Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft
File: 2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft (raw, json)
Hash identifier: j7frtb+g1X6p8zIjMqUv8eU09DS7Hb6jHvMeDgz9TJY=
Subject key identifier: 01:BF:D9:F1:AF:E0:A8:42:59:86:75:19:45:E8:32:C9:F8:B1:EA:6F
Authority key identifier: D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43
Certificate issuer: /CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
Certificate serial: 019E303B46970CE4A4586A5C06189DBDCDDB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft
Manifest number: 1927
Signing time: Sat 16 May 2026 10:00:51 +0000
Manifest this update: Sat 16 May 2026 10:00:51 +0000
Manifest next update: Sun 17 May 2026 10:00:51 +0000
Files and hashes: 1: 2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl (hash: P9x48+Nd6IQ2lzl5zyBUZxmtNildeooQTMWE14laFmw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft
rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 17 May 2026 10:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:30:3b:46:97:0c:e4:a4:58:6a:5c:06:18:9d:bd:cd:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
Validity
Not Before: May 16 10:00:51 2026 GMT
Not After : May 17 10:00:51 2026 GMT
Subject: CN=01bfd9f1afe0a8425986751945e832c9f8b1ea6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:c5:b2:67:04:03:84:9a:43:58:dc:68:13:ef:
7d:39:ee:bd:0d:8a:01:35:1d:c6:7d:5e:4c:5a:78:
ef:f9:08:d6:a7:3e:84:3a:d5:e6:cd:6d:6e:9f:b8:
88:46:44:3b:9a:ce:46:7b:6b:d8:db:63:7a:4a:10:
32:7c:81:16:7d:b1:90:0a:4a:25:92:f0:50:00:6f:
d8:f2:5a:38:74:93:2b:f5:f9:0c:a5:f4:65:e3:b0:
48:54:bf:03:6d:db:64:8f:7e:7a:55:f9:21:1d:2c:
7c:03:ec:81:9c:90:6d:f5:58:2c:60:8d:30:62:a3:
d4:bb:00:7b:7a:c0:14:96:d7:83:48:82:b5:3a:e9:
b6:76:e0:cb:05:ad:95:09:1d:9d:b5:e9:ba:cc:e7:
c3:00:72:04:68:d9:cd:d1:21:8e:77:d4:73:e3:6b:
48:2c:4c:84:0d:f8:b2:bc:6d:55:23:35:6e:bd:f3:
5c:a4:cd:12:90:e1:5b:6c:cc:46:dd:7b:03:34:0c:
1b:90:22:44:91:05:b7:65:1d:ba:e1:f2:d7:0b:a7:
09:79:de:ae:52:f8:08:89:a6:0d:b0:e6:c9:7b:cd:
38:92:98:0c:7d:ed:81:0e:60:7c:42:f5:8c:7d:c8:
cd:1f:d2:90:5e:ca:c3:c8:0e:b6:fe:47:6d:22:15:
45:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:BF:D9:F1:AF:E0:A8:42:59:86:75:19:45:E8:32:C9:F8:B1:EA:6F
X509v3 Authority Key Identifier:
keyid:D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8b:76:c1:26:54:e4:0c:00:bd:b5:a3:ec:22:b4:59:5b:7c:0b:
78:d0:f9:ad:18:5f:62:85:0c:31:6d:e0:05:95:79:b0:5e:2c:
78:25:3e:2d:80:39:63:c1:5c:23:91:a5:6c:e9:63:1c:5d:43:
9a:6e:3d:b8:a1:4e:47:81:16:ed:f0:65:a0:55:bf:38:13:b7:
f0:f3:41:00:7e:fc:aa:9e:46:11:fe:cc:de:8a:5b:91:77:88:
42:98:db:37:b2:52:e6:e9:21:fd:6c:45:32:76:c3:8e:db:18:
c6:59:8c:39:20:fc:88:0f:c3:96:f3:54:37:5b:08:bb:e4:bc:
6a:5d:a8:59:8c:6d:05:0f:e7:e1:23:3b:a0:16:bb:62:11:0e:
c0:1e:d1:63:2c:0a:64:38:91:fe:eb:3a:c9:d1:f0:e0:c9:e0:
30:cc:5c:b6:5a:f8:67:f6:00:89:c6:a6:ae:a9:48:3a:45:6f:
a9:b6:9a:71:79:37:c2:63:4d:de:01:09:53:aa:dc:54:24:c8:
74:ac:63:ea:e8:ce:a9:2c:8b:3a:28:f0:11:c8:1d:56:a9:63:
40:47:80:69:47:36:f1:b9:48:2d:61:fe:49:47:4e:65:07:aa:
47:e0:3b:79:0f:5c:4a:76:e7:28:fe:68:c7:21:39:ae:e2:d2:
f8:61:aa:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4wO0aXDOSkWGpcBhidvc3bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZDY2MmRjYzZmZTNiODFlZjNkZTJmY2EzY2ZjZWRjMTFl
YmFhNDMwHhcNMjYwNTE2MTAwMDUxWhcNMjYwNTE3MTAwMDUxWjAzMTEwLwYDVQQD
EygwMWJmZDlmMWFmZTBhODQyNTk4Njc1MTk0NWU4MzJjOWY4YjFlYTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8WyZwQDhJpDWNxoE+99Oe69DYoB
NR3GfV5MWnjv+QjWpz6EOtXmzW1un7iIRkQ7ms5Ge2vY22N6ShAyfIEWfbGQCkol
kvBQAG/Y8lo4dJMr9fkMpfRl47BIVL8Dbdtkj356VfkhHSx8A+yBnJBt9VgsYI0w
YqPUuwB7esAUlteDSIK1Oum2duDLBa2VCR2dtem6zOfDAHIEaNnN0SGOd9Rz42tI
LEyEDfiyvG1VIzVuvfNcpM0SkOFbbMxG3XsDNAwbkCJEkQW3ZR264fLXC6cJed6u
UvgIiaYNsObJe804kpgMfe2BDmB8QvWMfcjNH9KQXsrDyA62/kdtIhVFzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAG/2fGv4KhCWYZ1GUXoMsn4sepvMB8GA1UdIwQY
MBaAFNjWYtzG/juB7z3i/KPPztwR66pDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1Yjct
Nzg1ZTU4ODM2NDRkLzEvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1YjctNzg1ZTU4ODM2NDRk
LzEvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi3bBJlTk
DAC9taPsIrRZW3wLeND5rRhfYoUMMW3gBZV5sF4seCU+LYA5Y8FcI5GlbOljHF1D
mm49uKFOR4EW7fBloFW/OBO38PNBAH78qp5GEf7M3opbkXeIQpjbN7JS5ukh/WxF
MnbDjtsYxlmMOSD8iA/DlvNUN1sIu+S8al2oWYxtBQ/n4SM7oBa7YhEOwB7RYywK
ZDiR/us6ydHw4MngMMxctlr4Z/YAicamrqlIOkVvqbaacXk3wmNN3gEJU6rcVCTI
dKxj6ujOqSyLOijwEcgdVqljQEeAaUc28blILWH+SUdOZQeqR+A7eQ9cSnbnKP5o
xyE5ruLS+GGq4Q==
-----END CERTIFICATE-----
Generated at Sat May 16 17:13:14 2026 by rpki-client