Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/46fa02-6587-4c62-973e-b12501f34ff0/1/2My6s6LYEMX6KdzanVAgJhbvueg.mft
File: 2My6s6LYEMX6KdzanVAgJhbvueg.mft (raw, json)
Hash identifier: b1MyDgkF/xT5M3ZTWFrYY1V3VYj0462zAnmE2/s0k4U=
Subject key identifier: A9:5D:59:D7:0C:FC:94:6F:73:2C:47:75:9A:DF:21:C1:9E:46:1E:9B
Authority key identifier: D8:CC:BA:B3:A2:D8:10:C5:FA:29:DC:DA:9D:50:20:26:16:EF:B9:E8
Certificate issuer: /CN=d8ccbab3a2d810c5fa29dcda9d50202616efb9e8
Certificate serial: 019D25BA92E6EDC501A348EDD30D4E61749E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2My6s6LYEMX6KdzanVAgJhbvueg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/46fa02-6587-4c62-973e-b12501f34ff0/1/2My6s6LYEMX6KdzanVAgJhbvueg.mft
Manifest number: 02F0
Signing time: Wed 25 Mar 2026 16:01:17 +0000
Manifest this update: Wed 25 Mar 2026 16:01:17 +0000
Manifest next update: Thu 26 Mar 2026 16:01:17 +0000
Files and hashes: 1: 2My6s6LYEMX6KdzanVAgJhbvueg.crl (hash: vdxrGWuR9Qa0douWk/0FtECrjs9UMmSTGWZ169DFz4k=)
2: n5FUtwJmC4hLyvlbNVZ9aYw4EWg.roa (hash: ApevewrPNzMKwdZYmudK6D8Ih9aFuZDtkDlyK/2Y0WA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/46fa02-6587-4c62-973e-b12501f34ff0/1/2My6s6LYEMX6KdzanVAgJhbvueg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/46fa02-6587-4c62-973e-b12501f34ff0/1/2My6s6LYEMX6KdzanVAgJhbvueg.mft
rsync://rpki.ripe.net/repository/DEFAULT/2My6s6LYEMX6KdzanVAgJhbvueg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:ba:92:e6:ed:c5:01:a3:48:ed:d3:0d:4e:61:74:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8ccbab3a2d810c5fa29dcda9d50202616efb9e8
Validity
Not Before: Mar 25 16:01:17 2026 GMT
Not After : Mar 26 16:01:17 2026 GMT
Subject: CN=a95d59d70cfc946f732c47759adf21c19e461e9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6c:46:bd:73:50:71:da:30:4f:82:0e:e8:7f:
1e:6f:51:6d:da:bd:ca:28:09:70:96:2b:62:9e:d1:
e5:ce:a7:ea:c4:11:4e:ea:13:f8:2f:d2:4f:46:bd:
b6:7a:fa:52:d9:cf:29:25:32:42:a5:f7:e7:8f:5b:
0e:bd:5e:45:ea:60:b9:a6:06:2e:54:7a:61:fe:01:
68:36:cc:dc:f2:b6:4b:39:c4:73:90:d6:cb:80:87:
19:e8:3c:a5:ee:bd:d7:9b:d5:ee:eb:93:21:2a:90:
ec:d1:ce:ea:5f:01:3a:be:18:3f:e3:ce:f1:f4:3e:
ab:8d:b7:6a:37:cf:57:3e:4d:c1:3d:03:ad:3b:eb:
c5:82:9c:6e:b2:41:ba:b2:4a:3a:92:ae:85:ba:82:
8a:33:68:04:b0:94:c3:5e:22:83:89:be:65:76:2c:
a0:6d:f0:3c:9f:57:3d:24:65:d7:30:d9:cb:81:9e:
db:5d:8f:44:12:16:43:ee:f3:ae:4e:77:9f:6e:5d:
77:4c:38:ae:b3:95:c1:27:35:59:6f:d1:ad:0b:5c:
31:ab:f4:76:c1:97:84:28:1a:97:1a:97:bd:f8:32:
6e:0c:05:03:19:ed:2a:a9:92:b3:1e:97:b9:27:e0:
1e:f7:30:e3:d3:8b:ca:34:fc:68:5d:c1:8b:7d:66:
46:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:5D:59:D7:0C:FC:94:6F:73:2C:47:75:9A:DF:21:C1:9E:46:1E:9B
X509v3 Authority Key Identifier:
