Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
File: 2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft (raw, json)
Hash identifier: lQEfXZBe0P0w03A+7hIj3BR11kffQH6Rk3fqkuT9Juw=
Subject key identifier: 9F:5E:1C:A6:EB:AE:5B:50:42:CE:A1:CD:CC:4B:75:7F:92:D8:EC:FF
Authority key identifier: D8:11:DD:22:F7:EA:F2:72:BC:4B:F3:EB:B1:52:D3:64:BB:4D:97:53
Certificate issuer: /CN=d811dd22f7eaf272bc4bf3ebb152d364bb4d9753
Certificate serial: 019D27DFD97A56C34AFC7902ADB3C03EE144
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
Manifest number: 0690
Signing time: Thu 26 Mar 2026 02:01:14 +0000
Manifest this update: Thu 26 Mar 2026 02:01:14 +0000
Manifest next update: Fri 27 Mar 2026 02:01:14 +0000
Files and hashes: 1: 2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl (hash: 5ZeA/HyFV8iEw1CUhaCC8ITihJCIqDU//qSC9CgPhdg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:df:d9:7a:56:c3:4a:fc:79:02:ad:b3:c0:3e:e1:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d811dd22f7eaf272bc4bf3ebb152d364bb4d9753
Validity
Not Before: Mar 26 02:01:14 2026 GMT
Not After : Mar 27 02:01:14 2026 GMT
Subject: CN=9f5e1ca6ebae5b5042cea1cdcc4b757f92d8ecff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ac:e2:98:5a:a4:fa:25:97:d9:ec:86:df:30:
bb:4e:18:e2:06:31:66:a0:1b:85:dd:06:76:df:0e:
e3:3a:0d:1d:b0:8b:47:db:ef:4e:95:a7:28:a0:58:
4c:61:79:52:ca:40:97:65:9d:12:be:a5:9b:8e:db:
49:8a:2c:31:4b:93:20:bd:41:9f:da:26:0e:a5:37:
91:c5:98:68:4f:e0:25:27:06:a0:3a:92:7a:b1:59:
25:a8:7c:02:e6:00:f6:e6:59:2c:99:4f:44:57:7a:
3f:bc:29:06:09:48:17:99:c6:c8:a0:1f:de:0d:1d:
f8:aa:ff:27:45:08:66:3c:69:f7:66:16:5d:8a:8d:
f0:54:8a:45:d4:b5:23:1c:29:fb:01:4e:1a:24:23:
c3:f6:19:15:0c:79:70:6f:bd:7e:eb:58:ba:e6:16:
b7:30:db:ee:1b:1d:95:d6:54:01:c2:c4:5e:6c:2c:
ee:f8:8a:3b:6b:09:1b:34:1a:7b:d3:61:6c:31:82:
62:b3:f4:a5:54:c4:97:8a:2a:c1:bd:88:0d:62:b4:
d3:36:10:0d:90:16:33:f6:bd:41:66:91:a8:f2:44:
47:56:12:e3:3a:e4:5c:9a:9d:67:ef:27:1c:e9:92:
67:8e:fe:69:89:cc:87:a1:ee:5e:60:71:bd:f2:c9:
50:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:5E:1C:A6:EB:AE:5B:50:42:CE:A1:CD:CC:4B:75:7F:92:D8:EC:FF
X509v3 Authority Key Identifier:
keyid:D8:11:DD:22:F7:EA:F2:72:BC:4B:F3:EB:B1:52:D3:64:BB:4D:97:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
