Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/da4dd9-594d-456c-9f71-76a194554b05/1/2EPxqgSY2E95UyPB_2uuOvQCBtE.mft
File: 2EPxqgSY2E95UyPB_2uuOvQCBtE.mft (raw, json)
Hash identifier: TDff+HeYKY2PvOfKQTo0lJ/1AEBh3NYUqYLMYRq3RHM=
Subject key identifier: 36:19:44:EC:49:52:F9:29:6E:3E:ED:83:9C:52:86:AA:0E:B6:6D:5B
Authority key identifier: D8:43:F1:AA:04:98:D8:4F:79:53:23:C1:FF:6B:AE:3A:F4:02:06:D1
Certificate issuer: /CN=d843f1aa0498d84f795323c1ff6bae3af40206d1
Certificate serial: 019D382E48640A98E8214E3A1DA4C3028E63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2EPxqgSY2E95UyPB_2uuOvQCBtE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/da4dd9-594d-456c-9f71-76a194554b05/1/2EPxqgSY2E95UyPB_2uuOvQCBtE.mft
Manifest number: 1890
Signing time: Sun 29 Mar 2026 06:00:50 +0000
Manifest this update: Sun 29 Mar 2026 06:00:50 +0000
Manifest next update: Mon 30 Mar 2026 06:00:50 +0000
Files and hashes: 1: 1-BTuYEiDE2mEIP2dyXdE1PSMv3c.roa (hash: tBxS565NzZV2f/vbdXm3F39V84JJovJ6zXMOf+itJ6Q=)
2: 2EPxqgSY2E95UyPB_2uuOvQCBtE.crl (hash: InSLXgJ7RgE355IRSLuy430awwyNSfxvKfw73QG8eBE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/da4dd9-594d-456c-9f71-76a194554b05/1/2EPxqgSY2E95UyPB_2uuOvQCBtE.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/da4dd9-594d-456c-9f71-76a194554b05/1/2EPxqgSY2E95UyPB_2uuOvQCBtE.mft
rsync://rpki.ripe.net/repository/DEFAULT/2EPxqgSY2E95UyPB_2uuOvQCBtE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2e:48:64:0a:98:e8:21:4e:3a:1d:a4:c3:02:8e:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d843f1aa0498d84f795323c1ff6bae3af40206d1
Validity
Not Before: Mar 29 06:00:50 2026 GMT
Not After : Mar 30 06:00:50 2026 GMT
Subject: CN=361944ec4952f9296e3eed839c5286aa0eb66d5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:87:77:34:18:ae:72:60:ad:cd:9a:5b:1d:ca:
bb:f0:dd:5c:de:f0:53:c6:be:15:9b:35:21:ed:c6:
c1:b8:3f:ad:de:56:e4:06:8d:0c:5e:62:50:48:f2:
be:c4:83:a0:17:21:93:fc:b2:6d:48:b1:af:da:d8:
c9:00:f3:48:62:8f:45:72:2f:2a:2a:8c:48:a8:be:
d3:99:89:eb:fc:de:75:91:16:75:ad:c9:91:46:f1:
be:ff:c6:81:78:2c:7b:b5:14:bd:d3:cb:94:c9:49:
66:6d:84:84:ec:dc:40:06:29:1e:b1:76:d2:08:2b:
b8:f4:d6:a0:bf:13:72:4d:53:ad:13:e2:92:fe:0c:
e7:c6:16:cf:fd:1f:39:ca:07:d7:a9:14:18:02:a2:
85:ca:48:ad:e1:b7:23:79:21:d4:0b:cc:81:d2:a4:
55:85:ec:87:3b:82:18:54:b8:cd:93:88:1f:05:a4:
8f:0e:1d:27:5f:0a:15:18:97:f2:35:b0:d6:17:b1:
9c:ae:dd:fc:ed:d7:3a:17:da:48:db:18:df:2f:c8:
73:04:ef:9b:e3:a0:92:a2:e3:f5:57:a9:e7:b6:3c:
ae:f4:49:c0:bc:6e:60:98:20:35:20:28:cc:67:de:
8e:39:3e:d7:13:a3:1e:39:01:f7:63:0b:83:98:e9:
ab:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:19:44:EC:49:52:F9:29:6E:3E:ED:83:9C:52:86:AA:0E:B6:6D:5B
X509v3 Authority Key Identifier:
