Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/aac6be-1855-484b-8025-dea30ecb736d/1/_x2DMuEYqaIYfqtYhCedZYDxGfc.mft
File: _x2DMuEYqaIYfqtYhCedZYDxGfc.mft (raw, json)
Hash identifier: kVwGD1oY13hlQsiJNNRWu/M5zdyxInc70sdR//NcGzU=
Subject key identifier: 23:A2:B7:4A:FA:0F:9A:E7:C2:7D:D5:6D:BD:93:E3:6D:7C:FB:B6:45
Authority key identifier: FF:1D:83:32:E1:18:A9:A2:18:7E:AB:58:84:27:9D:65:80:F1:19:F7
Certificate issuer: /CN=ff1d8332e118a9a2187eab5884279d6580f119f7
Certificate serial: 019D390A1F149DBC5CE64894A44F01B2327F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_x2DMuEYqaIYfqtYhCedZYDxGfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/aac6be-1855-484b-8025-dea30ecb736d/1/_x2DMuEYqaIYfqtYhCedZYDxGfc.mft
Manifest number: 06E9
Signing time: Sun 29 Mar 2026 10:00:57 +0000
Manifest this update: Sun 29 Mar 2026 10:00:57 +0000
Manifest next update: Mon 30 Mar 2026 10:00:57 +0000
Files and hashes: 1: _x2DMuEYqaIYfqtYhCedZYDxGfc.crl (hash: v/7TNYIv08hvOS4imF2LaHT/o2wFyTS349Q71j8BAJQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/aac6be-1855-484b-8025-dea30ecb736d/1/_x2DMuEYqaIYfqtYhCedZYDxGfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/aac6be-1855-484b-8025-dea30ecb736d/1/_x2DMuEYqaIYfqtYhCedZYDxGfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/_x2DMuEYqaIYfqtYhCedZYDxGfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:0a:1f:14:9d:bc:5c:e6:48:94:a4:4f:01:b2:32:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff1d8332e118a9a2187eab5884279d6580f119f7
Validity
Not Before: Mar 29 10:00:57 2026 GMT
Not After : Mar 30 10:00:57 2026 GMT
Subject: CN=23a2b74afa0f9ae7c27dd56dbd93e36d7cfbb645
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:66:90:3a:92:b8:c3:25:34:7b:53:de:34:c9:
43:8d:fd:0a:58:e7:2f:0d:30:22:74:fa:8c:bd:de:
a6:8d:d9:48:0a:e1:fd:71:9d:93:61:5d:5c:02:4d:
c4:38:41:d0:f0:6e:6c:39:5c:e1:22:5c:0c:b0:37:
88:31:b5:4e:d6:e0:ce:76:e8:6e:ed:b2:cf:62:08:
99:88:29:5b:56:73:44:13:83:17:48:48:9e:72:c2:
37:e7:ab:3a:b2:85:4c:fb:57:9d:d8:3e:1e:3e:10:
8b:ee:c9:78:a0:c9:98:17:c2:7a:6c:4e:d5:6b:fa:
89:3a:0b:ee:47:d9:de:a6:86:43:a3:f7:50:40:2a:
c1:d3:b3:57:f1:67:a6:96:06:e0:77:99:1f:ef:3f:
65:9b:6d:e8:2a:f7:fa:2b:00:39:98:99:84:5e:7d:
08:f5:02:68:1b:ae:ba:da:d7:97:82:9d:0c:23:00:
df:d0:89:90:f8:73:b2:22:46:7d:fc:d5:c3:03:16:
e2:4a:7b:f6:71:5c:74:71:61:01:08:68:21:a2:be:
ec:f1:13:09:ca:42:1c:b7:98:f2:16:a9:bb:34:80:
b5:3e:d4:62:d0:46:2a:e4:e0:3c:d7:39:30:45:8f:
75:bc:f5:de:8a:12:fc:a5:0f:61:8e:58:9e:72:a4:
db:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:A2:B7:4A:FA:0F:9A:E7:C2:7D:D5:6D:BD:93:E3:6D:7C:FB:B6:45
X509v3 Authority Key Identifier:
keyid:FF:1D:83:32:E1:18:A9:A2:18:7E:AB:58:84:27:9D:65:80:F1:19:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_x2DMuEYqaIYfqtYhCedZYDxGfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/aac6be-1855-484b-8025-dea30ecb736d/1/_x2DMuEYqaIYfqtYhCedZYDxGfc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/aac6be-1855-484b-8025-dea30ecb736d/1/_x2DMuEYqaIYfqtYhCedZYDxGfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
99:66:f3:e3:64:cb:a6:35:40:3b:88:a8:91:01:20:a5:29:3a:
a7:ec:9a:9e:d9:3b:95:5f:71:bc:54:cd:21:b5:eb:19:bb:13:
43:d2:96:3a:86:39:a2:a8:0f:87:4f:e2:e8:5a:52:c9:74:1d:
72:1a:8a:a9:8a:33:24:4a:60:69:8d:f3:3f:09:ad:cf:cf:7b:
82:4d:79:c2:15:87:42:61:16:97:44:5c:46:d7:26:77:9a:a8:
a3:fb:c3:02:eb:14:7a:71:44:70:ce:49:c7:22:ad:dd:38:7d:
79:90:c3:b9:ce:59:67:19:4b:50:2a:69:63:37:b1:b8:8c:25:
77:07:2c:01:3f:ae:ec:ad:dd:97:2e:9e:26:ba:ad:7d:ba:9c:
52:9d:39:af:d9:54:24:64:c4:47:5f:5b:84:01:89:66:5d:de:
e7:16:ec:eb:d0:7d:b8:60:30:8a:32:5c:2e:d5:a6:bc:3b:f1:
45:66:e2:32:c8:60:d3:59:cb:8d:6a:b0:b8:96:e3:73:1d:5d:
bd:4e:b3:2a:7b:41:da:14:f5:a7:50:79:7e:6f:fc:a1:a7:8b:
be:0e:10:d0:72:fd:fd:b2:2a:3f:5b:e7:76:a7:3a:19:e6:b2:
5a:28:a9:10:07:0b:b9:b8:34:2d:e0:8e:77:69:43:5f:ea:f5:
46:ee:ff:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05Ch8Unbxc5kiUpE8BsjJ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMWQ4MzMyZTExOGE5YTIxODdlYWI1ODg0Mjc5ZDY1ODBm
MTE5ZjcwHhcNMjYwMzI5MTAwMDU3WhcNMjYwMzMwMTAwMDU3WjAzMTEwLwYDVQQD
EygyM2EyYjc0YWZhMGY5YWU3YzI3ZGQ1NmRiZDkzZTM2ZDdjZmJiNjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA32aQOpK4wyU0e1PeNMlDjf0KWOcv
DTAidPqMvd6mjdlICuH9cZ2TYV1cAk3EOEHQ8G5sOVzhIlwMsDeIMbVO1uDOduhu
7bLPYgiZiClbVnNEE4MXSEiecsI356s6soVM+1ed2D4ePhCL7sl4oMmYF8J6bE7V
a/qJOgvuR9nepoZDo/dQQCrB07NX8Wemlgbgd5kf7z9lm23oKvf6KwA5mJmEXn0I
9QJoG6662teXgp0MIwDf0ImQ+HOyIkZ9/NXDAxbiSnv2cVx0cWEBCGghor7s8RMJ
ykIct5jyFqm7NIC1PtRi0EYq5OA81zkwRY91vPXeihL8pQ9hjliecqTblQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCOit0r6D5rnwn3Vbb2T4218+7ZFMB8GA1UdIwQY
MBaAFP8dgzLhGKmiGH6rWIQnnWWA8Rn3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3gyRE11RVlxYUlZZnF0WWhDZWRaWUR4R2ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9hYWM2YmUtMTg1NS00ODRiLTgwMjUt
ZGVhMzBlY2I3MzZkLzEvX3gyRE11RVlxYUlZZnF0WWhDZWRaWUR4R2ZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9hYWM2YmUtMTg1NS00ODRiLTgwMjUtZGVhMzBlY2I3MzZk
LzEvX3gyRE11RVlxYUlZZnF0WWhDZWRaWUR4R2ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmWbz42TL
pjVAO4iokQEgpSk6p+yantk7lV9xvFTNIbXrGbsTQ9KWOoY5oqgPh0/i6FpSyXQd
chqKqYozJEpgaY3zPwmtz897gk15whWHQmEWl0RcRtcmd5qoo/vDAusUenFEcM5J
xyKt3Th9eZDDuc5ZZxlLUCppYzexuIwldwcsAT+u7K3dly6eJrqtfbqcUp05r9lU
JGTER19bhAGJZl3e5xbs69B9uGAwijJcLtWmvDvxRWbiMshg01nLjWqwuJbjcx1d
vU6zKntB2hT1p1B5fm/8oaeLvg4Q0HL9/bIqP1vndqc6GeayWiipEAcLubg0LeCO
d2lDX+r1Ru7/eg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:55:11 2026 by rpki-client