81:8a:17:66:ab:73:80:2f:d5:19:c2:38:a5:da:2a:6a:6d:52:
59:79:59:d7:dc:39:e1:1c:bb:16:21:10:4b:f5:0c:4c:24:d2:
2d:1a:0b:da:65:56:a2:70:fd:d9:aa:88:b3:bf:dd:4c:3a:7c:
a2:6e:6a:f2:94:91:eb:67:d0:a2:a4:70:70:c5:ce:14:6e:07:
97:ed:1b:e1:a8:14:fe:85:bd:b4:14:c5:9a:10:1b:8d:3f:39:
03:07:ee:a8:00:dc:b2:b1:e5:00:ef:9b:cc:03:25:9b:78:7f:
37:0d:b1:e8:8f:43:af:43:5b:45:d9:83:a2:d9:cf:89:0d:2d:
a6:4d:e1:00:49:7a:d9:6f:3a:1b:74:df:4f:39:7e:0c:41:19:
e2:4e:ac:a0:c9:28:3f:99:65:f6:2b:4e:e8:7b:96:83:a5:7a:
3a:a4:c8:46:64:d8:57:77:24:80:9a:ef:51:f9:a4:81:58:11:
e3:9a:5a:7b:af:b2:5d:8f:ca:9c:37:c9:ba:72:47:0e:08:2a:
bf:17:9e:52:27:c3:8b:49:16:07:06:56:bc:1a:ac:83:b6:a0:
87:ab:13:84:3a:0a:b5:e1:09:4a:9a:16:a6:8c:5a:ce:27:c0:
42:e6:fa:2c:2f:34:c0:0f:e9:ae:28:41:52:3d:8c:86:b0:68:
39:c8:15:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n39l6VsNK/HkCrbPAPuFEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MTFkZDIyZjdlYWYyNzJiYzRiZjNlYmIxNTJkMzY0YmI0
ZDk3NTMwHhcNMjYwMzI2MDIwMTE0WhcNMjYwMzI3MDIwMTE0WjAzMTEwLwYDVQQD
Eyg5ZjVlMWNhNmViYWU1YjUwNDJjZWExY2RjYzRiNzU3ZjkyZDhlY2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKzimFqk+iWX2eyG3zC7ThjiBjFm
oBuF3QZ23w7jOg0dsItH2+9OlacooFhMYXlSykCXZZ0SvqWbjttJiiwxS5MgvUGf
2iYOpTeRxZhoT+AlJwagOpJ6sVklqHwC5gD25lksmU9EV3o/vCkGCUgXmcbIoB/e
DR34qv8nRQhmPGn3ZhZdio3wVIpF1LUjHCn7AU4aJCPD9hkVDHlwb71+61i65ha3
MNvuGx2V1lQBwsRebCzu+Io7awkbNBp702FsMYJis/SlVMSXiirBvYgNYrTTNhAN
kBYz9r1BZpGo8kRHVhLjOuRcmp1n7ycc6ZJnjv5picyHoe5eYHG98slQvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ9eHKbrrltQQs6hzcxLdX+S2Oz/MB8GA1UdIwQY
MBaAFNgR3SL36vJyvEvz67FS02S7TZdTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80NzYyYzYtNWVhZi00ZTdjLWE4MjQt
ZjcwYWRmMWRjMGZlLzEvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC80NzYyYzYtNWVhZi00ZTdjLWE4MjQtZjcwYWRmMWRjMGZl
LzEvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgYoXZqtz
gC/VGcI4pdoqam1SWXlZ19w54Ry7FiEQS/UMTCTSLRoL2mVWonD92aqIs7/dTDp8
om5q8pSR62fQoqRwcMXOFG4Hl+0b4agU/oW9tBTFmhAbjT85AwfuqADcsrHlAO+b
zAMlm3h/Nw2x6I9Dr0NbRdmDotnPiQ0tpk3hAEl62W86G3TfTzl+DEEZ4k6soMko
P5ll9itO6HuWg6V6OqTIRmTYV3ckgJrvUfmkgVgR45pae6+yXY/KnDfJunJHDggq
vxeeUifDi0kWBwZWvBqsg7agh6sThDoKteEJSpoWpoxazifAQub6LC80wA/prihB
Uj2MhrBoOcgVXg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:54:33 2026 by rpki-client