keyid:D8:43:F1:AA:04:98:D8:4F:79:53:23:C1:FF:6B:AE:3A:F4:02:06:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2EPxqgSY2E95UyPB_2uuOvQCBtE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/da4dd9-594d-456c-9f71-76a194554b05/1/2EPxqgSY2E95UyPB_2uuOvQCBtE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/da4dd9-594d-456c-9f71-76a194554b05/1/2EPxqgSY2E95UyPB_2uuOvQCBtE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
50:f9:0f:79:0d:c5:6f:d5:3f:f1:9a:b3:7c:54:56:93:55:55:
d8:39:f3:6c:9c:c4:cf:e5:21:ba:2a:83:52:ca:da:b9:22:a4:
03:76:2d:ca:25:59:96:fa:bf:80:99:b9:a5:ba:32:b8:bd:ba:
71:92:2a:0d:72:28:29:45:17:b0:21:c0:32:d8:33:16:22:4b:
4c:7d:77:fb:47:6f:07:e9:e1:31:55:e1:b7:f7:af:7f:23:df:
2d:6b:33:50:d1:cd:b5:01:24:98:00:9c:47:9a:8f:04:0c:12:
ae:a4:15:67:08:dd:3e:3c:51:62:d6:ea:38:35:d4:a5:de:60:
2c:b4:3b:b9:9e:23:77:1c:40:b2:6e:da:0b:8f:9f:83:05:b1:
49:be:b3:24:78:55:9e:f1:75:b1:39:57:d7:b1:29:37:8f:1b:
68:74:a9:98:f2:64:99:8e:d6:80:ef:f2:35:5b:fb:12:5a:4d:
4f:dd:3a:04:c4:ed:34:b8:fa:d0:41:b9:b5:0d:b2:a8:41:9e:
92:cb:28:2f:fd:0f:31:38:45:fc:ae:ba:c3:1b:aa:a3:62:d7:
09:35:0d:90:8a:1e:78:bb:c3:48:3a:32:9b:4f:f4:64:9d:2b:
08:d9:57:ff:a8:ff:41:98:5a:c5:cc:54:7a:0f:44:0c:e3:e0:
44:f4:36:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LkhkCpjoIU46HaTDAo5jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NDNmMWFhMDQ5OGQ4NGY3OTUzMjNjMWZmNmJhZTNhZjQw
MjA2ZDEwHhcNMjYwMzI5MDYwMDUwWhcNMjYwMzMwMDYwMDUwWjAzMTEwLwYDVQQD
EygzNjE5NDRlYzQ5NTJmOTI5NmUzZWVkODM5YzUyODZhYTBlYjY2ZDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Yd3NBiucmCtzZpbHcq78N1c3vBT
xr4VmzUh7cbBuD+t3lbkBo0MXmJQSPK+xIOgFyGT/LJtSLGv2tjJAPNIYo9Fci8q
KoxIqL7TmYnr/N51kRZ1rcmRRvG+/8aBeCx7tRS908uUyUlmbYSE7NxABikesXbS
CCu49NagvxNyTVOtE+KS/gznxhbP/R85ygfXqRQYAqKFykit4bcjeSHUC8yB0qRV
heyHO4IYVLjNk4gfBaSPDh0nXwoVGJfyNbDWF7Gcrt387dc6F9pI2xjfL8hzBO+b
46CSouP1V6nntjyu9EnAvG5gmCA1ICjMZ96OOT7XE6MeOQH3YwuDmOmrowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDYZROxJUvkpbj7tg5xShqoOtm1bMB8GA1UdIwQY
MBaAFNhD8aoEmNhPeVMjwf9rrjr0AgbRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkVQeHFnU1kyRTk1VXlQQl8ydXVPdlFDQnRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9kYTRkZDktNTk0ZC00NTZjLTlmNzEt
NzZhMTk0NTU0YjA1LzEvMkVQeHFnU1kyRTk1VXlQQl8ydXVPdlFDQnRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9kYTRkZDktNTk0ZC00NTZjLTlmNzEtNzZhMTk0NTU0YjA1
LzEvMkVQeHFnU1kyRTk1VXlQQl8ydXVPdlFDQnRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUPkPeQ3F
b9U/8ZqzfFRWk1VV2DnzbJzEz+UhuiqDUsrauSKkA3YtyiVZlvq/gJm5pboyuL26
cZIqDXIoKUUXsCHAMtgzFiJLTH13+0dvB+nhMVXht/evfyPfLWszUNHNtQEkmACc
R5qPBAwSrqQVZwjdPjxRYtbqODXUpd5gLLQ7uZ4jdxxAsm7aC4+fgwWxSb6zJHhV
nvF1sTlX17EpN48baHSpmPJkmY7WgO/yNVv7ElpNT906BMTtNLj60EG5tQ2yqEGe
kssoL/0PMThF/K66wxuqo2LXCTUNkIoeeLvDSDoym0/0ZJ0rCNlX/6j/QZhaxcxU
eg9EDOPgRPQ2jQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:56:12 2026 by rpki-client