keyid:D8:CC:BA:B3:A2:D8:10:C5:FA:29:DC:DA:9D:50:20:26:16:EF:B9:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2My6s6LYEMX6KdzanVAgJhbvueg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/46fa02-6587-4c62-973e-b12501f34ff0/1/2My6s6LYEMX6KdzanVAgJhbvueg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/46fa02-6587-4c62-973e-b12501f34ff0/1/2My6s6LYEMX6KdzanVAgJhbvueg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:da:b9:71:24:c6:62:d7:49:8e:7b:c9:38:b4:43:5a:b7:c1:
49:65:16:9e:27:9b:83:a3:a5:ab:f6:10:05:b1:69:57:9e:71:
49:8a:ee:28:80:04:d2:e0:f0:6f:23:2e:e6:5e:1a:d1:8d:71:
73:f5:05:8f:e6:16:3e:fc:ee:86:21:d4:8f:8d:ea:a2:9e:50:
7c:70:85:97:2b:45:74:04:9d:14:01:59:39:46:1d:26:09:38:
bd:1e:17:20:25:9a:d8:dd:20:6f:2e:c7:46:b5:77:ce:cd:50:
17:f6:05:28:01:df:b2:ea:63:4a:a0:52:6c:41:44:35:57:ee:
fc:07:ef:76:2d:0d:3f:fc:5f:f6:a8:7d:98:86:17:28:7a:2e:
c7:85:8d:27:53:7c:0c:24:44:be:67:a4:b4:e1:15:ea:da:a8:
41:6f:e3:0c:6a:7b:f6:5e:56:ef:ba:88:2c:a7:b6:09:5f:d1:
58:0f:59:c4:50:40:2a:29:34:0c:e2:da:c9:42:c5:9d:cb:63:
b2:2b:ef:65:b2:c0:7c:69:7c:be:7e:42:09:9e:96:87:f0:2c:
2e:1a:0d:9d:8a:1e:df:3b:97:67:8e:22:69:35:84:d1:a6:a9:
75:cb:66:03:4f:51:2b:87:86:0f:9b:f0:ce:aa:2a:fe:88:48:
d6:bd:d1:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lupLm7cUBo0jt0w1OYXSeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4Y2NiYWIzYTJkODEwYzVmYTI5ZGNkYTlkNTAyMDI2MTZl
ZmI5ZTgwHhcNMjYwMzI1MTYwMTE3WhcNMjYwMzI2MTYwMTE3WjAzMTEwLwYDVQQD
EyhhOTVkNTlkNzBjZmM5NDZmNzMyYzQ3NzU5YWRmMjFjMTllNDYxZTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2xGvXNQcdowT4IO6H8eb1Ft2r3K
KAlwlitintHlzqfqxBFO6hP4L9JPRr22evpS2c8pJTJCpffnj1sOvV5F6mC5pgYu
VHph/gFoNszc8rZLOcRzkNbLgIcZ6Dyl7r3Xm9Xu65MhKpDs0c7qXwE6vhg/487x
9D6rjbdqN89XPk3BPQOtO+vFgpxuskG6sko6kq6FuoKKM2gEsJTDXiKDib5ldiyg
bfA8n1c9JGXXMNnLgZ7bXY9EEhZD7vOuTnefbl13TDius5XBJzVZb9GtC1wxq/R2
wZeEKBqXGpe9+DJuDAUDGe0qqZKzHpe5J+Ae9zDj04vKNPxoXcGLfWZGaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKldWdcM/JRvcyxHdZrfIcGeRh6bMB8GA1UdIwQY
MBaAFNjMurOi2BDF+inc2p1QICYW77noMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk15NnM2TFlFTVg2S2R6YW5WQWdKaGJ2dWVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi80NmZhMDItNjU4Ny00YzYyLTk3M2Ut
YjEyNTAxZjM0ZmYwLzEvMk15NnM2TFlFTVg2S2R6YW5WQWdKaGJ2dWVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi80NmZhMDItNjU4Ny00YzYyLTk3M2UtYjEyNTAxZjM0ZmYw
LzEvMk15NnM2TFlFTVg2S2R6YW5WQWdKaGJ2dWVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG9q5cSTG
YtdJjnvJOLRDWrfBSWUWniebg6Olq/YQBbFpV55xSYruKIAE0uDwbyMu5l4a0Y1x
c/UFj+YWPvzuhiHUj43qop5QfHCFlytFdASdFAFZOUYdJgk4vR4XICWa2N0gby7H
RrV3zs1QF/YFKAHfsupjSqBSbEFENVfu/Afvdi0NP/xf9qh9mIYXKHoux4WNJ1N8
DCREvmektOEV6tqoQW/jDGp79l5W77qILKe2CV/RWA9ZxFBAKik0DOLayULFnctj
sivvZbLAfGl8vn5CCZ6Wh/AsLhoNnYoe3zuXZ44iaTWE0aapdctmA09RK4eGD5vw
zqoq/ohI1r3RZw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:14:50 2026 by rpki-client