HUIf2D2n+XW2Pm7npm+OYl6bXnZTQrPjRuR1xd9JBmX+SFiBPNLKZ6qCF4IvVtCF
ISNDetaUiBlqxBLk611D+tyLp/06ZoNm+mV8tQhKWSD2QM4oWfHs2uCuKzAQP6NW
9Z1QHgpmqL+jT1WDBBUFqb9NSk33Lfam1588qyRFWQMUL1oo2RYD278TmZxKhzIz
Sg1w7b5CCUCbZrTemkBVuB0C2tD1MnaGTqLWTMgvoPdPbTwI65iXS5U/Tsoa2ahE
rBlu7763bftpiuEheYRDP3jRddU+nVbm3sLhpFbctBwUA/Xm3/+lSIUN9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ5rKUuvCtFY1yxAWyDjGJFU6ESEMB8GA1UdIwQY
MBaAFNl6d5MBIoeadmRw341mDJhEKpkyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlhwM2t3RWloNXAyWkhEZmpXWU1tRVFxbVRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yYTQ5MjItNDM0Yi00N2IxLWIzMDQt
Y2Q0NTlhNjU3MjFiLzEvMlhwM2t3RWloNXAyWkhEZmpXWU1tRVFxbVRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8yYTQ5MjItNDM0Yi00N2IxLWIzMDQtY2Q0NTlhNjU3MjFi
LzEvMlhwM2t3RWloNXAyWkhEZmpXWU1tRVFxbVRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEByFtt7p
MIdhjxb97SLHaag2FdJ9BBrfTDV6P3GiE4tXw0yOvluhBIdaFOTv3wEO+hAXiePM
W8RSUhIlIkYjwHOGF3q8ErnQhFbgnyluzQRJcrpevbpC0SSDupy1hGMjAcEnXq6a
MIxute5omljuN1rzyd1NGUzF2McEf8mlUjRGY0FzA/2QmSyKsuvhiM4xLmuAYu9w
wPC9kp/cQch0oK+I2whfHTzBQViZErqLZlAdZqyArAWd7YFUhN+dwsvF6xEb84tJ
5mkB7o921+OLLybiYYcqrb1PxwBSDlFN0+pcvQzaWkUKmntVp81zMp5KBPbhqyuw
E4js1foTHEsNUg==
-----END CERTIFICATE-----
Generated at Tue May 12 21:12:45 2026 by rpki-client