Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.mft
File: 2BFKkiBvChn3M52guJZpxKX-Urk.mft (raw, json)
Hash identifier: /QlQtBaghpKINGlgd71uQHp9GNmg2Wf3AxLy3kkR2T0=
Subject key identifier: 1C:6A:D7:90:E3:EF:CB:EF:8D:1F:1D:0D:E3:5D:40:A2:28:F3:AC:F6
Authority key identifier: D8:11:4A:92:20:6F:0A:19:F7:33:9D:A0:B8:96:69:C4:A5:FE:52:B9
Certificate issuer: /CN=d8114a92206f0a19f7339da0b89669c4a5fe52b9
Certificate serial: 019EB8EA589B45488465BC67114667EC71D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2BFKkiBvChn3M52guJZpxKX-Urk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.mft
Manifest number: 0338
Signing time: Thu 11 Jun 2026 23:00:26 +0000
Manifest this update: Thu 11 Jun 2026 23:00:26 +0000
Manifest next update: Fri 12 Jun 2026 23:00:26 +0000
Files and hashes: 1: 2BFKkiBvChn3M52guJZpxKX-Urk.crl (hash: 6YaJqjxCpfoCY58GRyoX16Gi3mf3U9ribX2ce/DRbaE=)
2: vVXnYinPG4h5TcTea17Iv2i5FYs.roa (hash: vQ3FQGy71ne2HeyP0gu2+P/Q4WprPJAgNPNHKJfJ9Dk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.mft
rsync://rpki.ripe.net/repository/DEFAULT/2BFKkiBvChn3M52guJZpxKX-Urk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 22:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b8:ea:58:9b:45:48:84:65:bc:67:11:46:67:ec:71:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8114a92206f0a19f7339da0b89669c4a5fe52b9
Validity
Not Before: Jun 11 23:00:26 2026 GMT
Not After : Jun 12 23:00:26 2026 GMT
Subject: CN=1c6ad790e3efcbef8d1f1d0de35d40a228f3acf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5a:e1:a4:f7:48:fe:71:91:a0:aa:72:49:75:
f9:f8:c9:8c:dc:b9:57:91:9e:51:70:e0:9c:11:40:
72:2e:ca:cf:08:94:3b:25:d9:43:dd:50:73:e4:13:
85:15:63:93:79:fb:4b:f1:5e:be:59:eb:df:4e:fd:
c7:c3:0a:6c:99:47:91:67:8b:75:55:16:31:3d:40:
76:89:76:5a:41:1e:55:5e:4f:01:fa:88:80:50:f6:
c6:61:7c:ce:a3:3c:64:82:f2:2a:4d:66:aa:ea:21:
ee:85:30:6f:39:18:f5:72:38:c4:ac:26:b0:04:2a:
b3:5f:2c:8c:ce:a4:da:bf:f3:e7:9a:37:5e:12:1a:
0e:3c:33:93:50:d2:5e:e2:98:21:e3:0f:9b:86:0b:
05:9b:0e:61:b5:64:fc:d6:04:17:00:64:2b:7f:d7:
a7:57:ca:1f:d4:c3:cf:45:46:df:fd:dc:9d:8b:6e:
a9:1e:9f:ca:ca:1c:87:e9:d5:b2:7f:f3:72:77:76:
e8:8a:5b:af:64:59:10:a0:c8:7a:95:dc:81:ea:0b:
6e:75:3d:10:e6:b5:80:83:77:cb:29:3d:6a:36:a7:
76:46:26:ca:32:8e:5c:f3:84:fc:b3:71:27:93:a0:
0b:88:79:96:ef:4f:b4:36:8e:02:73:15:dc:13:bd:
f0:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:6A:D7:90:E3:EF:CB:EF:8D:1F:1D:0D:E3:5D:40:A2:28:F3:AC:F6
X509v3 Authority Key Identifier:
keyid:D8:11:4A:92:20:6F:0A:19:F7:33:9D:A0:B8:96:69:C4:A5:FE:52:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BFKkiBvChn3M52guJZpxKX-Urk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
26:93:ee:42:22:3c:08:f7:2d:df:c1:f8:d6:41:bb:03:1a:21:
0a:83:71:7d:d8:90:26:89:99:df:ef:57:07:5b:24:8b:d8:95:
34:2e:65:93:dc:e8:e5:94:61:f2:f6:ce:cd:5f:2a:0b:71:00:
e6:0e:60:24:70:9d:8f:f5:bc:1a:93:ef:5e:05:00:08:2a:c8:
7f:70:99:fb:59:32:b7:d2:01:d8:13:b5:18:eb:a6:70:83:da:
e9:7e:b4:4e:6d:32:ef:2e:22:54:ee:26:f8:c6:05:49:7c:c4:
7a:9e:2b:03:15:63:e5:24:88:62:d3:ee:95:65:f5:e4:5d:bd:
2e:9e:ea:30:8b:95:f9:16:d7:ed:d1:27:1e:fd:2e:65:1e:e8:
7f:db:21:21:b0:bc:47:85:a6:7f:4a:fe:64:b9:4e:10:48:9a:
cf:e4:4e:4d:85:08:c8:d7:8d:ed:cc:14:a4:a4:8d:b0:69:8b:
83:c8:64:d5:df:e6:ef:1d:26:cf:83:47:79:89:7e:d5:53:20:
db:00:2e:24:48:99:a8:09:a4:c6:ba:ea:78:11:a1:4f:52:86:
82:b9:ab:70:d0:81:90:22:12:7e:5c:1a:33:99:58:0b:9a:55:
42:55:70:8f:f2:a9:94:59:7b:36:70:08:db:f5:59:35:b2:a5:
d4:65:aa:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ646libRUiEZbxnEUZn7HHYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MTE0YTkyMjA2ZjBhMTlmNzMzOWRhMGI4OTY2OWM0YTVm
ZTUyYjkwHhcNMjYwNjExMjMwMDI2WhcNMjYwNjEyMjMwMDI2WjAzMTEwLwYDVQQD
EygxYzZhZDc5MGUzZWZjYmVmOGQxZjFkMGRlMzVkNDBhMjI4ZjNhY2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1rhpPdI/nGRoKpySXX5+MmM3LlX
kZ5RcOCcEUByLsrPCJQ7JdlD3VBz5BOFFWOTeftL8V6+WevfTv3HwwpsmUeRZ4t1
VRYxPUB2iXZaQR5VXk8B+oiAUPbGYXzOozxkgvIqTWaq6iHuhTBvORj1cjjErCaw
BCqzXyyMzqTav/PnmjdeEhoOPDOTUNJe4pgh4w+bhgsFmw5htWT81gQXAGQrf9en
V8of1MPPRUbf/dydi26pHp/KyhyH6dWyf/Nyd3boiluvZFkQoMh6ldyB6gtudT0Q
5rWAg3fLKT1qNqd2RibKMo5c84T8s3Enk6ALiHmW70+0No4CcxXcE73w3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBxq15Dj78vvjR8dDeNdQKIo86z2MB8GA1UdIwQY
MBaAFNgRSpIgbwoZ9zOdoLiWacSl/lK5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkJGS2tpQnZDaG4zTTUyZ3VKWnB4S1gtVXJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9mZGFjZTktODIxMi00Y2UxLWE5OTkt
NTIwOGQ5ODU0MzY0LzEvMkJGS2tpQnZDaG4zTTUyZ3VKWnB4S1gtVXJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9mZGFjZTktODIxMi00Y2UxLWE5OTktNTIwOGQ5ODU0MzY0
LzEvMkJGS2tpQnZDaG4zTTUyZ3VKWnB4S1gtVXJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJpPuQiI8
CPct38H41kG7AxohCoNxfdiQJomZ3+9XB1ski9iVNC5lk9zo5ZRh8vbOzV8qC3EA
5g5gJHCdj/W8GpPvXgUACCrIf3CZ+1kyt9IB2BO1GOumcIPa6X60Tm0y7y4iVO4m
+MYFSXzEep4rAxVj5SSIYtPulWX15F29Lp7qMIuV+RbX7dEnHv0uZR7of9shIbC8
R4Wmf0r+ZLlOEEiaz+ROTYUIyNeN7cwUpKSNsGmLg8hk1d/m7x0mz4NHeYl+1VMg
2wAuJEiZqAmkxrrqeBGhT1KGgrmrcNCBkCISflwaM5lYC5pVQlVwj/KplFl7NnAI
2/VZNbKl1GWqXQ==
-----END CERTIFICATE-----
Generated at Fri Jun 12 08:40:54 2026 by rpki-client